last executing test programs:

6.669254821s ago: executing program 3 (id=682):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$unix(r2, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x18, 0x0, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}}, 0x4040)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0xdddd0000, 0x10000})
msync(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
preadv(r6, &(0x7f0000000180)=[{0x0}], 0x1, 0x5fae, 0x4)

6.667969843s ago: executing program 0 (id=683):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x8800}, 0x4000) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x102, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0xa, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x400c445}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a6c000000060a0104000000000000000002000000400004803c0001800a0001006d617463680000002c00028014000300f4f03b020000000002000c116b61979e090001006c3274700000000008000240000000000900010073797a30000000000900020073797a32"], 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

6.619935488s ago: executing program 0 (id=684):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x80000007}, {0x85, 0x0, 0x0, 0x2d}}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)='%+9llu \x00'}, 0x1c)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r0, r1}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
timerfd_create(0x7, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
write(r4, &(0x7f0000000040)="1c00000021002551071c0165ff00fc020200000003100f000ee1000c", 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002240), 0x20000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r5 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, &(0x7f0000000240)={0x1, 0x1, &(0x7f00000001c0)=[r6], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000180)=[0xcbb], 0x0, 0x4000000000001})
fcntl$notify(r3, 0x402, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x141d40, 0x80)
close_range(r2, 0xffffffffffffffff, 0x2)

6.530064572s ago: executing program 0 (id=685):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$unix(r3, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x38f9, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x9)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r6)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x18, r7, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}}, 0x4040)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0xdddd0000, 0x10000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1, 0x5fae, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x50, 0x10, 0x3, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private2}]}]}]}, 0x50}, 0x1, 0x2}, 0x0)

5.497943658s ago: executing program 2 (id=686):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000004a00)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000009c0)="5263ae65ff57fcdad2d4c589756d75d5dd50c8a31cc7758093537a92b286f97ca497b612c7da0ba109cac04ce1b1c4600604e0b52cb86623b86c7a7b87415d0a3c8b6c9474f8fe00b5d40486afcafa9f34bcbebf38fa20342da0243759e3266e3617840cb9c9bfffea37a146811e9a8c04b74ce16ee9fc058df6f7450bc30c40", 0x80}], 0x1}}], 0x1, 0x4008810)
recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001f00)=""/4096, 0x1000}], 0x1}, 0x12060)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x4, 0xfffff034}, {0x20, 0xe, 0x0, 0x46}, {0x6, 0x0, 0x2}]}, 0x8)
sendmmsg(r3, &(0x7f0000001c00), 0x400000000000159, 0x40840)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x400b45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/vlan/config\x00')
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x20083, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x33)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000001, 0x0, 0x7}]})
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
preadv(r7, &(0x7f0000000440)=[{0x0}], 0x1, 0x80, 0xc51a)

4.399779365s ago: executing program 3 (id=687):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x38f9, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x2)

4.26491451s ago: executing program 1 (id=688):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ustat(0x40142, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000980), 0x0)

3.509060333s ago: executing program 0 (id=689):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ustat(0x40142, 0x0) (fail_nth: 1)
readv(0xffffffffffffffff, &(0x7f0000000980), 0x0)

3.508270511s ago: executing program 1 (id=690):
r0 = timerfd_create(0x1, 0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000008880)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, 0x50)
close(0x3)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x80000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0xa53, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0xfffffdfd, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
readv(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/8, 0x8}], 0x10000000000000dc)

3.374328042s ago: executing program 2 (id=691):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000440)='/dev/comedi0\x00', 0x101001, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETTXFILTER(r2, 0x400454d1, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ustat(0x40142, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000980), 0x0)

3.309677286s ago: executing program 0 (id=692):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a00", @ANYBLOB="f5ff0f0025"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, 0x0, 0x440b0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000280)={0x8, 0x7})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000100)=ANY=[@ANYBLOB="757271756f74612c75737271b43ff6f49dde4851636b5f686172640000000000000002cb"])
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_persistent(0x9, 0xffffffffffffffff, r3)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
keyctl$set_timeout(0xf, r3, 0x3)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1000002, 0x204031, 0xffffffffffffffff, 0xec776000)
r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x80000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000140)=0xff, 0xffffffffffffffff, 0x0, 0x3, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f0000000340)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x3ff}}}, 0x30)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/128, 0x80}], 0x1)
landlock_restrict_self(r4, 0xe)
sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x44, 0x0, 0xa, 0x101, 0x0, 0x0, {0xb, 0x0, 0x1}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELRULE={0x70, 0x8, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x5}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xdc}, 0x1, 0x0, 0x0, 0x884}, 0x4)

3.230217222s ago: executing program 2 (id=693):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x1}, 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x380})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x2, 0x80000000, 0xd}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2d8a7313}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000a53000/0x2000)=nil, 0x2000})
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r2, &(0x7f00000012c0)="a5", 0x1)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000140)=0x4)
r3 = dup2(r0, r0)
read$FUSE(r3, &(0x7f00000063c0)={0x2020}, 0x2020)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[@ANYBLOB="aac4aaaaaac4ffffffffffff080045000030000000000001020000000000000099569d204ae09853ac1e0001ac1414aa0b0790780300000045000000000000ac14140ae0000001f3ffffff00"], 0x0)

3.140239145s ago: executing program 1 (id=694):
mount(0x0, 0x0, 0x0, 0x10, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x90004)
r2 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000240)='resize', 0x0, r2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))

3.088358456s ago: executing program 1 (id=695):
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9000c0008000000000000000003ea05"], 0x11)
r0 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000100), 0x362240, 0x0)
recvmmsg$unix(r0, &(0x7f0000000440)=[{{&(0x7f0000000180), 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/218, 0xda}, {&(0x7f0000000300)=""/172, 0xac}], 0x2, &(0x7f0000000400)=[@cred={{0x18, 0x1, 0x2, {<r1=>0x0}}}, @cred={{0x18}}], 0x30}}], 0x1, 0x41, &(0x7f0000000480)={0x0, 0x3938700})
r2 = syz_open_dev$MSR(&(0x7f0000000000), 0x888, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(r1, &(0x7f00000004c0)='io\x00')
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r3, 0x40786e88, &(0x7f0000000700)={{&(0x7f0000000500)=[{0xece, 0xf0, 0x22753f48, {0x101, 0x9}, 0x101, 0x7, 0xb}, {0x3, 0x3, 0x401, {0x8, 0x8000000000000000}, 0xb06, 0x5, 0x2}], 0x2, 0x40, 0xa70c, 0xffffffff}, {&(0x7f0000000580)=[{0xa}, {0x75, 0x1}, {0x6, 0xfff}, {0x380000000, 0x4}, {0x344, 0x6}], 0x5, 0x10, 0x8, 0x200}, {&(0x7f0000000600)=[0x5, 0x15dd, 0x8, 0x5], 0x4, 0x8, 0x101, 0x9}, {&(0x7f0000000640)=[{0x10001, 0x401, 0x8000000000000000, 0x5, 0x88}, {0x6, 0x1ff, 0xfffffffffffffffe, 0xfffffffffffffe01, 0x4}], 0x2, 0x28, 0x2aa, 0x5}, {&(0x7f00000006c0)=[0x7], 0x1, 0x8, 0x1ff, 0xa}})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d6, 0x5})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000100)={0x0, 0x2, r4, 0x0, 0x80000})
read$msr(r2, &(0x7f0000000040)=""/153, 0x99)

2.440092023s ago: executing program 0 (id=696):
r0 = syz_open_dev$hidraw(0x0, 0xd, 0x505802)
syz_usb_connect(0x6, 0x2d, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYBLOB="05c729efa7c22a23358ea7864379e6cbe388826662047e02487a72b7fbc4a386e18b2955d27cc89a8c8068d10632b560093aae92f641507f3e656f1e1aea1f4fdd22e2c3818f05a356f66a602c5d7c42c135c58134e6133df519caf5d2d5ad427c2dbf4ee370403e7f4ddaf62633ab9b2ff8c1a11b5f908cbd88c44970758400054351827002247b6e4f34b6766019f4b51217893963ca37306d3f95b4075a58d977585459372a77d9b6b683af4e3b982787baf22a90f00a93ecc3fac69f75e93ef1fe932a6474480a413d3eb09a4d88bd05", @ANYRES16=r0], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000006c0)={&(0x7f0000000040)={0x2, 0x8, @private=0xa010101}, 0x10, &(0x7f0000000140)=[{&(0x7f00000000c0)="e0", 0x1}], 0x1}, 0xc000)
sendmsg$inet(r2, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000080)="d4", 0x1}], 0x1}, 0x8001)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
userfaultfd(0x1)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x33)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
getsockopt$inet_mreqsrc(r4, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0xc)
recvmsg$kcm(r3, &(0x7f0000002f80)={0x0, 0x0, 0x0}, 0x10000)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
write$char_usb(r1, &(0x7f0000000280)='L', 0x1)
syz_usb_connect(0x3, 0x3f, 0x0, 0x0)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000000)="0100000200373a4541062000a59ea940d2cb0b3692f5020000a00000050000000000eb000000a5e5be21c44e", 0x2c, 0xffffffffffffffff)
r5 = syz_open_dev$evdev(0x0, 0x2, 0x8000)
ioctl$EVIOCGMASK(r5, 0x80104592, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x38, 0x3, 0x6, 0x105, 0x0, 0x0, {0xa, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x38}}, 0x80)
syz_usb_connect(0x1, 0x36, &(0x7f00000001c0)=ANY=[], 0x0)
read$char_usb(r1, &(0x7f0000000300)=""/95, 0x50)

2.349692867s ago: executing program 2 (id=697):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$unix(r3, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x38f9, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x9)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r6)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x18, r7, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}}, 0x4040)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0xdddd0000, 0x10000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1, 0x5fae, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x50, 0x10, 0x3, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private2}]}]}]}, 0x50}, 0x1, 0x2}, 0x0)

1.580214528s ago: executing program 1 (id=698):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000104000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60000081}, 0x800)
close(0x3)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f00000003c0)={0x2c, 0xa, 0x3, "4a6535dffaa9779c16cc07f4e70156e42a022ece000000005000"})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20004001}, 0x4000018)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4064894}, 0x4000000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x24044000}, 0x0)

1.348163177s ago: executing program 1 (id=699):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$unix(r2, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x38f9, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x18, 0x0, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}}, 0x4040)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0xdddd0000, 0x10000})
msync(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
preadv(r6, &(0x7f0000000180)=[{0x0}], 0x1, 0x5fae, 0x4)

970.104458ms ago: executing program 3 (id=700):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a48000000060a010400000000000000000a0000050900020073797a32000000001c000480180001800d00010073796e70726f787900c72b00040002800900010073797a310000000014000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0xe0}, 0x1, 0x0, 0x0, 0x24008845}, 0x0)
close(r0)
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040001}, 0x4004000)

920.388325ms ago: executing program 3 (id=701):
syz_open_dev$MSR(&(0x7f00000000c0), 0xb, 0x0)
capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000080)={0x1ff, 0xe, 0x13e, 0x89, 0xffffffff, 0x2})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESDEC], 0x7c}, 0x1, 0x0, 0x0, 0x4041}, 0x50)
r1 = socket$l2tp(0x2, 0x2, 0x73)
syz_open_dev$tty1(0xc, 0x4, 0x3)
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc6fffffd)
ioctl$sock_SIOCGSKNS(r1, 0x894c, 0x0)

919.923504ms ago: executing program 3 (id=702):
r0 = timerfd_create(0x1, 0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000008880)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, 0x50)
close(0x3)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x80000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0xa53, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0xfffffdfd, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
readv(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/8, 0x8}], 0x10000000000000dc)

169.818872ms ago: executing program 2 (id=703):
r0 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000000), 0x420000, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x1, 0x4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x4})
ioctl$FE_DISHNETWORK_SEND_LEGACY_CMD(r0, 0x6f50, 0x253) (async)
ioctl$FE_DISHNETWORK_SEND_LEGACY_CMD(r0, 0x6f50, 0x253)
ioctl$XFS_IOC_BULKSTAT(r0, 0x8040587f, &(0x7f0000000140)={{0x8, 0x2, 0xf28, 0x5, 0x7}, &(0x7f0000000080)=[{}]})
r1 = syz_clone(0x400, &(0x7f00000001c0)="40f30662ff948a497447154e3e36ea9450bd7bdefcb3bfc7e89edd84c50b56c999e1139f7e89d699fce6bcb7d405d933f389aacd87c4123a34a13b52708de870392e63cf7801b2463927ffa3f1772dbb680c3da7e45de3a964c6948f13f14dcca39ba207171ad4056c1378cf0ce78064c838dca446c3e38bf87f7e2f89308bbe468eeb8683ccb71b8e8b3d7c8f51d5", 0x8f, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)="ad85ab8aa96cf64661b46923879d41a89511b7e09ac33a9bbb8139171f091395373fb4989051d84c46f0aaf9b950a5ffc39b777191f3937819")
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@initdev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@empty}, 0x0, @in6=@loopback}}, &(0x7f0000000680)=0xe4)
read$FUSE(r0, &(0x7f00000006c0)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
lstat(&(0x7f0000002840)='./file0\x00', &(0x7f0000002880)) (async)
lstat(&(0x7f0000002840)='./file0\x00', &(0x7f0000002880)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getegid() (async)
r7 = getegid()
fcntl$getownex(r0, 0x10, &(0x7f0000002900)={0x0, <r8=>0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002940)={{{@in6=@remote, @in6=@ipv4={""/10, ""/2, @broadcast}}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000002a40)=0xe4) (async)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002940)={{{@in6=@remote, @in6=@ipv4={""/10, ""/2, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000002a40)=0xe4)
read$FUSE(0xffffffffffffffff, &(0x7f0000002a80)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000004ac0)={{{@in=@remote, @in=@remote}}, {{@in6=@empty}}}, &(0x7f0000004bc0)=0xe4) (async)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000004ac0)={{{@in=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@empty}}}, &(0x7f0000004bc0)=0xe4)
read$FUSE(r0, &(0x7f0000004c00)={0x2020}, 0x2020) (async)
read$FUSE(r0, &(0x7f0000004c00)={0x2020, 0x0, 0x0, 0x0, <r12=>0x0}, 0x2020)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000006c40)={{0x1, 0x1, 0x18, r0, {0xee01, 0xffffffffffffffff}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000006c40)={{0x1, 0x1, 0x18, <r13=>r0, {0xee01, <r14=>0xffffffffffffffff}}, './file0\x00'})
r15 = dup2(r0, r0)
stat(&(0x7f0000006c80)='./file0\x00', &(0x7f0000006cc0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000007500)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in=@multicast2}, 0x0, @in=@private}}, &(0x7f0000007600)=0xe4)
sendmmsg$unix(r3, &(0x7f0000007680)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)="642fd6a62993a3c4b09e35", 0xb}, {&(0x7f00000003c0)="1cc3ae7ee746c485b2ff3557d04cc9f14ef68860367686c2b25a3aa3ea534c14ed5c19429232c1627250e71e7075825f41381cbd9ddc8803c80dab9e3a7351689d7cbc1f6fa73495892cc860c6536b59aee23c22f3c8c511bf5cae4b537425b33871fb3b58e9f4447bbcedd6e235bb9841645eec6947a2f508299045fa7ee9a41a797970c7fb735686bdb67de1da1d0e29a916e1bc531b32f8aa1f68f60eee3b622be3f2795320bf6aff2d6468e31c691f7879eab2e304ffee596a6ce043b64a9398094ee9dac2c5b87c552a614a052b728fb2d56555e86069255ed3406422", 0xdf}, {&(0x7f00000004c0)="3df88f03840ac33dc57dd2c2a9c0cbad466837c9f63bb11e579becd53bebe74c3d5727eb3956f82cd7d1b4dacca12b0c706b1bc30e3ac7ed50727deee59f6da219882266be6bb13df71f3b47acdcc7cb5a2bfbf8e220f81d053775f9ffa18b51894897e19a62c16cb6e93a65b63eec922d", 0x71}], 0x3, &(0x7f0000002700)=[@cred={{0x18, 0x1, 0x2, {r1, r4, r5}}}], 0x18, 0x40000}}, {{&(0x7f0000002740)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002800)=[{&(0x7f00000027c0)}], 0x1, &(0x7f0000006d40)=[@rights={{0x14, 0x1, 0x1, [r0, r0]}}, @cred={{0x18, 0x1, 0x2, {r1, r6, r7}}}, @cred={{0x18, 0x1, 0x2, {r8, r9, r10}}}, @cred={{0x18, 0x1, 0x2, {r1, r11, r12}}}, @cred={{0x18, 0x1, 0x2, {r1, 0x0, r14}}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r0, 0xffffffffffffffff, r0, r0, r15]}}, @cred={{0x18, 0x1, 0x2, {r1, 0xee01, r16}}}], 0xb4, 0x8000}}, {{0x0, 0x0, &(0x7f0000007480)=[{&(0x7f0000006e00)="30dcfeee3435f94e7e2b280fed2bb54773da67a97cf68187db9f5910c26e7d89f51923a3b90948191b966e21761b808e9a6dfcce99040803ace3d3db4dbc8c8d04b3c61e705151f325c467d9a35001cb650b771f9645cd93f5056a18c8d43de71ff992cad4224611fd02a49c4e3a0cdcccff6f5dd06afc0f75a436fa6fce3389caef0daf17c161bc9c646050bb5af07136decb29d1cd3e79e6be4aa310f86c656896a9050813bc8571e774a440752da882", 0xb1}, {&(0x7f0000006ec0)="849fbbefc3a728d2e6f509ae36eb40d34a0f645e72add18a6dc69630e947a84b29176d6bfe44bfc5ad8770de72052cd88ca37f6d51e311a8e950e825953b2e1d840f33a3025fce66ff9ebe6ecfffd9fba5a8fbed90785e6599e361193a7973e08997f7650568658ec62b174775ab7f9a777d31bd6f9386e245489827094536e358690e384d1b0b52d68ed51bff2a339e2bd45fd2fed0a44b61c6d0acee165ef84eb125dfe2c1602af06e08bcc36753d816f0580b25b25d", 0xb7}, {&(0x7f0000006f80)="8d3417faec8a529190902caa530ce46bd83e80b1a32eea182909001a375a469874fae6a1bd6af7e256e02af71f0c370e468a215a01bb70a70cc602246810b74e01843bdf4f9a536ff156330046734ef15e399e8d169f4994e7fcbddafa8ee6f7460d0901ff0246ad415cdd7fb3e1e7", 0x6f}, {&(0x7f0000007000)="123756afd226a80153564f8cbf843d31222325e02becb692a0910189502095568b493ac21536", 0x26}, {&(0x7f0000007040)="129c03a4008f4176d953acaee4c20dd146ab39137d8f51999a693554c8bd6970f0494bd3992db2588a29e853f67fa1512997375dc8c54b32c00bda65bf744ecb6c6ecd497803a9f902ecbba1fb60a0bb6a6ae72128770188ec04932d47ffa40a0bd14d56a6b57b962a11cfce977733aa7fc220ed64f9834d3b9ea5939aaaac279bcbc92764fa73ac7c7f3c33f21bd5edd4f68416d32679adadbf2ebc49d67ba491d1c25d39d9ac96997998003e3a01cc6c3c31e5f435207dcea923bc9981ef58d89d95ad5bcd2a390deae70945a45ca1f3d5695c198011fd17b017c4a76addc13dcf6f3bd7b82a04de60287d11a08ebf9efa60842ce9a6c7cb29", 0xfa}, {&(0x7f0000007140)="712779153541fe7dc918bb8000bf61d125d10623e583f8aeaec52db6ad9ebc124334bba3d01800a9ad799842e6924cc233bbad30b6f7d34478a0b78562b58cd263d08563d2818746ee5a8761dd90e9996276ad9ad26e6c08e6d2a9d2fe92639de8f01919cf03cb8342b27afccc8e2a24ad040c709a97796eed2b2716c5884d0055e7c731610868858b03c8841ef60fa1d2f7c733eda158fd7ff99de01aab1192c51aa6921f574ae77f148f0ca50edfe128b83d04bcc23165f59c14e9719089594a60b32aeb23a172284c1b6a58fcb44d2aad99ace48101869a4edcdd3cd4ff324fa477d84d1b02d1", 0xe8}, {&(0x7f0000007240)="ba81a8f91a8894d5e04a067d8262d9840699d1cf89d7a2b328aeb1ae86b1248516657d9de53ea527c08884325db767a5d21f4a5449cde3ac00b1cb7a3ebcb7c72cb9f34bfd6e21b36e84b85ff3cfc0b0eff1b8b8f4c38712fdbd767b11769ac3dd658da24265046286ed22a11c9c79a3c223f3c6f7f75d894a9e776efb4a5dacfd7fac7726abba37c452e3815bd4db4ce4312156e88d1ef555bc6e30a72046b550ff187fcca2a6115e68bfd02ed1bec3d35f", 0xb2}, {&(0x7f0000007300)="ef9e63360037195ba778fc8a9bbca671338084117a4180c2e8080094a0d256df8533c40e521268e7e18cc726b84028018cf5df764ad8889af57688b910eb975ef9514965750ce5fbf947cb5b196fc71b083d796d5d64ee284bc11472e93df2cf952c25a7a3a83f562ff872fe9e9a0f098ba40fef5993a6e3a62ff22f3a22161ed5977d", 0x83}, {&(0x7f00000073c0)="e00087f0748fb9288ff8a66fd681690ee4fa4fb9ce78447d9bb5db305f83debf8f171ed49e11176fc9588382250d5d42a365b73d66", 0x35}, {&(0x7f0000007400)="761369df1998c8eb9f6a3558f9a48185c4ecc8fd816ecd96251dc17713599b3bbeba5a665d07dd528c2ed46d1d32767ee38aa43b4fac4d90b2a947d8cb17058bebe39d270ae3dff006bf885820a163481d18fa9d3936a46d40", 0x59}], 0xa, &(0x7f0000007640)=[@cred={{0x18, 0x1, 0x2, {r1, r17, 0xee00}}}, @rights={{0x10, 0x1, 0x1, [r0]}}], 0x28, 0x48081}}], 0x3, 0x20000000)
ioctl$VHOST_RESET_OWNER(r13, 0xaf02, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000007700)={<r18=>0x0, 0x2}, &(0x7f0000007740)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000007780)={r18, 0x5}, 0x8) (async)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000007780)={r18, 0x5}, 0x8)
readv(r2, &(0x7f0000007c40)=[{&(0x7f00000077c0)=""/177, 0xb1}, {&(0x7f0000007880)=""/137, 0x89}, {&(0x7f0000007940)=""/242, 0xf2}, {&(0x7f0000007a40)=""/219, 0xdb}, {&(0x7f0000007b40)=""/231, 0xe7}], 0x5)
fcntl$F_GET_RW_HINT(r13, 0x40b, &(0x7f0000007c80))
ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000007cc0)=0x3) (async)
ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000007cc0)=0x3)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000008000)={&(0x7f0000007d00)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000007fc0)={&(0x7f0000007d40)={0x264, 0x0, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x6c, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xb8, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x3c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x34, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0xb0, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}]}]}, 0x264}, 0x1, 0x0, 0x0, 0x20000001}, 0xe2a4a35d80147c5a)
r19 = ioctl$KVM_GET_STATS_FD_vm(r13, 0xaece)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r15, 0xc0189371, &(0x7f0000008040)={{0x1, 0x1, 0x18, r19}, './file0\x00'})

110.09829ms ago: executing program 2 (id=704):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a00", @ANYBLOB="f5ff0f0025"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, 0x0, 0x440b0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000280)={0x8, 0x7})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000100)=ANY=[@ANYBLOB="757271756f74612c75737271b43ff6f49dde4851636b5f686172640000000000000002cb"])
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_persistent(0x9, 0xffffffffffffffff, r3)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
keyctl$set_timeout(0xf, r3, 0x3)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1000002, 0x204031, 0xffffffffffffffff, 0xec776000)
r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x80000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000140)=0xff, 0xffffffffffffffff, 0x0, 0x3, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f0000000340)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x3ff}}}, 0x30)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/128, 0x80}], 0x1)
landlock_restrict_self(r4, 0xe)
sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x44, 0x0, 0xa, 0x101, 0x0, 0x0, {0xb, 0x0, 0x1}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELRULE={0x70, 0x8, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x5}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xdc}, 0x1, 0x0, 0x0, 0x884}, 0x4)

0s ago: executing program 3 (id=705):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x38f9, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x9)

kernel console output (not intermixed with test programs):

n1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.112056][   T77] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.123868][   T77] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.138586][   T77] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.141779][   T77] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.167030][ T5947] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   66.183915][ T1240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.189085][ T1240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.226593][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.232176][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.268332][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.276997][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.321810][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.326771][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.649800][ T6045] vlan0: default FDB implementation only supports local addresses
[   66.766530][ T5946] Bluetooth: hci0: command tx timeout
[   66.771474][ T5946] Bluetooth: hci1: command tx timeout
[   66.866016][   T62] Bluetooth: hci2: command tx timeout
[   66.866011][ T5946] Bluetooth: hci3: command tx timeout
[   66.917248][ T6045] sp0: Synchronizing with TNC
[   67.318385][   T77] Bluetooth: hci5: Frame reassembly failed (-84)
[   67.390703][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[   68.834500][ T5948] Bluetooth: hci0: command tx timeout
[   68.844507][ T5948] Bluetooth: hci1: command tx timeout
[   68.914820][ T5948] Bluetooth: hci2: command tx timeout
[   68.914969][ T5956] Bluetooth: hci3: command tx timeout
[   68.958302][   T77] Bluetooth: hci6: Frame reassembly failed (-90)
[   69.314712][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   69.395247][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   69.408583][   T29] hid (null): global environment stack underflow
[   69.702824][   T29] hid-generic 0005:15C2:0006.0002: global environment stack underflow
[   69.702876][   T29] hid-generic 0005:15C2:0006.0002: item 0 0 1 11 parsing failed
[   69.703342][   T29] hid-generic 0005:15C2:0006.0002: probe with driver hid-generic failed with error -22
[   70.422064][ T6074] 8021q: adding VLAN 0 to HW filter on device batadv1
[   70.713050][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[   70.714663][ T5956] Bluetooth: hci1: Invalid handle: 0xffff > 0x0eff
[   70.715192][ T1240] Bluetooth: hci4: Frame reassembly failed (-84)
[   70.914518][ T5946] Bluetooth: hci1: command tx timeout
[   70.915673][ T5956] Bluetooth: hci0: command tx timeout
[   71.004536][ T5948] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[   71.005680][ T5956] Bluetooth: hci2: command tx timeout
[   71.008456][ T5948] Bluetooth: hci3: command tx timeout
[   71.238345][ T1240] Bluetooth: hci5: Frame reassembly failed (-90)
[   71.242417][ T6102] netlink: 'syz.1.13': attribute type 29 has an invalid length.
[   72.749229][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   72.956886][ T6109] syzkaller0: entered promiscuous mode
[   72.956939][ T6109] syzkaller0: entered allmulticast mode
[   73.046333][ T6112] Bluetooth: MGMT ver 1.23
[   73.101774][ T6112] Zero length message leads to an empty skb
[   73.210122][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[   73.213623][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   73.412319][ T1139] Bluetooth: hci4: Frame reassembly failed (-90)
[   73.464729][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   73.496656][  T100] Bluetooth: hci5: Frame reassembly failed (-90)
[   73.664228][    T9] usb 6-1: Using ep0 maxpacket: 8
[   75.228894][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[   75.386016][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   75.465526][    T9] usb 6-1: unable to read config index 0 descriptor/start: -71
[   75.469465][    T9] usb 6-1: can't read configurations, error -71
[   75.474381][ T5948] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   75.477873][ T5946] Bluetooth: hci5: command 0xfc11 tx timeout
[   75.890455][ T6142] syzkaller0: entered promiscuous mode
[   75.892904][ T6142] syzkaller0: entered allmulticast mode
[   75.971754][ T6011] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   76.053866][ T1240] Bluetooth: hci4: Frame reassembly failed (-84)
[   76.061193][ T1240] Bluetooth: hci4: Frame reassembly failed (-84)
[   76.087981][   T10] usb 8-1: new low-speed USB device number 2 using dummy_hcd
[   76.130620][ T6011] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   76.137522][ T6011] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   76.146465][ T6011] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   76.152058][ T6148] syzkaller0: entered promiscuous mode
[   76.154397][ T6148] syzkaller0: entered allmulticast mode
[   76.159652][ T6011] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   76.166038][ T6011] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   76.170967][ T6011] usb 5-1: Product: syz
[   76.172399][ T6011] usb 5-1: Manufacturer: syz
[   76.175696][ T6011] usb 5-1: SerialNumber: syz
[   76.225188][   T10] usb 8-1: device descriptor read/64, error -71
[   76.372106][ T6148] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   76.395598][ T6011] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   76.483542][   T10] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[   76.517949][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[   76.521027][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[   76.755372][   T10] usb 8-1: device descriptor read/64, error -71
[   76.879313][ T6158] =======================================================
[   76.879313][ T6158] WARNING: The mand mount option has been deprecated and
[   76.879313][ T6158]          and is ignored by this kernel. Remove the mand
[   76.879313][ T6158]          option from the mount to silence this warning.
[   76.879313][ T6158] =======================================================
[   76.916828][ T6158] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   77.052183][ T6158] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[   77.056958][ T6158] overlayfs: failed to look up (tracing) for ino (-66)
[   77.752888][   T10] usb usb8-port1: attempt power cycle
[   78.047811][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[   78.052818][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   78.119926][   T10] usb 8-1: new low-speed USB device number 4 using dummy_hcd
[   78.151117][   T10] usb 8-1: device descriptor read/8, error -71
[   78.667619][ T6162] netlink: 92 bytes leftover after parsing attributes in process `syz.2.28'.
[   78.871894][ T3248] usb 5-1: USB disconnect, device number 2
[   78.899478][ T3248] usblp0: removed
[   78.929912][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   78.934274][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   78.998917][ T6168] netlink: 3 bytes leftover after parsing attributes in process `syz.3.29'.
[   79.257785][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   79.261051][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   79.318794][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   79.321998][ T6167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29'.
[   79.454155][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   79.807838][ T6169] Process accounting resumed
[   80.122516][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[   80.125976][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[   81.494354][   T62] Bluetooth: hci4: command 0xfc11 tx timeout
[   81.498098][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   81.747843][  T215] Bluetooth: hci4: Frame reassembly failed (-90)
[   82.132790][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[   82.135345][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   82.244331][  T215] Bluetooth: hci5: Frame reassembly failed (-84)
[   82.247297][  T215] Bluetooth: hci5: Frame reassembly failed (-84)
[   82.317831][ T6194] 8021q: adding VLAN 0 to HW filter on device batadv1
[   82.489129][ T1182] Bluetooth: hci6: Frame reassembly failed (-90)
[   83.301983][   T77] Bluetooth: hci7: Frame reassembly failed (-90)
[   83.307287][   T77] Bluetooth: hci7: Frame reassembly failed (-84)
[   83.312150][   T77] Bluetooth: hci7: Frame reassembly failed (-84)
[   83.316794][   T77] Bluetooth: hci7: Frame reassembly failed (-84)
[   83.319914][   T77] Bluetooth: hci7: Frame reassembly failed (-84)
[   83.697308][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[   83.698764][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   84.250167][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[   84.250191][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   84.486710][ T5956] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[   84.486875][ T5946] Bluetooth: hci6: command 0xfc11 tx timeout
[   85.284292][ T5946] Bluetooth: hci7: command 0xfc11 tx timeout
[   85.796643][   T62] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[   85.846467][ T6237] 8021q: adding VLAN 0 to HW filter on device batadv2
[   86.458053][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   86.560551][   T53] cfg80211: failed to load regulatory.db
[   87.103562][ T6267] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   87.105948][ T6267] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   87.132356][ T6267] vhci_hcd vhci_hcd.0: Device attached
[   87.189523][ T6011] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   87.337937][ T6011] usb 8-1: Using ep0 maxpacket: 8
[   87.397135][   T53] usb 38-1: SetAddress Request (2) to port 0
[   87.399812][   T53] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[   87.456833][ T6011] usb 8-1: unable to get BOS descriptor or descriptor too short
[   87.464579][ T6011] usb 8-1: unable to read config index 0 descriptor/start: -71
[   87.475058][ T6011] usb 8-1: can't read configurations, error -71
[   87.684383][ T6274] Bluetooth: MGMT ver 1.23
[   87.738008][ T6269] vhci_hcd: connection reset by peer
[   87.740697][   T77] vhci_hcd vhci_hcd.0: stop threads
[   87.744776][   T77] vhci_hcd vhci_hcd.0: release socket
[   87.749715][   T77] vhci_hcd vhci_hcd.0: disconnect device
[   88.355123][ T6285] 8021q: adding VLAN 0 to HW filter on device batadv1
[   88.437413][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   88.484341][ T6160] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.503533][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[   90.503862][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   90.558656][ T6293] 8021q: adding VLAN 0 to HW filter on device batadv2
[   90.717491][ T6284] 8021q: adding VLAN 0 to HW filter on device batadv2
[   90.743827][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.745960][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.748170][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.750244][ T6160] Bluetooth: hci4: Frame reassembly failed (-84)
[   91.172526][ T6160] Bluetooth: hci5: Frame reassembly failed (-90)
[   91.657235][  T827] usb 7-1: new low-speed USB device number 2 using dummy_hcd
[   91.831123][  T827] usb 7-1: device descriptor read/64, error -71
[   92.078915][  T827] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[   92.228781][  T827] usb 7-1: device descriptor read/64, error -71
[   92.349583][  T827] usb usb7-port1: attempt power cycle
[   92.397778][   T53] usb 38-1: device descriptor read/8, error -110
[   92.754843][  T827] usb 7-1: new low-speed USB device number 4 using dummy_hcd
[   92.794506][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   92.798978][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[   92.827235][  T827] usb 7-1: device descriptor read/8, error -71
[   93.014370][   T53] usb usb38-port1: attempt power cycle
[   93.170217][  T827] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[   93.189383][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   93.189991][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[   93.223462][  T827] usb 7-1: device descriptor read/8, error -71
[   93.279254][ T6029] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   93.340776][  T827] usb usb7-port1: unable to enumerate USB device
[   93.437583][ T6029] usb 5-1: Using ep0 maxpacket: 8
[   93.496184][ T6319] 8021q: adding VLAN 0 to HW filter on device batadv2
[   93.502371][ T6029] usb 5-1: unable to get BOS descriptor or descriptor too short
[   93.510311][ T6029] usb 5-1: unable to read config index 0 descriptor/start: -71
[   93.513123][ T6029] usb 5-1: can't read configurations, error -71
[   93.675884][   T53] usb usb38-port1: unable to enumerate USB device
[   93.767188][ T6323] syzkaller0: entered promiscuous mode
[   93.769142][ T6323] syzkaller0: entered allmulticast mode
[   93.912251][ T6321] 8021q: adding VLAN 0 to HW filter on device batadv3
[   93.992932][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[   94.212378][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[   96.051661][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[   96.059281][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   96.068715][ T6341] 8021q: adding VLAN 0 to HW filter on device batadv3
[   96.224502][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   96.228217][ T5946] Bluetooth: hci5: command 0xfc11 tx timeout
[   96.538940][ T6160] Bluetooth: hci4: Frame reassembly failed (-84)
[   96.584328][   T10] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[   96.681521][  T100] Bluetooth: hci5: Frame reassembly failed (-90)
[   97.034259][   T10] usb 8-1: Using ep0 maxpacket: 8
[   97.301623][   T10] usb 8-1: unable to get BOS descriptor or descriptor too short
[   98.170765][   T12] Bluetooth: hci6: Frame reassembly failed (-90)
[   98.177076][   T12] Bluetooth: hci6: Frame reassembly failed (-84)
[   98.604798][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   98.610955][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[   98.652265][   T10] usb 8-1: unable to read config index 0 descriptor/start: -71
[   98.654874][   T10] usb 8-1: can't read configurations, error -71
[   98.689228][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[   98.693940][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[   98.921445][ T6362] syzkaller0: entered promiscuous mode
[   98.923590][ T6362] syzkaller0: entered allmulticast mode
[   99.262063][ T6377] syzkaller0: entered promiscuous mode
[   99.264647][ T6377] syzkaller0: entered allmulticast mode
[   99.695885][ T1330] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   99.699749][   T12] Bluetooth: hci4: Frame reassembly failed (-90)
[   99.855156][ T1330] usb 6-1: device descriptor read/64, error -71
[  100.103577][ T1330] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  100.185896][   T62] Bluetooth: hci6: command 0xfc11 tx timeout
[  100.189699][ T5956] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  100.263818][ T1330] usb 6-1: device descriptor read/64, error -71
[  100.366015][ T6365] 8021q: adding VLAN 0 to HW filter on device batadv3
[  100.373232][ T1330] usb usb6-port1: attempt power cycle
[  100.712468][ T1330] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  100.738004][ T1330] usb 6-1: device descriptor read/8, error -71
[  100.794300][ T6392] 8021q: adding VLAN 0 to HW filter on device batadv4
[  100.990977][ T1330] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  101.043158][ T1330] usb 6-1: device descriptor read/8, error -71
[  101.162165][ T1330] usb usb6-port1: unable to enumerate USB device
[  101.339601][  T827] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  101.486747][  T827] usb 5-1: device descriptor read/64, error -71
[  101.543661][  T100] Bluetooth: hci5: Frame reassembly failed (-84)
[  101.697304][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  101.698061][   T62] Bluetooth: hci4: command 0xfc11 tx timeout
[  101.736192][  T827] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  101.886093][  T827] usb 5-1: device descriptor read/64, error -71
[  101.919767][   T13] Bluetooth: hci4: Frame reassembly failed (-90)
[  102.011344][  T827] usb usb5-port1: attempt power cycle
[  102.385414][  T827] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  102.421147][  T827] usb 5-1: device descriptor read/8, error -71
[  102.681370][  T827] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  102.715525][  T827] usb 5-1: device descriptor read/8, error -71
[  102.835765][  T827] usb usb5-port1: unable to enumerate USB device
[  103.024415][ T6406] syzkaller0: entered promiscuous mode
[  103.026474][ T6406] syzkaller0: entered allmulticast mode
[  103.608499][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  103.608648][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[  103.935978][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  103.985226][   T60] Bluetooth: hci5: Frame reassembly failed (-90)
[  104.028820][ T6415] netlink: 24 bytes leftover after parsing attributes in process `syz.0.90'.
[  104.114078][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  104.116562][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  104.119486][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  104.122153][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  105.999546][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  106.161028][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  106.168985][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  106.228408][   T77] Bluetooth: hci4: Frame reassembly failed (-84)
[  106.376718][ T6428] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  106.691224][ T6435] 8021q: adding VLAN 0 to HW filter on device batadv5
[  106.954517][   T10] usb 6-1: new low-speed USB device number 8 using dummy_hcd
[  107.094037][   T10] usb 6-1: device descriptor read/64, error -71
[  107.333271][   T10] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[  107.483014][   T10] usb 6-1: device descriptor read/64, error -71
[  107.516605][   T60] Bluetooth: hci5: Frame reassembly failed (-90)
[  107.709292][   T10] usb usb6-port1: attempt power cycle
[  108.232825][   T62] Bluetooth: hci4: command 0xfc11 tx timeout
[  108.235878][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  108.399652][  T100] Bluetooth: hci4: Frame reassembly failed (-90)
[  108.650755][   T10] usb 6-1: new low-speed USB device number 10 using dummy_hcd
[  108.990362][   T10] usb 6-1: device descriptor read/8, error -71
[  109.536562][   T10] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[  109.586698][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[  109.591683][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  109.738228][   T10] usb 6-1: device descriptor read/8, error -71
[  109.749497][ T6455] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  109.765848][  T827] usb 8-1: new low-speed USB device number 10 using dummy_hcd
[  109.857153][   T10] usb usb6-port1: unable to enumerate USB device
[  109.964617][  T827] usb 8-1: device descriptor read/64, error -71
[  109.972155][   T12] Bluetooth: hci5: Frame reassembly failed (-90)
[  110.228567][  T827] usb 8-1: new low-speed USB device number 11 using dummy_hcd
[  110.390753][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  110.594099][  T100] Bluetooth: hci4: Frame reassembly failed (-90)
[  110.932681][  T827] usb 8-1: device descriptor read/64, error -71
[  111.150645][ T6466] netlink: 'syz.2.105': attribute type 5 has an invalid length.
[  111.864583][  T827] usb usb8-port1: attempt power cycle
[  111.982850][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[  111.983191][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  112.412979][ T6475] netlink: 64 bytes leftover after parsing attributes in process `syz.0.109'.
[  112.431367][ T6475] syz.0.109 uses obsolete (PF_INET,SOCK_PACKET)
[  112.618612][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  112.619854][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  112.910176][ T6160] Bluetooth: hci4: Frame reassembly failed (-84)
[  112.912663][ T6160] Bluetooth: hci4: Frame reassembly failed (-90)
[  113.237330][ T6494] 8021q: adding VLAN 0 to HW filter on device batadv6
[  113.297088][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  113.379262][  T100] Bluetooth: hci5: Frame reassembly failed (-90)
[  113.716175][   T10] usb 5-1: Using ep0 maxpacket: 8
[  114.389761][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  114.766904][   T10] usb 5-1: unable to read config index 0 descriptor/start: -71
[  114.943633][   T62] Bluetooth: hci4: command 0xfc11 tx timeout
[  114.943908][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  115.258548][   T10] usb 5-1: can't read configurations, error -71
[  115.279614][   T77] Bluetooth: hci4: Frame reassembly failed (-84)
[  115.412678][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[  115.413797][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  115.438801][ T6511] binder: BINDER_SET_CONTEXT_MGR already set
[  115.460094][ T6511] binder: 6510:6511 ioctl 4018620d 80004a80 returned -16
[  116.929799][   T10] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  117.059537][   T10] usb 5-1: device descriptor read/64, error -71
[  117.169581][   T10] usb usb5-port1: attempt power cycle
[  117.317947][ T6531] netlink: 28 bytes leftover after parsing attributes in process `syz.3.127'.
[  117.332127][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  117.369059][   T29] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  117.375131][ T6532] tmpfs: Unknown parameter 'urquota'
[  117.400777][ T6531] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  117.403163][ T6531] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  117.421270][ T6531] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  117.430021][ T6531] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  117.432724][ T6531] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  117.438375][ T6531] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  117.441985][ T6531] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  117.449886][ T6531] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  117.456611][ T6531] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  117.460840][ T6531] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  117.466328][ T6531] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  117.508891][   T10] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  117.528842][   T29] usb 6-1: Using ep0 maxpacket: 8
[  117.531466][   T10] usb 5-1: device descriptor read/8, error -71
[  117.634191][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  117.663922][   T29] usb 6-1: unable to get BOS descriptor or descriptor too short
[  117.669365][   T29] usb 6-1: unable to read config index 0 descriptor/start: -71
[  117.672920][   T29] usb 6-1: can't read configurations, error -71
[  117.768345][   T10] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  117.792767][   T10] usb 5-1: device descriptor read/8, error -71
[  117.902356][   T10] usb usb5-port1: unable to enumerate USB device
[  118.218075][ T6160] Bluetooth: hci5: Frame reassembly failed (-90)
[  118.781263][ T6546] Illegal XDP return value 4294967274 on prog  (id 4) dev syz_tun, expect packet loss!
[  119.415770][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  119.495907][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  119.496128][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  119.500833][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  119.646420][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  119.797719][   T77] Bluetooth: hci4: Frame reassembly failed (-84)
[  120.017020][ T6572] syzkaller0: entered promiscuous mode
[  120.019242][ T6572] syzkaller0: entered allmulticast mode
[  120.205411][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  120.205598][ T6578] input: syz0 as /devices/virtual/input/input6
[  120.277314][ T6580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.144'.
[  120.524772][   T40] audit: type=1800 audit(1776375856.635:2): pid=6589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.147" name="file1" dev="overlay" ino=210 res=0 errno=0
[  121.483122][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout
[  121.563399][   T62] Bluetooth: hci1: command 0x0c1a tx timeout
[  121.563425][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[  121.565946][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  121.803946][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  121.804802][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  122.432549][ T6611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.154'.
[  123.186996][ T1148] Bluetooth: hci5: Frame reassembly failed (-84)
[  123.195732][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  123.560345][   T62] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.640276][   T62] Bluetooth: hci2: command 0x0c1a tx timeout
[  123.643184][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  125.159798][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  125.161347][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  125.239024][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  125.240366][ T5956] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  125.440281][ T6644] netlink: 'syz.1.162': attribute type 1 has an invalid length.
[  125.443537][ T6644] netlink: 28 bytes leftover after parsing attributes in process `syz.1.162'.
[  125.492871][ T6646] netlink: 72 bytes leftover after parsing attributes in process `syz.1.163'.
[  125.553497][ T6649] macvtap1: entered promiscuous mode
[  125.555919][ T6649] macvtap1: entered allmulticast mode
[  125.559987][ T6649] veth1: entered promiscuous mode
[  125.563594][ T6649] veth1: entered allmulticast mode
[  125.566920][ T6649] team0: Device macvtap1 failed to register rx_handler
[  125.570717][ T6649] veth1: left allmulticast mode
[  125.572899][ T6649] veth1: left promiscuous mode
[  125.718158][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  125.723743][ T6651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.166'.
[  126.491852][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.491932][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.491970][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.492005][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.492039][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.492073][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.492106][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  126.569394][ T6663] input: syz0 as /devices/virtual/input/input7
[  126.926930][ T5946] Bluetooth: hci6: command 0xfc11 tx timeout
[  126.928610][   T62] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  127.248001][ T6676] FAULT_INJECTION: forcing a failure.
[  127.248001][ T6676] name failslab, interval 1, probability 0, space 0, times 1
[  127.252348][ T6676] CPU: 3 UID: 0 PID: 6676 Comm: syz.1.172 Not tainted syzkaller #0 PREEMPT(full) 
[  127.252365][ T6676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  127.252372][ T6676] Call Trace:
[  127.252376][ T6676]  <TASK>
[  127.252381][ T6676]  dump_stack_lvl+0x100/0x190
[  127.252397][ T6676]  should_fail_ex.cold+0x5/0xa
[  127.252411][ T6676]  should_failslab+0xc2/0x120
[  127.252423][ T6676]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  127.252438][ T6676]  ? skb_clone+0x190/0x400
[  127.252451][ T6676]  skb_clone+0x190/0x400
[  127.252462][ T6676]  netlink_deliver_tap+0xaed/0xcc0
[  127.252478][ T6676]  netlink_unicast+0x62b/0x850
[  127.252493][ T6676]  ? __pfx_netlink_unicast+0x10/0x10
[  127.252510][ T6676]  netlink_sendmsg+0x8b0/0xda0
[  127.252525][ T6676]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.252540][ T6676]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  127.252556][ T6676]  ____sys_sendmsg+0x9e1/0xb70
[  127.252569][ T6676]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.252583][ T6676]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.252602][ T6676]  ___sys_sendmsg+0x190/0x1e0
[  127.252618][ T6676]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.252643][ T6676]  ? find_held_lock+0x2b/0x80
[  127.252665][ T6676]  __sys_sendmsg+0x170/0x220
[  127.252676][ T6676]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.252685][ T6676]  ? __fget_files+0x21f/0x3d0
[  127.252706][ T6676]  ? ksys_write+0x1ac/0x250
[  127.252723][ T6676]  ? rcu_is_watching+0x12/0xc0
[  127.252737][ T6676]  __do_fast_syscall_32+0xe7/0x950
[  127.252758][ T6676]  ? lockdep_hardirqs_on+0x78/0x100
[  127.252775][ T6676]  do_fast_syscall_32+0x32/0x70
[  127.252791][ T6676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.252806][ T6676] RIP: 0023:0xf6ffefcc
[  127.252816][ T6676] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  127.252827][ T6676] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  127.252912][ T6676] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  127.252918][ T6676] RDX: 0000000008000002 RSI: 0000000000000000 RDI: 0000000000000000
[  127.252924][ T6676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.252931][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.252936][ T6676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.252949][ T6676]  </TASK>
[  127.386435][   T40] audit: type=1800 audit(1776375863.453:3): pid=6673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.173" name="file1" dev="overlay" ino=247 res=0 errno=0
[  127.401078][ T6676] macvtap1: entered promiscuous mode
[  127.402827][ T6676] macvtap1: entered allmulticast mode
[  127.405132][ T6676] veth1: entered promiscuous mode
[  127.408557][ T6676] veth1: entered allmulticast mode
[  127.412222][ T6676] team0: Device macvtap1 failed to register rx_handler
[  127.416182][ T6676] veth1: left allmulticast mode
[  127.419685][ T6676] veth1: left promiscuous mode
[  127.521048][ T6684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.176'.
[  127.866068][ T6010] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  128.054759][ T6010] usb 5-1: Using ep0 maxpacket: 8
[  128.107920][ T6010] usb 5-1: unable to get BOS descriptor or descriptor too short
[  128.112158][ T6010] usb 5-1: unable to read config index 0 descriptor/start: -71
[  128.114929][ T6010] usb 5-1: can't read configurations, error -71
[  128.515484][   T62] Bluetooth: hci4: command 0xfc11 tx timeout
[  128.516916][ T5956] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  128.802469][ T1148] Bluetooth: hci4: Frame reassembly failed (-90)
[  130.766027][ T6716] netlink: 28 bytes leftover after parsing attributes in process `syz.1.184'.
[  130.824495][ T6718] tmpfs: Unknown parameter 'urquota'
[  130.843180][ T6719] fuse: Bad value for 'fd'
[  130.845470][ T5956] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  130.848800][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  130.851573][ T6716] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  130.855090][ T6716] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  130.858211][ T6716] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  130.861128][ T6716] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  131.022539][ T6722] QAT: failed to copy from user.
[  131.240250][ T6728] FAULT_INJECTION: forcing a failure.
[  131.240250][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[  131.245423][ T6728] CPU: 3 UID: 0 PID: 6728 Comm: syz.0.188 Not tainted syzkaller #0 PREEMPT(full) 
[  131.245441][ T6728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  131.245448][ T6728] Call Trace:
[  131.245452][ T6728]  <TASK>
[  131.245457][ T6728]  dump_stack_lvl+0x100/0x190
[  131.245475][ T6728]  should_fail_ex.cold+0x5/0xa
[  131.245490][ T6728]  ? tomoyo_encode2+0xfb/0x3c0
[  131.245509][ T6728]  should_failslab+0xc2/0x120
[  131.245537][ T6728]  __kmalloc_noprof+0xe0/0x850
[  131.245558][ T6728]  tomoyo_encode2+0xfb/0x3c0
[  131.245578][ T6728]  tomoyo_encode+0x29/0x50
[  131.245595][ T6728]  tomoyo_realpath_from_path+0x18c/0x690
[  131.245621][ T6728]  tomoyo_path_number_perm+0x23c/0x580
[  131.245636][ T6728]  ? tomoyo_path_number_perm+0x22e/0x580
[  131.245653][ T6728]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.245669][ T6728]  ? get_pid_task+0x106/0x250
[  131.245699][ T6728]  ? find_held_lock+0x2b/0x80
[  131.245712][ T6728]  ? __fget_files+0x215/0x3d0
[  131.245730][ T6728]  ? hook_file_ioctl_common+0x149/0x410
[  131.245746][ T6728]  ? __fget_files+0x215/0x3d0
[  131.245766][ T6728]  ? __fget_files+0x21f/0x3d0
[  131.245786][ T6728]  security_file_ioctl_compat+0xd3/0x230
[  131.245804][ T6728]  __ia32_compat_sys_ioctl+0xc2/0x360
[  131.245823][ T6728]  __do_fast_syscall_32+0xe7/0x950
[  131.245842][ T6728]  ? lockdep_hardirqs_on+0x78/0x100
[  131.245860][ T6728]  do_fast_syscall_32+0x32/0x70
[  131.245878][ T6728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.245893][ T6728] RIP: 0023:0xf7fb7fcc
[  131.245902][ T6728] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  131.245913][ T6728] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  131.245925][ T6728] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  131.245932][ T6728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  131.245938][ T6728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.245945][ T6728] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  131.245951][ T6728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.245965][ T6728]  </TASK>
[  131.245977][ T6728] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.992837][ T6010] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  132.152703][ T6010] usb 6-1: Using ep0 maxpacket: 8
[  132.194875][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  132.250539][ T6160] Bluetooth: hci4: Frame reassembly failed (-90)
[  132.366758][ T6010] usb 6-1: unable to get BOS descriptor or descriptor too short
[  132.374665][ T6010] usb 6-1: unable to read config index 0 descriptor/start: -71
[  132.377681][ T6010] usb 6-1: can't read configurations, error -71
[  132.872250][   T53] usb 7-1: new low-speed USB device number 6 using dummy_hcd
[  132.912344][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  132.912388][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  132.912542][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout
[  132.924251][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.003107][   T53] usb 7-1: device descriptor read/64, error -71
[  133.325496][   T53] usb 7-1: new low-speed USB device number 7 using dummy_hcd
[  133.461995][   T53] usb 7-1: device descriptor read/64, error -71
[  133.549862][ T6766] macvtap1: entered promiscuous mode
[  133.553218][ T6766] macvtap1: entered allmulticast mode
[  133.556190][ T6766] veth1: entered promiscuous mode
[  133.558463][ T6766] veth1: entered allmulticast mode
[  133.562561][ T6766] team0: Device macvtap1 failed to register rx_handler
[  133.568689][ T6766] veth1: left allmulticast mode
[  133.571105][ T6766] veth1: left promiscuous mode
[  133.572163][   T53] usb usb7-port1: attempt power cycle
[  133.921587][   T53] usb 7-1: new low-speed USB device number 8 using dummy_hcd
[  133.942493][   T53] usb 7-1: device descriptor read/8, error -71
[  133.984578][ T1148] Bluetooth: hci5: Frame reassembly failed (-84)
[  134.181630][   T53] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  134.203862][   T53] usb 7-1: device descriptor read/8, error -71
[  134.269530][   T12] Bluetooth: hci6: Frame reassembly failed (-90)
[  134.273271][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  134.273496][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  134.318102][   T53] usb usb7-port1: unable to enumerate USB device
[  134.623392][  T100] Bluetooth: hci4: Frame reassembly failed (-90)
[  134.625941][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  136.036477][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  136.041102][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  136.270906][ T5956] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  136.600216][   T34] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  136.670240][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  136.673935][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  136.750152][   T34] usb 5-1: Using ep0 maxpacket: 8
[  136.810428][   T34] usb 5-1: unable to get BOS descriptor or descriptor too short
[  136.821174][   T34] usb 5-1: unable to read config index 0 descriptor/start: -71
[  136.823813][   T34] usb 5-1: can't read configurations, error -71
[  136.950150][   T12] Bluetooth: hci4: Frame reassembly failed (-90)
[  136.952341][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  137.139322][  T100] Bluetooth: hci5: Frame reassembly failed (-90)
[  137.554915][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  137.557546][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  138.109491][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  138.999374][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  139.004149][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  139.150912][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  139.162623][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  139.171997][ T6160] Bluetooth: hci4: Frame reassembly failed (-90)
[  139.209376][ T6160] Bluetooth: hci4: Frame reassembly failed (-84)
[  139.268940][  T827] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  139.270987][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.213'.
[  139.276854][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.213'.
[  139.418992][  T827] usb 6-1: device descriptor read/64, error -71
[  139.497925][ T6820] syzkaller0: entered promiscuous mode
[  139.503122][ T6820] syzkaller0: entered allmulticast mode
[  139.669076][  T827] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  139.798812][  T827] usb 6-1: device descriptor read/64, error -71
[  139.921436][  T827] usb usb6-port1: attempt power cycle
[  140.275519][  T827] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  140.301199][  T827] usb 6-1: device descriptor read/8, error -71
[  140.552718][  T827] usb 6-1: new low-speed USB device number 19 using dummy_hcd
[  140.570912][  T827] usb 6-1: device descriptor read/8, error -71
[  140.682417][  T827] usb usb6-port1: unable to enumerate USB device
[  141.058298][ T5997] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  141.228131][ T5997] usb 7-1: Using ep0 maxpacket: 8
[  141.228230][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  141.228243][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  141.360343][ T5997] usb 7-1: unable to get BOS descriptor or descriptor too short
[  141.374777][ T5997] usb 7-1: unable to read config index 0 descriptor/start: -71
[  141.387377][ T5997] usb 7-1: can't read configurations, error -71
[  141.474389][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  141.477302][  T100] Bluetooth: hci4: Frame reassembly failed (-90)
[  141.897894][ T3248] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  142.008498][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[  142.016522][   T60] Bluetooth: hci5: Frame reassembly failed (-90)
[  142.218484][ T3248] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  142.222835][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.226733][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.232582][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  142.236497][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.240327][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.247147][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  142.251877][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.255975][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.262413][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  142.268990][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.273281][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.635178][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  143.199655][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  143.549532][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  143.550211][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  143.889237][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.037674][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  144.041793][ T5956] Bluetooth: hci5: command 0xfc11 tx timeout
[  144.074659][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  144.078908][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.082239][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.086214][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  144.089381][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.097268][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.101458][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  144.104503][ T3248] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  144.108740][ T3248] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  144.115323][ T3248] usb 6-1: config 0 interface 0 has no altsetting 0
[  144.130238][ T3248] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  144.137249][ T3248] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  144.139841][ T3248] usb 6-1: Product: syz
[  144.141059][ T3248] usb 6-1: Manufacturer: syz
[  144.142423][ T3248] usb 6-1: SerialNumber: syz
[  144.155090][ T3248] usb 6-1: config 0 descriptor??
[  144.169518][ T3248] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  144.601734][ T5997] usb 6-1: USB disconnect, device number 20
[  144.619920][ T5997] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  145.636803][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  145.636893][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  145.813709][ T1148] Bluetooth: hci4: Frame reassembly failed (-84)
[  145.816992][ T1148] Bluetooth: hci4: Frame reassembly failed (-84)
[  145.886678][ T3248] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  145.962568][   T53] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  146.118156][   T53] usb 7-1: device descriptor read/64, error -71
[  146.354197][ T3248] usb 5-1: Using ep0 maxpacket: 8
[  146.357443][   T53] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[  146.496658][   T53] usb 7-1: device descriptor read/64, error -71
[  146.607764][   T53] usb usb7-port1: attempt power cycle
[  146.640625][ T3248] usb 5-1: unable to get BOS descriptor or descriptor too short
[  146.643724][ T3248] usb 5-1: unable to read config index 0 descriptor/start: -71
[  146.646264][ T3248] usb 5-1: can't read configurations, error -71
[  146.956510][   T53] usb 7-1: new low-speed USB device number 14 using dummy_hcd
[  146.977410][   T53] usb 7-1: device descriptor read/8, error -71
[  147.217678][   T53] usb 7-1: new low-speed USB device number 15 using dummy_hcd
[  147.231509][ T6880] overlayfs: missing 'lowerdir'
[  147.241985][   T53] usb 7-1: device descriptor read/8, error -71
[  147.357535][   T53] usb usb7-port1: unable to enumerate USB device
[  147.487173][ T3248] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  147.666234][ T3248] usb 5-1: Using ep0 maxpacket: 8
[  147.868424][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  147.873716][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  148.068375][ T3248] usb 5-1: unable to get BOS descriptor or descriptor too short
[  148.082001][ T3248] usb 5-1: unable to read config index 0 descriptor/start: -71
[  148.086137][ T3248] usb 5-1: can't read configurations, error -71
[  148.095489][ T3248] usb usb5-port1: attempt power cycle
[  148.128601][ T1139] Bluetooth: hci4: Frame reassembly failed (-90)
[  148.613560][   T60] Bluetooth: hci5: Frame reassembly failed (-90)
[  148.619129][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[  149.123545][  T100] Bluetooth: hci6: Frame reassembly failed (-90)
[  150.109865][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  150.403505][ T6900] netlink: 'syz.1.237': attribute type 10 has an invalid length.
[  150.629075][ T6900] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  150.650981][ T6901] 8021q: adding VLAN 0 to HW filter on device bond1
[  150.666529][ T6902] bond_slave_0: entered promiscuous mode
[  150.669361][ T6902] bond_slave_1: entered promiscuous mode
[  150.671280][ T6902] syz_tun: entered promiscuous mode
[  150.675705][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  150.680824][   T62] Bluetooth: hci5: command 0xfc11 tx timeout
[  150.687410][ T6902] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  150.694717][ T6902] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  150.699308][ T6902] bond1: (slave macvlan2): speed changed to 0 on port 1
[  150.707924][ T6902] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  151.078093][ T6908] bond0: (slave syz_tun): Releasing backup interface
[  151.088790][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.093549][ T6908] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.102701][ T6908] bond_slave_0: left promiscuous mode
[  151.106464][ T6908] bond_slave_1: left promiscuous mode
[  151.145521][ T5946] Bluetooth: hci6: command 0xfc11 tx timeout
[  151.146549][ T5956] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  151.239684][ T6908] bridge_slave_0: left allmulticast mode
[  151.242216][ T6908] bridge_slave_0: left promiscuous mode
[  151.246850][ T6908] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.276016][ T6908] bridge_slave_1: left allmulticast mode
[  151.279083][ T6908] bridge_slave_1: left promiscuous mode
[  151.281736][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.298058][ T6908] bond0: (slave bond_slave_0): Releasing backup interface
[  151.311670][ T6908] bond0: (slave bond_slave_1): Releasing backup interface
[  151.334197][ T6908] team0: Port device team_slave_0 removed
[  151.345570][ T6908] team0: Port device team_slave_1 removed
[  151.351085][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.356903][ T6908] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.368988][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.374946][ T6908] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.384740][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.241'.
[  151.386779][ T6908] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  151.388332][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.241'.
[  151.661144][ T1148] Bluetooth: hci4: Frame reassembly failed (-90)
[  151.664088][ T1148] Bluetooth: hci4: Frame reassembly failed (-84)
[  151.798735][  T215] Bluetooth: hci5: Frame reassembly failed (-90)
[  151.865404][  T827] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  152.025510][  T827] usb 7-1: Using ep0 maxpacket: 8
[  152.361703][  T827] usb 7-1: unable to get BOS descriptor or descriptor too short
[  152.395419][ T6029] usb 8-1: new low-speed USB device number 13 using dummy_hcd
[  152.525316][ T6029] usb 8-1: device descriptor read/64, error -71
[  152.765222][ T6029] usb 8-1: new low-speed USB device number 14 using dummy_hcd
[  152.880408][  T827] usb 7-1: unable to read config index 0 descriptor/start: -71
[  152.895112][ T6029] usb 8-1: device descriptor read/64, error -71
[  152.984846][ T6932] input: syz0 as /devices/virtual/input/input8
[  153.005736][ T6029] usb usb8-port1: attempt power cycle
[  153.101951][  T827] usb 7-1: can't read configurations, error -71
[  153.345462][ T6029] usb 8-1: new low-speed USB device number 15 using dummy_hcd
[  153.365788][ T6029] usb 8-1: device descriptor read/8, error -71
[  153.605033][ T6029] usb 8-1: new low-speed USB device number 16 using dummy_hcd
[  153.625147][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  153.625561][ T6029] usb 8-1: device descriptor read/8, error -71
[  153.737680][ T6934] syzkaller0: entered promiscuous mode
[  153.739486][ T6934] syzkaller0: entered allmulticast mode
[  153.746021][ T6029] usb usb8-port1: unable to enumerate USB device
[  153.787515][ T5946] Bluetooth: hci5: command 0xfc11 tx timeout
[  153.789281][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  155.112100][  T100] Bluetooth: hci4: Frame reassembly failed (-84)
[  155.115448][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  155.118107][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  155.120763][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  155.549435][ T6950] netlink: 'syz.2.251': attribute type 10 has an invalid length.
[  155.559847][ T6950] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  155.588914][ T6950] 8021q: adding VLAN 0 to HW filter on device bond1
[  155.618717][ T6950] bond_slave_0: entered promiscuous mode
[  155.620424][ T6950] bond_slave_1: entered promiscuous mode
[  155.622117][ T6950] syz_tun: entered promiscuous mode
[  155.627654][ T6950] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  155.630944][ T6950] bond1: (slave macvlan2): speed changed to 0 on port 1
[  155.634081][ T6950] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  156.169685][ T6961] input: syz0 as /devices/virtual/input/input9
[  157.113853][  T215] Bluetooth: hci5: Frame reassembly failed (-84)
[  157.122194][  T215] Bluetooth: hci5: Frame reassembly failed (-84)
[  157.144922][ T5956] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  157.518355][ T6160] Bluetooth: hci4: Frame reassembly failed (-90)
[  157.874467][   T53] usb 6-1: new low-speed USB device number 21 using dummy_hcd
[  158.649743][   T53] usb 6-1: device descriptor read/64, error -71
[  159.034314][   T53] usb 6-1: new low-speed USB device number 22 using dummy_hcd
[  159.156091][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  159.174373][   T53] usb 6-1: device descriptor read/64, error -71
[  159.403441][   T53] usb usb6-port1: attempt power cycle
[  159.410711][ T6990] kernel profiling enabled (shift: 17)
[  159.544417][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  159.546801][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  160.166017][ T7023] netlink: 28 bytes leftover after parsing attributes in process `syz.3.272'.
[  160.222730][ T7024] tmpfs: Unknown parameter 'urquota'
[  160.233983][ T7023] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  160.244684][ T7023] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  160.254130][ T7023] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  160.265397][ T7023] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  160.539875][   T53] usb usb6-port1: Cannot enable. Maybe the USB cable is bad?
[  160.634728][ T7028] syzkaller0: entered promiscuous mode
[  160.637238][ T7028] syzkaller0: entered allmulticast mode
[  160.674095][   T53] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  160.696077][   T53] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  160.699983][   T53] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  160.703692][   T53] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  160.713075][   T53] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  160.716679][   T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.719591][   T53] usb 6-1: Product: syz
[  160.721309][   T53] usb 6-1: Manufacturer: syz
[  160.723124][   T53] usb 6-1: SerialNumber: syz
[  160.735450][   T53] hub 6-1:1.0: bad descriptor, ignoring hub
[  160.740478][   T53] hub 6-1:1.0: probe with driver hub failed with error -5
[  160.810471][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  160.928160][ T7033] syzkaller0: entered promiscuous mode
[  160.930226][ T7033] syzkaller0: entered allmulticast mode
[  160.947758][   T53] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  161.367977][ T3248] usb 6-1: USB disconnect, device number 24
[  161.374871][ T3248] usblp0: removed
[  162.196981][ T1139] Bluetooth: hci5: Frame reassembly failed (-84)
[  162.274092][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout
[  162.277059][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  162.279991][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  162.329709][   T60] Bluetooth: hci6: Frame reassembly failed (-90)
[  162.332532][   T60] Bluetooth: hci6: Frame reassembly failed (-84)
[  162.344050][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  162.473988][   T53] usb 8-1: new low-speed USB device number 17 using dummy_hcd
[  162.824041][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  162.824730][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  162.919818][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.280'.
[  162.980920][ T7052] tmpfs: Unknown parameter 'urquota'
[  162.996296][ T7051] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.000380][ T7051] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.006896][ T7051] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.012035][ T7051] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  163.343953][   T53] usb 8-1: device descriptor read/64, error -71
[  163.584432][   T53] usb 8-1: new low-speed USB device number 18 using dummy_hcd
[  163.713889][   T53] usb 8-1: device descriptor read/64, error -71
[  163.824241][   T53] usb usb8-port1: attempt power cycle
[  164.173999][   T53] usb 8-1: new low-speed USB device number 19 using dummy_hcd
[  164.196017][   T53] usb 8-1: device descriptor read/8, error -71
[  164.233591][  T215] Bluetooth: hci4: Frame reassembly failed (-84)
[  164.263788][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  164.265702][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  164.351512][ T5946] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  164.354533][ T5956] Bluetooth: hci6: command 0xfc11 tx timeout
[  164.443896][   T53] usb 8-1: new low-speed USB device number 20 using dummy_hcd
[  164.537257][   T13] Bluetooth: hci5: Frame reassembly failed (-90)
[  165.063718][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  165.066992][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  165.069278][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout
[  165.071695][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  165.267209][   T53] usb 8-1: device descriptor read/8, error -71
[  165.720416][   T53] usb usb8-port1: unable to enumerate USB device
[  165.867639][   T13] Bluetooth: hci6: Frame reassembly failed (-90)
[  166.267622][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  166.271228][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  166.583670][ T5956] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  166.659185][ T7087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.292'.
[  166.820223][ T7090] tmpfs: Unknown parameter 'urquota'
[  166.939537][ T7087] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.957006][ T7087] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.960430][ T7087] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.984978][ T7087] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  167.012131][ T7093] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  167.014378][ T7093] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  167.024430][ T7093] vhci_hcd vhci_hcd.0: Device attached
[  167.263549][   T53] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  167.873468][   T62] Bluetooth: hci6: command 0xfc11 tx timeout
[  167.877651][ T5299] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  168.185622][ T7094] vhci_hcd: connection reset by peer
[  168.190765][ T6160] vhci_hcd vhci_hcd.2: stop threads
[  168.195211][ T6160] vhci_hcd vhci_hcd.2: release socket
[  168.198231][ T6160] vhci_hcd vhci_hcd.2: disconnect device
[  168.438781][   T13] Bluetooth: hci4: Frame reassembly failed (-90)
[  168.981170][ T6160] Bluetooth: hci5: Frame reassembly failed (-90)
[  168.983784][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.985404][ T6160] Bluetooth: hci5: Frame reassembly failed (-84)
[  168.986696][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout
[  168.991275][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  169.063819][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  170.504083][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  170.511425][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  170.635288][ T1139] Bluetooth: hci4: Frame reassembly failed (-90)
[  170.732456][ T7148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.305'.
[  170.797992][ T7149] tmpfs: Unknown parameter 'urquota'
[  170.811112][ T7148] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  170.896973][ T7148] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  170.902005][ T7148] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  170.910370][ T7148] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  170.985131][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  171.232535][ T7156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.308'.
[  171.240589][ T7156] tmpfs: Unknown parameter 'urquota'
[  171.279666][ T1139] Bluetooth: hci5: Frame reassembly failed (-90)
[  172.413760][   T53] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  172.668105][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  172.668378][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  172.742758][ T7164] netlink: 'syz.0.309': attribute type 2 has an invalid length.
[  172.833441][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  172.892472][   T13] Bluetooth: hci4: Frame reassembly failed (-90)
[  172.903337][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  172.911054][ T7170] Invalid source name
[  172.983372][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  172.986028][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.303203][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  173.303432][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  173.448955][ T7178] netlink: 32 bytes leftover after parsing attributes in process `syz.2.315'.
[  173.471220][ T7178] netlink: 32 bytes leftover after parsing attributes in process `syz.2.315'.
[  173.713137][   T13] Bluetooth: hci5: Frame reassembly failed (-90)
[  174.913243][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  174.918237][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  174.982696][ T7193] warning: `syz.3.320' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  175.090121][ T7200] netlink: 28 bytes leftover after parsing attributes in process `syz.2.325'.
[  175.147947][ T7202] tmpfs: Unknown parameter 'urquota'
[  175.156200][ T7200] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  175.160080][ T7200] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  175.165133][ T7200] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  175.170307][ T7200] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  175.560011][ T7204] netlink: 28 bytes leftover after parsing attributes in process `syz.3.324'.
[  175.567054][ T7204] tmpfs: Unknown parameter 'urquota'
[  175.605069][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[  175.713291][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  176.453088][  T827] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  176.607058][  T827] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  176.611342][  T827] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  176.616500][  T827] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  176.626972][  T827] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  176.630934][  T827] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.635047][  T827] usb 7-1: Product: syz
[  176.637021][  T827] usb 7-1: Manufacturer: syz
[  176.638999][  T827] usb 7-1: SerialNumber: syz
[  176.647062][  T827] hub 7-1:1.0: bad descriptor, ignoring hub
[  176.650918][  T827] hub 7-1:1.0: probe with driver hub failed with error -5
[  176.793570][   T10] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  176.922273][  T827] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  176.965487][   T13] Bluetooth: hci5: Frame reassembly failed (-90)
[  176.967857][   T13] Bluetooth: hci5: Frame reassembly failed (-84)
[  177.033113][   T10] usb 8-1: Using ep0 maxpacket: 8
[  177.233139][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  177.235215][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  177.237244][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout
[  177.239476][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  177.248850][  T827] usb 7-1: USB disconnect, device number 18
[  177.366485][  T827] usblp0: removed
[  177.619284][   T10] usb 8-1: unable to get BOS descriptor or descriptor too short
[  177.623094][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  177.626752][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  178.381304][ T7238] netlink: 28 bytes leftover after parsing attributes in process `syz.3.337'.
[  178.488701][   T10] usb 8-1: unable to read config index 0 descriptor/start: -71
[  178.659367][   T10] usb 8-1: can't read configurations, error -71
[  178.904044][ T7244] netlink: 28 bytes leftover after parsing attributes in process `syz.1.338'.
[  178.963646][ T7247] tmpfs: Unknown parameter 'urquota'
[  178.970153][ T7244] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  178.980595][ T7244] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  178.982987][   T62] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  178.986508][ T7244] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  178.987066][ T7244] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  179.005209][  T215] Bluetooth: hci4: Frame reassembly failed (-84)
[  179.068013][ T7249] netlink: 28 bytes leftover after parsing attributes in process `syz.0.341'.
[  179.072318][ T7249] tmpfs: Unknown parameter 'urquota'
[  179.481203][ T7255] netlink: 'syz.0.343': attribute type 13 has an invalid length.
[  179.484053][ T7255] netlink: 172 bytes leftover after parsing attributes in process `syz.0.343'.
[  180.222956][   T34] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  180.239590][ T7271] netlink: 28 bytes leftover after parsing attributes in process `syz.0.350'.
[  180.296979][ T7272] tmpfs: Unknown parameter 'urquota'
[  180.304247][ T7271] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  180.308327][ T7271] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  180.311300][ T7271] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  180.315641][ T7271] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  180.366493][ T7274] netlink: 28 bytes leftover after parsing attributes in process `syz.0.351'.
[  180.372966][   T34] usb 6-1: Using ep0 maxpacket: 8
[  180.425181][ T7276] tmpfs: Unknown parameter 'urquota'
[  180.433311][ T7274] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  180.437388][ T7274] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  180.440220][ T7274] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  180.443441][ T7274] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  180.453566][   T34] usb 6-1: unable to get BOS descriptor or descriptor too short
[  180.456772][   T34] usb 6-1: unable to read config index 0 descriptor/start: -71
[  180.461153][   T34] usb 6-1: can't read configurations, error -71
[  180.828894][ T7283] FAULT_INJECTION: forcing a failure.
[  180.828894][ T7283] name failslab, interval 1, probability 0, space 0, times 0
[  180.833652][ T7283] CPU: 1 UID: 0 PID: 7283 Comm: syz.2.353 Not tainted syzkaller #0 PREEMPT(full) 
[  180.833669][ T7283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  180.833676][ T7283] Call Trace:
[  180.833682][ T7283]  <TASK>
[  180.833687][ T7283]  dump_stack_lvl+0x100/0x190
[  180.833705][ T7283]  should_fail_ex.cold+0x5/0xa
[  180.833721][ T7283]  should_failslab+0xc2/0x120
[  180.833733][ T7283]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  180.833752][ T7283]  ? __alloc_skb+0x140/0x710
[  180.833796][ T7283]  ? __alloc_skb+0x5b7/0x710
[  180.833817][ T7283]  __alloc_skb+0x140/0x710
[  180.833836][ T7283]  ? __alloc_skb+0x5b7/0x710
[  180.833854][ T7283]  ? __pfx___alloc_skb+0x10/0x10
[  180.833877][ T7283]  netlink_alloc_large_skb+0x69/0x150
[  180.833894][ T7283]  netlink_sendmsg+0x680/0xda0
[  180.833911][ T7283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.833928][ T7283]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  180.833946][ T7283]  ____sys_sendmsg+0x9e1/0xb70
[  180.833960][ T7283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.833976][ T7283]  ? __pfx_____sys_sendmsg+0x10/0x10
[  180.833997][ T7283]  ___sys_sendmsg+0x190/0x1e0
[  180.834015][ T7283]  ? __pfx____sys_sendmsg+0x10/0x10
[  180.834038][ T7283]  ? find_held_lock+0x2b/0x80
[  180.834062][ T7283]  __sys_sendmsg+0x170/0x220
[  180.834074][ T7283]  ? __pfx___sys_sendmsg+0x10/0x10
[  180.834084][ T7283]  ? __fget_files+0x21f/0x3d0
[  180.834108][ T7283]  ? ksys_write+0x1ac/0x250
[  180.834127][ T7283]  ? rcu_is_watching+0x12/0xc0
[  180.834143][ T7283]  __do_fast_syscall_32+0xe7/0x950
[  180.834165][ T7283]  ? lockdep_hardirqs_on+0x78/0x100
[  180.834183][ T7283]  do_fast_syscall_32+0x32/0x70
[  180.834202][ T7283]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.834219][ T7283] RIP: 0023:0xf704efcc
[  180.834230][ T7283] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  180.834258][ T7283] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  180.834271][ T7283] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  180.834278][ T7283] RDX: 0000000000004800 RSI: 0000000000000000 RDI: 0000000000000000
[  180.834285][ T7283] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.834292][ T7283] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  180.834299][ T7283] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.834313][ T7283]  </TASK>
[  180.958710][ T7285] binder: 7284:7285 ioctl c0306201 800001c0 returned -22
[  180.961958][ T7285] binder: 7284:7285 ioctl c0e05403 80000000 returned -22
[  181.007260][ T7287] qnx6: unable to read the first superblock
[  181.009742][ T7287] qnx6: unable to read the first superblock
[  181.011703][ T7287] qnx6: unable to read the first superblock
[  181.062980][   T62] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  181.062994][ T5299] Bluetooth: hci4: command 0xfc11 tx timeout
[  181.278936][ T7298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.359'.
[  181.631793][ T7309] 9p: Bad value for 'rfdno'
[  181.843003][   T10] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  181.992926][   T10] usb 6-1: Using ep0 maxpacket: 8
[  182.029927][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  182.037578][   T10] usb 6-1: unable to read config index 0 descriptor/start: -71
[  182.040992][   T10] usb 6-1: can't read configurations, error -71
[  182.492861][   T34] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  182.502987][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  182.503049][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  182.505732][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  182.508360][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  182.575903][ T7325] FAULT_INJECTION: forcing a failure.
[  182.575903][ T7325] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  182.584803][ T7325] CPU: 2 UID: 0 PID: 7325 Comm: syz.1.369 Not tainted syzkaller #0 PREEMPT(full) 
[  182.584829][ T7325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  182.584838][ T7325] Call Trace:
[  182.584844][ T7325]  <TASK>
[  182.584851][ T7325]  dump_stack_lvl+0x100/0x190
[  182.584876][ T7325]  should_fail_ex.cold+0x5/0xa
[  182.584898][ T7325]  _copy_from_user+0x2e/0xd0
[  182.584921][ T7325]  kstrtouint_from_user+0xd6/0x1d0
[  182.584937][ T7325]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  182.584952][ T7325]  ? __lock_acquire+0x4a5/0x2630
[  182.584986][ T7325]  proc_fail_nth_write+0x83/0x220
[  182.585007][ T7325]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  182.585036][ T7325]  vfs_write+0x2aa/0x1070
[  182.585061][ T7325]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  182.585083][ T7325]  ? __pfx_vfs_write+0x10/0x10
[  182.585105][ T7325]  ? find_held_lock+0x2b/0x80
[  182.585130][ T7325]  ? __fget_files+0x215/0x3d0
[  182.585160][ T7325]  ? __fget_files+0x21f/0x3d0
[  182.585193][ T7325]  ksys_write+0x12a/0x250
[  182.585217][ T7325]  ? __pfx_ksys_write+0x10/0x10
[  182.585242][ T7325]  ? rcu_is_watching+0x12/0xc0
[  182.585264][ T7325]  do_int80_emulation+0x141/0x700
[  182.585295][ T7325]  asm_int80_emulation+0x1a/0x20
[  182.585313][ T7325] RIP: 0023:0xf7135cab
[  182.585328][ T7325] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  182.585344][ T7325] RSP: 002b:00000000f53ed4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  182.585360][ T7325] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53ed5d0
[  182.585370][ T7325] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  182.585378][ T7325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.585386][ T7325] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  182.585395][ T7325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.585417][ T7325]  </TASK>
[  182.642897][   T34] usb 5-1: Using ep0 maxpacket: 8
[  182.668323][   T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  182.671589][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  182.676900][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  182.681246][   T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.686504][   T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.690695][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.785598][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  182.931824][   T34] usb 5-1: GET_CAPABILITIES returned 0
[  182.933912][   T34] usbtmc 5-1:16.0: can't read capabilities
[  183.188066][ T7316] hpfs: Bad magic ... probably not HPFS
[  183.268765][   T34] usb 5-1: USB disconnect, device number 20
[  183.943229][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  184.170563][ T7340] netlink: 'syz.2.371': attribute type 2 has an invalid length.
[  184.299906][ T1148] Bluetooth: hci6: Frame reassembly failed (-84)
[  184.824903][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  184.828590][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  185.102386][ T7351] syzkaller0: entered promiscuous mode
[  185.106659][ T7351] syzkaller0: entered allmulticast mode
[  185.687852][  T215] Bluetooth: hci5: Frame reassembly failed (-84)
[  185.812899][ T6010] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  185.963283][ T6010] usb 6-1: Using ep0 maxpacket: 8
[  186.055898][ T6010] usb 6-1: unable to get BOS descriptor or descriptor too short
[  186.062035][ T6010] usb 6-1: unable to read config index 0 descriptor/start: -71
[  186.065623][ T6010] usb 6-1: can't read configurations, error -71
[  186.102974][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  186.103204][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  186.293560][ T1148] Bluetooth: hci4: Frame reassembly failed (-84)
[  186.357778][ T5948] Bluetooth: hci6: command 0xfc11 tx timeout
[  186.360767][ T5953] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  186.718435][ T1240] Bluetooth: hci6: Frame reassembly failed (-84)
[  186.730266][ T1240] Bluetooth: hci6: Frame reassembly failed (-84)
[  187.713194][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  187.719879][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  188.326186][ T1240] Bluetooth: hci5: Frame reassembly failed (-84)
[  188.329583][ T1240] Bluetooth: hci5: Frame reassembly failed (-84)
[  188.342834][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  188.345312][ T5948] Bluetooth: hci4: command 0xfc11 tx timeout
[  188.520536][ T7384] syzkaller0: entered promiscuous mode
[  188.522841][ T7384] syzkaller0: entered allmulticast mode
[  188.584384][ T5953] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  188.675312][ T6010] usb 7-1: new low-speed USB device number 19 using dummy_hcd
[  188.812816][ T6010] usb 7-1: device descriptor read/64, error -71
[  189.062487][   T13] Bluetooth: hci6: Frame reassembly failed (-90)
[  189.222820][ T6010] usb 7-1: new low-speed USB device number 20 using dummy_hcd
[  189.712684][ T6010] usb 7-1: device descriptor read/64, error -71
[  190.132943][ T6010] usb usb7-port1: attempt power cycle
[  190.342761][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  190.344602][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  190.732864][   T53] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  190.902804][ T5299] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  190.902980][   T53] usb 6-1: Using ep0 maxpacket: 8
[  190.903031][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  190.932853][ T6010] usb 7-1: new low-speed USB device number 21 using dummy_hcd
[  190.953559][ T6010] usb 7-1: device descriptor read/8, error -71
[  190.971457][   T53] usb 6-1: unable to get BOS descriptor or descriptor too short
[  190.975492][   T53] usb 6-1: unable to read config index 0 descriptor/start: -71
[  190.979154][   T53] usb 6-1: can't read configurations, error -71
[  191.062733][ T5953] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  191.063157][ T5299] Bluetooth: hci6: command 0xfc11 tx timeout
[  191.202701][ T6010] usb 7-1: new low-speed USB device number 22 using dummy_hcd
[  191.412725][ T6010] usb 7-1: device not accepting address 22, error -71
[  191.418383][ T6010] usb usb7-port1: unable to enumerate USB device
[  191.660870][   T13] Bluetooth: hci4: Frame reassembly failed (-90)
[  193.597321][ T1148] Bluetooth: hci5: Frame reassembly failed (-84)
[  193.702801][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  193.708375][ T5953] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  193.811633][ T7431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.399'.
[  193.898296][ T7432] tmpfs: Unknown parameter 'urquota'
[  193.962983][ T7431] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  194.073499][ T7431] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  194.102401][ T7431] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  194.159268][ T7431] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  194.182720][ T6029] usb 8-1: new low-speed USB device number 23 using dummy_hcd
[  194.229614][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  194.234696][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  195.151456][ T6029] usb 8-1: device descriptor read/64, error -71
[  195.632698][ T5299] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  195.636724][ T5946] Bluetooth: hci5: command 0xfc11 tx timeout
[  195.942611][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  196.102693][ T6029] usb 8-1: new low-speed USB device number 24 using dummy_hcd
[  196.102791][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  196.182749][ T5299] Bluetooth: hci3: command 0x0c1a tx timeout
[  196.182836][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  196.262779][ T5953] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  196.452653][ T6029] usb 8-1: device descriptor read/64, error -71
[  196.563495][ T6029] usb usb8-port1: attempt power cycle
[  196.563901][ T7445] netlink: 28 bytes leftover after parsing attributes in process `syz.3.404'.
[  196.637251][ T7448] tmpfs: Unknown parameter 'urquota'
[  196.642748][ T6058] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  196.672775][ T7445] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  196.678355][ T7445] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  196.681510][ T7445] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  196.689981][ T7445] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  196.722259][ T7450] fuse: Bad value for 'fd'
[  196.792686][ T6058] usb 6-1: Using ep0 maxpacket: 8
[  196.841522][ T7457] fuse: Bad value for 'fd'
[  196.855933][ T6058] usb 6-1: unable to get BOS descriptor or descriptor too short
[  196.863748][ T6058] usb 6-1: unable to read config index 0 descriptor/start: -71
[  196.872709][ T6058] usb 6-1: can't read configurations, error -71
[  196.895174][ T7460] netlink: 220 bytes leftover after parsing attributes in process `syz.0.408'.
[  197.070477][ T7467] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.409'.
[  197.143547][   T40] audit: type=1326 audit(1776375933.276:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.153929][   T40] audit: type=1326 audit(1776375933.286:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.162661][   T40] audit: type=1326 audit(1776375933.286:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.170936][   T40] audit: type=1326 audit(1776375933.286:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.180378][   T40] audit: type=1326 audit(1776375933.316:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.191500][   T40] audit: type=1326 audit(1776375933.316:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.199512][   T40] audit: type=1326 audit(1776375933.316:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.0.409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7fcc code=0x7ffc0000
[  197.517139][ T7470] Cannot find add_set index 2 as target
[  197.590338][ T7471] 
€Â0: renamed from batadv_slave_1
[  198.137212][ T7479] binder: 7478:7479 unknown command 2
[  198.138970][ T7479] binder: 7478:7479 ioctl c0306201 80000480 returned -22
[  198.185490][ T6029] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  198.333673][ T6029] usb 5-1: Using ep0 maxpacket: 16
[  198.338037][ T6029] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  198.344799][ T6029] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  198.348141][ T6029] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.351223][ T6029] usb 5-1: Product: syz
[  198.352930][ T6029] usb 5-1: Manufacturer: syz
[  198.354750][ T6029] usb 5-1: SerialNumber: syz
[  198.363243][ T6029] usb 5-1: config 0 descriptor??
[  198.367530][ T6029] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  198.371113][ T6029] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  198.592793][ T6058] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  198.744588][ T5953] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  198.744735][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  198.744799][ T5299] Bluetooth: hci2: command 0x0c1a tx timeout
[  198.744841][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  198.744865][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  198.744913][ T5299] Bluetooth: hci4: command 0xfc11 tx timeout
[  198.764040][ T6058] usb 6-1: Using ep0 maxpacket: 8
[  198.799341][ T6058] usb 6-1: unable to get BOS descriptor or descriptor too short
[  198.804837][ T6058] usb 6-1: unable to read config index 0 descriptor/start: -71
[  198.808047][ T6058] usb 6-1: can't read configurations, error -71
[  198.815938][ T7497] netlink: 28 bytes leftover after parsing attributes in process `syz.2.421'.
[  198.872897][ T7498] tmpfs: Unknown parameter 'urquota'
[  198.902809][ T7497] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  198.905898][ T7497] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.908323][ T7497] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.910820][ T7497] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  198.976076][ T6029] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  198.984595][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  198.987205][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  199.395018][ T6029] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  199.403804][ T6029] em28xx 5-1:0.0: board has no eeprom
[  199.472580][ T6029] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  199.475326][ T6029] em28xx 5-1:0.0: dvb set to bulk mode.
[  199.482932][   T24] em28xx 5-1:0.0: Binding DVB extension
[  199.490939][ T6029] usb 5-1: USB disconnect, device number 21
[  199.502432][ T6029] em28xx 5-1:0.0: Disconnecting em28xx
[  199.546890][   T24] em28xx 5-1:0.0: Registering input extension
[  199.555954][ T6029] em28xx 5-1:0.0: Closing input extension
[  199.617319][ T6029] em28xx 5-1:0.0: Freeing device
[  199.998109][ T7515] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  200.295075][ T7528] libceph: resolve '0' (ret=-3): failed
[  200.343515][ T6029] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  200.371300][ T7532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.434'.
[  200.492557][ T6029] usb 8-1: Using ep0 maxpacket: 8
[  200.520757][ T6029] usb 8-1: unable to get BOS descriptor or descriptor too short
[  200.526405][ T6029] usb 8-1: unable to read config index 0 descriptor/start: -71
[  200.529117][ T6029] usb 8-1: can't read configurations, error -71
[  200.608176][ T7537] random: crng reseeded on system resumption
[  200.982711][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout
[  200.983292][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  200.983331][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  200.993834][ T5953] Bluetooth: hci3: command 0x0c1a tx timeout
[  202.102666][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  202.102692][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[  202.926755][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  202.930074][ T1139] Bluetooth: hci4: Frame reassembly failed (-90)
[  203.294372][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.439'.
[  203.419505][   T40] audit: type=1326 audit(1776375939.557:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7592 comm="syz.2.455" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704efcc code=0x0
[  203.588850][ T7602] netlink: 210496 bytes leftover after parsing attributes in process `syz.3.457'.
[  203.595450][ T7602] vcan0: tx drop: invalid da for name 0x0000040000000000
[  203.667616][ T7605] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  203.669769][ T7605] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  203.672890][ T7605] vhci_hcd vhci_hcd.0: Device attached
[  203.677743][ T7605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.458'.
[  203.685998][ T7605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.458'.
[  203.690589][ T7605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.458'.
[  203.706982][ T7606] vhci_hcd: connection closed
[  203.707413][   T12] vhci_hcd vhci_hcd.3: stop threads
[  203.712875][   T12] vhci_hcd vhci_hcd.3: release socket
[  203.715161][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  204.328003][ T7613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.460'.
[  204.337389][ T7613] netlink: 12 bytes leftover after parsing attributes in process `syz.3.460'.
[  204.441319][ T7622] FAULT_INJECTION: forcing a failure.
[  204.441319][ T7622] name failslab, interval 1, probability 0, space 0, times 0
[  204.447371][ T7622] CPU: 0 UID: 0 PID: 7622 Comm: syz.1.462 Not tainted syzkaller #0 PREEMPT(full) 
[  204.447388][ T7622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  204.447394][ T7622] Call Trace:
[  204.447397][ T7622]  <TASK>
[  204.447402][ T7622]  dump_stack_lvl+0x100/0x190
[  204.447418][ T7622]  should_fail_ex.cold+0x5/0xa
[  204.447434][ T7622]  should_failslab+0xc2/0x120
[  204.447444][ T7622]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  204.447460][ T7622]  ? __alloc_skb+0x140/0x710
[  204.447477][ T7622]  ? __alloc_skb+0x5b7/0x710
[  204.447496][ T7622]  __alloc_skb+0x140/0x710
[  204.447511][ T7622]  ? __alloc_skb+0x5b7/0x710
[  204.447527][ T7622]  ? __pfx___alloc_skb+0x10/0x10
[  204.447547][ T7622]  netlink_alloc_large_skb+0x69/0x150
[  204.447562][ T7622]  netlink_sendmsg+0x680/0xda0
[  204.447577][ T7622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  204.447592][ T7622]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  204.447608][ T7622]  ____sys_sendmsg+0x9e1/0xb70
[  204.447621][ T7622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  204.447635][ T7622]  ? __pfx_____sys_sendmsg+0x10/0x10
[  204.447654][ T7622]  ___sys_sendmsg+0x190/0x1e0
[  204.447669][ T7622]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.447689][ T7622]  ? find_held_lock+0x2b/0x80
[  204.447710][ T7622]  __sys_sendmsg+0x170/0x220
[  204.447720][ T7622]  ? __pfx___sys_sendmsg+0x10/0x10
[  204.447729][ T7622]  ? __fget_files+0x21f/0x3d0
[  204.447749][ T7622]  ? ksys_write+0x1ac/0x250
[  204.447767][ T7622]  ? rcu_is_watching+0x12/0xc0
[  204.447781][ T7622]  __do_fast_syscall_32+0xe7/0x950
[  204.447801][ T7622]  ? lockdep_hardirqs_on+0x78/0x100
[  204.447819][ T7622]  do_fast_syscall_32+0x32/0x70
[  204.447836][ T7622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.447850][ T7622] RIP: 0023:0xf6ffefcc
[  204.447860][ T7622] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  204.447871][ T7622] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  204.447882][ T7622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  204.447889][ T7622] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 0000000000000000
[  204.447895][ T7622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.447901][ T7622] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  204.447908][ T7622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.447921][ T7622]  </TASK>
[  204.823528][ T7637] random: crng reseeded on system resumption
[  204.836318][ T7637] Hibernate inconsistent memory map detected!
[  204.839864][ T7637] PM: hibernation: Image mismatch: architecture specific data
[  204.985583][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  205.267221][ T7648] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  205.335228][ T7649] netlink: 108 bytes leftover after parsing attributes in process `syz.0.469'.
[  205.425070][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  205.436342][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  205.440337][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  205.448825][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  205.452388][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  206.280945][ T7661] syzkaller0: entered promiscuous mode
[  206.284815][ T7661] syzkaller0: entered allmulticast mode
[  206.501355][ T7678] syzkaller0: entered promiscuous mode
[  206.504660][ T7678] syzkaller0: entered allmulticast mode
[  206.697750][ T3248] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  206.894299][ T3248] usb 5-1: Using ep0 maxpacket: 8
[  206.939609][ T3248] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  206.944683][ T3248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  206.948016][ T3248] usb 5-1: Product: syz
[  206.950218][ T3248] usb 5-1: Manufacturer: syz
[  206.952076][ T3248] usb 5-1: SerialNumber: syz
[  207.246725][ T3248] usb 5-1: config 0 descriptor??
[  207.454362][ T3248] gspca_main: sq905-2.14.0 probing 2770:9120
[  208.048074][ T3248] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  208.056427][ T3248] sq905 5-1:0.0: probe with driver sq905 failed with error -110
[  208.582757][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  208.583053][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[  209.398914][ T1139] Bluetooth: hci4: Frame reassembly failed (-84)
[  210.082784][  T827] usb 5-1: USB disconnect, device number 22
[  210.642375][ T7732] capability: warning: `syz.2.491' uses 32-bit capabilities (legacy support in use)
[  211.387017][ T7741] netlink: 28 bytes leftover after parsing attributes in process `syz.1.493'.
[  211.445476][ T7743] tmpfs: Unknown parameter 'urquota'
[  211.453228][ T7741] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  211.462562][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[  211.464085][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  211.464112][ T7741] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  211.464249][ T7741] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  211.464374][ T7741] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  211.533959][ T5953] Bluetooth: hci5: sending frame failed (-49)
[  211.538819][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-49)
[  211.642094][ T7749] netlink: 76 bytes leftover after parsing attributes in process `syz.3.494'.
[  211.870891][ T7768] batadv0: entered promiscuous mode
[  211.876015][ T7768] macsec1: entered allmulticast mode
[  211.878373][ T7768] batadv0: entered allmulticast mode
[  211.882945][ T7768] 8021q: adding VLAN 0 to HW filter on device macsec1
[  211.897746][ T7768] batadv0: left allmulticast mode
[  211.900209][ T7768] batadv0: left promiscuous mode
[  212.409522][  T827] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  212.672925][  T827] usb 5-1: Using ep0 maxpacket: 32
[  212.689342][  T827] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  212.692272][  T827] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  212.695663][  T827] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  212.699198][  T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  212.702658][  T827] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  212.706024][  T827] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  212.710502][  T827] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  212.713841][  T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.737249][  T827] usb 5-1: config 0 descriptor??
[  213.331741][  T827] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 23 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  213.338246][  T827] usb 5-1: USB disconnect, device number 23
[  213.348229][  T827] usblp0: removed
[  213.430330][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[  213.462564][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  213.465259][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[  213.470037][   T60] Bluetooth: hci5: Frame reassembly failed (-84)
[  213.554569][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[  213.556822][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  213.560429][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout
[  214.909378][ T7807] kAFS: unable to lookup cell '(,c¾ûL'
[  215.037362][  T827] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  215.462606][ T5956] Bluetooth: hci5: command 0xfc11 tx timeout
[  215.462627][ T5953] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  215.462704][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  215.469552][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  215.665244][ T7826] netlink: 12 bytes leftover after parsing attributes in process `syz.3.510'.
[  215.909468][ T7837] netlink: 28 bytes leftover after parsing attributes in process `syz.3.513'.
[  215.928871][ T7835] bond2: option arp_validate: invalid value (524288)
[  215.935645][ T7835] bond2 (unregistering): Released all slaves
[  215.952878][ T5948] Bluetooth: hci3: unexpected event for opcode 0x0c7d
[  216.007079][ T7840] tmpfs: Unknown parameter 'urquota'
[  216.113277][ T7837] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  216.120854][ T7837] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  216.131742][ T7837] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  216.139099][ T7837] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  216.459378][ T7843] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  216.462154][ T7843] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  216.469534][ T7843] vhci_hcd vhci_hcd.0: Device attached
[  216.742606][   T29] usb 40-1: SetAddress Request (2) to port 0
[  216.745736][   T29] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  216.872606][   T24] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  217.024096][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  217.027774][   T24] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  217.031337][   T24] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  217.039403][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  217.042498][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  217.045179][   T24] usb 7-1: Product: syz
[  217.046717][   T24] usb 7-1: Manufacturer: syz
[  217.048344][   T24] usb 7-1: SerialNumber: syz
[  217.204381][ T7844] vhci_hcd: connection reset by peer
[  217.214462][ T6160] vhci_hcd vhci_hcd.1: stop threads
[  217.216378][ T6160] vhci_hcd vhci_hcd.1: release socket
[  217.218611][ T6160] vhci_hcd vhci_hcd.1: disconnect device
[  217.252753][ T7859] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  217.254879][ T7859] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  217.257729][   T24] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  217.263936][ T7859] vhci_hcd vhci_hcd.0: Device attached
[  217.470027][   T24] usb 7-1: USB disconnect, device number 23
[  217.477383][   T24] usblp0: removed
[  217.553704][  T827] usb 44-1: SetAddress Request (2) to port 0
[  217.562115][  T827] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  217.565503][ T7860] vhci_hcd: connection closed
[  217.565858][   T46] vhci_hcd vhci_hcd.3: stop threads
[  217.569739][   T46] vhci_hcd vhci_hcd.3: release socket
[  217.571694][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  217.582740][  T827] usb 44-1: enqueue for inactive port 0
[  217.832535][ T6058] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  217.976286][  T827] usb usb44-port1: attempt power cycle
[  217.984591][ T6058] usb 5-1: Using ep0 maxpacket: 8
[  218.019607][ T6058] usb 5-1: unable to get BOS descriptor or descriptor too short
[  218.026805][ T6058] usb 5-1: unable to read config index 0 descriptor/start: -71
[  218.030383][ T6058] usb 5-1: can't read configurations, error -71
[  218.043643][ T7876] netlink: 28 bytes leftover after parsing attributes in process `syz.2.523'.
[  218.100830][ T7877] tmpfs: Unknown parameter 'urquota'
[  218.152943][ T7876] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  218.155173][ T7876] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.157295][ T7876] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  218.169784][ T7876] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  218.478770][ T7890] netlink: 28 bytes leftover after parsing attributes in process `syz.2.527'.
[  218.540549][ T7891] tmpfs: Unknown parameter 'urquota'
[  218.558680][  T827] usb usb44-port1: unable to enumerate USB device
[  218.624839][ T7890] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  218.640219][ T7890] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.714336][ T7890] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  218.752954][ T7890] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  218.897986][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  219.177122][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  219.183759][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  219.192990][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  219.202588][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  219.463931][ T7897] exFAT-fs (nbd0): unable to read boot sector
[  219.469494][ T7897] exFAT-fs (nbd0): failed to read boot sector
[  219.472267][ T7897] exFAT-fs (nbd0): failed to recognize exfat type
[  219.587100][  T215] Bluetooth: hci4: Frame reassembly failed (-84)
[  220.672611][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  220.673020][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  220.752519][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  220.826684][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  221.622636][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  221.627719][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  222.402534][   T29] usb 40-1: device descriptor read/8, error -110
[  222.415058][   T24] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  222.562520][   T24] usb 5-1: Using ep0 maxpacket: 8
[  222.798970][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  222.816954][   T24] usb 5-1: unable to read config index 0 descriptor/start: -71
[  222.826245][   T24] usb 5-1: can't read configurations, error -71
[  222.904489][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  223.000439][ T7939] bridge0: port 3(erspan0) entered blocking state
[  223.006198][ T7939] bridge0: port 3(erspan0) entered disabled state
[  223.058177][ T7939] erspan0: entered allmulticast mode
[  223.067532][   T29] usb usb40-port1: attempt power cycle
[  223.106351][ T7939] erspan0: entered promiscuous mode
[  223.129260][ T7939] bridge0: port 3(erspan0) entered blocking state
[  223.133636][ T7939] bridge0: port 3(erspan0) entered forwarding state
[  223.266158][ T7948] netlink: 72 bytes leftover after parsing attributes in process `syz.3.537'.
[  223.276075][   T60] Bluetooth: hci4: Frame reassembly failed (-90)
[  223.296922][ T7941] erspan0: left allmulticast mode
[  223.326983][ T7941] erspan0: left promiscuous mode
[  223.340311][ T7941] bridge0: port 3(erspan0) entered disabled state
[  223.647605][   T29] usb usb40-port1: unable to enumerate USB device
[  224.155296][ T7955] capability: warning: `syz.1.544' uses deprecated v2 capabilities in a way that may be insecure
[  224.822893][   T53] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  224.972506][   T53] usb 6-1: Using ep0 maxpacket: 8
[  225.302599][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout
[  225.302631][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  225.382728][ T7975] netlink: 'syz.0.550': attribute type 4 has an invalid length.
[  225.386671][ T7975] netlink: 12 bytes leftover after parsing attributes in process `syz.0.550'.
[  225.652851][   T53] usb 6-1: unable to get BOS descriptor or descriptor too short
[  225.659102][   T53] usb 6-1: unable to read config index 0 descriptor/start: -71
[  225.661669][   T53] usb 6-1: can't read configurations, error -71
[  226.462557][ T8001] netlink: 28 bytes leftover after parsing attributes in process `syz.2.559'.
[  226.515372][ T8003] 9p: Bad value for 'rfdno'
[  226.522194][ T8004] tmpfs: Unknown parameter 'urquota'
[  226.544906][ T8001] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  226.552178][ T8001] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  226.561539][ T8001] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  226.572537][ T8001] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  227.002473][  T827] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  227.152514][  T827] usb 5-1: Using ep0 maxpacket: 8
[  227.558733][  T827] usb 5-1: unable to get BOS descriptor or descriptor too short
[  227.972712][  T827] usb 5-1: unable to read config index 0 descriptor/start: -71
[  227.977324][  T827] usb 5-1: can't read configurations, error -71
[  228.330166][ T8059] netlink: 28 bytes leftover after parsing attributes in process `syz.3.575'.
[  228.410476][ T8063] tmpfs: Unknown parameter 'urquota'
[  228.473234][ T8059] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  228.475320][ T8059] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.477401][ T8059] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  228.479505][ T8059] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  228.558247][   T29] psmouse serio2: Failed to reset mouse on : -5
[  228.862524][  T827] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  229.012539][  T827] usb 5-1: Using ep0 maxpacket: 8
[  229.200539][  T827] usb 5-1: unable to get BOS descriptor or descriptor too short
[  229.205524][  T827] usb 5-1: unable to read config index 0 descriptor/start: -71
[  229.209269][  T827] usb 5-1: can't read configurations, error -71
[  229.212071][  T827] usb usb5-port1: attempt power cycle
[  230.502597][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  230.502696][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  230.505384][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  230.507080][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  230.703341][ T8103] netlink: 28 bytes leftover after parsing attributes in process `syz.3.588'.
[  230.763240][ T8104] tmpfs: Unknown parameter 'urquota'
[  230.971255][ T8103] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  230.976339][ T8103] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  230.984465][ T8103] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  230.992774][ T8103] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  231.582013][ T8112] delete_channel: no stack
[  231.872647][ T6058] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  232.084848][ T6058] usb 8-1: Using ep0 maxpacket: 8
[  232.099405][ T8121] netlink: 4 bytes leftover after parsing attributes in process `syz.2.593'.
[  232.355331][ T6058] usb 8-1: unable to get BOS descriptor or descriptor too short
[  232.361459][ T6058] usb 8-1: unable to read config index 0 descriptor/start: -71
[  232.364092][ T6058] usb 8-1: can't read configurations, error -71
[  232.780503][ T6143] usb 7-1: new low-speed USB device number 24 using dummy_hcd
[  232.922756][ T6143] usb 7-1: device descriptor read/64, error -71
[  232.982835][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  232.985263][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout
[  233.062812][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  233.065450][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[  233.172842][ T6143] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[  233.202563][   T29] misc userio: Buffer overflowed, userio client isn't keeping up
[  233.302723][ T6143] usb 7-1: device descriptor read/64, error -71
[  233.335940][ T8141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.599'.
[  233.412784][ T6143] usb usb7-port1: attempt power cycle
[  233.632703][ T3248] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  233.762726][ T3248] usb 5-1: device descriptor read/64, error -71
[  233.765387][ T6143] usb 7-1: new low-speed USB device number 26 using dummy_hcd
[  233.785015][ T6143] usb 7-1: device descriptor read/8, error -71
[  233.810631][ T8147] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.905431][ T8147] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.980559][ T8147] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.002587][ T3248] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  234.022703][ T6143] usb 7-1: new low-speed USB device number 27 using dummy_hcd
[  234.050725][ T6143] usb 7-1: device descriptor read/8, error -71
[  234.054087][ T8147] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.132534][ T3248] usb 5-1: device descriptor read/64, error -71
[  234.162767][ T6143] usb usb7-port1: unable to enumerate USB device
[  234.178370][ T1148] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.186842][  T215] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.194359][ T1148] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.201151][ T1148] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.242867][ T3248] usb usb5-port1: attempt power cycle
[  234.269179][   T29] input: PS/2 Generic Mouse as /devices/serio2/input/input11
[  234.284528][ T8150] fuse: Bad value for 'fd'
[  234.482659][   T29] psmouse serio2: Failed to enable mouse on 
[  234.528981][ T8154] netlink: 'syz.3.604': attribute type 12 has an invalid length.
[  234.593297][ T3248] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  234.733509][ T3248] usb 5-1: device descriptor read/8, error -71
[  234.982697][ T3248] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  235.003152][ T3248] usb 5-1: device descriptor read/8, error -71
[  235.113183][ T3248] usb usb5-port1: unable to enumerate USB device
[  235.297070][ T5956] Bluetooth: hci4: sending frame failed (-49)
[  235.304550][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-49)
[  235.530127][ T8172] netlink: 28 bytes leftover after parsing attributes in process `syz.3.610'.
[  235.589488][ T8173] tmpfs: Unknown parameter 'urquota'
[  235.648442][ T8172] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  235.652244][ T8172] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  235.662663][ T8172] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  235.667962][ T8172] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  236.513030][ T8177] mkiss: ax0: crc mode is auto.
[  236.692654][   T10] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  236.914880][   T10] usb 8-1: Using ep0 maxpacket: 8
[  237.294612][   T10] usb 8-1: unable to get BOS descriptor or descriptor too short
[  237.581702][ T8208] trusted_key: encrypted_key: insufficient parameters specified
[  237.632670][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout
[  237.646766][   T10] usb 8-1: unable to read config index 0 descriptor/start: -71
[  237.649124][   T10] usb 8-1: can't read configurations, error -71
[  237.702545][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  237.703462][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  237.703493][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  237.717789][ T8212] netlink: 'syz.3.623': attribute type 4 has an invalid length.
[  237.838743][ T8216] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  237.932966][ T8220] netlink: 20 bytes leftover after parsing attributes in process `syz.3.626'.
[  238.276609][ T8235] netlink: 28 bytes leftover after parsing attributes in process `syz.1.631'.
[  238.333424][ T8238] tmpfs: Unknown parameter 'urquota'
[  238.391297][ T8235] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  238.393525][ T8235] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  238.395423][ T8235] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  238.397759][ T8235] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  238.460915][ T8246] netlink: 56 bytes leftover after parsing attributes in process `syz.3.634'.
[  238.579450][ T8253] netlink: 12 bytes leftover after parsing attributes in process `syz.3.636'.
[  238.616546][ T8250] x_tables: duplicate underflow at hook 1
[  238.745353][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  239.058913][ T8272] input: syz1 as /devices/virtual/input/input12
[  239.449565][ T8282] process 'syz.1.645' launched './file0' with NULL argv: empty string added
[  239.623638][ T8250] syz.0.632 (8250) used greatest stack depth: 18952 bytes left
[  239.674836][ T8286] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  239.677313][ T8286] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  239.679945][ T8286] vhci_hcd vhci_hcd.0: Device attached
[  239.815077][ T8292] FAULT_INJECTION: forcing a failure.
[  239.815077][ T8292] name failslab, interval 1, probability 0, space 0, times 0
[  239.819169][ T8292] CPU: 3 UID: 0 PID: 8292 Comm: syz.3.649 Not tainted syzkaller #0 PREEMPT(full) 
[  239.819187][ T8292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  239.819194][ T8292] Call Trace:
[  239.819199][ T8292]  <TASK>
[  239.819205][ T8292]  dump_stack_lvl+0x100/0x190
[  239.819222][ T8292]  should_fail_ex.cold+0x5/0xa
[  239.819237][ T8292]  should_failslab+0xc2/0x120
[  239.819248][ T8292]  __kmalloc_cache_noprof+0x7a/0x6f0
[  239.819263][ T8292]  ? dev_ethtool+0x1a9/0x5d80
[  239.819285][ T8292]  dev_ethtool+0x1a9/0x5d80
[  239.819302][ T8292]  ? tomoyo_path_number_perm+0x46d/0x580
[  239.819319][ T8292]  ? stack_trace_save+0x8e/0xc0
[  239.819334][ T8292]  ? __pfx_stack_trace_save+0x10/0x10
[  239.819349][ T8292]  ? stack_depot_save_flags+0x27/0x9d0
[  239.819367][ T8292]  ? __lock_acquire+0x4a5/0x2630
[  239.819385][ T8292]  ? __pfx_dev_ethtool+0x10/0x10
[  239.819401][ T8292]  ? tomoyo_path_number_perm+0x46d/0x580
[  239.819416][ T8292]  ? kasan_save_stack+0x3f/0x50
[  239.819432][ T8292]  ? kasan_save_stack+0x30/0x50
[  239.819448][ T8292]  ? kasan_save_track+0x14/0x30
[  239.819463][ T8292]  ? kasan_save_free_info+0x3b/0x70
[  239.819476][ T8292]  ? __kasan_slab_free+0x5f/0x80
[  239.819492][ T8292]  ? kfree+0x223/0x6c0
[  239.819504][ T8292]  ? tomoyo_path_number_perm+0x46d/0x580
[  239.819519][ T8292]  ? security_file_ioctl_compat+0xd3/0x230
[  239.819536][ T8292]  ? __ia32_compat_sys_ioctl+0xc2/0x360
[  239.819551][ T8292]  ? __do_fast_syscall_32+0xe7/0x950
[  239.819569][ T8292]  ? do_fast_syscall_32+0x32/0x70
[  239.819585][ T8292]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.819612][ T8292]  ? look_up_lock_class+0x55/0x120
[  239.819629][ T8292]  ? register_lock_class+0x40/0x560
[  239.819646][ T8292]  ? register_lock_class+0x40/0x560
[  239.819663][ T8292]  ? kasan_quarantine_put+0x104/0x240
[  239.819695][ T8292]  ? __lock_acquire+0x4a5/0x2630
[  239.819714][ T8292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  239.819735][ T8292]  ? find_held_lock+0x2b/0x80
[  239.819748][ T8292]  ? dev_load+0x8e/0x240
[  239.819765][ T8292]  ? dev_load+0x8e/0x240
[  239.819784][ T8292]  dev_ioctl+0x63b/0x1070
[  239.819802][ T8292]  compat_sock_ioctl+0x4f9/0x760
[  239.819819][ T8292]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  239.819834][ T8292]  ? hook_file_ioctl_common+0x149/0x410
[  239.819857][ T8292]  ? __fget_files+0x21f/0x3d0
[  239.819876][ T8292]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  239.819892][ T8292]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  239.819910][ T8292]  __do_fast_syscall_32+0xe7/0x950
[  239.819927][ T8292]  ? lockdep_hardirqs_on+0x78/0x100
[  239.819944][ T8292]  do_fast_syscall_32+0x32/0x70
[  239.819962][ T8292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.819976][ T8292] RIP: 0023:0xf7f07fcc
[  239.819987][ T8292] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  239.819998][ T8292] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  239.820010][ T8292] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  239.820017][ T8292] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  239.820023][ T8292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  239.820030][ T8292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  239.820036][ T8292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.820049][ T8292]  </TASK>
[  239.932478][   T53] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  240.130025][ T8297] netlink: 28 bytes leftover after parsing attributes in process `syz.3.651'.
[  240.204873][ T8298] tmpfs: Unknown parameter 'urquota'
[  240.268379][ T8297] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  240.272468][ T8287] vhci_hcd: connection reset by peer
[  240.276791][   T13] vhci_hcd vhci_hcd.2: stop threads
[  240.278733][ T8297] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  240.280797][   T13] vhci_hcd vhci_hcd.2: release socket
[  240.282878][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  240.284725][ T8297] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  240.287390][ T8297] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  240.542896][   T10] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  240.642685][ T3248] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  240.692707][   T10] usb 6-1: Using ep0 maxpacket: 8
[  240.792702][ T3248] usb 5-1: Using ep0 maxpacket: 8
[  240.884183][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  240.890799][   T10] usb 6-1: unable to read config index 0 descriptor/start: -71
[  240.893452][   T10] usb 6-1: can't read configurations, error -71
[  241.050969][ T3248] usb 5-1: unable to get BOS descriptor or descriptor too short
[  241.066077][ T3248] usb 5-1: unable to read config index 0 descriptor/start: -71
[  241.070183][ T3248] usb 5-1: can't read configurations, error -71
[  241.091780][   T13] Bluetooth: hci4: Frame reassembly failed (-90)
[  241.186564][ T6160] Bluetooth: hci5: Frame reassembly failed (-84)
[  241.747875][ T8326] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  241.753456][ T8326] block device autoloading is deprecated and will be removed.
[  241.967120][ T8328] syzkaller0: entered promiscuous mode
[  241.969535][ T8328] syzkaller0: entered allmulticast mode
[  242.087834][   T10] usb 6-1: new low-speed USB device number 41 using dummy_hcd
[  242.233111][   T10] usb 6-1: device descriptor read/64, error -71
[  242.266671][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout
[  242.343024][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  242.343937][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  242.345062][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  242.472816][   T10] usb 6-1: new low-speed USB device number 42 using dummy_hcd
[  242.608323][   T10] usb 6-1: device descriptor read/64, error -71
[  242.723317][   T10] usb usb6-port1: attempt power cycle
[  243.076789][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  243.078898][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  243.101792][   T10] usb 6-1: new low-speed USB device number 43 using dummy_hcd
[  243.113536][   T10] usb 6-1: device descriptor read/8, error -71
[  243.232212][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  243.236937][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  243.350696][ T8334] netlink: 28 bytes leftover after parsing attributes in process `syz.3.665'.
[  243.382501][   T10] usb 6-1: new low-speed USB device number 44 using dummy_hcd
[  243.404984][   T10] usb 6-1: device descriptor read/8, error -71
[  243.459824][ T8338] tmpfs: Unknown parameter 'urquota'
[  243.523428][   T10] usb usb6-port1: unable to enumerate USB device
[  244.093649][ T8335] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  244.095880][ T8335] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  244.098373][ T8335] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  244.101177][ T8335] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  244.452541][   T24] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  244.613056][   T24] usb 5-1: Using ep0 maxpacket: 8
[  244.720976][ T1148] Bluetooth: hci4: Frame reassembly failed (-90)
[  245.661625][   T53] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  245.756968][   T13] Bluetooth: hci5: Frame reassembly failed (-90)
[  246.102472][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  246.104953][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout
[  246.107205][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout
[  246.109198][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout
[  246.588122][ T8372] netlink: 28 bytes leftover after parsing attributes in process `syz.0.676'.
[  246.648198][ T8374] tmpfs: Unknown parameter 'urquota'
[  246.662565][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  246.707395][ T8372] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  246.710180][ T8372] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  246.713247][ T8372] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  246.716143][ T8372] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  246.795197][ T8378] netlink: 76 bytes leftover after parsing attributes in process `syz.1.677'.
[  247.062512][ T5948] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  247.074204][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  247.077705][   T24] usb 5-1: unable to read config index 0 descriptor/start: -71
[  247.080445][   T24] usb 5-1: can't read configurations, error -71
[  247.123529][ T8384] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.679'.
[  247.130172][ T8384] af_packet: tpacket_rcv: packet too big, clamped from 16 to 4294967272. macoff=96
[  247.194574][ T8386] netlink: 'syz.2.680': attribute type 1 has an invalid length.
[  247.216173][ T8386] 8021q: adding VLAN 0 to HW filter on device bond2
[  247.402561][   T53] usb 6-1: new low-speed USB device number 45 using dummy_hcd
[  247.446592][ T8392] netlink: 'syz.0.683': attribute type 10 has an invalid length.
[  247.449426][ T8392] netlink: 224 bytes leftover after parsing attributes in process `syz.0.683'.
[  247.497054][ T8396] netlink: 'syz.0.684': attribute type 4 has an invalid length.
[  247.500257][ T8396] netlink: 17 bytes leftover after parsing attributes in process `syz.0.684'.
[  247.514607][   T34] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  247.542513][   T53] usb 6-1: device descriptor read/64, error -71
[  247.578572][   T60] Bluetooth: hci4: Frame reassembly failed (-90)
[  247.674700][   T34] usb 7-1: Using ep0 maxpacket: 8
[  247.707092][ T1240] Bluetooth: hci5: Frame reassembly failed (-90)
[  248.204989][   T53] usb 6-1: new low-speed USB device number 46 using dummy_hcd
[  248.297163][   T34] usb 7-1: unable to get BOS descriptor or descriptor too short
[  248.312413][   T34] usb 7-1: unable to read config index 0 descriptor/start: -71
[  248.315312][   T34] usb 7-1: can't read configurations, error -71
[  248.673140][ T5299] Bluetooth: hci0: command 0x0c1a tx timeout
[  248.753202][ T5299] Bluetooth: hci3: command 0x0c1a tx timeout
[  248.756257][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  248.758876][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout
[  248.805713][   T53] usb 6-1: device descriptor read/64, error -71
[  249.590740][   T53] usb usb6-port1: attempt power cycle
[  249.627351][ T5956] Bluetooth: hci4: command 0xfc11 tx timeout
[  249.631285][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  249.706456][ T5946] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  249.721982][ T5948] Bluetooth: hci5: command 0xfc11 tx timeout
[  250.625589][ T8418] FAULT_INJECTION: forcing a failure.
[  250.625589][ T8418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.647871][ T8418] CPU: 0 UID: 0 PID: 8418 Comm: syz.0.689 Not tainted syzkaller #0 PREEMPT(full) 
[  250.647890][ T8418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  250.647896][ T8418] Call Trace:
[  250.647901][ T8418]  <TASK>
[  250.647906][ T8418]  dump_stack_lvl+0x100/0x190
[  250.647923][ T8418]  should_fail_ex.cold+0x5/0xa
[  250.647937][ T8418]  save_fsave_header+0x14c/0x2f0
[  250.647955][ T8418]  ? __pfx_save_fsave_header+0x10/0x10
[  250.647976][ T8418]  ? copy_fpstate_to_sigframe+0x2b8/0xb00
[  250.647993][ T8418]  ? rcu_is_watching+0x12/0xc0
[  250.648010][ T8418]  ? copy_fpstate_to_sigframe+0x2b8/0xb00
[  250.648027][ T8418]  ? __local_bh_enable_ip+0x9e/0x120
[  250.648042][ T8418]  copy_fpstate_to_sigframe+0x76a/0xb00
[  250.648061][ T8418]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  250.648073][ T8418]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  250.648093][ T8418]  ? posixtimer_deliver_signal+0x3c3/0x690
[  250.648106][ T8418]  ? x86_task_fpu+0x5f/0x90
[  250.648121][ T8418]  get_sigframe+0x3fb/0x940
[  250.648139][ T8418]  ? __pfx_get_sigframe+0x10/0x10
[  250.648155][ T8418]  ? siginfo_layout+0x156/0x290
[  250.648170][ T8418]  ia32_setup_rt_frame+0xe7/0xaf0
[  250.648184][ T8418]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  250.648195][ T8418]  ? do_raw_spin_unlock+0x145/0x1e0
[  250.648207][ T8418]  ? _raw_spin_unlock+0x28/0x50
[  250.648222][ T8418]  ? user_get_super+0x109/0x1b0
[  250.648241][ T8418]  arch_do_signal_or_restart+0x43f/0x770
[  250.648258][ T8418]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  250.648279][ T8418]  ? rcu_is_watching+0x12/0xc0
[  250.648292][ T8418]  exit_to_user_mode_loop+0x86/0x4a0
[  250.648310][ T8418]  ? __do_fast_syscall_32+0x373/0x950
[  250.648328][ T8418]  __do_fast_syscall_32+0x608/0x950
[  250.648345][ T8418]  ? lockdep_hardirqs_on+0x78/0x100
[  250.648361][ T8418]  do_fast_syscall_32+0x32/0x70
[  250.648378][ T8418]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.648392][ T8418] RIP: 0023:0xf7fb7fcc
[  250.648402][ T8418] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  250.648413][ T8418] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 000000000000003e
[  250.648424][ T8418] RAX: ffffffffffffffea RBX: 0000000000040142 RCX: 0000000000000000
[  250.648431][ T8418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  250.648437][ T8418] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.648443][ T8418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  250.648449][ T8418] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.648462][ T8418]  </TASK>
[  250.795595][ T8430] netlink: 28 bytes leftover after parsing attributes in process `syz.0.692'.
[  250.850962][ T8432] tmpfs: Unknown parameter 'urquota'
[  250.907430][ T8430] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  250.910216][ T8430] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  250.913357][ T8430] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  250.916329][ T8430] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  250.928859][  T215] Bluetooth: hci4: Frame reassembly failed (-84)
[  251.847903][   T46] Bluetooth: hci5: Frame reassembly failed (-84)
[  252.212556][   T24] usb 5-1: new low-speed USB device number 40 using dummy_hcd
[  252.342605][   T24] usb 5-1: device descriptor read/64, error -71
[  252.592626][   T24] usb 5-1: new low-speed USB device number 41 using dummy_hcd
[  252.785482][   T24] usb 5-1: device descriptor read/64, error -71
[  252.824701][ T1148] Bluetooth: hci6: Frame reassembly failed (-90)
[  252.902880][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  252.905463][   T24] usb usb5-port1: attempt power cycle
[  252.984332][ T5299] Bluetooth: hci3: command 0x0c1a tx timeout
[  252.986399][ T5946] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  252.995511][ T5299] Bluetooth: hci2: command 0x0c1a tx timeout
[  253.000082][ T5299] Bluetooth: hci1: command 0x0c1a tx timeout
[  253.002242][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[  253.191513][ T8460] futex_wake_op: syz.3.701 tries to shift op by -1; fix this program
[  253.272939][   T24] usb 5-1: new low-speed USB device number 42 using dummy_hcd
[  253.304481][   T24] usb 5-1: device descriptor read/8, error -71
[  253.552450][   T24] usb 5-1: new low-speed USB device number 43 using dummy_hcd
[  253.573257][   T24] usb 5-1: device descriptor read/8, error -71
[  253.684644][   T24] usb usb5-port1: unable to enumerate USB device
[  253.862525][ T8456] Bluetooth: hci5: command 0xfc11 tx timeout
[  253.862552][ T5948] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  253.996555][ T8472] netlink: 28 bytes leftover after parsing attributes in process `syz.2.704'.
[  254.054499][ T8473] tmpfs: Unknown parameter 'urquota'
[  254.125821][ T8472] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  254.135137][ T8472] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  254.137588][ T8472] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  254.141206][ T8472] ==================================================================
[  254.143819][ T8472] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.147116][ T8472] Read of size 8 at addr ffff888012c77578 by task syz.2.704/8472
[  254.151447][ T8472] 
[  254.152602][ T8472] CPU: 2 UID: 0 PID: 8472 Comm: syz.2.704 Not tainted syzkaller #0 PREEMPT(full) 
[  254.152618][ T8472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  254.152627][ T8472] Call Trace:
[  254.152632][ T8472]  <TASK>
[  254.152637][ T8472]  dump_stack_lvl+0x100/0x190
[  254.152652][ T8472]  print_report+0x13d/0x4b0
[  254.152671][ T8472]  ? __virt_addr_valid+0x239/0x430
[  254.152691][ T8472]  ? __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.152704][ T8472]  kasan_report+0xdf/0x1d0
[  254.152715][ T8472]  ? __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.152729][ T8472]  __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.152742][ T8472]  bt_accept_unlink+0x34/0x2f0
[  254.152760][ T8472]  l2cap_sock_teardown_cb+0x1a3/0x3f0
[  254.152776][ T8472]  l2cap_chan_del+0xbd/0x930
[  254.152790][ T8472]  l2cap_conn_del+0x395/0x710
[  254.152806][ T8472]  l2cap_connect_cfm+0x9bb/0xf80
[  254.152825][ T8472]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  254.152841][ T8472]  ? hci_connect_le_scan_cleanup+0x393/0x6e0
[  254.152859][ T8472]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  254.152874][ T8472]  hci_conn_failed+0x188/0x360
[  254.152886][ T8472]  hci_abort_conn_sync+0x7d9/0xb20
[  254.152901][ T8472]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  254.152914][ T8472]  ? find_held_lock+0x2b/0x80
[  254.152927][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.152941][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.152955][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.152969][ T8472]  hci_disconnect_all_sync.constprop.0.isra.0+0x155/0x430
[  254.152983][ T8472]  ? __pfx_hci_disconnect_all_sync.constprop.0.isra.0+0x10/0x10
[  254.152997][ T8472]  ? __hci_cmd_sync_status_sk+0xe4/0x190
[  254.153010][ T8472]  hci_suspend_sync+0x8b7/0xa70
[  254.153024][ T8472]  ? __pfx_hci_suspend_sync+0x10/0x10
[  254.153037][ T8472]  ? mgmt_pending_find+0x13e/0x1a0
[  254.153054][ T8472]  hci_suspend_dev+0x31d/0x540
[  254.153070][ T8472]  ? __pfx_hci_suspend_dev+0x10/0x10
[  254.153086][ T8472]  ? kobject_get+0xbb/0x150
[  254.153104][ T8472]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  254.153119][ T8472]  hci_suspend_notifier+0x21e/0x330
[  254.153136][ T8472]  notifier_call_chain+0x99/0x400
[  254.153153][ T8472]  blocking_notifier_call_chain_robust+0xc8/0x160
[  254.153170][ T8472]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  254.153189][ T8472]  pm_notifier_call_chain_robust+0x27/0x60
[  254.153207][ T8472]  snapshot_open+0x189/0x2a0
[  254.153222][ T8472]  ? __pfx_snapshot_open+0x10/0x10
[  254.153237][ T8472]  misc_open+0x26d/0x450
[  254.153255][ T8472]  ? __pfx_misc_open+0x10/0x10
[  254.153271][ T8472]  chrdev_open+0x234/0x6a0
[  254.153281][ T8472]  ? __pfx_apparmor_file_open+0x10/0x10
[  254.153295][ T8472]  ? __pfx_chrdev_open+0x10/0x10
[  254.153305][ T8472]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  254.153321][ T8472]  do_dentry_open+0x6d8/0x1660
[  254.153340][ T8472]  ? __pfx_chrdev_open+0x10/0x10
[  254.153351][ T8472]  vfs_open+0x82/0x3f0
[  254.153364][ T8472]  path_openat+0x208c/0x31a0
[  254.153376][ T8472]  ? do_fast_syscall_32+0x32/0x70
[  254.153392][ T8472]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.153407][ T8472]  ? __pfx_path_openat+0x10/0x10
[  254.153419][ T8472]  do_file_open+0x20e/0x430
[  254.153456][ T8472]  ? __pfx_do_file_open+0x10/0x10
[  254.153474][ T8472]  ? _raw_spin_unlock+0x28/0x50
[  254.153490][ T8472]  ? alloc_fd+0x476/0x790
[  254.153503][ T8472]  do_sys_openat2+0x10d/0x1e0
[  254.153518][ T8472]  ? __pfx_do_sys_openat2+0x10/0x10
[  254.153533][ T8472]  ? __sys_sendmsg+0x18f/0x220
[  254.153547][ T8472]  __ia32_compat_sys_openat+0x12d/0x210
[  254.153564][ T8472]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  254.153583][ T8472]  ? rcu_is_watching+0x12/0xc0
[  254.153595][ T8472]  __do_fast_syscall_32+0xe7/0x950
[  254.153613][ T8472]  do_fast_syscall_32+0x32/0x70
[  254.153629][ T8472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.153643][ T8472] RIP: 0023:0xf704efcc
[  254.153654][ T8472] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  254.153665][ T8472] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000127
[  254.153677][ T8472] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000200
[  254.153684][ T8472] RDX: 0000000000000400 RSI: 0000000000000000 RDI: 0000000000000000
[  254.153690][ T8472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.153697][ T8472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.153703][ T8472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.153712][ T8472]  </TASK>
[  254.153716][ T8472] 
[  254.304484][ T8472] Allocated by task 8438:
[  254.305999][ T8472]  kasan_save_stack+0x30/0x50
[  254.307711][ T8472]  kasan_save_track+0x14/0x30
[  254.309319][ T8472]  __kasan_kmalloc+0xaa/0xb0
[  254.310861][ T8472]  __kmalloc_noprof+0x301/0x850
[  254.312425][ T8472]  sk_prot_alloc+0x10b/0x2a0
[  254.313930][ T8472]  sk_alloc+0x36/0xe80
[  254.315238][ T8472]  bt_sock_alloc+0x3b/0x3a0
[  254.316728][ T8472]  l2cap_sock_alloc.constprop.0+0x33/0x1e0
[  254.318686][ T8472]  l2cap_sock_create+0x123/0x210
[  254.320549][ T8472]  bt_sock_create+0x185/0x350
[  254.322466][ T8472]  __sock_create+0x339/0x860
[  254.324266][ T8472]  __sys_socket+0x14d/0x260
[  254.325969][ T8472]  __ia32_sys_socket+0x72/0xb0
[  254.327547][ T8472]  __do_fast_syscall_32+0xe7/0x950
[  254.329192][ T8472]  do_fast_syscall_32+0x32/0x70
[  254.330761][ T8472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.332764][ T8472] 
[  254.333562][ T8472] Freed by task 8437:
[  254.334833][ T8472]  kasan_save_stack+0x30/0x50
[  254.336385][ T8472]  kasan_save_track+0x14/0x30
[  254.337920][ T8472]  kasan_save_free_info+0x3b/0x70
[  254.339486][ T8472]  __kasan_slab_free+0x5f/0x80
[  254.341073][ T8472]  kfree+0x223/0x6c0
[  254.342369][ T8472]  __sk_destruct+0x88c/0xab0
[  254.344049][ T8472]  sk_destruct+0xc8/0xf0
[  254.345835][ T8472]  __sk_free+0xf4/0x3e0
[  254.347649][ T8472]  sk_free+0x61/0x90
[  254.349095][ T8472]  l2cap_sock_kill+0x176/0x310
[  254.350682][ T8472]  l2cap_sock_release+0x1cb/0x280
[  254.352291][ T8472]  __sock_release+0xb3/0x260
[  254.353788][ T8472]  sock_close+0x1c/0x30
[  254.355129][ T8472]  __fput+0x3ff/0xb50
[  254.356460][ T8472]  task_work_run+0x150/0x240
[  254.357975][ T8472]  exit_to_user_mode_loop+0x100/0x4a0
[  254.359580][ T8472]  __do_fast_syscall_32+0x608/0x950
[  254.361240][ T8472]  do_fast_syscall_32+0x32/0x70
[  254.362880][ T8472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.365037][ T8472] 
[  254.365967][ T8472] The buggy address belongs to the object at ffff888012c77000
[  254.365967][ T8472]  which belongs to the cache kmalloc-2k of size 2048
[  254.370895][ T8472] The buggy address is located 1400 bytes inside of
[  254.370895][ T8472]  freed 2048-byte region [ffff888012c77000, ffff888012c77800)
[  254.375242][ T8472] 
[  254.376029][ T8472] The buggy address belongs to the physical page:
[  254.378309][ T8472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c70
[  254.381577][ T8472] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  254.384247][ T8472] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  254.386692][ T8472] page_type: f5(slab)
[  254.388069][ T8472] raw: 00fff00000000040 ffff88801b842f00 dead000000000100 dead000000000122
[  254.390893][ T8472] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  254.394278][ T8472] head: 00fff00000000040 ffff88801b842f00 dead000000000100 dead000000000122
[  254.397363][ T8472] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  254.400172][ T8472] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  254.402940][ T8472] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  254.405719][ T8472] page dumped because: kasan: bad access detected
[  254.407865][ T8472] page_owner tracks the page as allocated
[  254.409857][ T8472] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5947, tgid 5947 (syz-executor), ts 64837139273, free_ts 62523742258
[  254.417270][ T8472]  post_alloc_hook+0x153/0x170
[  254.418960][ T8472]  get_page_from_freelist+0x11a6/0x33b0
[  254.420764][ T8472]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  254.422727][ T8472]  new_slab+0xa6/0x6c0
[  254.424220][ T8472]  refill_objects+0x277/0x420
[  254.426149][ T8472]  __pcs_replace_empty_main+0x375/0x650
[  254.428228][ T8472]  __kmalloc_node_track_caller_noprof+0x694/0x850
[  254.430359][ T8472]  kmalloc_reserve+0xe8/0x350
[  254.431888][ T8472]  pskb_expand_head+0x249/0x10e0
[  254.433501][ T8472]  netlink_trim+0x22d/0x2f0
[  254.434978][ T8472]  netlink_broadcast_filtered+0x69/0xe90
[  254.436817][ T8472]  nlmsg_notify+0xb1/0x290
[  254.438266][ T8472]  rtnetlink_event+0x1b3/0x1f0
[  254.439851][ T8472]  notifier_call_chain+0x99/0x400
[  254.441557][ T8472]  call_netdevice_notifiers_info+0xbe/0x110
[  254.443839][ T8472]  netif_change_name+0x4d9/0x830
[  254.445738][ T8472] page last free pid 108 tgid 108 stack trace:
[  254.447786][ T8472]  free_unref_folios+0xa0d/0x16f0
[  254.449383][ T8472]  shrink_folio_list+0x2f3d/0x6000
[  254.451038][ T8472]  evict_folios+0x7c9/0x1dd0
[  254.452528][ T8472]  try_to_shrink_lruvec+0x57e/0x990
[  254.454207][ T8472]  shrink_one+0x307/0x7f0
[  254.455604][ T8472]  shrink_node+0x2673/0x3dc0
[  254.457222][ T8472]  balance_pgdat+0xaaf/0x1ac0
[  254.458908][ T8472]  kswapd+0x557/0xb60
[  254.460342][ T8472]  kthread+0x370/0x450
[  254.461786][ T8472]  ret_from_fork+0x72b/0xd50
[  254.463315][ T8472]  ret_from_fork_asm+0x1a/0x30
[  254.464864][ T8472] 
[  254.465675][ T8472] Memory state around the buggy address:
[  254.467488][ T8472]  ffff888012c77400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  254.470102][ T8472]  ffff888012c77480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  254.473028][ T8472] >ffff888012c77500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  254.475752][ T8472]                                                                 ^
[  254.478315][ T8472]  ffff888012c77580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  254.480865][ T8472]  ffff888012c77600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  254.483422][ T8472] ==================================================================
[  254.495543][ T8472] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  254.497955][ T8472] CPU: 2 UID: 0 PID: 8472 Comm: syz.2.704 Not tainted syzkaller #0 PREEMPT(full) 
[  254.500848][ T8472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  254.504307][ T8472] Call Trace:
[  254.505724][ T8472]  <TASK>
[  254.506807][ T8472]  dump_stack_lvl+0x100/0x190
[  254.508506][ T8472]  vpanic+0x552/0x970
[  254.509797][ T8472]  ? __pfx_vpanic+0x10/0x10
[  254.511266][ T8472]  ? __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.513320][ T8472]  panic+0xd1/0xe0
[  254.514582][ T8472]  ? __pfx_panic+0x10/0x10
[  254.516237][ T8472]  ? __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.518742][ T8472]  ? preempt_schedule_common+0x42/0xc0
[  254.520667][ T8472]  check_panic_on_warn.cold+0x19/0x34
[  254.522388][ T8472]  end_report.part.0+0x3a/0x90
[  254.523961][ T8472]  kasan_report.cold+0xe/0x18
[  254.525506][ T8472]  ? __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.527598][ T8472]  __list_del_entry_valid_or_report+0x1b1/0x1d0
[  254.529615][ T8472]  bt_accept_unlink+0x34/0x2f0
[  254.531314][ T8472]  l2cap_sock_teardown_cb+0x1a3/0x3f0
[  254.533258][ T8472]  l2cap_chan_del+0xbd/0x930
[  254.535105][ T8472]  l2cap_conn_del+0x395/0x710
[  254.536812][ T8472]  l2cap_connect_cfm+0x9bb/0xf80
[  254.538450][ T8472]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  254.540203][ T8472]  ? hci_connect_le_scan_cleanup+0x393/0x6e0
[  254.542142][ T8472]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  254.543900][ T8472]  hci_conn_failed+0x188/0x360
[  254.545467][ T8472]  hci_abort_conn_sync+0x7d9/0xb20
[  254.547334][ T8472]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  254.549507][ T8472]  ? find_held_lock+0x2b/0x80
[  254.551249][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.553593][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.555885][ T8472]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  254.558214][ T8472]  hci_disconnect_all_sync.constprop.0.isra.0+0x155/0x430
[  254.560502][ T8472]  ? __pfx_hci_disconnect_all_sync.constprop.0.isra.0+0x10/0x10
[  254.563171][ T8472]  ? __hci_cmd_sync_status_sk+0xe4/0x190
[  254.565190][ T8472]  hci_suspend_sync+0x8b7/0xa70
[  254.566936][ T8472]  ? __pfx_hci_suspend_sync+0x10/0x10
[  254.568688][ T8472]  ? mgmt_pending_find+0x13e/0x1a0
[  254.570340][ T8472]  hci_suspend_dev+0x31d/0x540
[  254.571881][ T8472]  ? __pfx_hci_suspend_dev+0x10/0x10
[  254.573584][ T8472]  ? kobject_get+0xbb/0x150
[  254.575066][ T8472]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  254.577161][ T8472]  hci_suspend_notifier+0x21e/0x330
[  254.579178][ T8472]  notifier_call_chain+0x99/0x400
[  254.581018][ T8472]  blocking_notifier_call_chain_robust+0xc8/0x160
[  254.583109][ T8472]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  254.585397][ T8472]  pm_notifier_call_chain_robust+0x27/0x60
[  254.587317][ T8472]  snapshot_open+0x189/0x2a0
[  254.588871][ T8472]  ? __pfx_snapshot_open+0x10/0x10
[  254.590662][ T8472]  misc_open+0x26d/0x450
[  254.592210][ T8472]  ? __pfx_misc_open+0x10/0x10
[  254.593947][ T8472]  chrdev_open+0x234/0x6a0
[  254.595516][ T8472]  ? __pfx_apparmor_file_open+0x10/0x10
[  254.597444][ T8472]  ? __pfx_chrdev_open+0x10/0x10
[  254.599038][ T8472]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  254.601055][ T8472]  do_dentry_open+0x6d8/0x1660
[  254.602616][ T8472]  ? __pfx_chrdev_open+0x10/0x10
[  254.604217][ T8472]  vfs_open+0x82/0x3f0
[  254.605658][ T8472]  path_openat+0x208c/0x31a0
[  254.607325][ T8472]  ? do_fast_syscall_32+0x32/0x70
[  254.609008][ T8472]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.611089][ T8472]  ? __pfx_path_openat+0x10/0x10
[  254.612682][ T8472]  do_file_open+0x20e/0x430
[  254.614153][ T8472]  ? __pfx_do_file_open+0x10/0x10
[  254.615769][ T8472]  ? _raw_spin_unlock+0x28/0x50
[  254.617365][ T8472]  ? alloc_fd+0x476/0x790
[  254.618802][ T8472]  do_sys_openat2+0x10d/0x1e0
[  254.620329][ T8472]  ? __pfx_do_sys_openat2+0x10/0x10
[  254.622038][ T8472]  ? __sys_sendmsg+0x18f/0x220
[  254.623662][ T8472]  __ia32_compat_sys_openat+0x12d/0x210
[  254.625618][ T8472]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  254.627757][ T8472]  ? rcu_is_watching+0x12/0xc0
[  254.629385][ T8472]  __do_fast_syscall_32+0xe7/0x950
[  254.631067][ T8472]  do_fast_syscall_32+0x32/0x70
[  254.632643][ T8472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.634668][ T8472] RIP: 0023:0xf704efcc
[  254.636029][ T8472] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  254.642673][ T8472] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000127
[  254.645316][ T8472] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000200
[  254.647871][ T8472] RDX: 0000000000000400 RSI: 0000000000000000 RDI: 0000000000000000
[  254.650395][ T8472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.652916][ T8472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.655606][ T8472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.658252][ T8472]  </TASK>
[  254.660068][ T8472] Kernel Offset: disabled
[  254.661499][ T8472] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:46:29  Registers:
info registers vcpu 0

CPU#0
RAX=00000000005a0d3d RBX=ffffffff8e4955c0 RCX=ffffffff8b916045 RDX=0000000000000000
RSI=ffffffff8df42222 RDI=ffffffff8c1b7c60 RBP=0000000000000000 RSP=ffffffff8e407e00
R8 =0000000000000001 R9 =ffffed10056467ad R10=ffff88802b233d6b R11=0000000000000000
R12=0000000000000000 R13=fffffbfff1c92ab8 R14=0000000000000000 R15=ffffffff90dbaa10
RIP=ffffffff8b91487f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809710a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53faff4 CR3=000000004b4b4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffed100e146e90 RBX=ffffed100e147000 RCX=ffffffff84f1e731 RDX=ffffed100e147000
RSI=0000000000001000 RDI=ffff888070a37000 RBP=ffffed100e146e00 RSP=ffffc90002e0ed00
R8 =0000000000000000 R9 =ffffed100e146fff R10=ffff888070a37fff R11=0000000000000040
R12=ffff888056801000 R13=0000000000000000 R14=0000000000001000 R15=dffffc0000000000
RIP=ffffffff8273e440 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809720a000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f541c5fc CR3=000000004c723000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85774b65 RDI=ffffffff9b4cf360 RBP=ffffffff9b4cf320 RSP=ffffc90002e3ec08
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000032 R14=0000000000000010 R15=ffffffff85774b00
RIP=ffffffff85774b8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809730a000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53fbda4 CR3=00000000490c2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888024f4a500 RCX=ffffffff81aa0260 RDX=1ffff110049e97cc
RSI=ffffffff81aa1c25 RDI=00000000f53c6b40 RBP=ffff888029f18000 RSP=ffffc90002e6f828
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000063 R13=0000000000000000 R14=ffff888029f19956 R15=ffff888029f19954
RIP=ffffffff8b90f889 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 00000000f53c6b40 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080001000 CR3=0000000074136000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000