last executing test programs:

15.173407024s ago: executing program 0 (id=587):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
munlockall()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r3 = dup(r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup(r3, &(0x7f0000000300)='syz1\x00', 0x1ff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit={0x95, 0x0, 0x7b00}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r6, 0x0, 0x3, &(0x7f0000001140)=""/4086, &(0x7f0000000180)=0xff6)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup, 0xffffffffffffffff, 0x11, 0x1, r5}, 0x20)
socket$kcm(0x10, 0x400000002, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c)
ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
socket$nl_generic(0x10, 0x3, 0x10)

14.807692186s ago: executing program 0 (id=590):
r0 = socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0xfffffffffffffffe, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000000)={0xfff}, 0x10)
write(r4, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001800000327bd7000fedbdf251c202081fe040008002000001400120018ff03000000000000fadcd15a671a723757054c3136f1ff2d5b6eced46c080001000000000008000100000f0000"], 0x40}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES16=r0], 0x48)
syz_emit_ethernet(0x4e, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffffffffffffff7f00180600fc010000000000000000000000000002fe8000002200000000000000000000aa00004001", @ANYRESOCT=r5, @ANYRESOCT=r5, @ANYBLOB="020102000000000000000000"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
r6 = socket(0x400000000010, 0x3, 0x0)
write(r6, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c1e0309000800a000", 0x33a)

13.971405765s ago: executing program 2 (id=593):
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd1, 0x0, 0x0)
ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getpeername(r0, 0x0, &(0x7f0000001440))
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000000)="00a69c", 0x3}], 0x1}}], 0x1, 0x11)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x3b, 0x5a, 0x3d, 0x40, 0x1de1, 0xc102, 0x56c3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xc0, 0xc, 0x40, 0xe, [{{0x9, 0x4, 0xa2, 0x5, 0x0, 0xb1, 0x5, 0xc, 0x14}}]}}]}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000280)={0x3000, 0x34000, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x6000, 0x2000, 0x1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
socket$packet(0x11, 0x3, 0x300)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000300)={'syzkaller1\x00', 0xc201})
r7 = add_key$user(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x1}, &(0x7f00000001c0)="91a43158502202bafcc1bfa0ad71816f95fe1aee4cef4d5c6ff2e81d5bf3b7c202fadda3938efd9295986940c93850bc1cd63debf7229258b593", 0x3a, 0xfffffffffffffff9)
r8 = syz_open_dev$vcsa(&(0x7f0000000240), 0x7, 0x2)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r8, 0xc6)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)

13.884101728s ago: executing program 0 (id=595):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10)

13.804664505s ago: executing program 0 (id=596):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000240)={{0x7f, 0x13}, {0xffffffffffffffff, 0x3ff}, 0xe9e27616, 0x3})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
mkdirat(0xffffffffffffffff, &(0x7f0000000480)='./file0\x00', 0xd4)
syz_open_dev$MSR(0x0, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = epoll_create1(0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newlink={0x4c, 0x10, 0x503, 0x70bd2c, 0x900, {0x0, 0x0, 0x0, 0x0, 0x20208}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}, @IFLA_BROADCAST={0xa, 0x2, @multicast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
openat$audio1(0xffffff9c, &(0x7f0000000580), 0x2, 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x1c, r9, 0x1, 0x70bd24, 0x25dfdbff}, 0x1c}}, 0x0)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x7, 0xcce, 0x100000}, 0x1c)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000000c0)={0x1})
r10 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x1, 0x3, 0x397, 0x0, r4}, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_enter(r10, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r11 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000800)=@newqdisc={0x64, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3, 0x1}}, {0x5a, 0x2, [0x2000]}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x3}, 0x20004004)
syz_io_uring_setup(0x79a5, &(0x7f00000004c0)={0x0, 0xc2db, 0x2000, 0x3, 0xd0, 0x0, r10}, &(0x7f00000000c0), &(0x7f0000000140))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

13.554205322s ago: executing program 0 (id=597):
r0 = syz_io_uring_setup(0x9eb, &(0x7f0000000140)={0x0, 0xfad6, 0x0, 0x0, 0x116}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)

12.744246794s ago: executing program 2 (id=600):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_IO_FLUSHER(0x34, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7fff, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000240)={0x0, 0x89b8, 0x8, 0x0, 0x133}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000), 0x0, 0x12})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

11.441589185s ago: executing program 2 (id=604):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10)

11.441042762s ago: executing program 2 (id=605):
r0 = socket$inet6(0xa, 0xa, 0x400000)
connect$inet6(r0, 0x0, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0x2405c844)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000b40)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7540656b720260000000000008062d77e84cef4a2ab938f65aac33c4d6a0de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6fc3f75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba36efb1fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x85, 0x0, 0xfe, 0xd2, 0x0, 0x5f, 0xff, 0x0, 0xa6, 0x4, 0xff, 0x0, 0xf7fffffffffffdfc}, {0xfffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x4, 0xff, 0x2, 0x0, 0x800000000000000}, {0x2, 0x33, 0x0, 0x0, 0xac, 0x5, 0x14, 0x9, 0x5}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x1000000000, 0x2004cb, 0x1, 0xfffffffffffffffe, 0x3, 0x0, 0xff, 0x0, 0x4, 0x2, 0x1ffc], 0x80a0000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

9.843629613s ago: executing program 2 (id=608):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
munlockall()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r3 = dup(r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup(r3, &(0x7f0000000300)='syz1\x00', 0x1ff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit={0x95, 0x0, 0x7b00}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r6, 0x0, 0x3, &(0x7f0000001140)=""/4086, &(0x7f0000000180)=0xff6)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup, 0xffffffffffffffff, 0x11, 0x1, r5}, 0x20)
socket$kcm(0x10, 0x400000002, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140))
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c)
ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
socket$nl_generic(0x10, 0x3, 0x10)

9.438284291s ago: executing program 3 (id=609):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r2 = syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r3}})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r4 = getpid()
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMGET(r5, 0x541e, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)

8.471631211s ago: executing program 3 (id=611):
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a000000", 0x14)
syz_emit_ethernet(0x4e, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffffffffffffff7f00180600fc010000000000000000000000000002fe8000002200000000000000000000aa00004001", @ANYRESOCT, @ANYRESOCT, @ANYBLOB="0201020000000000000000"], 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
r3 = socket(0x400000000010, 0x3, 0x0)
write(r3, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c1e0309000800a000", 0x33a)

7.522511736s ago: executing program 3 (id=613):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10)

7.522115797s ago: executing program 3 (id=614):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x78, 0x1, [@m_ct={0x2c, 0xe, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SET_IO_FLUSHER(0x34, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7fff, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000240)={0x0, 0x89b8, 0x8, 0x0, 0x133}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000), 0x0, 0x12})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

6.831540799s ago: executing program 1 (id=616):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SET_IO_FLUSHER(0x34, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7fff, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000240)={0x0, 0x89b8, 0x8, 0x0, 0x133}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000), 0x0, 0x12})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

6.135419548s ago: executing program 3 (id=617):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r2 = syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r3}})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r4 = getpid()
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMGET(r5, 0x541e, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)

5.842840635s ago: executing program 1 (id=618):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000e40), 0x194, 0x2)
ioctl$vim2m_VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000e80))
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000180)={r3, @in={{0x2, 0x4e20, @empty}}, 0xd9d, 0x1}, &(0x7f0000000040)=0x90)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x2b00, 0xfffc, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000400)={r3, 0x10, "7efb182daac9244ca53ddee4ecd91198"}, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, 0xffffffffffffffff, 0x2, 0x0)
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f0000000600)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece", 0x4f}], 0x3, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x0)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
recvfrom$inet6(r8, &(0x7f0000000680)=""/254, 0xfe, 0x0, 0x0, 0x0)
read$char_usb(r6, &(0x7f0000000000)=""/73, 0x49)
write$char_usb(r6, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0), 0x2, 0x1}}, 0x20)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
ioctl$CDROMRESET(0xffffffffffffffff, 0x5312)
close_range(r9, 0xffffffffffffffff, 0x0)

5.332252322s ago: executing program 0 (id=597):
r0 = syz_io_uring_setup(0x9eb, &(0x7f0000000140)={0x0, 0xfad6, 0x0, 0x0, 0x116}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)

2.794149204s ago: executing program 1 (id=619):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r2 = syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r3}})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r4 = getpid()
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMGET(r5, 0x541e, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)

1.893299858s ago: executing program 1 (id=620):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa02, 0x870, 0x1, 0x2, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x8, 0x2800, 0x6, 0x2, 0xba2, 0x5, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000180)={0x60000000})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = accept4$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000080)=0x10, 0x0)
bind$llc(r5, &(0x7f0000000140)={0x1a, 0x1, 0xb, 0x6, 0x0, 0x7, @remote}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x84}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}]}, @NFT_MSG_NEWSETELEM={0x20, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10}}, 0xa4}}, 0x0)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x11a023})

1.882546982s ago: executing program 2 (id=608):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
munlockall()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r3 = dup(r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup(r3, &(0x7f0000000300)='syz1\x00', 0x1ff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit={0x95, 0x0, 0x7b00}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r6, 0x0, 0x3, &(0x7f0000001140)=""/4086, &(0x7f0000000180)=0xff6)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup, 0xffffffffffffffff, 0x11, 0x1, r5}, 0x20)
socket$kcm(0x10, 0x400000002, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140))
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c)
ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
socket$nl_generic(0x10, 0x3, 0x10)

1.744407461s ago: executing program 1 (id=621):
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a000000", 0x14)
syz_emit_ethernet(0x4e, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffffffffffffff7f00180600fc010000000000000000000000000002fe8000002200000000000000000000aa00004001", @ANYRESOCT, @ANYBLOB="020102000000000000000000"], 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
r3 = socket(0x400000000010, 0x3, 0x0)
write(r3, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c1e0309000800a000", 0x33a)

821.651743ms ago: executing program 1 (id=622):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, 0x0, 0x0)
sendmsg$inet6(r0, 0x0, 0x40c0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
mkdir(&(0x7f0000000000)='./file3\x00', 0x3)
mount$cgroup(0x0, &(0x7f0000000140)='./file3\x00', &(0x7f0000000180), 0x1000000, &(0x7f0000000340)={[{@name={'name', 0x3d, 'S\xd7\xaa\xe0\x83H\xbbQ\xf0|\x1c\xcfj\x9d\x88\xa31B\x1e\xc33\t\x8f\x81\x12\xa1\xf3\xcd\xc4|\xbbq\x04\x06\xfda\tW\x99;+\xea\xdd\xb4n\x13\n\xd1\x84nT\xf4\xef\xb6\xde\xfa\xd8K#\x02-\xc2R\x9a\xc6\x8e\xc5\xc2\b\x97\x98\xb9\xa7\xc9\xb0\xdaz\xfb)\x96WDKaJ\x96\a\x0em\x95\x86/\x89\x9dS4\x958ko\x82\"\xbf\xcdt#n\x89S\xe6\xe8\xfc\xf3\x18j\xb8\xfa\xbf\x02\xd1\xc2\xd7\x1e\xd4_\x0e\xc0x\xed\xae\xa0n\xd3q\x96\x8bN\xee\xa9\xc6M\xd8V\xe6\x9b\no\xe6?\x03\x88\x86\xbdF\xe9m\x03%\xf8!\xe3\xdd\xe6\x9e:\x9c\x05\xa1\xa8\x9a\x02\xaaJ\x8b\xfblY\xd2\x00\xfb[D\x93?\x91\xa7\xa4\xf9\xbe8\x018G{z{.`\xb5qR\xbf\xc8\f\x14\xc6M\xcdW\x86!\xa7\xb5\xc5y\xf5*#di?,\xd3\xfb\xbc\xca\xae\xe7_\x8d\x85\xae\xfa(\xd8\xb9\xf8?\xd7\x9a\x10\x9dn\xfd\xa1\vr[#7\x80\xf3?Q\xb6[N:h\xe8\a\xd4*\x05\xa3a\xab\xdbh\xd5\x1a\xbb\xd7L\awKMFK\f\xe4\tQ\x1f[N\xe6\xc8\xb4\xb2\'9\xb0\xf7\xd7\xda\xb69t\x8e\x9b\x96\x8e\x0e\xd14\x04Y\xc4\x8b\x18GV\x8e\xf1\xc9\xe5'}}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r1, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0xfffffffc)
sendmsg$NFT_MSG_GETOBJ_RESET(r2, 0x0, 0x4004)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/anycast6\x00')
ioctl$int_out(r3, 0x5460, &(0x7f0000000340))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@ipv6_newnexthop={0x30, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_GATEWAY={0x14, 0x6, @ip4=@empty}]}, 0x30}}, 0x0)

0s ago: executing program 3 (id=617):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r2 = syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r3}})
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r4 = getpid()
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMGET(r5, 0x541e, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)

kernel console output (not intermixed with test programs):

ce 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   65.275788][ T6000] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   65.280193][ T6000] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   65.282818][ T6000] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   65.286055][ T6000] usb 5-1: Product: syz
[   65.287598][ T6000] usb 5-1: Manufacturer: syz
[   65.301754][ T6000] cdc_wdm 5-1:1.0: skipping garbage
[   65.303743][ T6000] cdc_wdm 5-1:1.0: skipping garbage
[   65.307506][ T6000] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   65.309285][ T6000] cdc_wdm 5-1:1.0: Unknown control protocol
[   65.414952][ T6298] cgroup: Name too long
[   65.558917][ T6303] netlink: 'syz.0.52': attribute type 2 has an invalid length.
[   65.562191][ T6303] netlink: 'syz.0.52': attribute type 1 has an invalid length.
[   65.566603][ T6303] netlink: 'syz.0.52': attribute type 1 has an invalid length.
[   65.666868][ T6298] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   65.669142][ T6298] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   65.671255][ T6298] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   65.677820][ T6298] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   65.793493][ T6308] cgroup: Name too long
[   65.824781][ T6286] loop2: detected capacity change from 0 to 7
[   65.830060][ T5974] Dev loop2: unable to read RDB block 7
[   65.832032][ T5974]  loop2: unable to read partition table
[   65.836241][ T5974] loop2: partition table beyond EOD, truncated
[   66.003476][ T6308] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   66.005905][ T6308] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   66.008325][ T6308] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   66.011081][ T6308] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   66.396122][ T6286] Dev loop2: unable to read RDB block 7
[   66.398454][ T6286]  loop2: unable to read partition table
[   66.400464][ T6286] loop2: partition table beyond EOD, truncated
[   66.402428][ T6286] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   66.960752][ T6321] ubi31: attaching mtd0
[   66.974288][ T6321] ubi31: scanning is finished
[   66.975817][ T6321] ubi31: empty MTD device detected
[   67.097107][ T6321] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[   67.099889][ T6321] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   67.102252][ T6321] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[   67.105161][ T6321] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[   67.108164][ T6321] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   67.110657][ T6321] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[   67.113953][ T6321] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 567253933
[   67.117675][ T6321] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   67.122656][ T6326] ubi31: background thread "ubi_bgt31d" started, PID 6326
[   67.835968][    T9] usb 5-1: USB disconnect, device number 3
[   68.023032][ T5960] Bluetooth: hci3: command 0x0405 tx timeout
[   68.023392][ T5968] Bluetooth: hci2: command 0x0419 tx timeout
[   68.025155][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[   68.027139][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[   68.060730][ T6335] ubi: mtd0 is already attached to ubi31
[   68.080168][ T6337] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.395299][ T6340] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.65'.
[   68.400249][ T6340] Zero length message leads to an empty skb
[   68.418992][ T6340] omfs: Invalid superblock (0)
[   69.134225][ T6352] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   69.136381][ T6352] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   69.139638][ T6352] vhci_hcd vhci_hcd.0: Device attached
[   69.154671][ T6352] 9pnet_fd: Insufficient options for proto=fd
[   69.158145][ T6353] vhci_hcd: connection closed
[   69.161492][   T46] vhci_hcd: stop threads
[   69.172204][   T46] vhci_hcd: release socket
[   69.179871][   T46] vhci_hcd: disconnect device
[   70.133506][ T6360] Device name not specified.
[   70.133506][ T6360] 
[   70.226801][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   70.457001][ T6370] cgroup: Name too long
[   70.646763][ T6374] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   70.768745][ T6374] syz.1.73 uses obsolete (PF_INET,SOCK_PACKET)
[   70.779070][ T6381] cgroup: Name too long
[   70.808252][ T6361] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   70.810199][ T6361] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   70.812145][ T6361] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   70.816306][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[   70.819323][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[   70.824654][ T6361] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   70.995748][ T6387] netlink: 'syz.2.76': attribute type 1 has an invalid length.
[   71.013737][ T6381] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   71.018723][ T6381] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   71.021763][ T6381] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   71.024156][ T6381] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   71.245177][ T6396] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[   71.247266][ T6396] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   71.250001][ T6396] vhci_hcd vhci_hcd.0: Device attached
[   71.382061][ T6397] vhci_hcd: connection closed
[   71.406438][   T12] vhci_hcd: stop threads
[   71.413526][   T12] vhci_hcd: release socket
[   71.419821][   T12] vhci_hcd: disconnect device
[   71.442987][ T5994] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   71.470484][   T60] vhci_hcd: vhci_device speed not set
[   71.586647][ T5994] usb 7-1: device descriptor read/64, error -71
[   71.595528][ T6405] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   71.595528][ T6405]    program syz.0.79 not setting count and/or reply_len properly
[   72.408714][ T5994] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   72.494686][ T6407] Bluetooth: (null): Invalid header checksum
[   72.591417][ T5994] usb 7-1: device descriptor read/64, error -71
[   72.597130][   T46] Bluetooth: (null): Invalid header checksum
[   72.599145][   T46] Bluetooth: (null): Invalid header checksum
[   72.726067][ T5994] usb usb7-port1: attempt power cycle
[   72.728769][ T1147] Bluetooth: (null): Invalid header checksum
[   72.815249][ T1147] Bluetooth: (null): Invalid header checksum
[   72.934163][   T86] Bluetooth: (null): Invalid header checksum
[   73.034274][   T12] Bluetooth: (null): Invalid header checksum
[   73.052999][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   73.055975][ T5968] Bluetooth: hci2: command 0x0419 tx timeout
[   73.059213][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[   73.059263][ T5973] Bluetooth: hci0: command 0x0419 tx timeout
[   73.064392][ T5994] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   73.079982][ T6426] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[   73.090879][ T5994] usb 7-1: device descriptor read/8, error -71
[   73.149307][   T46] Bluetooth: (null): Invalid header checksum
[   73.192144][ T6431] netlink: 36 bytes leftover after parsing attributes in process `syz.1.87'.
[   73.201698][ T6431] netlink: 'syz.1.87': attribute type 1 has an invalid length.
[   73.253733][   T86] Bluetooth: (null): Invalid header checksum
[   73.412957][ T5994] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   73.433651][ T5994] usb 7-1: device descriptor read/8, error -71
[   73.499320][ T6437] netlink: 40 bytes leftover after parsing attributes in process `syz.0.89'.
[   73.545120][ T6439] FAULT_INJECTION: forcing a failure.
[   73.545120][ T6439] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   73.550716][ T6439] CPU: 3 UID: 0 PID: 6439 Comm: syz.0.90 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   73.550740][ T6439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.550751][ T6439] Call Trace:
[   73.550757][ T6439]  <TASK>
[   73.550764][ T6439]  dump_stack_lvl+0x16c/0x1f0
[   73.550794][ T6439]  should_fail_ex+0x512/0x640
[   73.550824][ T6439]  _copy_from_user+0x2e/0xd0
[   73.550851][ T6439]  snd_seq_ioctl+0x1bf/0x410
[   73.550881][ T6439]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   73.550925][ T6439]  ? __fget_files+0x20e/0x3c0
[   73.550948][ T6439]  ? __fput_deferred+0x470/0x480
[   73.550970][ T6439]  snd_seq_ioctl_compat+0xea/0x310
[   73.550986][ T6439]  ? __pfx_snd_seq_ioctl_compat+0x10/0x10
[   73.551004][ T6439]  __ia32_compat_sys_ioctl+0x242/0x370
[   73.551029][ T6439]  __do_fast_syscall_32+0x7c/0x3a0
[   73.551062][ T6439]  do_fast_syscall_32+0x32/0x80
[   73.551089][ T6439]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   73.551111][ T6439] RIP: 0023:0xf7f31579
[   73.551124][ T6439] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   73.551141][ T6439] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   73.551158][ T6439] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05c5340
[   73.551169][ T6439] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[   73.551179][ T6439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.551189][ T6439] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   73.551199][ T6439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.551222][ T6439]  </TASK>
[   73.554328][ T5994] usb usb7-port1: unable to enumerate USB device
[   74.068285][ T6464] cgroup: Name too long
[   74.303438][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   74.866318][ T6464] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   74.870386][ T6464] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   74.877101][ T6464] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   74.880814][ T6464] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   75.659500][ T6523] FAULT_INJECTION: forcing a failure.
[   75.659500][ T6523] name failslab, interval 1, probability 0, space 0, times 1
[   75.671590][ T6523] CPU: 0 UID: 0 PID: 6523 Comm: syz.0.107 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   75.671630][ T6523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.671653][ T6523] Call Trace:
[   75.671660][ T6523]  <TASK>
[   75.671666][ T6523]  dump_stack_lvl+0x16c/0x1f0
[   75.671694][ T6523]  should_fail_ex+0x512/0x640
[   75.671717][ T6523]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   75.671752][ T6523]  should_failslab+0xc2/0x120
[   75.671767][ T6523]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   75.671789][ T6523]  ? find_held_lock+0x2b/0x80
[   75.671806][ T6523]  ? vm_area_dup+0x27/0x8d0
[   75.671830][ T6523]  vm_area_dup+0x27/0x8d0
[   75.671854][ T6523]  dup_mmap+0x877/0x21d0
[   75.671883][ T6523]  ? __pfx_dup_mmap+0x10/0x10
[   75.671918][ T6523]  copy_process+0x4081/0x7650
[   75.671942][ T6523]  ? preempt_schedule_thunk+0x16/0x30
[   75.671974][ T6523]  ? __pfx_copy_process+0x10/0x10
[   75.671999][ T6523]  ? __rcu_read_unlock+0x2b4/0x580
[   75.672030][ T6523]  kernel_clone+0xfc/0x960
[   75.672048][ T6523]  ? __pfx_kernel_clone+0x10/0x10
[   75.672067][ T6523]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   75.672085][ T6523]  __do_compat_sys_ia32_clone+0xcb/0x110
[   75.672100][ T6523]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[   75.672120][ T6523]  ? ksys_write+0x1ac/0x250
[   75.672135][ T6523]  ? __pfx_ksys_write+0x10/0x10
[   75.672151][ T6523]  ? rcu_is_watching+0x12/0xc0
[   75.672164][ T6523]  __do_fast_syscall_32+0x7c/0x3a0
[   75.672182][ T6523]  do_fast_syscall_32+0x32/0x80
[   75.672199][ T6523]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.672212][ T6523] RIP: 0023:0xf7f31579
[   75.672222][ T6523] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.672232][ T6523] RSP: 002b:00000000f503550c EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[   75.672242][ T6523] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 0000000000000000
[   75.672249][ T6523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.672254][ T6523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.672260][ T6523] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.672266][ T6523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.672278][ T6523]  </TASK>
[   76.290563][ T6544] netlink: 3 bytes leftover after parsing attributes in process `syz.0.108'.
[   76.329912][ T6544] batadv1: entered allmulticast mode
[   76.594797][ T5973] Bluetooth: hci0: command 0x0419 tx timeout
[   76.913009][ T5973] Bluetooth: hci3: command 0x0405 tx timeout
[   76.915024][ T5973] Bluetooth: hci2: command 0x0419 tx timeout
[   76.916911][ T5973] Bluetooth: hci1: command 0x0419 tx timeout
[   77.130266][ T6550] bond1: entered promiscuous mode
[   77.132332][ T6555] loop6: detected capacity change from 0 to 63
[   77.154980][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[   77.159242][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[   77.173138][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[   77.177425][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[   77.180965][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[   77.300018][ T6563] netlink: 35 bytes leftover after parsing attributes in process `syz.0.117'.
[   77.304343][ T6561] netlink: 'syz.2.116': attribute type 21 has an invalid length.
[   77.314396][ T6561] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   77.396756][ T6569] cgroup: Name too long
[   77.581742][ T6569] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   77.585304][ T6569] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   77.587856][ T6569] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   77.616412][ T6569] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   77.947989][ T6581] dlm: no locking on control device
[   78.118950][ T6586] Bluetooth: MGMT ver 1.23
[   78.181919][ T6588] random: crng reseeded on system resumption
[   78.227557][ T6590] FAULT_INJECTION: forcing a failure.
[   78.227557][ T6590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.231627][ T6590] CPU: 1 UID: 0 PID: 6590 Comm: syz.0.127 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   78.231642][ T6590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.231648][ T6590] Call Trace:
[   78.231652][ T6590]  <TASK>
[   78.231656][ T6590]  dump_stack_lvl+0x16c/0x1f0
[   78.231689][ T6590]  should_fail_ex+0x512/0x640
[   78.231707][ T6590]  _copy_to_user+0x32/0xd0
[   78.231725][ T6590]  simple_read_from_buffer+0xcb/0x170
[   78.231746][ T6590]  proc_fail_nth_read+0x197/0x270
[   78.231759][ T6590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   78.231772][ T6590]  ? rw_verify_area+0xcf/0x680
[   78.231786][ T6590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   78.231799][ T6590]  vfs_read+0x1e1/0xc60
[   78.231814][ T6590]  ? fdget_pos+0x2a2/0x370
[   78.231831][ T6590]  ? __pfx_vfs_read+0x10/0x10
[   78.231844][ T6590]  ? find_held_lock+0x2b/0x80
[   78.231860][ T6590]  ? __fget_files+0x20e/0x3c0
[   78.231878][ T6590]  ksys_read+0x12a/0x250
[   78.231893][ T6590]  ? __pfx_ksys_read+0x10/0x10
[   78.231908][ T6590]  ? rcu_is_watching+0x12/0xc0
[   78.231922][ T6590]  __do_fast_syscall_32+0x7c/0x3a0
[   78.231940][ T6590]  do_fast_syscall_32+0x32/0x80
[   78.231956][ T6590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.231970][ T6590] RIP: 0023:0xf7f31579
[   78.231978][ T6590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.231988][ T6590] RSP: 002b:00000000f5056590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   78.231998][ T6590] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5056620
[   78.232005][ T6590] RDX: 000000000000000f RSI: 00000000f73c3ff4 RDI: 0000000000000000
[   78.232011][ T6590] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   78.232016][ T6590] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   78.232022][ T6590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.232035][ T6590]  </TASK>
[   78.389716][ T6594] binfmt_misc: Unknown parameter '-}$'
[   78.410461][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.129'.
[   78.414298][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.129'.
[   78.418791][ T6596] syzkaller1: entered promiscuous mode
[   78.421222][ T6596] syzkaller1: entered allmulticast mode
[   78.603174][ T6610] capability: warning: `syz.0.133' uses deprecated v2 capabilities in a way that may be insecure
[   78.873009][   T24] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   79.003009][   T24] usb 5-1: device descriptor read/64, error -71
[   79.080661][ T6625] FAULT_INJECTION: forcing a failure.
[   79.080661][ T6625] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.085955][ T6625] CPU: 0 UID: 0 PID: 6625 Comm: syz.3.137 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   79.085993][ T6625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.086000][ T6625] Call Trace:
[   79.086004][ T6625]  <TASK>
[   79.086009][ T6625]  dump_stack_lvl+0x16c/0x1f0
[   79.086028][ T6625]  should_fail_ex+0x512/0x640
[   79.086049][ T6625]  _copy_from_user+0x2e/0xd0
[   79.086067][ T6625]  copy_mount_options+0x76/0x190
[   79.086080][ T6625]  __ia32_sys_mount+0x1ac/0x310
[   79.086097][ T6625]  ? __pfx___ia32_sys_mount+0x10/0x10
[   79.086113][ T6625]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[   79.086132][ T6625]  ? rcu_is_watching+0x12/0xc0
[   79.086146][ T6625]  __do_fast_syscall_32+0x7c/0x3a0
[   79.086164][ T6625]  do_fast_syscall_32+0x32/0x80
[   79.086180][ T6625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.086195][ T6625] RIP: 0023:0xf7f73579
[   79.086203][ T6625] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.086213][ T6625] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   79.086224][ T6625] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040
[   79.086230][ T6625] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 00000000800000c0
[   79.086236][ T6625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.086242][ T6625] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.086248][ T6625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.086260][ T6625]  </TASK>
[   79.147355][ T6624] warning: `syz.3.137' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   79.228934][ T6624] netlink: 'syz.3.137': attribute type 10 has an invalid length.
[   79.238645][ T6624] 8021q: adding VLAN 0 to HW filter on device team0
[   79.242990][ T6624] bond0: (slave team0): Enslaving as an active interface with an up link
[   79.283152][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   79.413109][   T24] usb 5-1: device descriptor read/64, error -71
[   79.526283][   T24] usb usb5-port1: attempt power cycle
[   79.533016][ T5973] Bluetooth: hci0: command 0x0419 tx timeout
[   79.622956][ T5973] Bluetooth: hci2: command 0x0419 tx timeout
[   79.623645][ T5968] Bluetooth: hci1: command 0x0419 tx timeout
[   79.701631][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   79.711225][ T6588] syz.2.126 (6588): drop_caches: 2
[   80.129493][   T24] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   80.663402][   T24] usb 5-1: device descriptor read/8, error -71
[   80.913180][   T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   80.934844][   T24] usb 5-1: device descriptor read/8, error -71
[   81.063629][   T24] usb usb5-port1: unable to enumerate USB device
[   81.098910][   T54] cfg80211: failed to load regulatory.db
[   81.773044][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   81.803303][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   82.233018][   T24] usb 6-1: Using ep0 maxpacket: 8
[   82.238126][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   82.242479][   T24] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   82.246302][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.252258][   T24] usb 6-1: config 0 descriptor??
[   82.410903][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.147'.
[   82.459591][   T24] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   82.784870][ T6669] netlink: 'syz.3.148': attribute type 10 has an invalid length.
[   82.984825][   T40] audit: type=1326 audit(1752298185.361:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6651 comm="syz.1.153" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[   83.095025][   T24] usb 6-1: USB disconnect, device number 4
[   83.388751][ T6677] netdevsim netdevsim0: Direct firmware load for @ failed with error -2
[   83.391789][ T6677] netdevsim netdevsim0: Falling back to sysfs fallback for: @
[   83.432638][ T6680] loop1: detected capacity change from 0 to 63
[   83.439787][ T5974] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.446699][ T5974] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.450029][ T5974] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.454008][ T5974] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.456944][ T5974] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.460489][ T6680] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.464986][ T6680] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.477305][ T6680] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.485012][ T6680] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.487937][ T6680] Buffer I/O error on dev loop1, logical block 0, async page read
[   83.503896][ T6683] vlan2: entered allmulticast mode
[   83.505555][ T6683] erspan0: entered allmulticast mode
[   83.852991][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   83.910947][ T6692] loop2: detected capacity change from 0 to 7
[   83.914570][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.917651][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.920660][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.924783][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.927837][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.930858][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.933884][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.936783][ T6692] ldm_validate_partition_table(): Disk read failed.
[   83.939080][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.942116][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.945199][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   83.948184][ T6692] Dev loop2: unable to read RDB block 0
[   83.950295][ T6692]  loop2: unable to read partition table
[   83.952323][ T6692] loop2: partition table beyond EOD, truncated
[   83.956029][ T6692] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   84.343656][ T6000] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   84.504766][ T6000] usb 7-1: Using ep0 maxpacket: 32
[   84.514235][ T6000] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   84.517340][ T6000] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.521429][ T6000] usb 7-1: config 0 descriptor??
[   84.897100][   T60] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   84.914188][   T60] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   85.010179][ T6000] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[   85.014692][ T6000] usb 7-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[   85.017512][ T6000] usb 7-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[   85.345508][ T5994] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   85.364293][ T5994] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   85.414300][ T6721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.165'.
[   85.416977][ T6721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.165'.
[   85.420250][ T6721] syzkaller1: entered promiscuous mode
[   85.421995][ T6721] syzkaller1: entered allmulticast mode
[   85.581392][ T6724] FAULT_INJECTION: forcing a failure.
[   85.581392][ T6724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.586698][ T6724] CPU: 2 UID: 0 PID: 6724 Comm: syz.2.166 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   85.586713][ T6724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.586719][ T6724] Call Trace:
[   85.586723][ T6724]  <TASK>
[   85.586727][ T6724]  dump_stack_lvl+0x16c/0x1f0
[   85.586747][ T6724]  should_fail_ex+0x512/0x640
[   85.586765][ T6724]  _copy_to_user+0x32/0xd0
[   85.586783][ T6724]  simple_read_from_buffer+0xcb/0x170
[   85.586800][ T6724]  proc_fail_nth_read+0x197/0x270
[   85.586813][ T6724]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.586826][ T6724]  ? rw_verify_area+0xcf/0x680
[   85.586840][ T6724]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.586852][ T6724]  vfs_read+0x1e1/0xc60
[   85.586868][ T6724]  ? fdget_pos+0x2a2/0x370
[   85.586884][ T6724]  ? __pfx_vfs_read+0x10/0x10
[   85.586898][ T6724]  ? find_held_lock+0x2b/0x80
[   85.586913][ T6724]  ? __fget_files+0x20e/0x3c0
[   85.586931][ T6724]  ksys_read+0x12a/0x250
[   85.586946][ T6724]  ? __pfx_ksys_read+0x10/0x10
[   85.586961][ T6724]  ? rcu_is_watching+0x12/0xc0
[   85.586975][ T6724]  __do_fast_syscall_32+0x7c/0x3a0
[   85.586993][ T6724]  do_fast_syscall_32+0x32/0x80
[   85.587009][ T6724]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   85.587023][ T6724] RIP: 0023:0xf70be579
[   85.587031][ T6724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   85.587042][ T6724] RSP: 002b:00000000f50ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   85.587052][ T6724] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50ae620
[   85.587058][ T6724] RDX: 000000000000000f RSI: 00000000f7423ff4 RDI: 0000000000000000
[   85.587064][ T6724] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   85.587070][ T6724] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   85.587075][ T6724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   85.587088][ T6724]  </TASK>
[   85.933845][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   86.324335][ T6746] cgroup: Name too long
[   86.683522][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.174'.
[   86.686349][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.174'.
[   86.884154][ T6746] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   86.887186][ T6746] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   86.890002][ T6746] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   86.893393][ T6746] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   88.059638][ T6774] binder: 6773:6774 ioctl c0306201 80000540 returned -14
[   88.187520][ T6781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.182'.
[   88.191239][ T6781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.182'.
[   88.196294][ T6781] syzkaller1: entered promiscuous mode
[   88.198603][ T6781] syzkaller1: entered allmulticast mode
[   88.836967][ T6792] cgroup: Name too long
[   88.893076][ T5973] Bluetooth: hci2: command 0x0419 tx timeout
[   88.893167][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[   88.895691][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[   88.973034][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[   89.031441][ T6792] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   89.034856][ T6792] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   89.037649][ T6792] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   89.040325][ T6792] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   89.699669][ T6803] netlink: 8 bytes leftover after parsing attributes in process `syz.0.187'.
[   90.922189][ T6833] cgroup: Name too long
[   90.983120][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[   91.063020][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   91.063103][ T5973] Bluetooth: hci2: command 0x0419 tx timeout
[   91.066257][ T5968] Bluetooth: hci1: command 0x0419 tx timeout
[   91.180785][ T6836] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   91.182832][ T6836] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   91.185165][ T6836] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   91.187137][ T6836] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   91.235891][ T6840] netlink: 8 bytes leftover after parsing attributes in process `syz.0.196'.
[   91.238674][ T6840] netlink: 8 bytes leftover after parsing attributes in process `syz.0.196'.
[   91.241929][ T6840] syzkaller1: entered promiscuous mode
[   91.243871][ T6840] syzkaller1: entered allmulticast mode
[   91.762993][ T6849] blktrace: Concurrent blktraces are not allowed on sg0
[   92.767384][ T6868] netlink: 36 bytes leftover after parsing attributes in process `syz.2.203'.
[   92.801413][   T40] audit: type=1804 audit(1752298195.161:6): pid=6868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.203" name="/newroot/44/file0/file0" dev="9p" ino=35913862 res=1 errno=0
[   92.816828][ T5968] Bluetooth: hci2: unexpected event for opcode 0x202a
[   93.143114][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[   93.223054][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   93.225013][ T5968] Bluetooth: hci1: command 0x0419 tx timeout
[   93.641287][ T6876] FAULT_INJECTION: forcing a failure.
[   93.641287][ T6876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.646196][ T6876] CPU: 2 UID: 0 PID: 6876 Comm: syz.1.207 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   93.646211][ T6876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.646217][ T6876] Call Trace:
[   93.646221][ T6876]  <TASK>
[   93.646225][ T6876]  dump_stack_lvl+0x16c/0x1f0
[   93.646245][ T6876]  should_fail_ex+0x512/0x640
[   93.646263][ T6876]  _copy_to_user+0x32/0xd0
[   93.646280][ T6876]  simple_read_from_buffer+0xcb/0x170
[   93.646296][ T6876]  proc_fail_nth_read+0x197/0x270
[   93.646309][ T6876]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   93.646322][ T6876]  ? rw_verify_area+0xcf/0x680
[   93.646336][ T6876]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   93.646348][ T6876]  vfs_read+0x1e1/0xc60
[   93.646363][ T6876]  ? fdget_pos+0x2a2/0x370
[   93.646380][ T6876]  ? __pfx_vfs_read+0x10/0x10
[   93.646393][ T6876]  ? find_held_lock+0x2b/0x80
[   93.646409][ T6876]  ? __fget_files+0x20e/0x3c0
[   93.646426][ T6876]  ksys_read+0x12a/0x250
[   93.646441][ T6876]  ? __pfx_ksys_read+0x10/0x10
[   93.646457][ T6876]  ? rcu_is_watching+0x12/0xc0
[   93.646470][ T6876]  __do_fast_syscall_32+0x7c/0x3a0
[   93.646489][ T6876]  do_fast_syscall_32+0x32/0x80
[   93.646505][ T6876]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   93.646519][ T6876] RIP: 0023:0xf711e579
[   93.646527][ T6876] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   93.646537][ T6876] RSP: 002b:00000000f510e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   93.646547][ T6876] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f510e620
[   93.646553][ T6876] RDX: 000000000000000f RSI: 00000000f7483ff4 RDI: 0000000000000000
[   93.646560][ T6876] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[   93.646565][ T6876] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   93.646571][ T6876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   93.646584][ T6876]  </TASK>
[   93.647521][ T6877] cgroup: Name too long
[   94.474624][ T6877] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   94.483048][ T6877] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   94.485083][ T6877] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   94.492955][ T6877] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   95.009165][ T6896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'.
[   95.012203][ T6896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'.
[   95.020522][ T6896] syzkaller1: entered promiscuous mode
[   95.025418][ T6896] syzkaller1: entered allmulticast mode
[   95.712149][ T6906] FAULT_INJECTION: forcing a failure.
[   95.712149][ T6906] name failslab, interval 1, probability 0, space 0, times 0
[   95.716736][ T6906] CPU: 1 UID: 0 PID: 6906 Comm: syz.3.215 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   95.716762][ T6906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.716768][ T6906] Call Trace:
[   95.716773][ T6906]  <TASK>
[   95.716777][ T6906]  dump_stack_lvl+0x16c/0x1f0
[   95.716797][ T6906]  should_fail_ex+0x512/0x640
[   95.716812][ T6906]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   95.716830][ T6906]  should_failslab+0xc2/0x120
[   95.716841][ T6906]  __kmalloc_cache_noprof+0x6a/0x3e0
[   95.716856][ T6906]  ? genl_start+0x1e8/0x980
[   95.716870][ T6906]  genl_start+0x1e8/0x980
[   95.716884][ T6906]  __netlink_dump_start+0x60e/0x990
[   95.716897][ T6906]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[   95.716911][ T6906]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[   95.716925][ T6906]  ? find_held_lock+0x2b/0x80
[   95.716939][ T6906]  ? __pfx_genl_get_cmd+0x10/0x10
[   95.716949][ T6906]  ? __pfx_genl_start+0x10/0x10
[   95.716960][ T6906]  ? __pfx_genl_dumpit+0x10/0x10
[   95.716971][ T6906]  ? __pfx_genl_done+0x10/0x10
[   95.716985][ T6906]  ? __radix_tree_lookup+0x21f/0x2c0
[   95.717002][ T6906]  genl_rcv_msg+0x46e/0x800
[   95.717016][ T6906]  ? __pfx_genl_rcv_msg+0x10/0x10
[   95.717029][ T6906]  ? __pfx_netdev_nl_dev_get_dumpit+0x10/0x10
[   95.717051][ T6906]  netlink_rcv_skb+0x155/0x420
[   95.717062][ T6906]  ? __pfx_genl_rcv_msg+0x10/0x10
[   95.717075][ T6906]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   95.717092][ T6906]  ? netlink_deliver_tap+0x1ae/0xd30
[   95.717111][ T6906]  genl_rcv+0x28/0x40
[   95.717122][ T6906]  netlink_unicast+0x58d/0x850
[   95.717134][ T6906]  ? __pfx_netlink_unicast+0x10/0x10
[   95.717149][ T6906]  netlink_sendmsg+0x8d1/0xdd0
[   95.717163][ T6906]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.717174][ T6906]  ? __import_iovec+0x1dd/0x650
[   95.717188][ T6906]  ____sys_sendmsg+0xa95/0xc70
[   95.717203][ T6906]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.717214][ T6906]  ? get_compat_msghdr+0x11a/0x170
[   95.717237][ T6906]  ___sys_sendmsg+0x134/0x1d0
[   95.717254][ T6906]  ? __pfx____sys_sendmsg+0x10/0x10
[   95.717276][ T6906]  ? find_held_lock+0x2b/0x80
[   95.717296][ T6906]  __sys_sendmsg+0x16d/0x220
[   95.717312][ T6906]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.717334][ T6906]  ? rcu_is_watching+0x12/0xc0
[   95.717348][ T6906]  __do_fast_syscall_32+0x7c/0x3a0
[   95.717387][ T6906]  do_fast_syscall_32+0x32/0x80
[   95.717406][ T6906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   95.717420][ T6906] RIP: 0023:0xf7f73579
[   95.717428][ T6906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   95.717438][ T6906] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   95.717448][ T6906] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000180
[   95.717454][ T6906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   95.717460][ T6906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   95.717466][ T6906] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   95.717472][ T6906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   95.717485][ T6906]  </TASK>
[   95.823107][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[   95.824548][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.389636][ T6890] syz.0.211 (6890): drop_caches: 1
[   96.395145][ T6916] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'.
[   96.397888][ T6916] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'.
[   96.401171][ T6916] syzkaller1: entered promiscuous mode
[   96.403207][ T6916] syzkaller1: entered allmulticast mode
[   96.403898][ T6889] syz.0.211 (6889): drop_caches: 1
[   96.493117][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[   96.495092][ T5968] Bluetooth: hci2: command 0x0419 tx timeout
[   96.573041][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   97.545574][ T6942] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   97.566124][ T6942] FAULT_INJECTION: forcing a failure.
[   97.566124][ T6942] name failslab, interval 1, probability 0, space 0, times 0
[   97.571202][ T6942] CPU: 3 UID: 0 PID: 6942 Comm: syz.0.225 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   97.571218][ T6942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.571225][ T6942] Call Trace:
[   97.571230][ T6942]  <TASK>
[   97.571234][ T6942]  dump_stack_lvl+0x16c/0x1f0
[   97.571254][ T6942]  should_fail_ex+0x512/0x640
[   97.571270][ T6942]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   97.571288][ T6942]  should_failslab+0xc2/0x120
[   97.571299][ T6942]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   97.571315][ T6942]  ? security_file_alloc+0x34/0x2b0
[   97.571331][ T6942]  security_file_alloc+0x34/0x2b0
[   97.571345][ T6942]  init_file+0x93/0x4c0
[   97.571357][ T6942]  alloc_empty_file+0x73/0x1e0
[   97.571368][ T6942]  dentry_open+0x46/0xd0
[   97.571380][ T6942]  ovl_path_open+0x198/0x1f0
[   97.571397][ T6942]  ovl_dir_read_merged+0x349/0x5c0
[   97.571412][ T6942]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[   97.571426][ T6942]  ? kernel_text_address+0x8d/0x100
[   97.571444][ T6942]  ? __kernel_text_address+0xd/0x40
[   97.571454][ T6942]  ? arch_stack_walk+0xa6/0x100
[   97.571463][ T6942]  ? __pfx_ovl_fill_merge+0x10/0x10
[   97.571485][ T6942]  ovl_check_empty_dir+0xaf/0x4c0
[   97.571502][ T6942]  ? __pfx_ovl_check_empty_dir+0x10/0x10
[   97.571518][ T6942]  ? save_trace+0x4e/0x380
[   97.571530][ T6942]  ? add_lock_to_list+0x9d/0x130
[   97.571544][ T6942]  ovl_rename+0x2f1/0x1860
[   97.571563][ T6942]  ? __lock_acquire+0x1053/0x1c90
[   97.571585][ T6942]  ? __pfx_ovl_rename+0x10/0x10
[   97.571602][ T6942]  ? down_write+0x14d/0x200
[   97.571612][ T6942]  ? __pfx_down_write+0x10/0x10
[   97.571625][ T6942]  vfs_rename+0xf64/0x2250
[   97.571643][ T6942]  ? __pfx_vfs_rename+0x10/0x10
[   97.571660][ T6942]  ? security_path_rename+0x136/0x3c0
[   97.571674][ T6942]  do_renameat2+0x82b/0xc90
[   97.571689][ T6942]  ? __pfx_do_renameat2+0x10/0x10
[   97.571699][ T6942]  ? find_held_lock+0x2b/0x80
[   97.571709][ T6942]  ? __might_fault+0xe3/0x190
[   97.571725][ T6942]  ? __might_fault+0x13b/0x190
[   97.571747][ T6942]  ? getname_flags.part.0+0x1c5/0x550
[   97.571762][ T6942]  __ia32_sys_rename+0x7c/0xa0
[   97.571772][ T6942]  __do_fast_syscall_32+0x7c/0x3a0
[   97.571790][ T6942]  do_fast_syscall_32+0x32/0x80
[   97.571807][ T6942]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.571820][ T6942] RIP: 0023:0xf7f31579
[   97.571829][ T6942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.571839][ T6942] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000026
[   97.571849][ T6942] RAX: ffffffffffffffda RBX: 0000000080000580 RCX: 0000000080000000
[   97.571856][ T6942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   97.571862][ T6942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.571867][ T6942] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.571873][ T6942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.571886][ T6942]  </TASK>
[   97.903077][   T24] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   97.925303][ T6946] FAULT_INJECTION: forcing a failure.
[   97.925303][ T6946] name failslab, interval 1, probability 0, space 0, times 0
[   97.930572][ T6946] CPU: 2 UID: 0 PID: 6946 Comm: syz.0.226 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[   97.930595][ T6946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.930605][ T6946] Call Trace:
[   97.930612][ T6946]  <TASK>
[   97.930619][ T6946]  dump_stack_lvl+0x16c/0x1f0
[   97.930650][ T6946]  should_fail_ex+0x512/0x640
[   97.930679][ T6946]  should_failslab+0xc2/0x120
[   97.930697][ T6946]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   97.930724][ T6946]  ? skb_clone+0x190/0x3f0
[   97.930754][ T6946]  skb_clone+0x190/0x3f0
[   97.930780][ T6946]  netlink_deliver_tap+0xabd/0xd30
[   97.930815][ T6946]  netlink_unicast+0x62f/0x850
[   97.930842][ T6946]  ? __pfx_netlink_unicast+0x10/0x10
[   97.930868][ T6946]  netlink_sendmsg+0x8d1/0xdd0
[   97.930891][ T6946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.930911][ T6946]  ? __import_iovec+0x1dd/0x650
[   97.930933][ T6946]  ____sys_sendmsg+0xa95/0xc70
[   97.930957][ T6946]  ? __pfx_____sys_sendmsg+0x10/0x10
[   97.930975][ T6946]  ? get_compat_msghdr+0x11a/0x170
[   97.931013][ T6946]  ___sys_sendmsg+0x134/0x1d0
[   97.931041][ T6946]  ? __pfx____sys_sendmsg+0x10/0x10
[   97.931080][ T6946]  ? find_held_lock+0x2b/0x80
[   97.931114][ T6946]  __sys_sendmsg+0x16d/0x220
[   97.931141][ T6946]  ? __pfx___sys_sendmsg+0x10/0x10
[   97.931178][ T6946]  ? rcu_is_watching+0x12/0xc0
[   97.931201][ T6946]  __do_fast_syscall_32+0x7c/0x3a0
[   97.931230][ T6946]  do_fast_syscall_32+0x32/0x80
[   97.931256][ T6946]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.931278][ T6946] RIP: 0023:0xf7f31579
[   97.931292][ T6946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.931308][ T6946] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   97.931324][ T6946] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001640
[   97.931335][ T6946] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[   97.931345][ T6946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.931355][ T6946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.931364][ T6946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.931388][ T6946]  </TASK>
[   98.103051][   T24] usb 6-1: Using ep0 maxpacket: 8
[   98.106935][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   98.111134][   T24] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   98.114318][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.118666][   T24] usb 6-1: config 0 descriptor??
[   98.330912][   T24] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   98.653067][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[   98.843815][   T40] audit: type=1326 audit(1752298201.221:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6937 comm="syz.1.224" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[   98.883063][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   98.946307][  T836] usb 6-1: USB disconnect, device number 5
[   99.033013][   T24] usb 5-1: Using ep0 maxpacket: 32
[   99.041083][   T24] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   99.044252][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.049080][   T24] usb 5-1: config 0 descriptor??
[   99.085028][ T6953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.229'.
[   99.087899][ T6953] lo: entered promiscuous mode
[   99.089507][ T6953] lo: entered allmulticast mode
[   99.091892][ T6953] tunl0: entered promiscuous mode
[   99.094263][ T6953] tunl0: entered allmulticast mode
[   99.098111][ T6953] gre0: entered promiscuous mode
[   99.100152][ T6953] gre0: entered allmulticast mode
[   99.102828][ T6953] gretap0: entered promiscuous mode
[   99.105874][ T6953] gretap0: entered allmulticast mode
[   99.109135][ T6953] erspan0: entered promiscuous mode
[   99.111965][ T6953] erspan0: entered allmulticast mode
[   99.115843][ T6953] ip_vti0: entered promiscuous mode
[   99.118130][ T6953] ip_vti0: entered allmulticast mode
[   99.121021][ T6953] ip6_vti0: entered promiscuous mode
[   99.128238][ T6953] ip6_vti0: entered allmulticast mode
[   99.131836][ T6953] sit0: entered promiscuous mode
[   99.134794][ T6953] sit0: entered allmulticast mode
[   99.137490][ T6953] ip6tnl0: entered promiscuous mode
[   99.139674][ T6953] ip6tnl0: entered allmulticast mode
[   99.142402][ T6953] ip6gre0: entered promiscuous mode
[   99.147342][ T6953] ip6gre0: entered allmulticast mode
[   99.150470][ T6953] syz_tun: entered promiscuous mode
[   99.152613][ T6953] syz_tun: entered allmulticast mode
[   99.155962][ T6953] ip6gretap0: entered promiscuous mode
[   99.158189][ T6953] ip6gretap0: entered allmulticast mode
[   99.161288][ T6953] bridge0: entered promiscuous mode
[   99.163725][ T6953] bridge0: entered allmulticast mode
[   99.166622][ T6953] vcan0: entered promiscuous mode
[   99.168733][ T6953] vcan0: entered allmulticast mode
[   99.171113][ T6953] bond0: entered promiscuous mode
[   99.173353][ T6953] bond_slave_0: entered promiscuous mode
[   99.175835][ T6953] bond_slave_1: entered promiscuous mode
[   99.178308][ T6953] bond0: entered allmulticast mode
[   99.180465][ T6953] bond_slave_0: entered allmulticast mode
[   99.182822][ T6953] bond_slave_1: entered allmulticast mode
[   99.187639][ T6953] team0: entered promiscuous mode
[   99.189762][ T6953] team_slave_0: entered promiscuous mode
[   99.192261][ T6953] team_slave_1: entered promiscuous mode
[   99.198039][ T6953] team0: entered allmulticast mode
[   99.200203][ T6953] team_slave_0: entered allmulticast mode
[   99.202554][ T6953] team_slave_1: entered allmulticast mode
[   99.207559][ T6953] dummy0: entered promiscuous mode
[   99.209891][ T6953] dummy0: entered allmulticast mode
[   99.214205][ T6953] nlmon0: entered promiscuous mode
[   99.216756][ T6953] nlmon0: entered allmulticast mode
[   99.220184][ T6953] caif0: entered promiscuous mode
[   99.222286][ T6953] caif0: entered allmulticast mode
[   99.224875][ T6953] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   99.274944][   T60] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   99.279400][   T60] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   99.647673][   T24] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[   99.788376][ T6968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.234'.
[   99.791293][ T6968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.234'.
[   99.795726][ T6968] syzkaller1: entered promiscuous mode
[   99.797918][ T6968] syzkaller1: entered allmulticast mode
[  100.626394][ T6981] syzkaller1: entered promiscuous mode
[  100.628363][ T6981] syzkaller1: entered allmulticast mode
[  100.743042][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  102.823168][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  104.683002][  T836] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  104.801575][ T7023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.248'.
[  104.805339][ T7023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.248'.
[  104.810004][ T7023] syzkaller1: entered promiscuous mode
[  104.812285][ T7023] syzkaller1: entered allmulticast mode
[  104.854415][  T836] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  104.860914][  T836] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  104.863987][  T836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.866480][  T836] usb 6-1: Product: syz
[  104.867747][  T836] usb 6-1: Manufacturer: syz
[  104.869161][  T836] usb 6-1: SerialNumber: syz
[  104.893151][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  104.920196][ T7027] netlink: 12 bytes leftover after parsing attributes in process `syz.3.249'.
[  104.931003][ T7027] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  104.933848][ T7027] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  104.936541][ T7027] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  104.939225][ T7027] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  104.944321][ T7027] vxlan0: entered promiscuous mode
[  105.076805][  T836] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  105.310798][  T836] usb 6-1: USB disconnect, device number 6
[  105.319237][  T836] usblp0: removed
[  106.000268][ T7037] IPv6: NLM_F_REPLACE set, but no existing node found!
[  106.354136][ T7040] netlink: 8 bytes leftover after parsing attributes in process `syz.2.253'.
[  106.385278][ T7040] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  106.857061][ T7044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.254'.
[  106.859926][ T7044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.254'.
[  106.864739][ T7044] syzkaller1: entered promiscuous mode
[  106.866432][ T7044] syzkaller1: entered allmulticast mode
[  106.986156][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  107.174317][ T7051] FAULT_INJECTION: forcing a failure.
[  107.174317][ T7051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.184943][ T7051] CPU: 2 UID: 0 PID: 7051 Comm: syz.2.255 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  107.184969][ T7051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.184980][ T7051] Call Trace:
[  107.184987][ T7051]  <TASK>
[  107.184994][ T7051]  dump_stack_lvl+0x16c/0x1f0
[  107.185024][ T7051]  should_fail_ex+0x512/0x640
[  107.185054][ T7051]  _copy_to_user+0x32/0xd0
[  107.185083][ T7051]  simple_read_from_buffer+0xcb/0x170
[  107.185109][ T7051]  proc_fail_nth_read+0x197/0x270
[  107.185131][ T7051]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.185154][ T7051]  ? rw_verify_area+0xcf/0x680
[  107.185177][ T7051]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.185198][ T7051]  vfs_read+0x1e1/0xc60
[  107.185223][ T7051]  ? fdget_pos+0x2a2/0x370
[  107.185249][ T7051]  ? __pfx_vfs_read+0x10/0x10
[  107.185298][ T7051]  ? find_held_lock+0x2b/0x80
[  107.185324][ T7051]  ? __fget_files+0x20e/0x3c0
[  107.185346][ T7051]  ? __print_lock_name+0xb0/0xe0
[  107.185371][ T7051]  ksys_read+0x12a/0x250
[  107.185395][ T7051]  ? __pfx_ksys_read+0x10/0x10
[  107.185421][ T7051]  ? rcu_is_watching+0x12/0xc0
[  107.185444][ T7051]  __do_fast_syscall_32+0x7c/0x3a0
[  107.185473][ T7051]  do_fast_syscall_32+0x32/0x80
[  107.185498][ T7051]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.185520][ T7051] RIP: 0023:0xf70be579
[  107.185534][ T7051] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.185549][ T7051] RSP: 002b:00000000f508d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  107.185566][ T7051] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00000000f508d620
[  107.185578][ T7051] RDX: 000000000000000f RSI: 00000000f7423ff4 RDI: 0000000000000000
[  107.185588][ T7051] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  107.185597][ T7051] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  107.185607][ T7051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.185629][ T7051]  </TASK>
[  107.550657][ T7057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.256'.
[  108.231614][ T7073] Invalid logical block size (4608)
[  108.277392][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.1.261'.
[  108.281406][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.1.261'.
[  108.286390][ T7075] syzkaller1: entered promiscuous mode
[  108.288750][ T7075] syzkaller1: entered allmulticast mode
[  108.357959][ T7079] cgroup: Name too long
[  108.558521][ T7079] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  108.560779][ T7079] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  108.565619][ T7079] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  108.572439][ T7079] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  108.639209][ T7093] syz_tun: entered allmulticast mode
[  108.647054][ T7092] syz_tun: left allmulticast mode
[  109.315780][ T7100] dlm: plock device version mismatch: kernel (1.2.0), user (1.4.2147483776)
[  109.335963][ T7100] netlink: 'syz.3.269': attribute type 4 has an invalid length.
[  109.668983][ T7107] netlink: 4 bytes leftover after parsing attributes in process `syz.3.271'.
[  109.679385][ T7107] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.683199][ T7107] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.900329][ T7110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'.
[  110.015047][ T7114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.274'.
[  110.017937][ T7114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.274'.
[  110.023733][ T7114] syzkaller1: entered promiscuous mode
[  110.025511][ T7114] syzkaller1: entered allmulticast mode
[  110.149991][ T7122] cgroup: Name too long
[  110.372948][ T7122] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  110.378733][ T7122] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  110.383488][ T7122] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  110.416587][ T7122] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  110.774196][ T7133] input: syz1 as /devices/virtual/input/input5
[  111.632792][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.283'.
[  111.635873][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.283'.
[  111.639176][ T7148] syzkaller1: entered promiscuous mode
[  111.640909][ T7148] syzkaller1: entered allmulticast mode
[  112.343043][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[  112.423054][ T5960] Bluetooth: hci2: command 0x0419 tx timeout
[  112.423077][ T5963] Bluetooth: hci1: command 0x0419 tx timeout
[  112.425431][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  112.774492][ T7166] kernel read not supported for file /eth0 (pid: 7166 comm: syz.0.288)
[  112.787572][   T40] audit: type=1800 audit(1752298215.151:8): pid=7166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.288" name="eth0" dev="mqueue" ino=11127 res=0 errno=0
[  112.792546][ T7166] netlink: 'syz.0.288': attribute type 1 has an invalid length.
[  112.796040][ T7166] netlink: 17 bytes leftover after parsing attributes in process `syz.0.288'.
[  113.517155][ T7176] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'.
[  113.951562][ T7185] pimreg3: entered allmulticast mode
[  113.960056][ T7185] /dev/nullb0: Can't open blockdev
[  113.973128][ T7185] IPv6: NLM_F_REPLACE set, but no existing node found!
[  114.100004][ T7193] FAULT_INJECTION: forcing a failure.
[  114.100004][ T7193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.115677][ T7193] CPU: 1 UID: 0 PID: 7193 Comm: syz.1.298 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  114.115694][ T7193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.115701][ T7193] Call Trace:
[  114.115704][ T7193]  <TASK>
[  114.115709][ T7193]  dump_stack_lvl+0x16c/0x1f0
[  114.115745][ T7193]  should_fail_ex+0x512/0x640
[  114.115769][ T7193]  _copy_from_iter+0x29f/0x16f0
[  114.115788][ T7193]  ? _copy_from_iter+0x15d/0x16f0
[  114.115805][ T7193]  ? __pfx__copy_from_iter+0x10/0x10
[  114.115822][ T7193]  ? __pfx__copy_from_iter+0x10/0x10
[  114.115842][ T7193]  copy_page_from_iter+0xde/0x180
[  114.115860][ T7193]  skb_copy_datagram_from_iter+0x2a0/0x740
[  114.115879][ T7193]  tun_get_user+0x17ac/0x3b80
[  114.115895][ T7193]  ? __pfx_tun_get_user+0x10/0x10
[  114.115905][ T7193]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  114.115925][ T7193]  ? find_held_lock+0x2b/0x80
[  114.115937][ T7193]  ? tun_get+0x191/0x370
[  114.115956][ T7193]  tun_chr_write_iter+0xdc/0x210
[  114.115967][ T7193]  vfs_write+0x6c4/0x1150
[  114.115982][ T7193]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  114.115994][ T7193]  ? __pfx_vfs_write+0x10/0x10
[  114.116008][ T7193]  ? find_held_lock+0x2b/0x80
[  114.116026][ T7193]  ksys_write+0x12a/0x250
[  114.116041][ T7193]  ? __pfx_ksys_write+0x10/0x10
[  114.116056][ T7193]  ? rcu_is_watching+0x12/0xc0
[  114.116069][ T7193]  __do_fast_syscall_32+0x7c/0x3a0
[  114.116087][ T7193]  do_fast_syscall_32+0x32/0x80
[  114.116103][ T7193]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.116117][ T7193] RIP: 0023:0xf711e579
[  114.116126][ T7193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.116136][ T7193] RSP: 002b:00000000f510e520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  114.116146][ T7193] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800002c0
[  114.116152][ T7193] RDX: 000000000000fef3 RSI: 00000000f7483ff4 RDI: 0000000000000000
[  114.116158][ T7193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.116164][ T7193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.116169][ T7193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.116182][ T7193]  </TASK>
[  114.195251][    C1] vkms_vblank_simulate: vblank timer overrun
[  114.286058][ T7201] netlink: 8 bytes leftover after parsing attributes in process `syz.1.301'.
[  114.288947][ T7201] netlink: 8 bytes leftover after parsing attributes in process `syz.1.301'.
[  114.293756][ T7201] syzkaller1: entered promiscuous mode
[  114.295824][ T7201] syzkaller1: entered allmulticast mode
[  114.499314][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  114.651135][ T7207] loop6: detected capacity change from 0 to 63
[  114.659249][ T5974] buffer_io_error: 25 callbacks suppressed
[  114.659262][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.669802][ T7207] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.673409][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.677696][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.681114][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.687346][ T7207] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.693386][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.707710][ T7207] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.710233][ T7207] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.712712][ T7207] Buffer I/O error on dev loop6, logical block 0, async page read
[  115.038756][ T7220] netlink: 8 bytes leftover after parsing attributes in process `syz.2.306'.
[  115.527363][ T7227] binder: 7226:7227 ioctl 80044584 80000280 returned -22
[  115.585421][ T7228] binder: 7226:7228 ioctl c0306201 80000540 returned -14
[  116.386573][ T7247] netlink: 8 bytes leftover after parsing attributes in process `syz.3.315'.
[  116.389494][ T7247] netlink: 8 bytes leftover after parsing attributes in process `syz.3.315'.
[  116.393058][ T7247] syzkaller1: entered promiscuous mode
[  116.394792][ T7247] syzkaller1: entered allmulticast mode
[  116.819374][ T7256] cgroup: Name too long
[  117.106927][ T7256] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  117.109231][ T7256] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  117.111420][ T7256] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  119.053197][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[  119.133118][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  119.133166][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  119.133204][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[  119.140286][ T7255] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  119.338653][ T7274] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  119.342337][ T7274] /dev/nullb0: Can't open blockdev
[  119.422188][ T7275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.321'.
[  119.678604][ T7280] netlink: 8 bytes leftover after parsing attributes in process `syz.1.323'.
[  119.681994][ T7280] lo: entered promiscuous mode
[  119.684068][ T7280] lo: entered allmulticast mode
[  119.715858][ T7280] tunl0: entered promiscuous mode
[  119.717714][ T7280] tunl0: entered allmulticast mode
[  119.720751][ T7280] gre0: entered promiscuous mode
[  119.723205][ T7280] gre0: entered allmulticast mode
[  119.726580][ T7280] gretap0: entered promiscuous mode
[  119.728456][ T7280] gretap0: entered allmulticast mode
[  119.744185][ T7280] erspan0: entered promiscuous mode
[  119.750608][ T7280] erspan0: entered allmulticast mode
[  119.758894][ T7280] ip_vti0: entered promiscuous mode
[  119.760712][ T7280] ip_vti0: entered allmulticast mode
[  119.777962][ T7280] ip6_vti0: entered promiscuous mode
[  119.779817][ T7280] ip6_vti0: entered allmulticast mode
[  119.786509][ T7280] sit0: entered promiscuous mode
[  119.788559][ T7280] sit0: entered allmulticast mode
[  119.792196][ T7280] ip6tnl0: entered promiscuous mode
[  119.812814][ T7280] ip6tnl0: entered allmulticast mode
[  119.817522][ T7280] ip6gre0: entered promiscuous mode
[  119.819333][ T7280] ip6gre0: entered allmulticast mode
[  119.824664][ T7280] syz_tun: entered promiscuous mode
[  119.835583][ T7280] syz_tun: entered allmulticast mode
[  119.849568][ T7280] ip6gretap0: entered promiscuous mode
[  119.851527][ T7280] ip6gretap0: entered allmulticast mode
[  119.870618][ T7280] bridge0: entered promiscuous mode
[  119.872472][ T7280] bridge0: entered allmulticast mode
[  119.887279][ T7280] vcan0: entered promiscuous mode
[  119.893979][ T7280] vcan0: entered allmulticast mode
[  119.897284][ T7280] bond0: entered promiscuous mode
[  119.898963][ T7280] bond_slave_0: entered promiscuous mode
[  119.902653][ T7280] bond_slave_1: entered promiscuous mode
[  119.911100][ T7280] bond0: entered allmulticast mode
[  119.912687][ T7280] bond_slave_0: entered allmulticast mode
[  119.915003][ T7280] bond_slave_1: entered allmulticast mode
[  119.917353][ T7280] team0: entered promiscuous mode
[  119.919137][ T7280] team_slave_0: entered promiscuous mode
[  119.920998][ T7280] team_slave_1: entered promiscuous mode
[  119.931491][ T7280] team0: entered allmulticast mode
[  119.933257][ T7280] team_slave_0: entered allmulticast mode
[  119.934984][ T7280] team_slave_1: entered allmulticast mode
[  119.937229][ T7280] dummy0: entered promiscuous mode
[  119.938859][ T7280] dummy0: entered allmulticast mode
[  119.940779][ T7280] nlmon0: entered promiscuous mode
[  119.959910][ T7280] nlmon0: entered allmulticast mode
[  119.962743][ T7280] caif0: entered promiscuous mode
[  119.964587][ T7280] caif0: entered allmulticast mode
[  119.966207][ T7280] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  120.167519][ T7274] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  120.169541][ T7274] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  120.171691][ T7274] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  120.175198][ T7274] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  120.557489][ T7297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.328'.
[  120.560309][ T7297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.328'.
[  120.566837][ T7297] syzkaller1: entered promiscuous mode
[  120.568768][ T7297] syzkaller1: entered allmulticast mode
[  121.393345][ T7295] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  121.464529][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  122.173062][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  122.175484][ T5963] Bluetooth: hci1: command 0x0419 tx timeout
[  122.252989][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  122.327673][ T7313] pimreg3: entered allmulticast mode
[  122.334897][ T7313] /dev/nullb0: Can't open blockdev
[  122.343126][ T7313] IPv6: NLM_F_REPLACE set, but no existing node found!
[  122.766890][ T7325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.335'.
[  123.311707][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.2.338'.
[  123.315800][ T7331] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  123.318906][ T7331] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  123.325994][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.338'.
[  123.517035][ T7335] netlink: 8 bytes leftover after parsing attributes in process `syz.3.337'.
[  123.520307][ T7335] lo: entered promiscuous mode
[  123.521896][ T7335] lo: entered allmulticast mode
[  123.534130][ T7335] tunl0: entered promiscuous mode
[  123.535834][ T7335] tunl0: entered allmulticast mode
[  123.538777][ T7335] gre0: entered promiscuous mode
[  123.540430][ T7335] gre0: entered allmulticast mode
[  123.543860][ T7335] gretap0: entered promiscuous mode
[  123.545565][ T7335] gretap0: entered allmulticast mode
[  123.548292][ T7335] erspan0: entered promiscuous mode
[  123.550988][ T7335] ip_vti0: entered promiscuous mode
[  123.552692][ T7335] ip_vti0: entered allmulticast mode
[  123.555574][ T7335] ip6_vti0: entered promiscuous mode
[  123.557392][ T7335] ip6_vti0: entered allmulticast mode
[  123.560569][ T7335] sit0: entered promiscuous mode
[  123.562259][ T7335] sit0: entered allmulticast mode
[  123.565590][ T7335] ip6tnl0: entered promiscuous mode
[  123.567364][ T7335] ip6tnl0: entered allmulticast mode
[  123.576841][ T7335] ip6gre0: entered promiscuous mode
[  123.578659][ T7335] ip6gre0: entered allmulticast mode
[  123.581972][ T7335] syz_tun: entered promiscuous mode
[  123.584827][ T7335] syz_tun: entered allmulticast mode
[  123.607604][ T7335] ip6gretap0: entered promiscuous mode
[  123.609584][ T7335] ip6gretap0: entered allmulticast mode
[  123.614228][ T7335] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.616838][ T7335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.619472][ T7335] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.621767][ T7335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.687432][ T7335] bridge0: entered promiscuous mode
[  123.689238][ T7335] bridge0: entered allmulticast mode
[  123.697218][ T7335] vcan0: entered promiscuous mode
[  123.699042][ T7335] vcan0: entered allmulticast mode
[  123.702506][ T7335] bond0: entered promiscuous mode
[  123.718710][ T7335] bond_slave_0: entered promiscuous mode
[  123.721680][ T7335] bond_slave_1: entered promiscuous mode
[  123.737309][ T7335] team0: entered promiscuous mode
[  123.739028][ T7335] team_slave_0: entered promiscuous mode
[  123.742085][ T7335] team_slave_1: entered promiscuous mode
[  123.764568][ T7335] bond0: entered allmulticast mode
[  123.766598][ T7335] bond_slave_0: entered allmulticast mode
[  123.768612][ T7335] bond_slave_1: entered allmulticast mode
[  123.770622][ T7335] team0: entered allmulticast mode
[  123.772652][ T7335] team_slave_0: entered allmulticast mode
[  123.782980][ T7335] team_slave_1: entered allmulticast mode
[  123.786947][ T7335] 8021q: adding VLAN 0 to HW filter on device team0
[  123.793645][ T7335] dummy0: entered promiscuous mode
[  123.795795][ T7335] dummy0: entered allmulticast mode
[  123.798544][ T7335] nlmon0: entered promiscuous mode
[  123.800548][ T7335] nlmon0: entered allmulticast mode
[  123.821668][ T7335] caif0: entered promiscuous mode
[  123.824688][ T7335] caif0: entered allmulticast mode
[  123.826794][ T7335] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  124.331632][ T7346] netlink: 9 bytes leftover after parsing attributes in process `syz.2.343'.
[  124.336025][ T7346] 0·: renamed from hsr_slave_1 (while UP)
[  124.342293][ T7346] 0·: entered allmulticast mode
[  124.345931][ T7346] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  124.469548][ T7352] program syz.2.343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.545701][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.345'.
[  124.548476][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.345'.
[  124.552540][ T7355] syzkaller1: entered promiscuous mode
[  124.562993][ T7355] syzkaller1: entered allmulticast mode
[  124.957381][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.349'.
[  125.134391][ T7375] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  125.141547][ T7375] xt_TPROXY: Can be used only with -p tcp or -p udp
[  127.010191][ T7421] input: syz1 as /devices/virtual/input/input6
[  128.165235][ T7439] tmpfs: Bad value for 'mpol'
[  128.366072][ T7442] netlink: 'syz.0.374': attribute type 1 has an invalid length.
[  128.368583][ T7442] nbd: couldn't find a device at index -1605786504
[  128.404671][ T7444] pim6reg1: entered promiscuous mode
[  128.406826][ T7444] pim6reg1: entered allmulticast mode
[  128.532973][ T7448] netlink: 'syz.3.372': attribute type 4 has an invalid length.
[  130.823049][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  131.754820][ T7507] team_slave_0: left promiscuous mode
[  131.756612][ T7507] team_slave_0: left allmulticast mode
[  131.767132][ T7507] team0 (unregistering): Port device team_slave_0 removed
[  131.769531][ T7507] team_slave_1: left promiscuous mode
[  131.771544][ T7507] team_slave_1: left allmulticast mode
[  131.777319][ T7507] team0 (unregistering): Port device team_slave_1 removed
[  132.262701][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.264871][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.475268][   T40] audit: type=1326 audit(1752298234.851:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.0.396" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0
[  134.027145][ T7544] team_slave_0: left promiscuous mode
[  134.031806][ T7544] team_slave_0: left allmulticast mode
[  134.055842][ T7544] team0 (unregistering): Port device team_slave_0 removed
[  134.059231][ T7544] team_slave_1: left promiscuous mode
[  134.061739][ T7544] team_slave_1: left allmulticast mode
[  134.070165][ T7544] team0 (unregistering): Port device team_slave_1 removed
[  134.095330][ T7545] IPVS: Error joining to the multicast group
[  134.174127][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'.
[  134.176833][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'.
[  134.194453][ T7550] syzkaller1: entered promiscuous mode
[  134.196502][ T7550] syzkaller1: entered allmulticast mode
[  136.156831][ T7577] cgroup: Name too long
[  136.373251][ T7577] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  136.381792][ T7577] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  136.384579][ T7577] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  136.839288][ T7588] netlink: 'syz.3.411': attribute type 11 has an invalid length.
[  136.841943][ T7588] netlink: 224 bytes leftover after parsing attributes in process `syz.3.411'.
[  137.227701][ T7600] team0 (unregistering): Port device team_slave_0 removed
[  137.232525][ T7600] team0 (unregistering): Port device team_slave_1 removed
[  138.413153][ T5963] Bluetooth: hci1: command 0x0419 tx timeout
[  138.414644][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  138.415077][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  138.653107][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  138.653924][ T7574] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  138.760213][ T7621] loop6: detected capacity change from 0 to 63
[  138.765339][ T5974] buffer_io_error: 42 callbacks suppressed
[  138.765349][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.770120][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.778323][ T7621] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.781793][ T7621] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.785911][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.789516][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.794004][ T7621] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.796867][ T5974] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.803967][ T7621] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.807008][ T7621] Buffer I/O error on dev loop6, logical block 0, async page read
[  139.177129][ T7640] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  139.840316][ T7643] cgroup: Name too long
[  140.026147][ T7643] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  140.028227][ T7643] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  140.030306][ T7643] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  142.023748][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  142.093098][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  142.093125][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[  142.733233][ T5960] Bluetooth: hci3: command 0x0405 tx timeout
[  142.734351][ T7641] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  142.918127][ T7684] cgroup: Name too long
[  143.144071][ T7684] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  143.146298][ T7684] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  143.148528][ T7684] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  144.668716][ T5994] IPVS: starting estimator thread 0...
[  144.753131][ T7713] IPVS: using max 42 ests per chain, 100800 per kthread
[  145.213089][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  145.213120][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[  145.215118][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  145.693681][ T7681] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  145.696292][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  146.792448][ T7737] cgroup: Name too long
[  146.984735][ T7737] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  146.987368][ T7737] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  146.992251][ T7737] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  147.266612][ T7749] cgroup: Name too long
[  147.613264][   T24] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  147.614726][ T6000] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  147.617801][   T24] dvb_usb_az6027 5-1:0.0: probe with driver dvb_usb_az6027 failed with error -2
[  147.623526][ T6000] dvb_usb_az6027 7-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  147.629154][   T24] usb 5-1: USB disconnect, device number 8
[  147.636218][ T6000] usb 7-1: USB disconnect, device number 7
[  148.973004][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  149.053072][ T5968] Bluetooth: hci1: command 0x0419 tx timeout
[  149.054017][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.293046][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  149.293096][ T7734] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  149.364175][ T7749] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  149.366274][ T7749] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  149.368519][ T7749] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  149.373107][ T2295] IPVS: starting estimator thread 0...
[  149.387558][ T7749] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  149.493994][ T7762] IPVS: using max 43 ests per chain, 103200 per kthread
[  151.383072][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  151.383356][ T5968] Bluetooth: hci1: command 0x0419 tx timeout
[  151.385702][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  151.452965][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  152.356287][ T7796] cgroup: Name too long
[  152.590378][ T7796] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  152.592585][ T7796] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  152.596009][ T7796] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  153.367718][ T7806] cgroup: Name too long
[  154.573169][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[  154.653061][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  154.653072][ T5960] Bluetooth: hci1: command 0x0419 tx timeout
[  155.190999][ T7794] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  155.253518][ T7806] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  155.256350][ T7806] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  155.259058][ T7806] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  155.288084][ T7806] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  155.349033][ T7821] cgroup: Name too long
[  155.374203][ T7824] cgroup: Name too long
[  155.532545][ T7821] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  155.538089][ T7821] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  155.543511][ T7821] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  157.463016][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  157.613094][ T5963] Bluetooth: hci1: command 0x0419 tx timeout
[  157.623078][ T5960] Bluetooth: hci2: command 0x0c1a tx timeout
[  157.625232][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  158.345355][ T7818] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  158.384198][ T7824] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  158.386193][ T7824] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  158.388217][ T7824] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  158.633112][ T6716] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  158.638637][ T6000] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  158.783015][ T6716] usb 6-1: Using ep0 maxpacket: 8
[  158.787777][ T6716] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.792291][ T6716] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  158.796164][ T6000] usb 5-1: Using ep0 maxpacket: 32
[  158.798434][ T6716] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.803569][ T6000] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  158.806973][ T6000] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  158.811068][ T6000] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  158.815243][ T6000] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  158.820113][ T6716] usb 6-1: config 0 descriptor??
[  158.823477][ T6000] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  158.828084][ T6000] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  158.835152][ T6000] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  158.839359][ T6000] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.847126][ T6000] usb 5-1: config 0 descriptor??
[  159.034282][ T6000] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  159.040990][ T6716] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  159.052749][ T6000] usb 5-1: USB disconnect, device number 9
[  159.060454][ T6000] usblp0: removed
[  159.138284][ T7850] cgroup: Name too long
[  159.446509][   T40] audit: type=1326 audit(1752298261.821:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.1.469" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  159.550028][ T6000] usb 6-1: USB disconnect, device number 7
[  160.413081][ T5960] Bluetooth: hci2: command 0x0c1a tx timeout
[  160.413113][ T5973] Bluetooth: hci1: command 0x0419 tx timeout
[  160.415020][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[  160.418458][ T7824] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  160.463337][ T7850] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  160.466031][ T7850] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  160.468710][ T7850] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  160.491229][ T7850] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  160.508434][ T7855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.474'.
[  160.511746][ T7855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.474'.
[  160.515362][ T7855] syzkaller1: entered promiscuous mode
[  160.517111][ T7855] syzkaller1: entered allmulticast mode
[  161.582812][ T7868] bond0: (slave team0): Releasing backup interface
[  161.598381][ T7868] team_slave_0: left promiscuous mode
[  161.600926][ T7868] team_slave_0: left allmulticast mode
[  161.787329][ T7868] team0 (unregistering): Port device team_slave_0 removed
[  161.789591][ T7868] team_slave_1: left promiscuous mode
[  161.791333][ T7868] team_slave_1: left allmulticast mode
[  161.801773][ T7868] team0 (unregistering): Port device team_slave_1 removed
[  161.816496][ T7872] cgroup: Name too long
[  162.030885][ T7872] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  162.048724][ T7872] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  162.051857][ T7872] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.053805][ T7881] cgroup: Name too long
[  164.013060][ T5968] Bluetooth: hci0: command 0x0419 tx timeout
[  164.093075][ T5973] Bluetooth: hci1: command 0x0419 tx timeout
[  164.094732][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  164.413200][ T7871] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  164.415723][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  164.534524][ T7881] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  164.537083][ T7881] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  164.540904][ T7893] cgroup: Name too long
[  164.542766][ T7881] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  164.622852][ T7899] cgroup: Name too long
[  164.853147][ T6167] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  165.002963][ T6167] usb 5-1: Using ep0 maxpacket: 8
[  165.007825][ T6167] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  165.012330][ T6167] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  165.016313][ T6167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.022399][ T6167] usb 5-1: config 0 descriptor??
[  165.230097][ T6167] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  165.735934][   T40] audit: type=1326 audit(1752298268.111:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.484" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0
[  165.839301][ T6000] usb 5-1: USB disconnect, device number 10
[  166.583099][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  166.583174][ T5973] Bluetooth: hci1: command 0x0419 tx timeout
[  166.583224][ T5960] Bluetooth: hci0: command 0x0419 tx timeout
[  166.653041][ T7881] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  166.654536][ T5973] Bluetooth: hci3: command 0x0405 tx timeout
[  166.694324][ T7893] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.697025][ T7893] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.699678][ T7893] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.742425][ T7893] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  167.078506][ T7921] IPVS: Error joining to the multicast group
[  168.743117][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.748384][ T5973] Bluetooth: hci1: command 0x0419 tx timeout
[  168.750353][ T5973] Bluetooth: hci0: command 0x0419 tx timeout
[  168.823047][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  169.897423][ T6044] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  170.020825][ T7964] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  170.021554][ T7963] IPVS: stopping backup sync thread 7964 ...
[  170.043016][ T6044] usb 7-1: Using ep0 maxpacket: 8
[  170.046761][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  170.050153][ T6044] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  170.054386][ T6044] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.061098][ T6044] usb 7-1: config 0 descriptor??
[  170.269112][ T6044] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  170.271366][ T7969] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  170.274871][ T7969] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  170.278962][ T7969] vhci_hcd vhci_hcd.0: Device attached
[  170.303591][ T7969] 9pnet_fd: Insufficient options for proto=fd
[  170.322687][ T7970] vhci_hcd: connection closed
[  170.324958][ T1143] vhci_hcd: stop threads
[  170.327928][ T1143] vhci_hcd: release socket
[  170.329431][ T1143] vhci_hcd: disconnect device
[  170.783496][   T40] audit: type=1326 audit(1752298273.151:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7953 comm="syz.2.498" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  170.892991][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  170.900529][  T836] usb 7-1: USB disconnect, device number 8
[  171.501024][ T7983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.505'.
[  171.742984][ T6044] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  172.087303][ T6044] usb 5-1: unable to get BOS descriptor or descriptor too short
[  172.094068][ T6044] usb 5-1: unable to read config index 0 descriptor/start: -71
[  172.096533][ T6044] usb 5-1: can't read configurations, error -71
[  172.311174][ T2295] IPVS: starting estimator thread 0...
[  172.413117][ T7997] IPVS: using max 42 ests per chain, 100800 per kthread
[  172.982954][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  172.992209][ T8013] IPVS: stopping backup sync thread 7640 ...
[  173.488735][ T8019] =======================================================
[  173.488735][ T8019] WARNING: The mand mount option has been deprecated and
[  173.488735][ T8019]          and is ignored by this kernel. Remove the mand
[  173.488735][ T8019]          option from the mount to silence this warning.
[  173.488735][ T8019] =======================================================
[  174.503511][ T8030] sctp: [Deprecated]: syz.1.518 (pid 8030) Use of struct sctp_assoc_value in delayed_ack socket option.
[  174.503511][ T8030] Use struct sctp_sack_info instead
[  174.973875][ T8047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.522'.
[  174.976536][ T8047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.522'.
[  174.979707][ T8047] syzkaller1: entered promiscuous mode
[  174.981393][ T8047] syzkaller1: entered allmulticast mode
[  175.053025][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  175.934476][ T5963] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  175.937491][ T5963] Bluetooth: hci1: Injecting HCI hardware error event
[  175.941200][ T5968] Bluetooth: hci1: hardware error 0x00
[  176.707417][ T8069] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  176.708222][ T8067] IPVS: stopping backup sync thread 8069 ...
[  177.152955][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  178.013210][ T8099] cgroup: Name too long
[  178.014602][ T5968] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  178.192776][ T8099] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  178.195479][ T8099] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  180.173209][ T5963] Bluetooth: hci0: command 0x0419 tx timeout
[  180.253245][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  180.253318][ T5968] Bluetooth: hci2: command 0x0c1a tx timeout
[  180.257961][ T8098] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  180.853061][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  181.002998][   T24] usb 6-1: Using ep0 maxpacket: 8
[  181.006296][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  181.011316][   T24] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  181.014577][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.026972][   T24] usb 6-1: config 0 descriptor??
[  181.245373][   T24] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  181.750282][   T40] audit: type=1326 audit(1752298284.121:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8119 comm="syz.1.541" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  181.808232][   T24] usb 6-1: USB disconnect, device number 8
[  182.333173][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  182.462339][ T8143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.547'.
[  185.198945][ T8175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.555'.
[  187.213479][ T8199] netlink: 8 bytes leftover after parsing attributes in process `syz.2.562'.
[  188.012995][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  191.424299][ T8251] netlink: 8 bytes leftover after parsing attributes in process `syz.0.576'.
[  192.183015][ T6044] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  192.242666][ T8264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.580'.
[  192.336777][ T6044] usb 8-1: Using ep0 maxpacket: 8
[  192.343610][ T6044] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  192.348051][ T6044] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  192.352372][ T6044] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.361137][ T6044] usb 8-1: config 0 descriptor??
[  192.576707][ T6044] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  193.092276][   T40] audit: type=1326 audit(1752298295.461:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8259 comm="syz.3.579" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x0
[  193.167602][   T60] usb 8-1: USB disconnect, device number 4
[  193.424589][ T8281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.584'.
[  193.698888][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  193.701584][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  193.801382][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.585'.
[  195.043199][ T8306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.592'.
[  195.651483][ T8313] netlink: 8 bytes leftover after parsing attributes in process `syz.1.594'.
[  195.803095][   T60] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  195.978057][ T1147] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.100369][ T1147] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.168930][ T1147] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.185151][ T5963] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  196.190172][ T5963] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  196.195664][ T5963] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  196.200446][ T5963] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  196.205076][ T5963] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  196.215891][   T60] usb 7-1: unable to get BOS descriptor or descriptor too short
[  196.219559][   T60] usb 7-1: unable to read config index 0 descriptor/start: -71
[  196.222304][   T60] usb 7-1: can't read configurations, error -71
[  196.303091][ T1147] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.370000][ T8321] chnl_net:caif_netlink_parms(): no params data found
[  196.582346][ T1147] bridge_slave_1: left allmulticast mode
[  196.585664][ T1147] bridge_slave_1: left promiscuous mode
[  196.588761][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.595939][ T1147] bridge_slave_0: left allmulticast mode
[  196.598091][ T1147] bridge_slave_0: left promiscuous mode
[  196.600028][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.866578][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  196.878626][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.888061][ T1147] bond0 (unregistering): Released all slaves
[  196.945427][ T8321] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.947674][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.949974][ T8321] bridge_slave_0: entered allmulticast mode
[  196.952604][ T8321] bridge_slave_0: entered promiscuous mode
[  196.956338][ T8321] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.958638][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.960895][ T8321] bridge_slave_1: entered allmulticast mode
[  196.963721][ T8321] bridge_slave_1: entered promiscuous mode
[  197.392636][ T8321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.421383][ T8321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  197.705773][ T8321] team0: Port device team_slave_0 added
[  197.710802][ T8321] team0: Port device team_slave_1 added
[  198.078410][ T1147] hsr_slave_0: left promiscuous mode
[  198.082040][ T1147] hsr_slave_1: left promiscuous mode
[  198.084526][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.088270][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[  198.093957][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.096264][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.141431][ T1147] veth1_macvtap: left promiscuous mode
[  198.146460][ T1147] veth0_macvtap: left promiscuous mode
[  198.149827][ T1147] veth1_vlan: left promiscuous mode
[  198.152243][ T1147] veth0_vlan: left promiscuous mode
[  198.251866][ T1147] pimreg3 (unregistering): left allmulticast mode
[  198.254793][ T5963] Bluetooth: hci1: command tx timeout
[  199.337811][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  199.341262][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.354595][ T8321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.361430][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.364772][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.375298][ T8321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.514100][ T8321] hsr_slave_0: entered promiscuous mode
[  199.517215][ T8321] hsr_slave_1: entered promiscuous mode
[  199.520175][ T8321] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  199.524226][ T8321] Cannot create hsr debugfs directory
[  200.007634][ T5968] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  200.012314][ T5968] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  200.016562][ T5968] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  200.020296][ T5968] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  200.024962][ T5968] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  200.150077][ T1147] IPVS: stop unused estimator thread 0...
[  200.280047][ T1136] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.329303][ T8381] chnl_net:caif_netlink_parms(): no params data found
[  200.334287][ T5968] Bluetooth: hci1: command tx timeout
[  200.469152][ T1136] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.483526][ T8381] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.486427][ T8381] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.488723][ T8381] bridge_slave_0: entered allmulticast mode
[  200.491308][ T8381] bridge_slave_0: entered promiscuous mode
[  200.540283][ T8381] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.545199][ T8381] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.547489][ T8381] bridge_slave_1: entered allmulticast mode
[  200.556446][ T8381] bridge_slave_1: entered promiscuous mode
[  200.620240][ T8381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.634149][ T1136] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.642050][ T8381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.704344][ T8381] team0: Port device team_slave_0 added
[  200.707701][ T8381] team0: Port device team_slave_1 added
[  200.833933][ T1136] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.885151][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.888136][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.905298][ T8381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.921039][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.925922][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.936813][ T8381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.995383][ T8321] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  201.029856][ T8381] hsr_slave_0: entered promiscuous mode
[  201.038578][ T8381] hsr_slave_1: entered promiscuous mode
[  201.041470][ T8381] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.045756][ T8381] Cannot create hsr debugfs directory
[  201.072709][ T8321] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  201.092158][ T8321] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  201.097642][ T8321] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  201.162968][ T1136] bridge_slave_1: left allmulticast mode
[  201.164913][ T1136] bridge_slave_1: left promiscuous mode
[  201.166790][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.170342][ T1136] bridge_slave_0: left allmulticast mode
[  201.172123][ T1136] bridge_slave_0: left promiscuous mode
[  201.176581][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.526011][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.529199][ T1136] bond_slave_0: left promiscuous mode
[  201.531018][ T1136] bond_slave_0: left allmulticast mode
[  201.534790][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.537740][ T1136] bond_slave_1: left promiscuous mode
[  201.539629][ T1136] bond_slave_1: left allmulticast mode
[  201.542028][ T1136] bond0 (unregistering): Released all slaves
[  201.750129][ T8321] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.759536][ T8321] 8021q: adding VLAN 0 to HW filter on device team0
[  201.775076][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.777317][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.780343][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.782628][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.002779][ T1136] hsr_slave_0: left promiscuous mode
[  202.008082][ T1136] 0·: left promiscuous mode
[  202.013203][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.016072][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  202.025137][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.027620][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.044099][ T1136] veth1_macvtap: left promiscuous mode
[  202.045963][ T1136] veth0_macvtap: left promiscuous mode
[  202.047791][ T1136] veth1_vlan: left promiscuous mode
[  202.049546][ T1136] veth0_vlan: left promiscuous mode
[  202.092285][ T1136] pimreg3 (unregistering): left allmulticast mode
[  202.094458][ T5968] Bluetooth: hci2: command tx timeout
[  202.413062][ T5968] Bluetooth: hci1: command tx timeout
[  203.135739][ T8321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.190096][ T8321] veth0_vlan: entered promiscuous mode
[  203.197961][ T8321] veth1_vlan: entered promiscuous mode
[  203.227626][ T8321] veth0_macvtap: entered promiscuous mode
[  203.232762][ T8321] veth1_macvtap: entered promiscuous mode
[  203.251220][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.262170][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.269166][ T8321] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.272180][ T8321] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.276828][ T8321] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.280435][ T8321] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.348528][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.351795][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.370606][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.373916][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.433148][ T8381] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  203.445534][ T8381] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  203.450321][ T8381] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  203.461302][ T8381] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  203.557189][ T1136] IPVS: stop unused estimator thread 0...
[  203.602750][ T8381] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.615407][ T8381] 8021q: adding VLAN 0 to HW filter on device team0
[  203.620662][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.623685][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.641688][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.643986][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.678488][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  203.682271][ T5963] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  203.685324][ T5963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  203.688977][ T5963] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  203.692495][ T5963] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  203.781766][ T1136] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  203.785207][ T1136] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.846887][ T8381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.857656][ T1136] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  203.861204][ T1136] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.875530][ T8487] chnl_net:caif_netlink_parms(): no params data found
[  203.932985][ T6026] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  203.968258][ T8487] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.970537][ T8487] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.972798][ T8487] bridge_slave_0: entered allmulticast mode
[  203.975780][ T8487] bridge_slave_0: entered promiscuous mode
[  203.990048][ T1136] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  203.994719][ T1136] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.011503][ T8487] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.015182][ T8487] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.018310][ T8487] bridge_slave_1: entered allmulticast mode
[  204.022213][ T8487] bridge_slave_1: entered promiscuous mode
[  204.078973][ T8487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.085513][ T8381] veth0_vlan: entered promiscuous mode
[  204.089803][ T8487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.094304][ T6026] usb 6-1: Using ep0 maxpacket: 8
[  204.099797][ T6026] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  204.106480][ T6026] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  204.112363][ T6026] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.117667][ T6026] usb 6-1: config 0 descriptor??
[  204.122288][ T1136] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.125571][ T1136] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.158655][ T8487] team0: Port device team_slave_0 added
[  204.161914][ T8487] team0: Port device team_slave_1 added
[  204.173903][ T5963] Bluetooth: hci2: command tx timeout
[  204.186247][ T8381] veth1_vlan: entered promiscuous mode
[  204.212025][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.214681][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.224173][ T8487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.236768][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.238841][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.246749][ T8487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.307476][ T8487] hsr_slave_0: entered promiscuous mode
[  204.310484][ T8487] hsr_slave_1: entered promiscuous mode
[  204.314551][ T8487] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.317688][ T8487] Cannot create hsr debugfs directory
[  204.334129][ T6026] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  204.363309][ T8381] veth0_macvtap: entered promiscuous mode
[  204.453345][ T8381] veth1_macvtap: entered promiscuous mode
[  204.457854][ T1136] bridge_slave_1: left allmulticast mode
[  204.460190][ T1136] bridge_slave_1: left promiscuous mode
[  204.462664][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.468950][ T1136] bridge_slave_0: left allmulticast mode
[  204.471051][ T1136] bridge_slave_0: left promiscuous mode
[  204.474205][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.491068][ T5968] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  204.495278][ T5968] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  204.498741][ T5968] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  204.504249][ T5968] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  204.507737][ T5968] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  204.836677][   T40] audit: type=1326 audit(1752298307.211:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8488 comm="syz.1.618" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  204.847592][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.851361][ T1136] bond_slave_0: left promiscuous mode
[  204.854090][ T1136] bond_slave_0: left allmulticast mode
[  204.858677][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.861639][ T1136] bond_slave_1: left promiscuous mode
[  204.863564][ T1136] bond_slave_1: left allmulticast mode
[  204.865801][ T1136] bond0 (unregistering): Released all slaves
[  204.875616][ T1136] bond1 (unregistering): Released all slaves
[  204.888129][ T8501] usb 6-1: USB disconnect, device number 9
[  204.963395][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.971331][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.018885][ T8381] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.021694][ T8381] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.024639][ T8381] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.028647][ T8381] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.140398][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.143505][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.174650][ T1136] hsr_slave_0: left promiscuous mode
[  205.177108][ T1136] hsr_slave_1: left promiscuous mode
[  205.179948][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.182481][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.187125][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.190061][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.207829][ T1136] veth1_macvtap: left promiscuous mode
[  205.209752][ T1136] veth0_macvtap: left promiscuous mode
[  205.211809][ T1136] veth1_vlan: left promiscuous mode
[  205.214045][ T1136] veth0_vlan: left promiscuous mode
[  205.783654][ T5968] Bluetooth: hci0: command tx timeout
[  206.124742][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.128419][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.210562][ T8503] chnl_net:caif_netlink_parms(): no params data found
[  206.348589][ T8503] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.350935][ T8503] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.354648][ T8503] bridge_slave_0: entered allmulticast mode
[  206.357909][ T8503] bridge_slave_0: entered promiscuous mode
[  206.363635][ T8503] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.366211][ T8503] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.368499][ T8503] bridge_slave_1: entered allmulticast mode
[  206.371106][ T8503] bridge_slave_1: entered promiscuous mode
[  206.411609][ T8503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.427754][ T8503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.484438][ T8503] team0: Port device team_slave_0 added
[  206.491786][ T8503] team0: Port device team_slave_1 added
[  206.537584][ T8503] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.539797][ T8503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.547988][ T8503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.551515][ T8487] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  206.559073][ T8503] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.561366][ T8503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.570204][ T8503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.574123][ T5968] Bluetooth: hci1: command tx timeout
[  206.578426][ T8487] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  206.582439][ T8487] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  206.592183][ T8487] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  206.638863][ T8503] hsr_slave_0: entered promiscuous mode
[  206.641157][ T8503] hsr_slave_1: entered promiscuous mode
[  206.648276][ T1136] IPVS: stop unused estimator thread 0...
[  206.754964][ T8503] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.779836][ T8487] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.800874][ T8487] 8021q: adding VLAN 0 to HW filter on device team0
[  206.807029][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.809279][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.814769][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.817017][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.855778][ T8503] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.945345][ T8503] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.074368][ T8503] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.136769][ T8487] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.158611][ T8487] veth0_vlan: entered promiscuous mode
[  207.163877][ T8487] veth1_vlan: entered promiscuous mode
[  207.180006][ T8487] veth0_macvtap: entered promiscuous mode
[  207.184014][ T8487] veth1_macvtap: entered promiscuous mode
[  207.192346][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.197915][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.204557][ T8487] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.207309][ T8487] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.210453][ T8487] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.213725][ T8487] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.240665][   T12] bridge_slave_1: left allmulticast mode
[  207.243226][   T12] bridge_slave_1: left promiscuous mode
[  207.246207][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.250071][   T12] bridge_slave_0: left allmulticast mode
[  207.251866][   T12] bridge_slave_0: left promiscuous mode
[  207.254070][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.518194][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.523601][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.529027][   T12] bond0 (unregistering): Released all slaves
[  207.562337][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.566256][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.604032][ T8503] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  207.607971][ T8503] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  207.614104][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.616565][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.617496][ T8503] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  207.632584][ T8503] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  207.718122][ T8503] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.730086][ T8503] 8021q: adding VLAN 0 to HW filter on device team0
[  207.737026][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.740033][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.747675][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.750690][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.835095][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  207.839312][ T5963] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  207.843947][ T5963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  207.848050][ T5963] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  207.851718][ T5963] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  207.884925][ T8503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.946799][   T12] hsr_slave_0: left promiscuous mode
[  207.953932][   T12] hsr_slave_1: left promiscuous mode
[  207.956261][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.958516][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  207.961500][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.964072][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  207.985447][   T12] veth1_macvtap: left promiscuous mode
[  207.987207][   T12] veth0_macvtap: left promiscuous mode
[  207.988963][   T12] veth1_vlan: left promiscuous mode
[  207.990556][   T12] veth0_vlan: left promiscuous mode
[  208.534429][   T12] team0 (unregistering): Port device team_slave_1 removed
[  208.589411][   T12] team0 (unregistering): Port device team_slave_0 removed
[  208.663182][ T5968] Bluetooth: hci1: command tx timeout
[  208.678349][ T8560] cgroup: Name too long
[  209.066159][ T8503] veth0_vlan: entered promiscuous mode
[  209.101893][ T8503] veth1_vlan: entered promiscuous mode
[  209.131144][ T8552] chnl_net:caif_netlink_parms(): no params data found
[  209.169789][ T8560] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.172399][ T8560] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  209.179024][ T8560] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  209.192290][ T8560] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  209.197641][ T8560] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  209.201754][ T8560] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  209.246867][ T8503] veth0_macvtap: entered promiscuous mode
[  209.251103][ T8552] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.253764][ T8552] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.256082][ T8552] bridge_slave_0: entered allmulticast mode
[  209.258848][ T8552] bridge_slave_0: entered promiscuous mode
[  209.262152][ T8552] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.264540][ T8552] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.266796][ T8552] bridge_slave_1: entered allmulticast mode
[  209.269777][ T8552] bridge_slave_1: entered promiscuous mode
[  209.277432][ T8503] veth1_macvtap: entered promiscuous mode
[  209.309743][ T8552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.314999][ T8552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.367508][ T8552] team0: Port device team_slave_0 added
[  209.372137][ T8552] team0: Port device team_slave_1 added
[  209.427782][ T8552] batman_adv: batadv0: Adding interface: batadv_slave_0
[  209.430672][ T8552] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.440919][ T8552] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.446583][ T8552] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.449360][ T8552] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.459624][ T8552] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.469313][ T8503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.477535][ T8503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.549557][ T8552] hsr_slave_0: entered promiscuous mode
[  209.552626][ T8552] hsr_slave_1: entered promiscuous mode
[  209.555535][ T8552] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  209.558641][ T8552] Cannot create hsr debugfs directory
[  209.588575][ T8503] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.591542][ T8503] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.595558][ T8503] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.598310][ T8503] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.681770][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.744098][ T8552] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.764649][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.767108][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  209.779741][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.783129][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  209.807380][ T8552] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.925390][ T8552] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.982291][ T8552] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.169332][ T8552] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  210.180052][ T8552] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  210.184483][ T8552] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  210.189070][ T8552] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  210.235468][ T8552] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.245854][ T8552] 8021q: adding VLAN 0 to HW filter on device team0
[  210.251581][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.254056][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.263277][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.265551][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  210.388376][ T8552] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.412303][ T8552] veth0_vlan: entered promiscuous mode
[  210.419758][ T8552] veth1_vlan: entered promiscuous mode
[  210.438480][ T8552] veth0_macvtap: entered promiscuous mode
[  210.442184][ T8552] veth1_macvtap: entered promiscuous mode
[  210.450789][ T8552] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.457962][ T8552] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.463597][ T8552] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.466543][ T8552] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.469377][ T8552] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.472464][ T8552] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.510878][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.514442][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.531278][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.533978][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.775115][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.972616][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.052198][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.159218][   T12] bridge_slave_1: left allmulticast mode
[  211.161048][   T12] bridge_slave_1: left promiscuous mode
[  211.163077][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.167455][   T12] bridge_slave_0: left allmulticast mode
[  211.169564][   T12] bridge_slave_0: left promiscuous mode
[  211.171379][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.178273][   T12] bridge_slave_1: left allmulticast mode
[  211.180051][   T12] bridge_slave_1: left promiscuous mode
[  211.181854][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.186432][   T12] bridge_slave_0: left allmulticast mode
[  211.188139][   T12] bridge_slave_0: left promiscuous mode
[  211.189883][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.213654][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  211.213680][ T5963] Bluetooth: hci0: command 0x041b tx timeout
[  211.215775][ T8559] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  211.223170][    C2] ------------[ cut here ]------------
[  211.225246][    C2] workqueue: cannot queue hci_cmd_timeout on wq hci1
[  211.227873][    C2] WARNING: CPU: 2 PID: 5963 at kernel/workqueue.c:2257 __queue_work+0xc9c/0x10f0
[  211.230883][    C2] Modules linked in:
[  211.232348][    C2] CPU: 2 UID: 0 PID: 5963 Comm: kworker/u33:3 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  211.237771][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.242034][    C2] Workqueue: hci2 hci_cmd_work
[  211.244070][    C2] RIP: 0010:__queue_work+0xc9c/0x10f0
[  211.246329][    C2] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 c0 05 ac 8b e8 45 44 f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 36 f8 37 00 90 0f 0b 90 e9 1b f6 ff
[  211.252435][    C2] RSP: 0018:ffffc90000538be8 EFLAGS: 00010082
[  211.254338][    C2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ab108
[  211.256970][    C2] RDX: ffff88802304c880 RSI: ffffffff817ab115 RDI: 0000000000000001
[  211.260286][    C2] RBP: ffff88804fd10970 R08: 0000000000000001 R09: 0000000000000000
[  211.263669][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920000a718f
[  211.266449][    C2] R13: 0000000080000100 R14: ffff888028c60178 R15: 0000000000000001
[  211.269058][    C2] FS:  0000000000000000(0000) GS:ffff888097721000(0000) knlGS:0000000000000000
[  211.272123][    C2] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  211.274304][    C2] CR2: 00007f1cbffca068 CR3: 0000000069e50000 CR4: 0000000000352ef0
[  211.276869][    C2] Call Trace:
[  211.277976][    C2]  <IRQ>
[  211.278920][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  211.280782][    C2]  call_timer_fn+0x19a/0x620
[  211.282249][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  211.283784][    C2]  ? __run_timers+0x559/0x960
[  211.285242][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  211.286996][    C2]  __run_timers+0x569/0x960
[  211.288432][    C2]  ? __pfx___run_timers+0x10/0x10
[  211.290016][    C2]  run_timer_base+0x114/0x190
[  211.291492][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  211.293077][    C2]  run_timer_softirq+0x1a/0x40
[  211.294542][    C2]  handle_softirqs+0x219/0x8e0
[  211.296040][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  211.297734][    C2]  __irq_exit_rcu+0x109/0x170
[  211.299158][    C2]  irq_exit_rcu+0x9/0x30
[  211.300436][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  211.302114][    C2]  </IRQ>
[  211.302996][    C2]  <TASK>
[  211.303873][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  211.305649][    C2] RIP: 0010:lock_acquire+0x62/0x350
[  211.307270][    C2] Code: d8 37 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 22 86 11 0f 0f 82 74 02 00 00 8b 35 ea b7 11 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 b9 d7 37 12 0f 85 c7 02 00 00 48 83 c4
[  211.313134][    C2] RSP: 0018:ffffc9000344faf0 EFLAGS: 00000206
[  211.315010][    C2] RAX: 0000000000000046 RBX: ffffffff8e789060 RCX: 0000000000000001
[  211.317660][    C2] RDX: 0000000000000000 RSI: ffffffff8de072fa RDI: ffffffff8c1578e0
[  211.320100][    C2] RBP: 0000000000000000 R08: 7b9250ed234c1426 R09: 00000000000001d4
[  211.322568][    C2] R10: ffffc9000344fa28 R11: 0000000000000001 R12: 0000000000000001
[  211.325007][    C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.327508][    C2]  ? fs_reclaim_acquire+0xae/0x150
[  211.329114][    C2]  fs_reclaim_acquire+0xca/0x150
[  211.330656][    C2]  ? fs_reclaim_acquire+0xae/0x150
[  211.332274][    C2]  kmem_cache_alloc_noprof+0x53/0x3b0
[  211.333952][    C2]  ? mark_held_locks+0x49/0x80
[  211.335448][    C2]  ? skb_clone+0x190/0x3f0
[  211.336931][    C2]  skb_clone+0x190/0x3f0
[  211.338276][    C2]  hci_cmd_work+0x1c5/0x7a0
[  211.339707][    C2]  process_one_work+0x9cf/0x1b70
[  211.341272][    C2]  ? __pfx_process_one_work+0x10/0x10
[  211.342957][    C2]  ? assign_work+0x1a0/0x250
[  211.344405][    C2]  worker_thread+0x6c8/0xf10
[  211.345830][    C2]  ? __pfx_worker_thread+0x10/0x10
[  211.347496][    C2]  kthread+0x3c2/0x780
[  211.348759][    C2]  ? __pfx_kthread+0x10/0x10
[  211.350205][    C2]  ? rcu_is_watching+0x12/0xc0
[  211.351700][    C2]  ? __pfx_kthread+0x10/0x10
[  211.353178][    C2]  ret_from_fork+0x5d7/0x6f0
[  211.354632][    C2]  ? __pfx_kthread+0x10/0x10
[  211.356088][    C2]  ret_from_fork_asm+0x1a/0x30
[  211.358061][    C2]  </TASK>
[  211.359286][    C2] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  211.361536][    C2] CPU: 2 UID: 0 PID: 5963 Comm: kworker/u33:3 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  211.365271][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.368591][    C2] Workqueue: hci2 hci_cmd_work
[  211.370093][    C2] Call Trace:
[  211.371144][    C2]  <IRQ>
[  211.372055][    C2]  dump_stack_lvl+0x3d/0x1f0
[  211.373497][    C2]  panic+0x71c/0x800
[  211.374730][    C2]  ? __pfx_panic+0x10/0x10
[  211.376146][    C2]  ? show_trace_log_lvl+0x29b/0x3e0
[  211.378278][    C2]  ? check_panic_on_warn+0x1f/0xb0
[  211.380429][    C2]  ? __queue_work+0xc9c/0x10f0
[  211.382452][    C2]  check_panic_on_warn+0xab/0xb0
[  211.384558][    C2]  __warn+0xf6/0x3c0
[  211.386226][    C2]  ? __queue_work+0xc9c/0x10f0
[  211.388198][    C2]  report_bug+0x3c3/0x580
[  211.390049][    C2]  ? __queue_work+0xc9c/0x10f0
[  211.392075][    C2]  handle_bug+0x184/0x210
[  211.393880][    C2]  exc_invalid_op+0x17/0x50
[  211.395798][    C2]  asm_exc_invalid_op+0x1a/0x20
[  211.397843][    C2] RIP: 0010:__queue_work+0xc9c/0x10f0
[  211.400079][    C2] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 c0 05 ac 8b e8 45 44 f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 36 f8 37 00 90 0f 0b 90 e9 1b f6 ff
[  211.408039][    C2] RSP: 0018:ffffc90000538be8 EFLAGS: 00010082
[  211.410609][    C2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ab108
[  211.413918][    C2] RDX: ffff88802304c880 RSI: ffffffff817ab115 RDI: 0000000000000001
[  211.417187][    C2] RBP: ffff88804fd10970 R08: 0000000000000001 R09: 0000000000000000
[  211.420463][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920000a718f
[  211.423730][    C2] R13: 0000000080000100 R14: ffff888028c60178 R15: 0000000000000001
[  211.427012][    C2]  ? __warn_printk+0x198/0x350
[  211.429102][    C2]  ? __warn_printk+0x1a5/0x350
[  211.431148][    C2]  ? __queue_work+0xc9b/0x10f0
[  211.433217][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  211.435633][    C2]  call_timer_fn+0x19a/0x620
[  211.437610][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  211.439761][    C2]  ? __run_timers+0x559/0x960
[  211.441754][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  211.444210][    C2]  __run_timers+0x569/0x960
[  211.446130][    C2]  ? __pfx___run_timers+0x10/0x10
[  211.448273][    C2]  run_timer_base+0x114/0x190
[  211.449835][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  211.451444][    C2]  run_timer_softirq+0x1a/0x40
[  211.452964][    C2]  handle_softirqs+0x219/0x8e0
[  211.454455][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  211.456089][    C2]  __irq_exit_rcu+0x109/0x170
[  211.457627][    C2]  irq_exit_rcu+0x9/0x30
[  211.458955][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  211.460701][    C2]  </IRQ>
[  211.461633][    C2]  <TASK>
[  211.462580][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  211.464441][    C2] RIP: 0010:lock_acquire+0x62/0x350
[  211.466059][    C2] Code: d8 37 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 22 86 11 0f 0f 82 74 02 00 00 8b 35 ea b7 11 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 b9 d7 37 12 0f 85 c7 02 00 00 48 83 c4
[  211.473618][    C2] RSP: 0018:ffffc9000344faf0 EFLAGS: 00000206
[  211.475955][    C2] RAX: 0000000000000046 RBX: ffffffff8e789060 RCX: 0000000000000001
[  211.479008][    C2] RDX: 0000000000000000 RSI: ffffffff8de072fa RDI: ffffffff8c1578e0
[  211.482199][    C2] RBP: 0000000000000000 R08: 7b9250ed234c1426 R09: 00000000000001d4
[  211.485460][    C2] R10: ffffc9000344fa28 R11: 0000000000000001 R12: 0000000000000001
[  211.488682][    C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.491867][    C2]  ? fs_reclaim_acquire+0xae/0x150
[  211.494096][    C2]  fs_reclaim_acquire+0xca/0x150
[  211.496207][    C2]  ? fs_reclaim_acquire+0xae/0x150
[  211.498406][    C2]  kmem_cache_alloc_noprof+0x53/0x3b0
[  211.500693][    C2]  ? mark_held_locks+0x49/0x80
[  211.502741][    C2]  ? skb_clone+0x190/0x3f0
[  211.504652][    C2]  skb_clone+0x190/0x3f0
[  211.506421][    C2]  hci_cmd_work+0x1c5/0x7a0
[  211.508236][    C2]  process_one_work+0x9cf/0x1b70
[  211.510144][    C2]  ? __pfx_process_one_work+0x10/0x10
[  211.512349][    C2]  ? assign_work+0x1a0/0x250
[  211.514328][    C2]  worker_thread+0x6c8/0xf10
[  211.516336][    C2]  ? __pfx_worker_thread+0x10/0x10
[  211.518042][    C2]  kthread+0x3c2/0x780
[  211.519329][    C2]  ? __pfx_kthread+0x10/0x10
[  211.520795][    C2]  ? rcu_is_watching+0x12/0xc0
[  211.522313][    C2]  ? __pfx_kthread+0x10/0x10
[  211.523770][    C2]  ret_from_fork+0x5d7/0x6f0
[  211.525242][    C2]  ? __pfx_kthread+0x10/0x10
[  211.526732][    C2]  ret_from_fork_asm+0x1a/0x30
[  211.528243][    C2]  </TASK>
[  211.529741][    C2] Kernel Offset: disabled
[  211.531105][    C2] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:31:53  Registers:
info registers vcpu 0

CPU#0
RAX=000000000065e9fb RBX=0000000000000000 RCX=ffffffff8b846c49 RDX=0000000000000000
RSI=ffffffff8de2c763 RDI=ffffffff8c1578e0 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a99e50 R15=0000000000000000
RIP=ffffffff8b8457af RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097521000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055decbc90968 CR3=0000000069e50000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e3e0378fbfa839f0 54dfbdd136871929
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef643e26f2c69dff c431b36363aa4601
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9b4240e7886acddf 2499c5bd10c65508
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bc64e0d5800ac360 aaf91e357e31d9e5
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000d40
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000810281b3ce 00000081b79a52d3
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b1ae5cfcc0ddcc1e 000000814f75af2f
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0cea000072a56ba3 0081011446b78f96
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b66a00000ea13594 008103b000382cd0
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a41df2970c30ed4a bda3edb9feaa00c3
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 45e2993e5a2d2363 45786921634c70e3
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6567646972622831 2074726f70203a30 656764697262205d 3231542020205b5d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746361706d692064 6c756f6320686369 6877203272657961 6c206e6f20646574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e656d6761726620 6562206c6c697720 656361667265746e 6920736968742072
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65766f20676e696f 67207374656b6361 50202e7374656b63 6170207664612d6e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616d74616220666f 2074726f70736e61 7274206568742065 6c646e6168206f74
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000031ae861 RBX=0000000000000002 RCX=00000000b52e8b31 RDX=afa86e1a00000000
RSI=0000000023ee86a9 RDI=0000000091400488 RBP=ffff88802057a440 RSP=ffffc900007cf978
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88802057af30 R13=ffff88802057af80 R14=0000000097d7c947 R15=0000000000000001
RIP=ffffffff8197f926 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097621000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f47434 CR3=0000000063adf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000075 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85583b65 RDI=ffffffff9b0ab980 RBP=ffffffff9b0ab940 RSP=ffffc90000538550
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000075 R14=ffffffff9b0ab940 R15=ffffffff85583b00
RIP=ffffffff85583b8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097721000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1cbffca068 CR3=0000000069e50000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000013cb6 RBX=ffffffff93e88200 RCX=0000000000013cb9 RDX=000000000000002c
RSI=0000000000013cb8 RDI=000000000004086c RBP=0000000000000010 RSP=ffffc90000157d18
R8 =0000000000013cb9 R9 =ffffffff95f23312 R10=0000000000000000 R11=0000000000000001
R12=ffffffff9739c5d0 R13=0000000000000818 R14=ffffffff9756ba08 R15=dead000000000122
RIP=ffffffff8197b342 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097821000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f70ae740 CR3=0000000063adf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000