last executing test programs:

9m31.018500927s ago: executing program 3 (id=918):
epoll_create1(0x80000)
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff9]}, 0x8, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x2, 0xfffffffffffffffd, 0xfffffffffffffff8, 0x0, 0x1, 0x10}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x2, 0x800, 0x20000}, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)

9m30.710686459s ago: executing program 3 (id=920):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000002d40)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)}], 0x1}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000600)="2b0268660fce2501c6d96ff2541b1853a7c34bdc309a4aaaa024a68b56aeb6ea0cf36ddcce3c5b1c03ffec031e929dc221453201d9dd169ea4239984838c5287f48c8eaa56b7a49bad97c3ca007d76e4ed3f11316166a3f416401b", 0x5b}], 0x1}}, {{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000b40)="e8f2362d79058b", 0x7}], 0x1, &(0x7f0000002580)}}], 0x3, 0x4009015)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$char_usb(r1, &(0x7f0000000b00)='D', 0x1)

9m30.409465555s ago: executing program 3 (id=921):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f00000014c0)='\t', 0x1}], 0x1, &(0x7f0000000000)=ANY=[], 0xa}}], 0x1, 0x4044805)
sendmmsg$inet(r0, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f00000006c0)="3118944f0cb6f5fb3d9f8e69cdadb4df2f504369308c98d390766f", 0x1b}, {0x0}], 0x2}}], 0x1, 0x4)

9m30.211652926s ago: executing program 3 (id=923):
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000300)=0xff, 0xffffffffffffffff, 0x0, 0x3, 0x1}}, 0x20)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003173610ef171e7206de010203010902f3c8010000000009040000000206"], 0x0)
syz_usb_control_io$rtl8150(r1, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="4030040000002e101dce"], 0x0, 0x0, 0x0, 0x0})

9m28.658133459s ago: executing program 3 (id=930):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1b)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8001, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000a400)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x3, 0x1, 0x0, 0x3, 0xffffffff, 0x0, {0x5, 0x6, 0x7, 0x40000000006, 0xfffffffffffffffd, 0x81, 0x0, 0x290, 0xfffffffc, 0x1000, 0x7, r2, r3, 0x104, 0xb}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000b80)={0x50, 0x0, r1, {0x7, 0x2b, 0x2, 0x16008011, 0x4, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)

9m27.56625694s ago: executing program 3 (id=932):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)
syz_usb_connect$midi(0x0, 0x0, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r1, 0xffffffffffffffff, 0x0)

9m12.364147465s ago: executing program 32 (id=932):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)
syz_usb_connect$midi(0x0, 0x0, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r1, 0xffffffffffffffff, 0x0)

9m12.329056277s ago: executing program 0 (id=995):
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
fchdir(r2)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
mount_setattr(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)={0x200001, 0x81, 0x100000}, 0x20)
open(0x0, 0x200001, 0x0)

9m11.904110854s ago: executing program 0 (id=996):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x38011, r0, 0x0)
read(r0, &(0x7f00000000c0)=""/163, 0xd0140f23)

9m10.144891747s ago: executing program 0 (id=1000):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$netlink(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102384, 0x18ff0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r2, 0x0)

9m8.980039839s ago: executing program 0 (id=1001):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2042, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100)

9m8.853576595s ago: executing program 0 (id=1002):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
r0 = socket(0x400000000010, 0x3, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{0x0}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e", 0x8b}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83a", 0x5a}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a", 0xab}, {&(0x7f0000000900)}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000ac0)}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a8551", 0x6a}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x48}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x3, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

9m6.984805247s ago: executing program 0 (id=1006):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x4e23, 0xfffffffc, @loopback}, 0x1c)
listen(r1, 0x4)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000080)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x7}, 0x8)
sendmmsg$inet6(r0, &(0x7f0000000980)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x20000000)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x3ff}, 0x8)

9m6.321083967s ago: executing program 33 (id=1006):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x4e23, 0xfffffffc, @loopback}, 0x1c)
listen(r1, 0x4)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000080)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x7}, 0x8)
sendmmsg$inet6(r0, &(0x7f0000000980)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x20000000)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x3ff}, 0x8)

30.726099477s ago: executing program 1 (id=3141):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x74}}, 0x20048044)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
pipe(0x0)
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r4})

27.474157214s ago: executing program 1 (id=3148):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

23.42980819s ago: executing program 2 (id=3154):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

22.234835459s ago: executing program 1 (id=3157):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(0x0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

21.772172736s ago: executing program 5 (id=3159):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

18.963310471s ago: executing program 2 (id=3161):
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x74}}, 0x20048044)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
pipe(0x0)
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='fd', 0x0, r2)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r5})

15.870506219s ago: executing program 6 (id=3164):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x66, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = socket(0x10, 0x3, 0x0)
readv(r4, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/4096, 0x1000}], 0x1)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000100)=@md0, 0x0, &(0x7f0000001440))
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f0000000540)={&(0x7f00000003c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000400)={0x0}}, 0x0)

13.228213105s ago: executing program 6 (id=3171):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

13.22612303s ago: executing program 5 (id=3172):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x66, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
syz_open_procfs(r1, &(0x7f0000002040)='net/snmp6\x00')
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r2 = socket(0x10, 0x3, 0x0)
readv(r2, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/4096, 0x1000}], 0x1)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000100)=@md0, 0x0, &(0x7f0000001440))
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r3, &(0x7f0000000540)={&(0x7f00000003c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000400)={0x0}}, 0x0)

12.070646063s ago: executing program 5 (id=3180):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
fchdir(r0)
close(r0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000240)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}]}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000400)='loginuid\x00')
pread64(r5, 0x0, 0x0, 0xfffff7ff8)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f00000001c0), 0x8)
sendmmsg$sock(r6, 0x0, 0x0, 0x20004084)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x1b, 0x8}})
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

10.07987491s ago: executing program 6 (id=3185):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', 0x0, 0x0, &(0x7f0000000380)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_SET_IOMMU(r3, 0x3b66, 0x3)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r3, 0x3b72, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r3, 0x3b86, &(0x7f0000000340)={0x18})

9.737064516s ago: executing program 1 (id=3187):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents(r3, 0xffffffffffffffff, 0x5a)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
read$FUSE(r4, 0x0, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x28, 0x7fffffff, 0x4069a064, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffec}}, 0x50)
fstat(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x19c)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x101040, 0x0)
pread64(r5, 0x0, 0x0, 0x2)

8.563469963s ago: executing program 6 (id=3189):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x7)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

8.50962856s ago: executing program 2 (id=3190):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x66, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
syz_open_procfs(r1, &(0x7f0000002040)='net/snmp6\x00')
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = socket(0x10, 0x3, 0x0)
readv(r4, &(0x7f00000000c0), 0x0)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000100)=@md0, 0x0, &(0x7f0000001440))
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f0000000540)={&(0x7f00000003c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000400)={0x0}}, 0x0)

7.337734797s ago: executing program 1 (id=3192):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

6.558588925s ago: executing program 2 (id=3194):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x66, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
syz_open_procfs(r1, 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]})
r4 = socket(0x10, 0x3, 0x0)
readv(r4, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/4096, 0x1000}], 0x1)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000100)=@md0, 0x0, &(0x7f0000001440))
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f0000000540)={&(0x7f00000003c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14, 0x0}, 0x0)

6.260628755s ago: executing program 5 (id=3196):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
syz_emit_ethernet(0x7e, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x2b, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@dev, 0x4}, {@empty}, {@dev}, {@broadcast}]}, @cipso={0x86, 0xa, 0x0, [{0x0, 0x2}, {0x0, 0x2}]}]}}}}}}}, 0x0)

5.233308229s ago: executing program 2 (id=3197):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
prlimit64(0x0, 0x7, 0x0, &(0x7f0000000340))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_procfs(0x0, 0x0)
getdents64(r5, 0xfffffffffffffffe, 0x39)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x103001)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB="58010000100013070000000000000000fc020000000000000000000000000001fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="ac141444000000000000000000000000000004d533000000e000000100000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220000000000000000000000000000000200000002000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000003509fe8fd57fd44aa5074c50bc700e530c001c00", @ANYRES32=0x0, @ANYBLOB="0300000071"], 0x158}}, 0x0)

5.212555215s ago: executing program 5 (id=3198):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, 0x0, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

5.032986271s ago: executing program 6 (id=3200):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

2.627401299s ago: executing program 4 (id=3206):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

2.465130757s ago: executing program 4 (id=3207):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, 0x0, 0x0)

2.200840405s ago: executing program 4 (id=3208):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
fchdir(r0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000240)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}]}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000400)='loginuid\x00')
pread64(r5, 0x0, 0x0, 0xfffff7ff8)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f00000001c0), 0x8)
sendmmsg$sock(r6, 0x0, 0x0, 0x20004084)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x1b, 0x8}})
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

2.114446698s ago: executing program 4 (id=3209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents(r3, &(0x7f00000001c0)=""/49, 0x31)
getdents(r3, 0xffffffffffffffff, 0x5a)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
read$FUSE(r4, 0x0, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x28, 0x7fffffff, 0x4069a064, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffec}}, 0x50)

1.997699647s ago: executing program 1 (id=3210):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

1.987227913s ago: executing program 5 (id=3211):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xb2, &(0x7f0000000140)=""/178, 0x1f00, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$inet6(0xa, 0x3, 0x3c)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083860090890e0878f0f1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d3b5d0936cd3b78070daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5003a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd7072f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d27df2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2c1cde360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
connect$inet6(r0, &(0x7f0000000400)={0xa, 0x4e1e, 0x0, @dev={0xfe, 0x80, '\x00', 0x22}, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r2, &(0x7f0000001080)={0x0, 0x0, 0x0}, 0x801)
getdents64(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
accept4$bt_l2cap(r3, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)

1.653924064s ago: executing program 4 (id=3212):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x7)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

413.892656ms ago: executing program 6 (id=3213):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

104.170245ms ago: executing program 2 (id=3214):
r0 = memfd_create(&(0x7f0000000000)='\xa3\xcb\x04=\x827\xe7\x81S\bDVK| \x8b\xdb\xb1\x03\xd0\x9d2\x9es\x19_=#n_\xeb\xbdR\xea\xb9o\xdbM\x11ca\v\xeb#\xaf\xcf\xb5\xfd`U\xa7k\xd0\xd8\xd2\xc0\x91\xc1\x98#\r\xa7\x16\xfd@\xd7V*^\xcf\x9f\b1\xce3\vN\xa6\x01\xb5\xb5\xba\xdc\xc8\xda\xd2\apY\vu\x80\xa9\x14X\xcf!\xd3W\'\xb44#\xf6\x7fHS\xa6l\x17\x97\x80\xea\xc5+T\xe3\"\xda\x14\xfe,\xf3\\\xeb\x1cp\xd6\xc1\b\xec\xe1\x94\xdf\xdb\xa1\xf7=B\xb2\x94o\xd5{\xd2_\x93\xa1)\xdem\'H\\e\x8bu\xbcVw\xaeb\xa1b\xb1\xc1\f\x9f0\x93\x0f\x16,\xeb!Z\xa9\\\xf7B\xf8L\x05\xc7\xf7q\x9d_\xb4\xbb3i[t\xb6\xbc\x824\x7f\xd7\xb7 \xd4\x7fUE\xcb7\xe3\xb4\xb6\xa0\xd8\x1b\a8\xfe$\xa1\x12&\xb2\xfc\xfb\x12U\xb9u\xb4=\xc4\xc5q\x8bk\xf1\x9c\xc3\xa4w\xf9!^#\x8c', 0x4)
preadv(r0, 0x0, 0x0, 0x4, 0x7) (fail_nth: 1)

0s ago: executing program 4 (id=3215):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0xc002, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
migrate_pages(r0, 0x1, &(0x7f00000000c0)=0x5, &(0x7f0000000100))
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @local}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

kernel console output (not intermixed with test programs):

93259][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.893278][ T5873] usb 5-1: Product: syz
[  228.893291][ T5873] usb 5-1: Manufacturer: syz
[  228.893304][ T5873] usb 5-1: SerialNumber: syz
[  228.937694][ T5873] usb 5-1: config 0 descriptor??
[  228.952716][ T5873] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  229.402075][ T2946] IPVS: stop unused estimator thread 0...
[  229.535129][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.535317][ T8458] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.535535][ T8458] bridge_slave_0: entered allmulticast mode
[  229.571687][ T8458] bridge_slave_0: entered promiscuous mode
[  229.723965][ T8458] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.724126][ T8458] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.724752][ T8458] bridge_slave_1: entered allmulticast mode
[  229.741692][ T8458] bridge_slave_1: entered promiscuous mode
[  229.891720][ T8527] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.891810][ T8527] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.891979][ T8527] bridge_slave_0: entered allmulticast mode
[  229.895703][ T8527] bridge_slave_0: entered promiscuous mode
[  230.051895][ T8527] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.052016][ T8527] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.052225][ T8527] bridge_slave_1: entered allmulticast mode
[  230.057184][ T8527] bridge_slave_1: entered promiscuous mode
[  230.087106][ T8458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.227161][ T8458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.258894][ T5821] Bluetooth: hci6: command tx timeout
[  230.338930][ T5821] Bluetooth: hci2: command tx timeout
[  230.366704][ T8527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.653675][ T2946] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.751756][ T8596] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1020'.
[  231.378275][ T5873] gspca_sonixj: reg_r err -110
[  231.558856][ T5873] sonixj 5-1:0.0: probe with driver sonixj failed with error -110
[  231.625555][ T8527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  231.630576][ T8458] team0: Port device team_slave_0 added
[  232.144501][ T8458] team0: Port device team_slave_1 added
[  232.381629][ T2946] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.418770][ T5821] Bluetooth: hci2: command tx timeout
[  232.447267][ T8527] team0: Port device team_slave_0 added
[  232.504246][ T8527] team0: Port device team_slave_1 added
[  232.505214][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.505223][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.505236][ T8458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.589617][ T5801] usb 5-1: USB disconnect, device number 16
[  232.644133][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.644150][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.644173][ T8458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.865226][ T2946] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.189445][ T5801] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  233.233762][ T8527] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.233777][ T8527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.233798][ T8527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.236818][ T8527] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.236832][ T8527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.236855][ T8527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.338697][ T5801] usb 5-1: Using ep0 maxpacket: 16
[  233.342643][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  233.345630][ T5801] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  233.345656][ T5801] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.345674][ T5801] usb 5-1: Product: syz
[  233.345687][ T5801] usb 5-1: Manufacturer: syz
[  233.345701][ T5801] usb 5-1: SerialNumber: syz
[  233.354485][ T5801] usb 5-1: config 0 descriptor??
[  233.381809][ T5801] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  233.381841][ T5801] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  233.434713][ T8148] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.645271][ T2946] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.799849][ T8458] hsr_slave_0: entered promiscuous mode
[  233.801069][ T8458] hsr_slave_1: entered promiscuous mode
[  233.801839][ T8458] debugfs: 'hsr0' already exists in 'hsr'
[  233.801857][ T8458] Cannot create hsr debugfs directory
[  233.937615][ T8527] hsr_slave_0: entered promiscuous mode
[  233.939194][ T8527] hsr_slave_1: entered promiscuous mode
[  233.940059][ T8527] debugfs: 'hsr0' already exists in 'hsr'
[  233.940081][ T8527] Cannot create hsr debugfs directory
[  233.986997][ T5801] em28xx 5-1:0.0: chip ID is em2765
[  234.095259][ T8613] syz.2.1026 uses obsolete (PF_INET,SOCK_PACKET)
[  234.851244][ T5801] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  234.851286][ T5801] em28xx 5-1:0.0: board has no eeprom
[  235.338988][ T5801] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  235.339030][ T5801] em28xx 5-1:0.0: dvb set to bulk mode.
[  235.374858][ T8148] veth0_vlan: entered promiscuous mode
[  235.374889][ T5934] em28xx 5-1:0.0: Binding DVB extension
[  235.394943][ T5801] usb 5-1: USB disconnect, device number 17
[  236.012167][ T5801] em28xx 5-1:0.0: Disconnecting em28xx
[  236.191456][ T5934] em28xx 5-1:0.0: Registering input extension
[  236.197454][ T5801] em28xx 5-1:0.0: Closing input extension
[  236.530495][ T5801] em28xx 5-1:0.0: Freeing device
[  236.648892][ T8629] netlink: 220 bytes leftover after parsing attributes in process `syz.4.1030'.
[  237.597512][ T2946] bridge_slave_1: left allmulticast mode
[  237.597533][ T2946] bridge_slave_1: left promiscuous mode
[  237.601698][ T2946] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.679668][ T2946] bridge_slave_0: left allmulticast mode
[  237.679688][ T2946] bridge_slave_0: left promiscuous mode
[  237.679839][ T2946] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.559179][ T2946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  238.639220][ T2946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  238.662895][ T2946] bond0 (unregistering): Released all slaves
[  238.734047][ T8636] syz_tun: entered promiscuous mode
[  239.053465][   T42] libceph: connect (1)[c::]:6789 error -101
[  239.067562][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  239.075708][ T8641] ceph: No mds server is up or the cluster is laggy
[  239.109634][   T42] libceph: connect (1)[c::]:6789 error -101
[  239.109823][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  239.198108][ T8148] veth1_vlan: entered promiscuous mode
[  241.344237][ T8458] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  241.412557][ T8458] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  242.612716][ T8458] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  243.143333][ T8458] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  243.152892][ T8458] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  243.202432][ T8458] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  243.411423][ T8458] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  243.530200][ T8672] trusted_key: encrypted_key: key user:syz not found
[  243.977175][ T8458] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  244.288714][ T2946] hsr_slave_0: left promiscuous mode
[  244.328850][ T2946] hsr_slave_1: left promiscuous mode
[  244.329780][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.329797][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.369894][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.369922][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.452806][ T2946] veth1_macvtap: left promiscuous mode
[  244.452868][ T2946] veth0_macvtap: left promiscuous mode
[  244.453087][ T2946] veth1_vlan: left promiscuous mode
[  244.453399][ T2946] veth0_vlan: left promiscuous mode
[  245.159333][ T2946] team0 (unregistering): Port device team_slave_1 removed
[  245.199518][ T2946] team0 (unregistering): Port device team_slave_0 removed
[  246.484919][ T8148] veth0_macvtap: entered promiscuous mode
[  247.620946][ T8148] veth1_macvtap: entered promiscuous mode
[  247.725959][ T8527] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  247.819948][ T8527] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  247.825265][ T8527] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  247.872802][ T8527] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  248.004989][ T8527] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  248.065050][ T8527] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  248.120507][ T8527] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  248.151816][ T8527] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  248.163476][ T8148] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.210657][ T5477] 8021q: adding VLAN 0 to HW filter on device eth1
[  248.266533][ T8148] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.327526][ T8723] tmpfs: Bad value for 'mpol'
[  248.336813][  T160] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.378968][  T160] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.382514][  T160] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.425113][  T160] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.808794][ T5950] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  248.913433][ T8458] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.136615][ T8458] 8021q: adding VLAN 0 to HW filter on device team0
[  249.146735][ T5950] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  249.146762][ T5950] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.146780][ T5950] usb 5-1: Product: syz
[  249.146793][ T5950] usb 5-1: Manufacturer: syz
[  249.146806][ T5950] usb 5-1: SerialNumber: syz
[  251.561994][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  251.562343][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  252.231298][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.231597][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.341021][  T248] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.341040][  T248] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.463541][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.463872][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.732168][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.732188][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.845544][ T8527] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.023866][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  253.031663][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPIPE
[  253.206099][ T8527] 8021q: adding VLAN 0 to HW filter on device team0
[  253.277904][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.278033][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.363732][ T1191] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.363886][ T1191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.630670][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000400. ret = -EPROTO
[  253.630741][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  253.743518][ T5950] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  253.805291][ T5950] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[  253.848180][ T5950] usb 5-1: USB disconnect, device number 18
[  255.635181][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  255.635259][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  256.324804][ T8770] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size.
[  256.505992][ T8458] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.198569][ T5477] 8021q: adding VLAN 0 to HW filter on device eth2
[  257.395619][ T8527] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.579482][ T8458] veth0_vlan: entered promiscuous mode
[  263.896776][ T8458] veth1_vlan: entered promiscuous mode
[  264.304245][ T8458] veth0_macvtap: entered promiscuous mode
[  264.342418][ T8458] veth1_macvtap: entered promiscuous mode
[  264.556517][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_0
[  264.691983][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.005360][ T1338] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.020383][ T5477] 8021q: adding VLAN 0 to HW filter on device eth3
[  265.055176][ T1338] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.069421][ T1338] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.072877][ T1338] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.593803][ T8527] veth0_vlan: entered promiscuous mode
[  267.865582][ T8527] veth1_vlan: entered promiscuous mode
[  268.064540][  T160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.064559][  T160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.938197][ T1119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.938217][ T1119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.099665][ T8527] veth0_macvtap: entered promiscuous mode
[  272.164550][ T8527] veth1_macvtap: entered promiscuous mode
[  272.376994][ T8527] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.476562][ T8527] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.561103][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.561332][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.561368][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.561401][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.834238][ T8918] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1083'.
[  276.911894][ T8918] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1083'.
[  278.044048][ T5477] 8021q: adding VLAN 0 to HW filter on device eth4
[  278.091222][ T8923] syz_tun: entered allmulticast mode
[  278.288549][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.288571][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.480154][ T5934] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  278.668667][ T5934] usb 3-1: Using ep0 maxpacket: 8
[  278.674730][ T5934] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.674755][ T5934] usb 3-1: config 0 has no interfaces?
[  280.056244][ T5934] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  280.056275][ T5934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.056294][ T5934] usb 3-1: Product: syz
[  280.056308][ T5934] usb 3-1: Manufacturer: syz
[  280.056322][ T5934] usb 3-1: SerialNumber: syz
[  280.103306][ T5934] usb 3-1: config 0 descriptor??
[  280.353518][ T8927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.354087][ T8927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.570713][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.570728][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.743535][ T8949] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.981075][ T8949] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.000394][ T8949] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.014626][ T8949] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.163173][ T8954] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.128465][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  282.565595][ T8962] 9pnet_fd: p9_fd_create_unix (8962): problem connecting socket: ./file0: -13
[  284.672316][ T5800] usb 3-1: USB disconnect, device number 14
[  285.386337][ T5818] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  286.469245][ T5818] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  286.480373][ T5818] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  286.486619][ T5818] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  286.490758][ T5818] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  288.796251][ T5821] Bluetooth: hci4: command tx timeout
[  289.137112][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1104'.
[  289.191724][ T9005] bond0: option lp_interval: invalid value (0)
[  289.191748][ T9005] bond0: option lp_interval: allowed values 1 - 2147483647
[  289.430992][ T8981] chnl_net:caif_netlink_parms(): no params data found
[  289.742438][   T42] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  290.818608][ T5821] Bluetooth: hci4: command tx timeout
[  290.825242][   T42] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  290.825272][   T42] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.825290][   T42] usb 6-1: Product: syz
[  290.825303][   T42] usb 6-1: Manufacturer: syz
[  290.825316][   T42] usb 6-1: SerialNumber: syz
[  290.882454][   T42] usb 6-1: config 0 descriptor??
[  291.106123][   T42] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  291.484011][ T9031] Bluetooth: hci0: invalid length 0, exp 2 for type 15
[  292.901920][ T5821] Bluetooth: hci4: command tx timeout
[  294.201757][ T1138] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.649422][   T42] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  294.662512][   T42] usb 6-1: USB disconnect, device number 2
[  295.171594][ T5821] Bluetooth: hci4: command tx timeout
[  297.434134][ T9064] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1117'.
[  297.809077][ T9071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1116'.
[  297.885904][ T9072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1116'.
[  300.211695][ T1138] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.293099][ T8981] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.293230][ T8981] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.293407][ T8981] bridge_slave_0: entered allmulticast mode
[  300.295819][ T8981] bridge_slave_0: entered promiscuous mode
[  300.446494][ T8981] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.446697][ T8981] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.446957][ T8981] bridge_slave_1: entered allmulticast mode
[  300.485929][ T8981] bridge_slave_1: entered promiscuous mode
[  300.544516][ T8981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  300.558704][ T8981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.613219][ T8981] team0: Port device team_slave_0 added
[  300.624547][ T8981] team0: Port device team_slave_1 added
[  305.428458][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  305.438452][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  305.448459][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  305.498399][ T8981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.498577][ T8981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.498604][ T8981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.780770][ T1138] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.900724][ T8981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.900736][ T8981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.900750][ T8981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.430954][ T5821] Bluetooth: Frame is too long (len 16, expected len 4)
[  311.466315][ T8981] hsr_slave_0: entered promiscuous mode
[  311.477201][ T8981] hsr_slave_1: entered promiscuous mode
[  311.481851][ T8981] debugfs: 'hsr0' already exists in 'hsr'
[  311.481875][ T8981] Cannot create hsr debugfs directory
[  312.364550][ T1138] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.297067][ T9172] batadv0: entered promiscuous mode
[  315.298874][ T9172] bond0: entered promiscuous mode
[  315.298894][ T9172] bond_slave_0: entered promiscuous mode
[  315.299121][ T9172] bond_slave_1: entered promiscuous mode
[  315.301971][ T9172] hsr1: entered allmulticast mode
[  315.301988][ T9172] batadv0: entered allmulticast mode
[  315.302006][ T9172] bond0: entered allmulticast mode
[  315.302018][ T9172] bond_slave_0: entered allmulticast mode
[  315.302034][ T9172] bond_slave_1: entered allmulticast mode
[  315.302562][ T9172] 8021q: adding VLAN 0 to HW filter on device hsr1
[  318.983859][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  318.983930][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  340.318614][ T5801] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  340.584593][ T9287] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  341.138806][ T5801] usb 6-1: Using ep0 maxpacket: 8
[  341.160436][ T5801] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  341.160492][ T5801] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  341.160514][ T5801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  341.160537][ T5801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  341.160559][ T5801] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  341.160600][ T5801] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  341.160621][ T5801] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.782492][ T5801] usb 6-1: usb_control_msg returned -32
[  341.782537][ T5801] usbtmc 6-1:16.0: can't read capabilities
[  343.978865][ T1138] bridge_slave_1: left allmulticast mode
[  343.978896][ T1138] bridge_slave_1: left promiscuous mode
[  343.979238][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.029525][ T8861] usb 6-1: USB disconnect, device number 3
[  345.390970][ T5818] Bluetooth: hci6: command 0x0406 tx timeout
[  345.787908][ T9317] binder: 9310:9317 ioctl c0285840 200000000000 returned -22
[  345.803036][ T9316] loop5: detected capacity change from 0 to 7
[  346.038205][ T9316] Dev loop5: unable to read RDB block 7
[  346.038645][ T9316]  loop5: unable to read partition table
[  346.053210][ T9316] loop5: partition table beyond EOD, truncated
[  346.053336][ T9316] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  347.619095][ T1138] bridge_slave_0: left allmulticast mode
[  347.620128][ T1138] bridge_slave_0: left promiscuous mode
[  347.620358][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.313351][   T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  350.038074][   T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  350.054667][   T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  350.056219][   T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  350.076975][   T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  350.170845][  T822] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  350.328585][  T822] usb 3-1: Using ep0 maxpacket: 8
[  350.331570][  T822] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  350.334184][  T822] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  350.334212][  T822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.334231][  T822] usb 3-1: Product: syz
[  350.334245][  T822] usb 3-1: Manufacturer: syz
[  350.334258][  T822] usb 3-1: SerialNumber: syz
[  351.096501][  T822] usb 3-1: config 0 descriptor??
[  351.098765][  T822] usb 3-1: can't set config #0, error -71
[  351.108984][  T822] usb 3-1: USB disconnect, device number 15
[  351.117925][ T1119] Bluetooth: hci5: Frame reassembly failed (-84)
[  351.709294][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  351.749193][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  351.770613][ T1138] bond0 (unregistering): Released all slaves
[  351.833208][ T9345] batadv0: entered promiscuous mode
[  351.836844][ T9345] vlan2: entered promiscuous mode
[  351.888589][ T5917] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  352.088862][ T5917] usb 3-1: Using ep0 maxpacket: 16
[  352.094189][ T5917] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  352.094221][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.094241][ T5917] usb 3-1: Product: syz
[  352.094255][ T5917] usb 3-1: Manufacturer: syz
[  352.094267][ T5917] usb 3-1: SerialNumber: syz
[  352.170010][ T5917] usb 3-1: config 0 descriptor??
[  352.206677][   T59] Bluetooth: hci2: command tx timeout
[  352.966471][ T5917] dvb_usb_dtv5100 3-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -110
[  353.141810][ T5821] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  354.381464][   T59] Bluetooth: hci2: command tx timeout
[  355.128444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  355.148442][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  355.158444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  355.168433][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  355.178437][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  355.188439][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  356.579322][   T59] Bluetooth: hci2: command tx timeout
[  356.654496][ T5917] usb 3-1: USB disconnect, device number 16
[  358.523081][ T9389] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1184'.
[  358.525513][ T9389] fuse: Bad value for 'user_id'
[  358.525528][ T9389] fuse: Bad value for 'user_id'
[  358.662512][   T59] Bluetooth: hci2: command tx timeout
[  358.752804][ T9393] sctp: [Deprecated]: syz.1.1184 (pid 9393) Use of struct sctp_assoc_value in delayed_ack socket option.
[  358.752804][ T9393] Use struct sctp_sack_info instead
[  358.960794][ T9401] random: crng reseeded on system resumption
[  360.552572][ T9418] netlink: 'syz.4.1189': attribute type 10 has an invalid length.
[  361.019678][   T42] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  361.918837][ T5801] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  362.048516][   T42] usb 5-1: device descriptor read/64, error -71
[  362.078341][ T9418] 8021q: adding VLAN 0 to HW filter on device batadv0
[  362.103473][ T9418] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  362.126594][ T5801] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  362.126623][ T5801] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.126664][ T5801] usb 2-1: Product: syz
[  362.126677][ T5801] usb 2-1: Manufacturer: syz
[  362.126691][ T5801] usb 2-1: SerialNumber: syz
[  362.156500][ T5801] usb 2-1: config 0 descriptor??
[  362.537180][   T42] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  362.608584][ T5801] usb 2-1: Firmware: major: 226, minor: 19, hardware type: UNKNOWN (46)
[  363.528628][ T5801] usb 2-1: Firmware: build 
[  363.658568][   T42] usb 5-1: device descriptor read/64, error -71
[  363.768862][   T42] usb usb5-port1: attempt power cycle
[  363.789628][ T5801] usb 2-1: no permanent extended address found, random address set
[  363.789657][ T5801] usb 2-1: atusb_probe: initialization failed, error = -524
[  363.790329][ T5801] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  364.064533][ T5801] usb 2-1: USB disconnect, device number 15
[  365.060632][ T1138] hsr_slave_0: left promiscuous mode
[  365.120836][ T1138] hsr_slave_1: left promiscuous mode
[  365.122001][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  365.122025][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  365.267497][ T9451] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1197'.
[  366.051685][   T36] kauditd_printk_skb: 222 callbacks suppressed
[  366.051707][   T36] audit: type=1326 audit(1776650170.636:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.051799][   T36] audit: type=1326 audit(1776650170.636:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.051870][   T36] audit: type=1326 audit(1776650170.696:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.051994][   T36] audit: type=1326 audit(1776650170.696:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.052114][   T36] audit: type=1326 audit(1776650170.696:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.052157][   T36] audit: type=1326 audit(1776650170.696:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.052235][   T36] audit: type=1326 audit(1776650170.706:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.052354][   T36] audit: type=1326 audit(1776650170.706:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.052470][   T36] audit: type=1326 audit(1776650170.716:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9453 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  366.245672][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  366.245699][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.532982][ T5822] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  366.544741][ T1138] veth1_macvtap: left promiscuous mode
[  366.544839][ T1138] veth0_macvtap: left promiscuous mode
[  366.545066][ T1138] veth1_vlan: left promiscuous mode
[  366.545242][ T1138] veth0_vlan: left promiscuous mode
[  366.678768][ T5822] usb 5-1: Using ep0 maxpacket: 32
[  366.687626][ T5822] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  366.687652][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.687671][ T5822] usb 5-1: Product: syz
[  366.687683][ T5822] usb 5-1: Manufacturer: syz
[  366.687696][ T5822] usb 5-1: SerialNumber: syz
[  366.751459][ T5822] usb 5-1: config 0 descriptor??
[  366.775404][ T5822] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  369.272112][ T5822] gspca_ov534_9: reg_w failed -110
[  369.589125][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  369.619196][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  369.668664][ T5822] gspca_ov534_9: Unknown sensor 0000
[  369.668762][ T5822] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22
[  369.814183][ T9464] bridge0: port 3(erspan0) entered blocking state
[  369.814249][ T9464] bridge0: port 3(erspan0) entered disabled state
[  369.814384][ T9464] erspan0: entered allmulticast mode
[  369.815934][ T9464] erspan0: entered promiscuous mode
[  369.816745][ T9464] bridge0: port 3(erspan0) entered blocking state
[  369.816853][ T9464] bridge0: port 3(erspan0) entered forwarding state
[  369.833231][ T9468] erspan0: left allmulticast mode
[  369.833256][ T9468] erspan0: left promiscuous mode
[  369.833527][ T9468] bridge0: port 3(erspan0) entered disabled state
[  371.342871][   T42] usb 5-1: USB disconnect, device number 22
[  371.889666][ T9489] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1206'.
[  374.146240][ T9332] chnl_net:caif_netlink_parms(): no params data found
[  374.418561][ T5801] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  374.588767][ T5801] usb 3-1: Using ep0 maxpacket: 16
[  374.590647][ T5801] usb 3-1: config index 0 descriptor too short (expected 51443, got 18)
[  374.594421][ T5801] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  374.594447][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.594465][ T5801] usb 3-1: Product: syz
[  374.594480][ T5801] usb 3-1: Manufacturer: syz
[  374.594493][ T5801] usb 3-1: SerialNumber: syz
[  374.624783][   T36] audit: type=1326 audit(1776650179.556:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  374.624841][   T36] audit: type=1326 audit(1776650179.556:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  374.630071][   T36] audit: type=1326 audit(1776650179.566:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5af7e0d04e code=0x7ffc0000
[  374.631561][   T36] audit: type=1326 audit(1776650179.566:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.631604][   T36] audit: type=1326 audit(1776650179.566:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.721903][ T9332] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.722093][ T9332] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.722270][ T9332] bridge_slave_0: entered allmulticast mode
[  374.724682][ T9332] bridge_slave_0: entered promiscuous mode
[  374.736954][ T9332] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.737143][ T9332] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.737314][ T9332] bridge_slave_1: entered allmulticast mode
[  374.740428][ T9332] bridge_slave_1: entered promiscuous mode
[  374.792442][ T9332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.803933][ T9332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.874233][   T36] audit: type=1326 audit(1776650179.796:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.874285][   T36] audit: type=1326 audit(1776650179.806:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.874331][   T36] audit: type=1326 audit(1776650179.806:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.874373][   T36] audit: type=1326 audit(1776650179.806:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  374.880777][ T5873] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  374.889839][ T5801] r8152-cfgselector 3-1: Unknown version 0x0000
[  374.889863][ T5801] r8152-cfgselector 3-1: config 0 descriptor??
[  374.894053][   T36] audit: type=1326 audit(1776650179.816:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9520 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5af7e4c4ab code=0x7ffc0000
[  375.122776][ T5873] usb 2-1: unable to get BOS descriptor or descriptor too short
[  375.123835][ T5873] usb 2-1: not running at top speed; connect to a high speed hub
[  375.127193][ T5873] usb 2-1: config 0 has an invalid interface number: 175 but max is 0
[  375.127216][ T5873] usb 2-1: config 0 has no interface number 0
[  375.127246][ T5873] usb 2-1: config 0 interface 175 has no altsetting 0
[  375.180976][ T5873] usb 2-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  375.181005][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.181022][ T5873] usb 2-1: Product: syz
[  375.181035][ T5873] usb 2-1: Manufacturer: syz
[  375.181049][ T5873] usb 2-1: SerialNumber: syz
[  375.247489][ T5873] usb 2-1: config 0 descriptor??
[  375.368572][ T5902] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  375.371036][  T821] r8152-cfgselector 3-1: USB disconnect, device number 17
[  375.470155][ T5873] ums-alauda 2-1:0.175: USB Mass Storage device detected
[  375.481353][ T5873] ums-alauda 2-1:0.175: This device (07b4,010a,0102 S 06 P 01) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  375.481353][ T5873]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  375.522218][ T5902] usb 6-1: unable to get BOS descriptor or descriptor too short
[  375.522809][ T5902] usb 6-1: not running at top speed; connect to a high speed hub
[  375.523841][ T5902] usb 6-1: config 1 has an invalid interface number: 85 but max is 0
[  375.523864][ T5902] usb 6-1: config 1 has no interface number 0
[  375.523892][ T5902] usb 6-1: config 1 interface 85 has no altsetting 0
[  375.526056][ T5902] usb 6-1: New USB device found, idVendor=093a, idProduct=2471, bcdDevice=1e.62
[  375.526081][ T5902] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.526093][ T5902] usb 6-1: Product: syz
[  375.526100][ T5902] usb 6-1: Manufacturer: syz
[  375.526108][ T5902] usb 6-1: SerialNumber: syz
[  375.690960][ T9332] team0: Port device team_slave_0 added
[  375.697104][ T9332] team0: Port device team_slave_1 added
[  375.699417][ T5873] usb 2-1: USB disconnect, device number 16
[  375.819620][ T9332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.819638][ T9332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  375.819663][ T9332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.821974][ T9332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.821988][ T9332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  375.822013][ T9332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.872668][ T5902] gspca_main: pac207-2.14.0 probing 093a:2471
[  375.873168][ T5902] gspca_pac207: Failed to read a register (index 0x0000, error -71)
[  375.886906][ T5902] usb 6-1: USB disconnect, device number 4
[  376.200901][ T9332] hsr_slave_0: entered promiscuous mode
[  376.203230][ T9332] hsr_slave_1: entered promiscuous mode
[  376.204239][ T9332] debugfs: 'hsr0' already exists in 'hsr'
[  376.204263][ T9332] Cannot create hsr debugfs directory
[  376.876922][ T1138] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.479231][   T36] kauditd_printk_skb: 31 callbacks suppressed
[  380.479249][   T36] audit: type=1326 audit(1776650185.346:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.2.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  380.479297][   T36] audit: type=1326 audit(1776650185.346:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.2.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  380.479339][   T36] audit: type=1326 audit(1776650185.356:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.2.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  380.479380][   T36] audit: type=1326 audit(1776650185.356:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.2.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  380.479421][   T36] audit: type=1326 audit(1776650185.356:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.2.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  381.665649][ T1138] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.153430][ T9614] netlink: 'syz.1.1262': attribute type 21 has an invalid length.
[  383.374460][ T1138] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.400221][ T9636] netlink: 'syz.5.1268': attribute type 1 has an invalid length.
[  384.236811][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  384.236879][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  384.457237][ T9614] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1262'.
[  384.457542][ T9647] tc_dump_action: action bad kind
[  384.543543][ T9653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1277'.
[  384.543569][ T9653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1277'.
[  384.688910][  T822] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  384.783684][ T1138] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.897731][  T822] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  385.316998][  T822] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  385.317029][  T822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  385.317047][  T822] usb 6-1: Product: syz
[  385.317059][  T822] usb 6-1: Manufacturer: syz
[  385.317073][  T822] usb 6-1: SerialNumber: syz
[  385.635334][  T822] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  385.857252][  T821] usb 6-1: USB disconnect, device number 5
[  385.874408][  T821] usblp0: removed
[  386.000653][ T5934] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  386.001806][  T822] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  386.153086][ T5934] usb 2-1: Using ep0 maxpacket: 8
[  386.168034][  T822] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  386.168214][  T822] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  386.177880][  T822] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  386.177931][  T822] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.177956][  T822] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.230789][  T822] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  386.230818][  T822] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  386.230892][  T822] usb 3-1: Product: syz
[  386.230905][  T822] usb 3-1: Manufacturer: syz
[  386.232892][ T5934] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  386.232941][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  386.232980][ T5934] usb 2-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  386.233009][ T5934] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.317961][ T5934] usb 2-1: config 0 descriptor??
[  386.327034][ T5934] qmi_wwan 2-1:0.0: bogus CDC Union: master=25, slave=0
[  386.327264][ T5934] qmi_wwan 2-1:0.0: probe with driver qmi_wwan failed with error -22
[  386.363863][  T822] cdc_wdm 3-1:1.0: skipping garbage
[  386.363881][  T822] cdc_wdm 3-1:1.0: skipping garbage
[  386.382107][  T822] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  386.382128][  T822] cdc_wdm 3-1:1.0: Unknown control protocol
[  386.514162][  T821] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  386.566334][ T5950] usb 2-1: USB disconnect, device number 17
[  386.581682][ T9677] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  386.592318][ T5902] usb 3-1: USB disconnect, device number 18
[  386.676714][  T821] usb 5-1: config 0 has an invalid interface number: 131 but max is 0
[  386.676741][  T821] usb 5-1: config 0 has no interface number 0
[  386.676770][  T821] usb 5-1: too many endpoints for config 0 interface 131 altsetting 152: 164, using maximum allowed: 30
[  386.676807][  T821] usb 5-1: config 0 interface 131 altsetting 152 has 0 endpoint descriptors, different from the interface descriptor's value: 164
[  386.676832][  T821] usb 5-1: config 0 interface 131 has no altsetting 0
[  386.739000][  T821] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  386.739028][  T821] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.739047][  T821] usb 5-1: Product: syz
[  386.739061][  T821] usb 5-1: Manufacturer: syz
[  386.739074][  T821] usb 5-1: SerialNumber: syz
[  386.746909][  T821] usb 5-1: config 0 descriptor??
[  386.997404][  T821] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  386.998825][  T821] gspca_stk1135: reg_w 0x2 err -71
[  386.999936][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  386.999947][  T821] gspca_stk1135: Sensor write failed
[  386.999971][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  386.999980][  T821] gspca_stk1135: Sensor write failed
[  387.000011][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000020][  T821] gspca_stk1135: Sensor read failed
[  387.000043][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000052][  T821] gspca_stk1135: Sensor read failed
[  387.000058][  T821] gspca_stk1135: Detected sensor type unknown (0x0)
[  387.000086][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000095][  T821] gspca_stk1135: Sensor read failed
[  387.000117][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000125][  T821] gspca_stk1135: Sensor read failed
[  387.000148][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000156][  T821] gspca_stk1135: Sensor write failed
[  387.000179][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  387.000188][  T821] gspca_stk1135: Sensor write failed
[  387.000262][  T821] stk1135 5-1:0.131: probe with driver stk1135 failed with error -71
[  387.050927][  T821] usb 5-1: USB disconnect, device number 23
[  387.659337][ T9332] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  387.811242][ T9332] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  387.976278][ T9332] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  388.163386][ T9332] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  388.292613][ T1138] bridge_slave_1: left allmulticast mode
[  388.292641][ T1138] bridge_slave_1: left promiscuous mode
[  388.292908][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.379222][ T1138] bridge_slave_0: left allmulticast mode
[  388.379251][ T1138] bridge_slave_0: left promiscuous mode
[  388.379490][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.447288][ T9748] tipc: Can't bind to reserved service type 0
[  390.603172][ T9760] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1320'.
[  390.717271][ T1138] bridge0: port 3(dummy0) entered disabled state
[  390.771165][ T1138] bridge_slave_1: left allmulticast mode
[  390.771194][ T1138] bridge_slave_1: left promiscuous mode
[  390.771420][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.859463][ T1138] bridge_slave_0: left allmulticast mode
[  390.859485][ T1138] bridge_slave_0: left promiscuous mode
[  390.859644][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.389682][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  391.469034][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  391.530284][ T1138] bond0 (unregistering): Released all slaves
[  392.069117][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  392.130717][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  392.181100][ T1138] bond0 (unregistering): Released all slaves
[  392.187603][ T1138] bond1 (unregistering): Released all slaves
[  392.265957][ T9733] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  392.313575][ T9332] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  392.437518][ T9332] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  392.452131][ T9753] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1318'.
[  392.453387][ T5477] 8021q: adding VLAN 0 to HW filter on device eth5
[  392.467381][ T9332] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  392.541358][ T9332] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  395.539361][ T9332] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.877001][ T9332] 8021q: adding VLAN 0 to HW filter on device team0
[  396.004638][ T9332] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  396.004663][ T9332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  396.080595][   T66] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.082397][   T66] bridge0: port 1(bridge_slave_0) entered forwarding state
[  396.117870][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.118000][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.410225][ T9332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  399.909716][ T5477] 8021q: adding VLAN 0 to HW filter on device eth6
[  401.944813][ T9876] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  401.958770][ T1138] hsr_slave_0: left promiscuous mode
[  403.011678][ T1138] hsr_slave_1: left promiscuous mode
[  403.012638][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  403.054727][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.058554][ T5801] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  404.208484][ T5801] usb 5-1: Using ep0 maxpacket: 16
[  404.210136][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  404.212660][ T5801] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  404.212687][ T5801] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.212701][ T5801] usb 5-1: Product: syz
[  404.212708][ T5801] usb 5-1: Manufacturer: syz
[  404.212715][ T5801] usb 5-1: SerialNumber: syz
[  404.215869][ T5801] usb 5-1: config 0 descriptor??
[  404.237246][ T5801] hub 5-1:0.0: bad descriptor, ignoring hub
[  404.237282][ T5801] hub 5-1:0.0: probe with driver hub failed with error -5
[  404.298579][ T5917] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  404.302015][ T5801] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input16
[  404.348741][ T1138] hsr_slave_0: left promiscuous mode
[  404.379731][ T1138] hsr_slave_1: left promiscuous mode
[  404.381796][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.381821][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.514751][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.514778][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.521300][ T5917] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  404.521328][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.521347][ T5917] usb 2-1: Product: syz
[  404.521360][ T5917] usb 2-1: Manufacturer: syz
[  404.521374][ T5917] usb 2-1: SerialNumber: syz
[  405.027332][ T5917] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  405.027390][ T5917] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[  405.051896][ T5917] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  405.051952][ T5917] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  405.052910][ T5917] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  405.068756][ T1138] veth1_macvtap: left promiscuous mode
[  405.068856][ T1138] veth0_macvtap: left promiscuous mode
[  405.069251][ T1138] veth1_vlan: left promiscuous mode
[  405.069407][ T1138] veth0_vlan: left promiscuous mode
[  405.164107][ T5917] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[  405.220997][ T5917] usb 2-1: USB disconnect, device number 18
[  405.953051][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  406.029538][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  406.202092][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  406.461262][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  406.748852][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  408.175592][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  408.278324][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  408.826079][   T59] Bluetooth: hci4: command tx timeout
[  409.207404][ T5917] usb 5-1: USB disconnect, device number 24
[  409.999338][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  410.039687][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  410.353576][ T9879] team0: entered allmulticast mode
[  410.353592][ T9879] team_slave_0: entered allmulticast mode
[  410.353602][ T9879] team_slave_1: entered allmulticast mode
[  410.900352][   T59] Bluetooth: hci4: command tx timeout
[  412.989726][   T59] Bluetooth: hci4: command tx timeout
[  413.178509][ T5873] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  413.338555][ T5873] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.338582][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3
[  413.338632][ T5873] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  413.338654][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.472176][T10002] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  413.472204][T10002] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  413.502738][T10002] vhci_hcd vhci_hcd.0: Device attached
[  413.507389][T10004] vhci_hcd: connection closed
[  413.527634][   T66] vhci_hcd vhci_hcd.2: stop threads
[  413.529412][   T66] vhci_hcd vhci_hcd.2: release socket
[  413.529560][   T66] vhci_hcd vhci_hcd.2: disconnect device
[  413.640243][ T5477] 8021q: adding VLAN 0 to HW filter on device eth7
[  413.641758][ T5873] usb 5-1: config 0 descriptor??
[  413.984825][ T9906] chnl_net:caif_netlink_parms(): no params data found
[  414.362638][ T5873] Bluetooth: Can't get version to change to load ram patch err
[  414.362673][ T5873] Bluetooth: Loading sysconfig file failed
[  414.362710][ T5873] ath3k 5-1:0.0: probe with driver ath3k failed with error -71
[  414.367184][ T5873] usb 5-1: USB disconnect, device number 25
[  414.687445][ T9906] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.688142][ T9906] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.688282][ T9906] bridge_slave_0: entered allmulticast mode
[  414.700761][ T9906] bridge_slave_0: entered promiscuous mode
[  414.905455][ T9906] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.905571][ T9906] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.905801][ T9906] bridge_slave_1: entered allmulticast mode
[  414.917974][ T9906] bridge_slave_1: entered promiscuous mode
[  415.068718][   T59] Bluetooth: hci4: command tx timeout
[  415.120557][ T9906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  415.138487][ T9906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  415.188320][ T9906] team0: Port device team_slave_0 added
[  415.199677][ T9906] team0: Port device team_slave_1 added
[  415.256923][ T9906] batman_adv: batadv0: Adding interface: batadv_slave_0
[  415.256939][ T9906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  415.256964][ T9906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  415.341408][ T9906] batman_adv: batadv0: Adding interface: batadv_slave_1
[  415.341426][ T9906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  415.341453][ T9906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  416.313678][ T5477] 8021q: adding VLAN 0 to HW filter on device eth8
[  416.674457][ T9906] hsr_slave_0: entered promiscuous mode
[  416.898799][ T9906] hsr_slave_1: entered promiscuous mode
[  416.916972][ T9906] debugfs: 'hsr0' already exists in 'hsr'
[  416.919062][ T9906] Cannot create hsr debugfs directory
[  418.157863][T10048] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  418.178842][   T59] Bluetooth: hci6: command 0x0406 tx timeout
[  418.256349][T10048] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  418.371772][T10048] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  418.371865][T10048] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  418.743222][T10048] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  419.777995][T10120] syz.1.1436 (10120): /proc/10119/oom_adj is deprecated, please use /proc/10119/oom_score_adj instead.
[  420.258721][   T59] Bluetooth: hci6: command 0x0406 tx timeout
[  420.602665][   T59] Bluetooth: hci4: command 0x0c1a tx timeout
[  425.026849][   T36] audit: type=1326 audit(1776650229.956:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.026902][   T36] audit: type=1326 audit(1776650229.956:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.036593][   T36] audit: type=1326 audit(1776650229.966:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.037891][   T36] audit: type=1326 audit(1776650229.966:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.038356][   T36] audit: type=1326 audit(1776650229.966:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.040661][   T36] audit: type=1326 audit(1776650229.976:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.042475][   T36] audit: type=1326 audit(1776650229.976:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.043051][   T36] audit: type=1326 audit(1776650229.976:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10202 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a256c819 code=0x7ffc0000
[  425.695196][   T59] Bluetooth: hci4: command 0x0c1a tx timeout
[  425.695323][ T5902] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  425.825765][ T1138] bridge_slave_1: left allmulticast mode
[  425.825798][ T1138] bridge_slave_1: left promiscuous mode
[  425.826049][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.856340][ T5902] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  425.856367][ T5902] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  425.856385][ T5902] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  425.856433][ T5902] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  425.856465][ T5902] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  425.869221][ T5902] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  425.869249][ T5902] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  425.869267][ T5902] usb 6-1: Product: syz
[  425.869279][ T5902] usb 6-1: Manufacturer: syz
[  425.913477][ T5902] cdc_wdm 6-1:1.0: skipping garbage
[  425.913494][ T5902] cdc_wdm 6-1:1.0: skipping garbage
[  425.980103][ T5902] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  425.980125][ T5902] cdc_wdm 6-1:1.0: Unknown control protocol
[  426.014293][ T1138] bridge_slave_0: left allmulticast mode
[  426.014319][ T1138] bridge_slave_0: left promiscuous mode
[  426.014550][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.107008][  T822] usb 6-1: USB disconnect, device number 6
[  427.499205][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  427.579373][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.600670][ T1138] bond0 (unregistering): Released all slaves
[  427.645167][T10209] tipc: Started in network mode
[  427.645186][T10209] tipc: Node identity fff50000000000000000000000000001, cluster identity 4711
[  427.645217][T10209] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  427.680096][ T5477] 8021q: adding VLAN 0 to HW filter on device eth10
[  427.742686][   T59] Bluetooth: hci4: command 0x0c1a tx timeout
[  428.597508][T10257] lo speed is unknown, defaulting to 1000
[  428.852521][ T1138] hsr_slave_0: left promiscuous mode
[  428.891841][ T1138] hsr_slave_1: left promiscuous mode
[  428.894091][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  428.953818][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  429.170511][ T5917] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  429.479027][ T5917] usb 6-1: Using ep0 maxpacket: 8
[  429.481512][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0
[  429.481550][ T5917] usb 6-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00
[  429.481574][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.616840][ T5917] usb 6-1: config 0 descriptor??
[  430.065525][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065563][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065589][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065613][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065636][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065658][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065680][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065703][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065726][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.065749][ T5917] hid-alps 0003:044E:121E.000D: unknown main item tag 0x0
[  430.221976][ T5917] hid-alps 0003:044E:121E.000D: hidraw0: USB HID v0.00 Device [HID 044e:121e] on usb-dummy_hcd.5-1/input0
[  430.264015][ T5917] usb 6-1: USB disconnect, device number 7
[  430.707067][T10278] fido_id[10278]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  430.773702][T10283] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1493'.
[  431.534129][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  431.599347][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  432.048554][ T5917] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  432.050910][T10257] lo speed is unknown, defaulting to 1000
[  432.201977][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  432.202009][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  432.202042][ T5917] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  432.202064][ T5917] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.258571][ T5821] Bluetooth: hci4: command 0x0c1a tx timeout
[  432.350448][ T5917] usb 3-1: config 0 descriptor??
[  432.421243][T10257] lo speed is unknown, defaulting to 1000
[  432.654751][T10257] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  432.654791][T10257] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  432.654832][T10257] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  432.725905][T10257] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  432.805829][T10257] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  432.862020][ T5917] cp2112 0003:10C4:EA90.000E: item fetching failed at offset 5/7
[  432.869624][ T5917] cp2112 0003:10C4:EA90.000E: parse failed
[  432.869761][ T5917] cp2112 0003:10C4:EA90.000E: probe with driver cp2112 failed with error -22
[  433.154908][ T5917] usb 3-1: USB disconnect, device number 19
[  433.811514][T10257] lo speed is unknown, defaulting to 1000
[  434.276934][T10346] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1517'.
[  434.307097][T10257] lo speed is unknown, defaulting to 1000
[  434.356352][T10257] lo speed is unknown, defaulting to 1000
[  434.385984][T10257] lo speed is unknown, defaulting to 1000
[  434.492297][T10257] lo speed is unknown, defaulting to 1000
[  435.755415][ T5917] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  435.928491][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  435.928525][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  435.928562][ T5917] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  435.928584][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.989879][ T5917] usb 6-1: config 0 descriptor??
[  436.444410][ T5917] playstation 0003:054C:0DF2.000F: global environment stack underflow
[  436.444432][ T5917] playstation 0003:054C:0DF2.000F: item 0 2 1 11 parsing failed
[  436.446100][ T5917] playstation 0003:054C:0DF2.000F: Parse failed
[  436.446165][ T5917] playstation 0003:054C:0DF2.000F: probe with driver playstation failed with error -22
[  436.641013][  T821] usb 6-1: USB disconnect, device number 8
[  436.708615][ T9906] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  436.761588][ T9906] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  436.763014][ T9906] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  436.807513][ T9906] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  436.815939][ T9906] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  436.892328][ T9906] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  436.895133][ T9906] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  436.911582][T10396] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  436.911806][T10396] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  436.969901][ T9906] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  437.272886][  T821] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  437.443085][  T821] usb 2-1: Using ep0 maxpacket: 32
[  437.445519][  T821] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[  437.445543][  T821] usb 2-1: config 2 has no interface number 0
[  437.445585][  T821] usb 2-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  437.445610][  T821] usb 2-1: config 2 interface 88 has no altsetting 0
[  437.487713][  T821] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  437.487744][  T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.487763][  T821] usb 2-1: Product: syz
[  437.487777][  T821] usb 2-1: Manufacturer: syz
[  437.487791][  T821] usb 2-1: SerialNumber: syz
[  437.523864][T10397] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  437.571987][ T9906] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.747137][T10397] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  437.797759][ T9906] 8021q: adding VLAN 0 to HW filter on device team0
[  437.912050][  T248] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.913758][  T248] bridge0: port 1(bridge_slave_0) entered forwarding state
[  438.161599][  T821] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  438.161855][  T821] asix 2-1:2.88: probe with driver asix failed with error -71
[  438.168627][  T808] bridge0: port 2(bridge_slave_1) entered blocking state
[  438.168748][  T808] bridge0: port 2(bridge_slave_1) entered forwarding state
[  438.286227][  T821] usb 2-1: USB disconnect, device number 19
[  438.418490][   T59] Bluetooth: hci6: command 0x0406 tx timeout
[  438.980319][   T59] Bluetooth: hci4: command 0x0c1a tx timeout
[  440.338620][ T5950] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  440.503358][ T9906] 8021q: adding VLAN 0 to HW filter on device batadv0
[  440.640460][ T5950] usb 6-1: unable to get BOS descriptor or descriptor too short
[  440.641650][ T5950] usb 6-1: unable to read config index 0 descriptor/start: -71
[  440.641687][ T5950] usb 6-1: can't read configurations, error -71
[  441.596190][ T9906] veth0_vlan: entered promiscuous mode
[  441.666977][ T9906] veth1_vlan: entered promiscuous mode
[  441.786115][ T9906] veth0_macvtap: entered promiscuous mode
[  441.823909][ T9906] veth1_macvtap: entered promiscuous mode
[  441.900834][ T9906] batman_adv: batadv0: Interface activated: batadv_slave_0
[  441.942356][ T9906] batman_adv: batadv0: Interface activated: batadv_slave_1
[  441.976234][  T808] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  441.977640][  T808] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  441.996640][  T808] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  442.115599][  T808] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  443.250910][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.250940][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.412875][ T1338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.412894][ T1338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.467658][T10596] vivid-003: disconnect
[  444.503931][T10594] vivid-003: reconnect
[  445.068883][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  445.068951][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  445.116683][T10615] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1586'.
[  445.116705][T10615] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1586'.
[  446.041623][T10638] program syz.1.1597 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  446.438698][ T5950] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  446.578573][ T5801] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  446.728492][ T5801] usb 5-1: Using ep0 maxpacket: 16
[  446.733366][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.733392][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.733413][ T5801] usb 5-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  446.733424][ T5801] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.742771][ T5950] usb 2-1: Using ep0 maxpacket: 32
[  446.749158][ T5950] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  446.749188][ T5950] usb 2-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  446.749213][ T5950] usb 2-1: config 0 interface 0 has no altsetting 0
[  446.749244][ T5950] usb 2-1: New USB device found, idVendor=5543, idProduct=0081, bcdDevice= 0.00
[  446.749266][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.755734][ T5950] usb 2-1: config 0 descriptor??
[  446.756705][T10648] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  446.867851][ T5801] usb 5-1: config 0 descriptor??
[  447.256064][ T5950] hid (null): nested delimiters
[  447.332017][ T5801] ntrig 0003:1B96:0008.0011: item fetching failed at offset 5/7
[  447.332824][ T5801] ntrig 0003:1B96:0008.0011: parse failed
[  447.332936][ T5801] ntrig 0003:1B96:0008.0011: probe with driver ntrig failed with error -22
[  447.412844][ T5950] usb 2-1: string descriptor 0 read error: -71
[  447.415186][ T5950] uclogic 0003:5543:0081.0010: failed retrieving string descriptor #200: -71
[  447.415252][ T5950] uclogic 0003:5543:0081.0010: failed retrieving pen parameters: -71
[  447.415269][ T5950] uclogic 0003:5543:0081.0010: failed probing pen v2 parameters: -71
[  447.415328][ T5950] uclogic 0003:5543:0081.0010: failed probing parameters: -71
[  447.415431][ T5950] uclogic 0003:5543:0081.0010: probe with driver uclogic failed with error -71
[  447.436943][ T5950] usb 2-1: USB disconnect, device number 20
[  447.519139][ T5801] usb 5-1: USB disconnect, device number 26
[  447.533498][T10666] 8021q: adding VLAN 0 to HW filter on device bond1
[  447.548740][T10666] bond1: entered allmulticast mode
[  447.555223][T10666] team0: Port device bond1 added
[  448.006972][T10679] sctp: [Deprecated]: syz.2.1613 (pid 10679) Use of struct sctp_assoc_value in delayed_ack socket option.
[  448.006972][T10679] Use struct sctp_sack_info instead
[  450.931911][ T5950] af_packet: tpacket_rcv: packet too big, clamped from 74 to 4294967286. macoff=82
[  452.031315][T10739] program syz.1.1637 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  459.336675][T10810] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1662'.
[  461.730167][T10855] batadv_slave_1: entered promiscuous mode
[  461.730696][T10854] batadv_slave_1: left promiscuous mode
[  462.145027][T10862] netlink: 472 bytes leftover after parsing attributes in process `syz.1.1687'.
[  462.686434][T10882] sch_fq: defrate 5 ignored.
[  462.723984][T10884] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  464.394541][   T36] audit: type=1326 audit(1776650269.326:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.5.1702" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ed9d0c819 code=0x0
[  465.078554][ T5801] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  465.228472][ T5801] usb 6-1: Using ep0 maxpacket: 8
[  465.230677][ T5801] usb 6-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  465.230707][ T5801] usb 6-1: config 0 interface 0 has no altsetting 0
[  465.230738][ T5801] usb 6-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  465.230760][ T5801] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.385673][ T5801] usb 6-1: config 0 descriptor??
[  465.888094][ T5801] hid_parser_main: 30 callbacks suppressed
[  465.890119][ T5801] kye 0003:0458:0087.0012: unknown main item tag 0x0
[  465.890158][ T5801] kye 0003:0458:0087.0012: unknown main item tag 0x0
[  465.890185][ T5801] kye 0003:0458:0087.0012: unknown main item tag 0x0
[  465.890211][ T5801] kye 0003:0458:0087.0012: unknown main item tag 0x0
[  465.890237][ T5801] kye 0003:0458:0087.0012: unknown main item tag 0x0
[  465.890335][ T5801] kye 0003:0458:0087.0012: item fetching failed at offset 12/43
[  465.891250][ T5801] kye 0003:0458:0087.0012: parse failed
[  465.891328][ T5801] kye 0003:0458:0087.0012: probe with driver kye failed with error -22
[  466.036475][ T5801] usb 6-1: USB disconnect, device number 11
[  468.043480][T10937] tipc: Started in network mode
[  468.043510][T10937] tipc: Node identity ac14140f, cluster identity 4711
[  468.132729][T10937] tipc: New replicast peer: 255.255.255.255
[  468.301211][T10937] tipc: Enabled bearer <udp:syz2>, priority 10
[  468.307192][T10941] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1718'.
[  468.563644][T10954] program syz.4.1725 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  469.173544][ T8861] tipc: Node number set to 2886997007
[  470.195065][T10972] macvlan0: entered promiscuous mode
[  470.288451][  T821] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  470.440274][  T821] usb 6-1: Using ep0 maxpacket: 32
[  470.443444][  T821] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  470.443469][  T821] usb 6-1: config 0 has no interface number 0
[  470.443530][  T821] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  470.443556][  T821] usb 6-1: config 0 interface 85 has no altsetting 0
[  470.446865][  T821] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  470.446892][  T821] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.446912][  T821] usb 6-1: Product: syz
[  470.446925][  T821] usb 6-1: Manufacturer: syz
[  470.446938][  T821] usb 6-1: SerialNumber: syz
[  470.490281][  T821] usb 6-1: config 0 descriptor??
[  470.797561][T10986] input: syz1 as /devices/virtual/input/input18
[  470.926487][  T821] appletouch 6-1:0.85: Geyser mode initialized.
[  471.040613][  T821] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input17
[  471.376482][    C1] appletouch 6-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  471.376529][  T821] usb 6-1: USB disconnect, device number 12
[  471.598557][  T821] appletouch 6-1:0.85: input: appletouch disconnected
[  471.685676][T11017] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1753'.
[  473.331704][ T5934] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  473.382261][T11057] vcan0: tx address claim with different name
[  473.511595][ T5934] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  473.511628][ T5934] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  473.511648][ T5934] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  473.511686][ T5934] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  473.511706][ T5934] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.580671][ T5934] usb 3-1: config 0 descriptor??
[  474.032380][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032424][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032453][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032481][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032507][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032534][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032561][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032588][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032616][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.032643][ T5934] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  474.076748][T11073] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1778'.
[  474.159916][ T5934] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  474.334390][ T5934] usb 3-1: USB disconnect, device number 20
[  474.479011][T11074] fido_id[11074]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  475.182005][T11098] netlink: 'syz.4.1789': attribute type 29 has an invalid length.
[  475.187192][T11098] netlink: 'syz.4.1789': attribute type 29 has an invalid length.
[  475.936209][T11114] vcan0: tx drop: invalid sa for name 0x0000000008000000
[  476.200118][T11121] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1799'.
[  476.618534][ T5934] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  476.768543][ T5934] usb 2-1: Using ep0 maxpacket: 32
[  476.770982][ T5934] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  476.771007][ T5934] usb 2-1: config 0 has no interface number 0
[  476.771053][ T5934] usb 2-1: config 0 interface 12 has no altsetting 0
[  476.774379][ T5934] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  476.774406][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.774426][ T5934] usb 2-1: Product: syz
[  476.774440][ T5934] usb 2-1: Manufacturer: syz
[  476.774454][ T5934] usb 2-1: SerialNumber: syz
[  476.850863][ T5934] usb 2-1: config 0 descriptor??
[  477.488499][ T5934] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: d8 failed: -71
[  477.488572][ T5934] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  477.488589][ T5934] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  477.488693][ T5934] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  477.550850][ T5934] usb 2-1: USB disconnect, device number 21
[  478.589286][ T5917] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  478.762370][ T5917] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  478.762420][ T5917] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  478.762444][ T5917] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  478.803263][ T5917] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  478.803292][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.803311][ T5917] usb 3-1: Product: syz
[  478.803325][ T5917] usb 3-1: Manufacturer: syz
[  478.803337][ T5917] usb 3-1: SerialNumber: syz
[  478.873601][ T5917] cdc_mbim 3-1:1.0: skipping garbage
[  479.065348][T11161] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  479.733198][T11161] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  480.693297][ T5917] cdc_mbim 3-1:1.0: bind() failure
[  480.724372][ T5917] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  480.726153][ T5917] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  480.736017][ T5917] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  480.763661][ T5917] usb 3-1: USB disconnect, device number 21
[  481.410994][T11199] netlink: 'syz.1.1828': attribute type 1 has an invalid length.
[  483.448580][ T5917] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  483.609998][ T5917] usb 6-1: Using ep0 maxpacket: 32
[  483.613740][ T5917] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  483.613764][ T5917] usb 6-1: config 0 has no interface number 0
[  483.625664][ T5917] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  483.625691][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.625709][ T5917] usb 6-1: Product: syz
[  483.625722][ T5917] usb 6-1: Manufacturer: syz
[  483.625735][ T5917] usb 6-1: SerialNumber: syz
[  483.675282][ T5917] usb 6-1: config 0 descriptor??
[  483.746566][ T5917] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  484.083137][ T5917] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  484.238882][ T5917] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  484.347261][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  484.348105][ T5917] usb 6-1: USB disconnect, device number 13
[  484.379217][ T5917] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  484.388251][ T5917] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  484.409333][ T5917] quatech2 6-1:0.51: device disconnected
[  484.810101][ T5801] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  484.960925][ T5801] usb 5-1: config 0 interface 0 altsetting 11 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  484.960962][ T5801] usb 5-1: config 0 interface 0 has no altsetting 0
[  484.960993][ T5801] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  484.961015][ T5801] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.014811][ T5801] usb 5-1: config 0 descriptor??
[  485.015632][T11262] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  485.191934][T11277] netlink: 182 bytes leftover after parsing attributes in process `syz.2.1859'.
[  485.453495][ T5801] hid_parser_main: 5 callbacks suppressed
[  485.453518][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453548][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453573][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453598][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453622][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453648][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x0
[  485.453673][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown main item tag 0x5
[  485.453699][ T5801] holtek_kbd 0003:04D9:A055.0014: unknown global tag 0xd
[  485.453713][ T5801] holtek_kbd 0003:04D9:A055.0014: item 0 1 1 13 parsing failed
[  485.456936][ T5801] holtek_kbd 0003:04D9:A055.0014: probe with driver holtek_kbd failed with error -22
[  485.642870][ T5801] usb 5-1: USB disconnect, device number 27
[  486.257449][T11292] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1866'.
[  486.322858][T11292] bridge0: port 2(bridge_slave_1) entered disabled state
[  486.366616][T11292] bridge_slave_1 (unregistering): left allmulticast mode
[  486.366643][T11292] bridge_slave_1 (unregistering): left promiscuous mode
[  486.366745][T11292] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.410898][ T5917] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  487.580915][ T5917] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  487.580948][ T5917] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.584048][ T5917] usb 2-1: New USB device found, idVendor=046d, idProduct=0714, bcdDevice= 0.00
[  487.584075][ T5917] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  487.584095][ T5917] usb 2-1: Product: syz
[  487.584109][ T5917] usb 2-1: Manufacturer: syz
[  487.646325][ T5917] hub 2-1:4.0: USB hub found
[  487.851475][ T5917] hub 2-1:4.0: config failed, hub has too many ports! (err -19)
[  488.162518][ T5917] usb 2-1: USB disconnect, device number 22
[  488.958547][ T5950] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  489.090572][ T5801] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  489.130564][ T5950] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  489.130595][ T5950] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  489.130644][ T5950] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  489.130665][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.266598][ T5801] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  489.458764][ T5950] usb 2-1: usb_control_msg returned -32
[  489.458814][ T5950] usbtmc 2-1:16.0: can't read capabilities
[  489.876955][   T59] Bluetooth: hci6: unexpected cc 0x0c14 length: 96 < 249
[  489.877000][   T59] Bluetooth: hci6: unexpected event for opcode 0x0c14
[  490.161196][ T5801] usb 2-1: USB disconnect, device number 23
[  490.837475][T11366] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.1893'.
[  491.032239][T11371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1895'.
[  491.689575][   T36] audit: type=1326 audit(1776650296.626:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.689625][   T36] audit: type=1326 audit(1776650296.626:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  491.689666][   T36] audit: type=1326 audit(1776650296.626:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e199cc819 code=0x7ffc0000
[  491.696000][   T36] audit: type=1326 audit(1776650296.626:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.697332][   T36] audit: type=1326 audit(1776650296.626:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.708978][   T36] audit: type=1326 audit(1776650296.646:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.715388][   T36] audit: type=1326 audit(1776650296.646:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.715957][   T36] audit: type=1326 audit(1776650296.646:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.721306][   T36] audit: type=1326 audit(1776650296.646:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  491.721828][   T36] audit: type=1326 audit(1776650296.656:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11380 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e1996db99 code=0x7ffc0000
[  492.547196][ T5950] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  493.070939][ T5950] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.076714][ T5950] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  493.076742][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.076761][ T5950] usb 3-1: Product: syz
[  493.076776][ T5950] usb 3-1: Manufacturer: syz
[  493.076790][ T5950] usb 3-1: SerialNumber: syz
[  493.388032][ T5950] usb 3-1: config 0 descriptor??
[  493.535891][ T5950] CoreChips 3-1:0.0: probe with driver CoreChips failed with error -22
[  494.367814][T11416] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1913'.
[  494.951327][ T5950] usb 3-1: USB disconnect, device number 22
[  495.178546][  T822] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  495.334691][  T822] usb 5-1: Using ep0 maxpacket: 32
[  495.336790][  T822] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  495.336815][  T822] usb 5-1: config 0 has no interface number 0
[  495.336860][  T822] usb 5-1: config 0 interface 184 has no altsetting 0
[  495.351257][  T822] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  495.351285][  T822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.351304][  T822] usb 5-1: Product: syz
[  495.351316][  T822] usb 5-1: Manufacturer: syz
[  495.351329][  T822] usb 5-1: SerialNumber: syz
[  495.370637][  T822] usb 5-1: config 0 descriptor??
[  496.192295][T11454] loop8: detected capacity change from 0 to 7
[  496.193761][T11454] Dev loop8: unable to read RDB block 7
[  496.193803][T11454]  loop8: unable to read partition table
[  496.194018][T11454] loop8: partition table beyond EOD, truncated
[  496.194035][T11454] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  496.654513][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  496.654545][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  496.655202][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  496.655226][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  496.655244][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  496.655261][  T822] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  496.655522][  T822] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  496.677430][  T822] usb 5-1: USB disconnect, device number 28
[  497.329104][T11470] loop8: detected capacity change from 0 to 7
[  497.330525][T11470] Dev loop8: unable to read RDB block 7
[  497.330567][T11470]  loop8: unable to read partition table
[  497.330766][T11470] loop8: partition table beyond EOD, truncated
[  497.330784][T11470] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  498.872356][T11484] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1939'.
[  499.148433][ T8861] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  499.378419][ T8861] usb 6-1: Using ep0 maxpacket: 32
[  499.384021][ T8861] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  499.384050][ T8861] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.384069][ T8861] usb 6-1: Product: syz
[  499.384082][ T8861] usb 6-1: Manufacturer: syz
[  499.384095][ T8861] usb 6-1: SerialNumber: syz
[  499.443168][ T8861] usb 6-1: config 0 descriptor??
[  499.881323][ T8861] airspy 6-1:0.0: Board ID: 00
[  499.881344][ T8861] airspy 6-1:0.0: Firmware version: 
[  500.505824][ T8861] airspy 6-1:0.0: usb_control_msg() failed -71 request 12
[  500.535561][ T8861] airspy 6-1:0.0: Registered as swradio24
[  500.535582][ T8861] airspy 6-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  500.556750][ T8861] usb 6-1: USB disconnect, device number 14
[  503.738466][ T5950] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  503.838533][  T822] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  503.876489][T11595] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  503.876489][T11595] The task syz.2.1973 (11595) triggered the difference, watch for misbehavior.
[  503.910543][ T5950] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  503.910581][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.939049][ T5950] usb 2-1: config 0 descriptor??
[  503.943330][ T5950] cp210x 2-1:0.0: cp210x converter detected
[  503.991161][  T822] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  503.991188][  T822] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  503.992825][  T822] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  503.992852][  T822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  503.992870][  T822] usb 5-1: SerialNumber: syz
[  504.286296][  T822] usb 5-1: 0:2 : does not exist
[  504.362395][ T5950] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  504.390402][ T5950] usb 2-1: cp210x converter now attached to ttyUSB0
[  504.390568][  T822] usb 5-1: USB disconnect, device number 29
[  504.569514][ T8861] usb 2-1: USB disconnect, device number 24
[  504.603554][ T9775] udevd[9775]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  504.651141][ T8861] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  504.790716][ T8861] cp210x 2-1:0.0: device disconnected
[  505.434979][T11619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1979'.
[  505.492834][T11618] IPv6: addrconf: prefix option has invalid lifetime
[  506.279040][T11621] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1979'.
[  506.516543][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  506.516612][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  506.982400][T11643] 9p: Invalid uid '0x00000000ffffffff'
[  508.868229][T11688] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  508.868281][T11688] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  508.873579][T11688] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  508.873626][T11688] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  512.363806][  T822] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  512.845230][  T822] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  512.845260][  T822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.845279][  T822] usb 5-1: Product: syz
[  512.845292][  T822] usb 5-1: Manufacturer: syz
[  512.845304][  T822] usb 5-1: SerialNumber: syz
[  513.386366][  T822] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  513.386426][  T822] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  513.416421][T11731] netlink: 'syz.5.2022': attribute type 4 has an invalid length.
[  513.708664][ T5950] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  513.971091][  T822] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  513.971141][  T822] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  513.973582][  T822] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  514.100079][ T5950] usb 2-1: Using ep0 maxpacket: 8
[  514.733724][ T5950] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  514.733900][ T5950] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  514.733924][ T5950] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  514.733947][ T5950] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  514.733971][ T5950] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  514.734014][ T5950] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  514.734036][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.883987][  T822] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[  514.967460][  T822] usb 5-1: USB disconnect, device number 30
[  515.044384][ T5950] usb 2-1: usb_control_msg returned -32
[  515.044433][ T5950] usbtmc 2-1:16.0: can't read capabilities
[  515.165290][   T36] kauditd_printk_skb: 372 callbacks suppressed
[  515.165309][   T36] audit: type=1326 audit(1776650320.096:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11748 comm="syz.6.2030" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f14ebe9c819 code=0x0
[  515.637271][T11763] usbtmc 2-1:16.0: stb usb_control_msg returned -32
[  515.642441][ T5801] usb 2-1: USB disconnect, device number 25
[  515.753271][T11764] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  515.753321][T11764] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  515.754905][T11764] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  515.754948][T11764] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  517.161210][T11781] netlink: 'syz.4.2041': attribute type 4 has an invalid length.
[  517.243726][T11785] netlink: 'syz.4.2041': attribute type 4 has an invalid length.
[  517.265157][T11787] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2044'.
[  518.257870][T11824] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  518.257896][T11824] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  518.258014][T11824] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  518.258032][T11824] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  521.098304][T11892] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2082'.
[  521.331093][T11899] binder: 11898:11899 ioctl c0306201 2000000001c0 returned -14
[  522.649497][T11897] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  522.649522][T11897] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  522.649610][T11897] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  522.649626][T11897] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  523.398791][ T5917] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  523.564784][T11929] 9p: Bad value for 'rfdno'
[  523.567812][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  523.567844][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  523.567864][ T5917] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  523.567903][ T5917] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  523.567925][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.585947][ T5917] usb 6-1: config 0 descriptor??
[  523.662875][T11930] netlink: 'syz.2.2097': attribute type 11 has an invalid length.
[  523.662888][T11930] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2097'.
[  523.671116][T11930] netlink: 'syz.2.2097': attribute type 11 has an invalid length.
[  523.671136][T11930] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2097'.
[  525.201516][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201542][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201558][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201573][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201589][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201604][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201619][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201634][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201649][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.201663][ T5917] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  525.402432][ T5917] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  525.434620][ T5917] usb 6-1: USB disconnect, device number 15
[  525.509165][T11942] fido_id[11942]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  525.931823][T11954] netlink: 'syz.1.2107': attribute type 3 has an invalid length.
[  526.088518][ T5950] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  526.250953][ T5950] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  526.250989][ T5950] usb 6-1: config 0 has no interfaces?
[  526.255893][ T5950] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  526.255920][ T5950] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.255939][ T5950] usb 6-1: Product: syz
[  526.255952][ T5950] usb 6-1: Manufacturer: syz
[  526.255964][ T5950] usb 6-1: SerialNumber: syz
[  526.314836][ T5950] usb 6-1: config 0 descriptor??
[  526.483929][T11976] netlink: 679 bytes leftover after parsing attributes in process `syz.6.2115'.
[  526.552695][ T5917] usb 6-1: USB disconnect, device number 16
[  526.843438][T11978] netlink: 'syz.6.2116': attribute type 9 has an invalid length.
[  526.843461][T11978] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2116'.
[  529.363004][T12020] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2132'.
[  530.563236][T12030] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2137'.
[  530.761529][   T36] audit: type=1326 audit(1776650335.696:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.761583][   T36] audit: type=1326 audit(1776650335.696:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788672][   T36] audit: type=1326 audit(1776650335.706:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788725][   T36] audit: type=1326 audit(1776650335.706:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788766][   T36] audit: type=1326 audit(1776650335.706:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788813][   T36] audit: type=1326 audit(1776650335.706:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788854][   T36] audit: type=1326 audit(1776650335.706:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788895][   T36] audit: type=1326 audit(1776650335.706:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788934][   T36] audit: type=1326 audit(1776650335.706:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  530.788975][   T36] audit: type=1326 audit(1776650335.706:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12038 comm="syz.1.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x7ffc0000
[  531.925688][T12076] Bluetooth: hci3: Opcode 0x0401 failed: -22
[  532.138465][ T5902] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  532.308474][ T5902] usb 2-1: Using ep0 maxpacket: 16
[  532.310541][ T5902] usb 2-1: config index 0 descriptor too short (expected 51443, got 18)
[  532.312927][ T5902] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  532.312953][ T5902] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.312973][ T5902] usb 2-1: Product: syz
[  532.312987][ T5902] usb 2-1: Manufacturer: syz
[  532.313001][ T5902] usb 2-1: SerialNumber: syz
[  532.370956][ T5902] r8152-cfgselector 2-1: Unknown version 0x0000
[  532.370973][ T5902] r8152-cfgselector 2-1: config 0 descriptor??
[  532.786557][ T5902] r8152-cfgselector 2-1: USB disconnect, device number 26
[  533.909158][T12118] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  533.909207][T12118] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  533.912346][T12118] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  533.912391][T12118] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  535.063999][  T822] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  535.219184][  T822] usb 6-1: Using ep0 maxpacket: 16
[  535.226097][  T822] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  535.226122][  T822] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  535.231194][  T822] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  535.231222][  T822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.231243][  T822] usb 6-1: Product: syz
[  535.231256][  T822] usb 6-1: Manufacturer: syz
[  535.231270][  T822] usb 6-1: SerialNumber: syz
[  535.363761][  T822] usb 6-1: 0:2 : does not exist
[  535.486589][  T822] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  535.625868][T12153] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  535.625898][T12153] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  535.626011][T12153] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  535.626029][T12153] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  535.772105][  T822] usb 6-1: USB disconnect, device number 17
[  535.824924][ T9775] udevd[9775]: setting owner of /dev/bus/usb/006/017 to uid=0, gid=0 failed: No such file or directory
[  535.894654][ T9775] udevd[9775]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  536.674774][T12174] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2201'.
[  536.706022][T12174] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.717122][T12174] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.370442][   T36] kauditd_printk_skb: 43 callbacks suppressed
[  541.370461][   T36] audit: type=1326 audit(1776650346.296:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12238 comm="syz.1.2227" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f5af7e46597 code=0x0
[  542.570296][T12262] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  543.832754][ T5950] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  543.978481][ T5950] usb 2-1: Using ep0 maxpacket: 16
[  543.986590][ T5950] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  543.986619][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.986638][ T5950] usb 2-1: Product: syz
[  543.986651][ T5950] usb 2-1: Manufacturer: syz
[  543.986666][ T5950] usb 2-1: SerialNumber: syz
[  544.006094][ T5950] usb 2-1: config 0 descriptor??
[  544.012977][ T5950] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[  544.378963][ T5950] usb 2-1: USB disconnect, device number 27
[  544.544321][T12328] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2265'.
[  545.430011][T12359] syzkaller1: entered promiscuous mode
[  545.430036][T12359] syzkaller1: entered allmulticast mode
[  548.158482][ T5917] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  548.309703][ T5917] usb 6-1: Using ep0 maxpacket: 32
[  548.316876][ T5917] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  548.316907][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.359073][ T5917] usb 6-1: config 0 descriptor??
[  548.374673][ T5917] gspca_main: sunplus-2.14.0 probing 041e:400b
[  550.042551][T12375] syz.2.2286 (12375): drop_caches: 2
[  550.284471][ T5917] gspca_sunplus: reg_w_riv err -71
[  550.284583][ T5917] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  550.306840][ T5917] usb 6-1: USB disconnect, device number 18
[  550.561836][T12469] io-wq is not configured for unbound workers
[  550.636730][T12474] overlayfs: failed to clone upperpath
[  552.170286][T12507] kvm: emulating exchange as write
[  552.363017][T12520] tipc: Failed to remove unknown binding: 66,0,0/2886997007:609178710/609178711
[  552.364799][T12520] tipc: Failed to remove unknown binding: 66,0,0/2886997007:609178710/609178711
[  553.995014][T12628] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  553.995032][T12628] IPv6: NLM_F_CREATE should be set when creating new route
[  554.896611][T12665] netlink: 'syz.1.2408': attribute type 1 has an invalid length.
[  554.896633][T12665] netlink: 16150 bytes leftover after parsing attributes in process `syz.1.2408'.
[  563.965485][T12989] syzkaller0: entered promiscuous mode
[  563.965515][T12989] syzkaller0: entered allmulticast mode
[  564.380309][T13024] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  564.380335][T13024] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  564.380438][T13024] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  564.380456][T13024] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  568.002920][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  568.002961][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  568.964488][   T36] audit: type=1326 audit(1776650373.896:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13063 comm="syz.5.2595" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ed9d0c819 code=0x0
[  569.251891][T13070] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  570.482225][T13098] fuse: fd is not a fuse device
[  572.811686][  T822] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  572.958073][T13128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2620'.
[  572.967086][T13122] lo speed is unknown, defaulting to 1000
[  572.978653][  T822] usb 6-1: Using ep0 maxpacket: 32
[  572.983812][  T822] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  572.983862][  T822] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  572.983888][  T822] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  572.983909][  T822] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  572.983934][  T822] usb 6-1: config 0 interface 0 has no altsetting 0
[  572.983965][  T822] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  572.983987][  T822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.007737][T13128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2620'.
[  573.086057][  T822] usb 6-1: config 0 descriptor??
[  573.710440][  T822] hid-thrustmaster 0003:044F:B65D.0017: item fetching failed at offset 4/5
[  573.715635][  T822] hid-thrustmaster 0003:044F:B65D.0017: parse failed with error -22
[  573.715712][  T822] hid-thrustmaster 0003:044F:B65D.0017: probe with driver hid-thrustmaster failed with error -22
[  574.032428][ T8861] usb 6-1: USB disconnect, device number 19
[  588.788725][T13303] sctp: [Deprecated]: syz.1.2687 (pid 13303) Use of int in max_burst socket option.
[  588.788725][T13303] Use struct sctp_assoc_value instead
[  597.361695][T13407] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2726'.
[  598.048374][T13412] lo speed is unknown, defaulting to 1000
[  599.700986][T13430] syzkaller0: entered promiscuous mode
[  599.701013][T13430] syzkaller0: entered allmulticast mode
[  611.199682][T13545] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2777'.
[  617.383883][T13588] netlink: 'syz.1.2790': attribute type 1 has an invalid length.
[  625.098560][T13629] syz_tun: entered allmulticast mode
[  628.475335][T13650] Bluetooth: hci0: invalid length 0, exp 2 for type 18
[  629.814526][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  629.814672][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  631.804908][T13672] fuse: fd is not a fuse device
[  635.597301][T13695] gfs2: gfs2 mount does not exist
[  638.222127][T13713] overlayfs: failed to clone upperpath
[  638.949994][T13711] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  638.950023][T13711] overlayfs: failed to set xattr on upper
[  638.950031][T13711] overlayfs: ...falling back to redirect_dir=nofollow.
[  638.950039][T13711] overlayfs: ...falling back to index=off.
[  638.950046][T13711] overlayfs: ...falling back to uuid=null.
[  639.005934][T13714] overlayfs: missing 'lowerdir'
[  639.281335][T13719] ptrace attach of "./syz-executor exec"[8148] was attempted by "./syz-executor exec"[13719]
[  639.283966][   T36] audit: type=1326 audit(1776650444.216:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13717 comm="syz.1.2836" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5af7e4c819 code=0x0
[  639.338445][ T5801] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  639.468440][ T5801] usb 3-1: device descriptor read/64, error -71
[  639.597232][T13726] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2836'.
[  640.530299][ T5801] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  640.660300][ T5801] usb 3-1: device descriptor read/64, error -71
[  640.771123][ T5801] usb usb3-port1: attempt power cycle
[  645.727113][T13758] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  657.081627][T13863] overlayfs: failed to clone upperpath
[  665.143793][T13942] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2909'.
[  666.475155][T13957] 9p: Bad value for 'rfdno'
[  678.027788][T14047] openvswitch: netlink: Flow actions attr not present in new flow.
[  679.259828][T14061] openvswitch: netlink: Flow key attr not present in new flow.
[  679.261969][T14061] netlink: 'syz.5.2947': attribute type 1 has an invalid length.
[  679.574445][T14061] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  679.575448][T14061] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  679.934100][T14077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2951'.
[  680.866044][T14065] bond1: (slave gretap1): making interface the new active one
[  680.914093][T14065] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  680.951071][T14079] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  680.951107][T14079] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  680.951148][T14079] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  680.983231][T14079] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  689.002979][T14184] 9p: Bad value for 'rfdno'
[  691.683420][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  691.683489][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  692.576493][T14220] 9p: Bad value for 'rfdno'
[  742.232579][T14644] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  742.232643][T14644] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  742.238319][T14644] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  742.238339][T14644] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  749.240038][T14678] syz.2.3154 (14678) used greatest stack depth: 17208 bytes left
[  753.664471][ T1331] ieee802154 phy0 wpan0: encryption failed: -22
[  753.664539][ T1331] ieee802154 phy1 wpan1: encryption failed: -22
[  769.928943][T14831] FAULT_INJECTION: forcing a failure.
[  769.928943][T14831] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  769.928992][T14831] CPU: 1 UID: 0 PID: 14831 Comm: syz.2.3214 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  769.929019][T14831] Tainted: [L]=SOFTLOCKUP
[  769.929026][T14831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  769.929046][T14831] Call Trace:
[  769.929054][T14831]  <TASK>
[  769.929062][T14831]  dump_stack_lvl+0xe8/0x150
[  769.929098][T14831]  should_fail_ex+0x46b/0x600
[  769.929203][T14831]  _copy_to_user+0x31/0xb0
[  769.929283][T14831]  simple_read_from_buffer+0xe1/0x170
[  769.929363][T14831]  proc_fail_nth_read+0x1be/0x230
[  769.929420][T14831]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  769.929450][T14831]  ? rw_verify_area+0x2ac/0x4e0
[  769.929504][T14831]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  769.929531][T14831]  vfs_read+0x212/0xa80
[  769.929568][T14831]  ? __pfx_vfs_read+0x10/0x10
[  769.929599][T14831]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  769.929629][T14831]  ? lockdep_hardirqs_on+0x7a/0x110
[  769.929657][T14831]  ? _raw_spin_unlock_irqrestore+0x4c/0x80[  769.929657][T14831]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  769.929693][T14831]  ? mutex_lock_nested+0x152/0x1d0
[  769.929714][T14831]  ? fdget_pos+0x252/0x320
[  769.929772][T14831]  ksys_read+0x156/0x270
[  769.929804][T14831]  ? __pfx_ksys_read+0x10/0x10
[  769.929843][T14831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.929865][T14831]  do_syscall_64+0x15f/0xf80
[  769.929893][T14831]  ? trace_irq_disable+0x3b/0x140
[  769.929942][T14831]  ? clear_bhb_loop+0x40/0x90
[  769.929966][T14831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.929990][T14831] RIP: 0033:0x7fd2a252d04e
[  769.930013][T14831] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  769.930029][T14831] RSP: 002b:00007fd2a07c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  769.930050][T14831] RAX: ffffffffffffffda RBX: 00007fd2a07c66c0 RCX: 00007fd2a252d04e
[  769.930067][T14831] RDX: 000000000000000f RSI: 00007fd2a07c60a0 RDI: 0000000000000004
[  769.930079][T14831] RBP: 00007fd2a07c6090 R08: 0000000000000000 R09: 0000000000000000
[  769.930091][T14831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.930102][T14831] R13: 00007fd2a27e6038 R14: 00007fd2a27e5fa0 R15: 00007ffd1e6b5ef8
[  769.930135][T14831]  </TASK>
[  770.111619][   T59] ==================================================================
[  770.111640][   T59] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.111782][   T59] Read of size 8 at addr ffff8880393847b0 by task kworker/u9:0/59
[  770.111800][   T59] 
[  770.111815][   T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  770.111844][   T59] Tainted: [L]=SOFTLOCKUP
[  770.111852][   T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  770.111866][   T59] Workqueue: hci6 hci_rx_work
[  770.111932][   T59] Call Trace:
[  770.111940][   T59]  <TASK>
[  770.111950][   T59]  dump_stack_lvl+0xe8/0x150
[  770.111985][   T59]  print_address_description+0x55/0x1e0
[  770.112017][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.112045][   T59]  print_report+0x58/0x70
[  770.112073][   T59]  kasan_report+0x117/0x150
[  770.112125][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.112159][   T59]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.112190][   T59]  l2cap_connect_cfm+0x368/0x1560
[  770.112220][   T59]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  770.112244][   T59]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  770.112272][   T59]  ? lockdep_hardirqs_on+0x7a/0x110
[  770.112299][   T59]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  770.112327][   T59]  ? mutex_lock_nested+0x152/0x1d0
[  770.112348][   T59]  ? hci_connect_cfm+0x2c/0x140
[  770.112417][   T59]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  770.112443][   T59]  hci_connect_cfm+0x95/0x140
[  770.112466][   T59]  le_conn_complete_evt+0x1134/0x16b0
[  770.112519][   T59]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  770.112543][   T59]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  770.112572][   T59]  ? lockdep_hardirqs_on+0x7a/0x110
[  770.112600][   T59]  ? skb_pull_data+0xfb/0x200
[  770.112681][   T59]  hci_le_conn_complete_evt+0x187/0x470
[  770.112707][   T59]  hci_event_packet+0x659/0xef0
[  770.112739][   T59]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  770.112760][   T59]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  770.112780][   T59]  ? __pfx_hci_event_packet+0x10/0x10
[  770.112809][   T59]  ? rt_spin_unlock+0x14f/0x200
[  770.112835][   T59]  ? hci_send_to_monitor+0xe2/0x590
[  770.112886][   T59]  hci_rx_work+0x3ee/0x1040
[  770.112927][   T59]  ? process_scheduled_works+0xa70/0x1860
[  770.113034][   T59]  process_scheduled_works+0xb5d/0x1860
[  770.113079][   T59]  ? __pfx_process_scheduled_works+0x10/0x10
[  770.113112][   T59]  ? assign_work+0x3d5/0x5e0
[  770.113143][   T59]  worker_thread+0xa53/0xfc0
[  770.113175][   T59]  kthread+0x388/0x470
[  770.113225][   T59]  ? __pfx_worker_thread+0x10/0x10
[  770.113241][   T59]  ? __pfx_kthread+0x10/0x10
[  770.113263][   T59]  ret_from_fork+0x514/0xb70
[  770.113307][   T59]  ? __pfx_ret_from_fork+0x10/0x10
[  770.113326][   T59]  ? __switch_to+0xc79/0x1410
[  770.113379][   T59]  ? __pfx_kthread+0x10/0x10
[  770.113403][   T59]  ret_from_fork_asm+0x1a/0x30
[  770.113433][   T59]  </TASK>
[  770.113441][   T59] 
[  770.113450][   T59] Allocated by task 59:
[  770.113461][   T59]  kasan_save_track+0x3e/0x80
[  770.113511][   T59]  __kasan_kmalloc+0x93/0xb0
[  770.113538][   T59]  __kmalloc_noprof+0x3e7/0x7b0
[  770.113579][   T59]  sk_prot_alloc+0xe7/0x210
[  770.113624][   T59]  sk_alloc+0x3a/0x390
[  770.113642][   T59]  bt_sock_alloc+0x3b/0x310
[  770.113660][   T59]  l2cap_sock_new_connection_cb+0xe2/0x2e0
[  770.113686][   T59]  l2cap_connect_cfm+0x368/0x1560
[  770.113707][   T59]  hci_connect_cfm+0x95/0x140
[  770.113725][   T59]  le_conn_complete_evt+0x1134/0x16b0
[  770.113745][   T59]  hci_le_conn_complete_evt+0x187/0x470
[  770.113764][   T59]  hci_event_packet+0x659/0xef0
[  770.113790][   T59]  hci_rx_work+0x3ee/0x1040
[  770.113816][   T59]  process_scheduled_works+0xb5d/0x1860
[  770.113843][   T59]  worker_thread+0xa53/0xfc0
[  770.113858][   T59]  kthread+0x388/0x470
[  770.113877][   T59]  ret_from_fork+0x514/0xb70
[  770.113892][   T59]  ret_from_fork_asm+0x1a/0x30
[  770.113911][   T59] 
[  770.113922][   T59] Freed by task 14818:
[  770.113932][   T59]  kasan_save_track+0x3e/0x80
[  770.113957][   T59]  kasan_save_free_info+0x46/0x50
[  770.114001][   T59]  __kasan_slab_free+0x5c/0x80
[  770.114028][   T59]  kfree+0x1c5/0x6c0
[  770.114074][   T59]  __sk_destruct+0x74b/0x9d0
[  770.114095][   T59]  l2cap_sock_cleanup_listen+0xe0/0x440
[  770.114121][   T59]  l2cap_sock_release+0x6e/0x270
[  770.114145][   T59]  sock_close+0xc3/0x240
[  770.114169][   T59]  __fput+0x461/0xa70
[  770.114215][   T59]  task_work_run+0x1d9/0x270
[  770.114236][   T59]  get_signal+0x11c3/0x1310
[  770.114305][   T59]  arch_do_signal_or_restart+0xbc/0x830
[  770.114330][   T59]  exit_to_user_mode_loop+0x86/0x480
[  770.114375][   T59]  do_syscall_64+0x33e/0xf80
[  770.114402][   T59]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.114420][   T59] 
[  770.114425][   T59] The buggy address belongs to the object at ffff888039384000
[  770.114425][   T59]  which belongs to the cache kmalloc-2k of size 2048
[  770.114443][   T59] The buggy address is located 1968 bytes inside of
[  770.114443][   T59]  freed 2048-byte region [ffff888039384000, ffff888039384800)
[  770.114463][   T59] 
[  770.114468][   T59] The buggy address belongs to the physical page:
[  770.114487][   T59] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x39380
[  770.114510][   T59] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  770.114527][   T59] flags: 0x80000000000040(head|node=0|zone=1)
[  770.114548][   T59] page_type: f5(slab)
[  770.114567][   T59] raw: 0080000000000040 ffff88801a025000 dead000000000100 dead000000000122
[  770.114584][   T59] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  770.114602][   T59] head: 0080000000000040 ffff88801a025000 dead000000000100 dead000000000122
[  770.114620][   T59] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  770.114638][   T59] head: 0080000000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  770.114654][   T59] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[  770.114664][   T59] page dumped because: kasan: bad access detected
[  770.114678][   T59] page_owner tracks the page as allocated
[  770.114685][   T59] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 29, tgid 29 (ktimers/1), ts 762500452625, free_ts 761327264170
[  770.114719][   T59]  post_alloc_hook+0x231/0x280
[  770.114789][   T59]  get_page_from_freelist+0x27c8/0x2840
[  770.114809][   T59]  __alloc_frozen_pages_noprof+0x18d/0x380
[  770.114829][   T59]  allocate_slab+0x77/0x660
[  770.114852][   T59]  refill_objects+0x33c/0x3d0
[  770.114872][   T59]  __pcs_replace_empty_main+0x373/0x720
[  770.114896][   T59]  __kmalloc_noprof+0x530/0x7b0
[  770.114919][   T59]  ___neigh_create+0x722/0x2350
[  770.114992][   T59]  ip6_finish_output2+0x729/0x1430
[  770.115045][   T59]  ip6_output+0x340/0x550
[  770.115064][   T59]  ndisc_send_skb+0xd0b/0x1670
[  770.115115][   T59]  addrconf_rs_timer+0x395/0x6d0
[  770.115162][   T59]  call_timer_fn+0x192/0x5e0
[  770.115226][   T59]  __run_timer_base+0x6a3/0x9f0
[  770.115244][   T59]  run_timer_softirq+0xb7/0x170
[  770.115264][   T59]  handle_softirqs+0x1de/0x6d0
[  770.115315][   T59] page last free pid 14761 tgid 14752 stack trace:
[  770.115327][   T59]  __free_frozen_pages+0xfa6/0x10f0
[  770.115343][   T59]  __slab_free+0x252/0x2a0
[  770.115359][   T59]  qlist_free_all+0x99/0x100
[  770.115384][   T59]  kasan_quarantine_reduce+0x148/0x160
[  770.115409][   T59]  __kasan_slab_alloc+0x22/0x80
[  770.115436][   T59]  __kmalloc_noprof+0x399/0x7b0
[  770.115451][   T59]  tomoyo_realpath_from_path+0xe3/0x5d0
[  770.115497][   T59]  tomoyo_path_number_perm+0x246/0x630
[  770.115548][   T59]  security_file_ioctl+0xc3/0x2a0
[  770.115620][   T59]  __se_sys_ioctl+0x47/0x170
[  770.115681][   T59]  do_syscall_64+0x15f/0xf80
[  770.115707][   T59]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.115725][   T59] 
[  770.115729][   T59] Memory state around the buggy address:
[  770.115739][   T59]  ffff888039384680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  770.115753][   T59]  ffff888039384700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  770.115766][   T59] >ffff888039384780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  770.115776][   T59]                                      ^
[  770.115787][   T59]  ffff888039384800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  770.115800][   T59]  ffff888039384880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  770.115810][   T59] ==================================================================
[  770.115828][   T59] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  770.115847][   T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  770.115875][   T59] Tainted: [L]=SOFTLOCKUP
[  770.115883][   T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  770.115897][   T59] Workqueue: hci6 hci_rx_work
[  770.115933][   T59] Call Trace:
[  770.115941][   T59]  <TASK>
[  770.115950][   T59]  vpanic+0x56c/0xa60
[  770.115972][   T59]  ? __pfx_vpanic+0x10/0x10
[  770.115997][   T59]  panic+0xc5/0xd0
[  770.116015][   T59]  ? __pfx_panic+0x10/0x10
[  770.116035][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116065][   T59]  ? rcu_is_watching+0x15/0xb0
[  770.116140][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116169][   T59]  check_panic_on_warn+0x89/0xb0
[  770.116216][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116245][   T59]  end_report+0x73/0x170
[  770.116263][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116292][   T59]  kasan_report+0x128/0x150
[  770.116313][   T59]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116346][   T59]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  770.116379][   T59]  l2cap_connect_cfm+0x368/0x1560
[  770.116409][   T59]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  770.116434][   T59]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  770.116463][   T59]  ? lockdep_hardirqs_on+0x7a/0x110
[  770.116491][   T59]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  770.116519][   T59]  ? mutex_lock_nested+0x152/0x1d0
[  770.116555][   T59]  ? hci_connect_cfm+0x2c/0x140
[  770.116577][   T59]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  770.116604][   T59]  hci_connect_cfm+0x95/0x140
[  770.116627][   T59]  le_conn_complete_evt+0x1134/0x16b0
[  770.116656][   T59]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  770.116679][   T59]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  770.116706][   T59]  ? lockdep_hardirqs_on+0x7a/0x110
[  770.116733][   T59]  ? skb_pull_data+0xfb/0x200
[  770.116761][   T59]  hci_le_conn_complete_evt+0x187/0x470
[  770.116788][   T59]  hci_event_packet+0x659/0xef0
[  770.116820][   T59]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  770.116843][   T59]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  770.116863][   T59]  ? __pfx_hci_event_packet+0x10/0x10
[  770.116892][   T59]  ? rt_spin_unlock+0x14f/0x200
[  770.116926][   T59]  ? hci_send_to_monitor+0xe2/0x590
[  770.116952][   T59]  hci_rx_work+0x3ee/0x1040
[  770.116986][   T59]  ? process_scheduled_works+0xa70/0x1860
[  770.117017][   T59]  process_scheduled_works+0xb5d/0x1860
[  770.117061][   T59]  ? __pfx_process_scheduled_works+0x10/0x10
[  770.117094][   T59]  ? assign_work+0x3d5/0x5e0
[  770.117125][   T59]  worker_thread+0xa53/0xfc0
[  770.117157][   T59]  kthread+0x388/0x470
[  770.117179][   T59]  ? __pfx_worker_thread+0x10/0x10
[  770.117195][   T59]  ? __pfx_kthread+0x10/0x10
[  770.117217][   T59]  ret_from_fork+0x514/0xb70
[  770.117236][   T59]  ? __pfx_ret_from_fork+0x10/0x10
[  770.117254][   T59]  ? __switch_to+0xc79/0x1410
[  770.117281][   T59]  ? __pfx_kthread+0x10/0x10
[  770.117303][   T59]  ret_from_fork_asm+0x1a/0x30
[  770.117333][   T59]  </TASK>
[  770.117933][   T59] Kernel Offset: disabled