last executing test programs: 2m5.277701996s ago: executing program 1 (id=54): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc04f01f56bb6e284f5fab", 0xe) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}}, 0x0) 2m4.054106557s ago: executing program 1 (id=57): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCALLUSERDATA(r1, 0x89e5, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000140)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde"}) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3) dup(r0) 2m0.182665971s ago: executing program 1 (id=64): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="029faf80000000e84d250000020000000000000600000000"], 0x10}, 0x1, 0x7}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r4}, 0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004000)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x4}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8512}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x3bb, 0x0, 0x0, 0x0, 0x200}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x80000001}, {0x0, 0x0, 0x0, 0x2a}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2000}, {0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x58}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x28, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r6) writev(r0, &(0x7f0000000780), 0x0) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) 2m0.082574191s ago: executing program 1 (id=65): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x37, 0x301, 0x270bd24, 0x25dfdbf9, {0x5}}, 0x14}}, 0x0) 1m59.775185131s ago: executing program 1 (id=66): ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000240)=0xffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') chown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff) symlink(&(0x7f0000000380)='./file1\x00', &(0x7f0000000780)='./bus\x00') sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c) 1m58.763253489s ago: executing program 1 (id=68): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) read$msr(0xffffffffffffffff, &(0x7f0000000040)=""/59, 0xffb5) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000007c0)=@newtaction={0x4c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x38, 0x1, [@m_tunnel_key={0x34, 0x1, 0x0, 0x0, {{0xf}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x4c}}, 0x0) pipe(&(0x7f00000002c0)) syslog(0x3, 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) 1m43.626708016s ago: executing program 32 (id=68): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) read$msr(0xffffffffffffffff, &(0x7f0000000040)=""/59, 0xffb5) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000007c0)=@newtaction={0x4c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x38, 0x1, [@m_tunnel_key={0x34, 0x1, 0x0, 0x0, {{0xf}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x4c}}, 0x0) pipe(&(0x7f00000002c0)) syslog(0x3, 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) 35.490849468s ago: executing program 2 (id=262): openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000020000009500000000000000f4b9c4ded6e8da84b38b9181"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x0, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d", 0x63, 0x0, 0x0, &(0x7f00000015c0)="89ef1284c86555bfe69b541fc18b8f329814f57bd00b1b3a") sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYRES64=r3, @ANYRES8=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x20004074}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x10048000) r4 = mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r5, 0xc0045004, 0x0) getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x4, &(0x7f0000000000)=""/64, &(0x7f0000000040)=0x40) mq_getsetattr(r4, &(0x7f0000000300)={0x800, 0x0, 0x1, 0x4}, 0x0) 33.581940808s ago: executing program 0 (id=264): bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=0xffffffffffffffff, 0x4) syz_emit_ethernet(0x36, &(0x7f0000000340)={@broadcast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "87fb89", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev}}}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000015c0), r3) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000004000000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r3, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001600)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x2c}}, 0x0) 32.258436004s ago: executing program 4 (id=267): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socketpair$tipc(0x1e, 0x4, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000006be951eb9440d6d6a3bae", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48) setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r4, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000040)='v', 0x1}], 0x1}}], 0x1, 0x400c404) 31.955544448s ago: executing program 0 (id=269): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0) 31.019249372s ago: executing program 0 (id=270): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) close(0xffffffffffffffff) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68ae"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 30.889703633s ago: executing program 5 (id=272): r0 = syz_open_procfs(0x0, &(0x7f0000006100)='cmdline\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 29.447216486s ago: executing program 0 (id=273): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x401) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) 29.446384601s ago: executing program 4 (id=275): socket$kcm(0x11, 0x3, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) r2 = creat(&(0x7f00000005c0)='./file0\x00', 0x0) close(r2) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) shutdown(r4, 0x0) r5 = dup3(r4, r3, 0x0) recvmmsg(r5, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) syz_genetlink_get_family_id$devlink(0x0, r2) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f0200c00e7f4e32f61bcdf1e422000000000100800000000000001000aadc28da3457e792945f64009400050028925aaa000000c600000000000000fe", 0x51}], 0x1) write(0xffffffffffffffff, &(0x7f0000000040)="cb", 0xfffffdef) 29.330935809s ago: executing program 5 (id=276): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB='\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) 29.104809079s ago: executing program 2 (id=277): socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000400)={0x0, 0x0}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r6, 0x0, r6) r7 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0) 19.372962806s ago: executing program 2 (id=278): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES8, @ANYRESOCT], 0x0, 0x8, 0xa2, &(0x7f0000000140)=""/162, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x1, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x6}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]}) syz_init_net_socket$rose(0xb, 0x5, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r5) getsockname$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) openat$drirender128(0xffffff9c, &(0x7f0000000100), 0x2001, 0x0) keyctl$restrict_keyring(0x3, 0x0, 0x0, 0x0) request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) 19.310964477s ago: executing program 5 (id=279): syz_usb_connect$uac1(0x2, 0x8e, &(0x7f0000000180)=ANY=[@ANYBLOB="12010003000000106b1d010140000102030109027c0003010e00030904000000010100000a240101000102010207240801d80c0509040000000102000009040101010102000007240105620000090501091f020a020107250182064a07090402000001020000090402010101020000082402010004064707240109090700090582090800060e0303"], &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0}) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) fstat(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r3}, 0x10) stat(&(0x7f0000000000)='.\x00', &(0x7f00000002c0)) mmap$xdp(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x8, 0x8010, r1, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)) quotactl_fd$Q_SETINFO(r1, 0xffffffff80000600, r2, &(0x7f00000000c0)={0x4, 0xb2e, 0x1, 0x3}) 19.310727719s ago: executing program 0 (id=280): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) r2 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) openat$drirender128(0xffffff9c, 0x0, 0x2001, 0x0) keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1}) 19.310418274s ago: executing program 4 (id=282): socket$kcm(0x11, 0x3, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) close(0xffffffffffffffff) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) shutdown(r3, 0x0) r4 = dup3(r3, r2, 0x0) recvmmsg(r4, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) 18.047007956s ago: executing program 2 (id=283): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) close(0xffffffffffffffff) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68ae"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 18.01139266s ago: executing program 4 (id=284): r0 = syz_open_dev$sndctrl(0x0, 0xab3, 0x2d0142) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, r0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') chown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff) symlink(&(0x7f0000000380)='./file1\x00', &(0x7f0000000780)='./bus\x00') sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c) 17.683509918s ago: executing program 3 (id=286): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, 0xffffffffffffffff, 0xca5af000) lseek(0xffffffffffffffff, 0x2000, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00') 16.927100444s ago: executing program 4 (id=287): openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000020000009500000000000000f4b9c4ded6e8da84b38b9181"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x0, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d", 0x63, 0x0, 0x0, &(0x7f00000015c0)="89ef1284c86555bfe69b541fc18b8f329814f57bd00b1b3a") sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYRES64=r3, @ANYRES8=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x20004074}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x10048000) r4 = mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mptcp_buf(r5, 0x11c, 0x4, &(0x7f0000000000)=""/64, &(0x7f0000000040)=0x40) mq_getsetattr(r4, &(0x7f0000000300)={0x800, 0x0, 0x1, 0x4}, 0x0) 15.852361568s ago: executing program 3 (id=288): socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000400)={0x0, 0x0}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r6, 0x0, r6) r7 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0) 15.742799097s ago: executing program 5 (id=289): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB='\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) 4.369870128s ago: executing program 2 (id=290): socket(0xa, 0x2, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) write(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) 4.363536652s ago: executing program 3 (id=291): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ppoll(&(0x7f0000000a40)=[{r0}], 0x1, 0x0, 0x0, 0x0) 4.350030786s ago: executing program 0 (id=292): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) 4.294864573s ago: executing program 5 (id=293): socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000400)={0x0, 0x0}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r6, 0x0, r6) r7 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0) 4.294334683s ago: executing program 4 (id=294): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES8, @ANYRESOCT], 0x0, 0x8, 0xa2, &(0x7f0000000140)=""/162, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x1, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x6}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]}) syz_init_net_socket$rose(0xb, 0x5, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r5) getsockname$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) openat$drirender128(0xffffff9c, &(0x7f0000000100), 0x2001, 0x0) keyctl$restrict_keyring(0x3, 0x0, 0x0, 0x0) request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) 4.045564671s ago: executing program 3 (id=295): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0) 1.968656557s ago: executing program 3 (id=296): socket$kcm(0x11, 0x3, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) close(0xffffffffffffffff) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) shutdown(r3, 0x0) r4 = dup3(r3, r2, 0x0) recvmmsg(r4, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) 1.770200418s ago: executing program 5 (id=297): openat$dir(0xffffffffffffff9c, 0x0, 0x40, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB, @ANYBLOB]) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFBR(r2, 0x8940, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r4, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8) sendto$inet(r4, 0x0, 0x0, 0x20024094, &(0x7f0000000040)={0x2, 0xfffd, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) recvmsg$unix(0xffffffffffffffff, 0x0, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) 18.918906ms ago: executing program 2 (id=298): prctl$PR_SET_IO_FLUSHER(0x39, 0x1) keyctl$get_keyring_id(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getpid() r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_io_uring_setup(0x1028c4, &(0x7f0000000200)={0x0, 0x9f65, 0x1000, 0x2}, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000140)=[@acquire, @decrefs], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}, 0x400}], 0x0, 0x0, 0x0}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200), 0xfffffecc) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x8001, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x6, 0x4, 0x24b5, 0x1be, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 0s ago: executing program 3 (id=299): openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000020000009500000000000000f4b9c4ded6e8da84b38b9181"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x0, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d", 0x63, 0x0, 0x0, &(0x7f00000015c0)="89ef1284c86555bfe69b541fc18b8f329814f57bd00b1b3a") sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYRES64=r4, @ANYRES8=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x20004074}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x10048000) mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r5, 0xc0045004, 0x0) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mptcp_buf(r6, 0x6, 0x9, 0x0, 0x0) getsockopt$inet6_mptcp_buf(r6, 0x11c, 0x4, &(0x7f0000000000)=""/64, &(0x7f0000000040)=0x40) r7 = dup(r0) write$6lowpan_enable(r7, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. [ 54.216231][ T5826] cgroup: Unknown subsys name 'net' [ 54.346812][ T5826] cgroup: Unknown subsys name 'cpuset' [ 54.354487][ T5826] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 55.639118][ T5826] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 59.454958][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.464963][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 59.474325][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.482113][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.490375][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.494217][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 59.505061][ T5846] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.505196][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.512335][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.519974][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 59.535198][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.543594][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 59.551215][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.554858][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 59.559181][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 59.573268][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.574706][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 59.580930][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.596366][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.604245][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 59.605006][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 59.614885][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 59.624763][ T5851] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 59.643387][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 59.671504][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 59.680690][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 59.689785][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 59.698028][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 59.710825][ T5843] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 59.720880][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 60.079447][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 60.131563][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 60.145740][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 60.250582][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 60.296414][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.303921][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.311194][ T5836] bridge_slave_0: entered allmulticast mode [ 60.318759][ T5836] bridge_slave_0: entered promiscuous mode [ 60.331636][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.338925][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.346204][ T5836] bridge_slave_1: entered allmulticast mode [ 60.352903][ T5836] bridge_slave_1: entered promiscuous mode [ 60.389877][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 60.408047][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.415441][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.423094][ T5845] bridge_slave_0: entered allmulticast mode [ 60.430014][ T5845] bridge_slave_0: entered promiscuous mode [ 60.459474][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.470041][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.477635][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.484874][ T5845] bridge_slave_1: entered allmulticast mode [ 60.491361][ T5845] bridge_slave_1: entered promiscuous mode [ 60.503211][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.512963][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.520396][ T5837] bridge_slave_0: entered allmulticast mode [ 60.527525][ T5837] bridge_slave_0: entered promiscuous mode [ 60.548649][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.570804][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.578509][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.585906][ T5837] bridge_slave_1: entered allmulticast mode [ 60.592397][ T5837] bridge_slave_1: entered promiscuous mode [ 60.620823][ T5836] team0: Port device team_slave_0 added [ 60.630682][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.670812][ T5836] team0: Port device team_slave_1 added [ 60.683119][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.702449][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.717102][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.724348][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.731450][ T5854] bridge_slave_0: entered allmulticast mode [ 60.738643][ T5854] bridge_slave_0: entered promiscuous mode [ 60.753600][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.760810][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.786913][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.808838][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.829210][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.836827][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.844196][ T5854] bridge_slave_1: entered allmulticast mode [ 60.850710][ T5854] bridge_slave_1: entered promiscuous mode [ 60.865508][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.872448][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.899077][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.914316][ T5845] team0: Port device team_slave_0 added [ 60.942955][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.950240][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.957655][ T5841] bridge_slave_0: entered allmulticast mode [ 60.965463][ T5841] bridge_slave_0: entered promiscuous mode [ 60.987416][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.998322][ T5845] team0: Port device team_slave_1 added [ 61.016846][ T5837] team0: Port device team_slave_0 added [ 61.025905][ T5837] team0: Port device team_slave_1 added [ 61.031866][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.039121][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.046814][ T5841] bridge_slave_1: entered allmulticast mode [ 61.053331][ T5841] bridge_slave_1: entered promiscuous mode [ 61.070339][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.133996][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.140958][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.166986][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.178438][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.188681][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.215060][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.241491][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.260232][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.267402][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.293357][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.304893][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.311845][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.338024][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.351941][ T5836] hsr_slave_0: entered promiscuous mode [ 61.358925][ T5836] hsr_slave_1: entered promiscuous mode [ 61.367420][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.386913][ T5854] team0: Port device team_slave_0 added [ 61.410875][ T5854] team0: Port device team_slave_1 added [ 61.443086][ T5841] team0: Port device team_slave_0 added [ 61.460736][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.468023][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.494231][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.512713][ T5841] team0: Port device team_slave_1 added [ 61.529310][ T5845] hsr_slave_0: entered promiscuous mode [ 61.535520][ T5845] hsr_slave_1: entered promiscuous mode [ 61.541520][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.549704][ T5845] Cannot create hsr debugfs directory [ 61.562909][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.569926][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.596251][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.632274][ T5837] hsr_slave_0: entered promiscuous mode [ 61.638649][ T5837] hsr_slave_1: entered promiscuous mode [ 61.644689][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.652237][ T5837] Cannot create hsr debugfs directory [ 61.678597][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.685954][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.711980][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.719236][ T5843] Bluetooth: hci2: command tx timeout [ 61.728126][ T5840] Bluetooth: hci0: command tx timeout [ 61.728160][ T5846] Bluetooth: hci3: command tx timeout [ 61.743688][ T5851] Bluetooth: hci1: command tx timeout [ 61.774070][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.781036][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.807443][ T5846] Bluetooth: hci4: command tx timeout [ 61.807940][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.843396][ T5854] hsr_slave_0: entered promiscuous mode [ 61.850595][ T5854] hsr_slave_1: entered promiscuous mode [ 61.856900][ T5854] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.864642][ T5854] Cannot create hsr debugfs directory [ 61.968169][ T5841] hsr_slave_0: entered promiscuous mode [ 61.976090][ T5841] hsr_slave_1: entered promiscuous mode [ 61.982079][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.989784][ T5841] Cannot create hsr debugfs directory [ 62.162952][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.191928][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.224573][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.240078][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.273580][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.290665][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.302232][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.319142][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.358591][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.378839][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.418419][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.427801][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.490045][ T5854] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 62.507837][ T5854] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 62.539433][ T5854] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 62.548742][ T5854] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 62.602616][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.612315][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.621579][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.648285][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.666953][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.697207][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.712645][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.736910][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.765220][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.772600][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.784258][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.791595][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.810294][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.817431][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.828667][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.835805][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.873054][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.945675][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.959787][ T3456] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.966919][ T3456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.992696][ T3456] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.999808][ T3456] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.029069][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.065508][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.111325][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.120454][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.151576][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.158802][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.173692][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.180774][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.239990][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.247144][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.272226][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.279411][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.436713][ T5854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.471437][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.563508][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.586231][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.645055][ T5845] veth0_vlan: entered promiscuous mode [ 63.723358][ T5836] veth0_vlan: entered promiscuous mode [ 63.742257][ T5837] veth0_vlan: entered promiscuous mode [ 63.758320][ T5837] veth1_vlan: entered promiscuous mode [ 63.767181][ T5845] veth1_vlan: entered promiscuous mode [ 63.794441][ T5846] Bluetooth: hci1: command tx timeout [ 63.794515][ T5843] Bluetooth: hci2: command tx timeout [ 63.799849][ T5846] Bluetooth: hci0: command tx timeout [ 63.805776][ T5851] Bluetooth: hci3: command tx timeout [ 63.819344][ T5836] veth1_vlan: entered promiscuous mode [ 63.841203][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.861361][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.875408][ T5851] Bluetooth: hci4: command tx timeout [ 63.907719][ T5837] veth0_macvtap: entered promiscuous mode [ 63.962569][ T5837] veth1_macvtap: entered promiscuous mode [ 63.980031][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.004909][ T5836] veth0_macvtap: entered promiscuous mode [ 64.013014][ T5845] veth0_macvtap: entered promiscuous mode [ 64.032683][ T5836] veth1_macvtap: entered promiscuous mode [ 64.050020][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.060448][ T5845] veth1_macvtap: entered promiscuous mode [ 64.087791][ T5841] veth0_vlan: entered promiscuous mode [ 64.101468][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.112315][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.123088][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.131920][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.152398][ T5841] veth1_vlan: entered promiscuous mode [ 64.167428][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.178772][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.191512][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.215854][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.227579][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.239642][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.250559][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.261847][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.294763][ T5841] veth0_macvtap: entered promiscuous mode [ 64.305049][ T5841] veth1_macvtap: entered promiscuous mode [ 64.312493][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.325063][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.335851][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.369391][ T5836] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.379106][ T5836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.387986][ T5836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.397508][ T5836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.408400][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.419535][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.429497][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.442841][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.453554][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.482435][ T5845] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.491371][ T5845] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.500511][ T5845] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.510398][ T5845] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.531825][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.547662][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.558529][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.569077][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.578994][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.589485][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.600702][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.627115][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.640262][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.650473][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.661149][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.671030][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.681893][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.692534][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.707172][ T5854] veth0_vlan: entered promiscuous mode [ 64.726613][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.735800][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.746595][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.756511][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.814672][ T3456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.831089][ T3456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.854969][ T5854] veth1_vlan: entered promiscuous mode [ 64.894265][ T3456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.902708][ T3456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.940400][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.965148][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.971886][ T5854] veth0_macvtap: entered promiscuous mode [ 65.014961][ T3456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.030210][ T5854] veth1_macvtap: entered promiscuous mode [ 65.041459][ T3456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.051676][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 65.061869][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.078080][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.109696][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.130070][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.140331][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.166422][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.192429][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.203276][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.213486][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.225068][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.236795][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.256107][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.256511][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.274601][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.276604][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.292005][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.302520][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.312640][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.323745][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.336927][ T5854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.348058][ T5854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.362951][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.392086][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.400275][ T5854] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.414422][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.419084][ T5854] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.432150][ T5854] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.440960][ T5854] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.478061][ T3456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.499334][ T3456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.632308][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.661424][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.756404][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.875130][ T5843] Bluetooth: hci2: command tx timeout [ 65.881170][ T5851] Bluetooth: hci3: command tx timeout [ 65.887132][ T5846] Bluetooth: hci0: command tx timeout [ 65.887153][ T5843] Bluetooth: hci1: command tx timeout [ 65.934463][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.964795][ T5843] Bluetooth: hci4: command tx timeout [ 65.986546][ T5935] syz.2.3: attempt to access beyond end of device [ 65.986546][ T5935] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 65.999807][ T5935] hpfs: hpfs_map_sector(): read error [ 66.228121][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 66.260566][ T5939] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4'. [ 66.354332][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 66.659188][ T5948] vlan2: entered allmulticast mode [ 67.484054][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.492643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.734047][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.847465][ T5969] 9pnet_virtio: no channels available for device syz [ 67.984101][ T5843] Bluetooth: hci0: command tx timeout [ 67.990535][ T5843] Bluetooth: hci1: command tx timeout [ 68.000976][ T5843] Bluetooth: hci2: command tx timeout [ 68.054521][ T5843] Bluetooth: hci3: command tx timeout [ 68.064887][ T5843] Bluetooth: hci4: command tx timeout [ 68.643425][ T5968] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 69.012915][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 69.022248][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 69.645006][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.651323][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.884195][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.953427][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.829903][ T6009] overlayfs: missing 'lowerdir' [ 71.588469][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.600365][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 74.169443][ T6030] netlink: 12 bytes leftover after parsing attributes in process `syz.1.30'. [ 74.853425][ T6040] netlink: 16 bytes leftover after parsing attributes in process `syz.1.34'. [ 75.789498][ T6050] Zero length message leads to an empty skb [ 76.789532][ T52] cfg80211: failed to load regulatory.db [ 80.070422][ T3559] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.205327][ T6097] syz.0.47 uses obsolete (PF_INET,SOCK_PACKET) [ 86.473150][ T6140] 9pnet_virtio: no channels available for device syz [ 87.027115][ T6142] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 87.062231][ T6148] Bluetooth: MGMT ver 1.23 [ 87.482033][ T6152] netlink: 'syz.1.64': attribute type 4 has an invalid length. [ 87.502747][ T6142] netlink: 'syz.3.61': attribute type 10 has an invalid length. [ 87.807951][ T6142] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.875970][ T6142] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 88.182007][ T6162] 9pnet_virtio: no channels available for device syz [ 89.277006][ T6173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.69'. [ 91.358068][ T5892] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 91.574856][ T5892] usb 3-1: config 0 has no interfaces? [ 91.608710][ T5892] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 91.638269][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.677940][ T5892] usb 3-1: Product: syz [ 91.682144][ T5892] usb 3-1: Manufacturer: syz [ 91.713008][ T5892] usb 3-1: SerialNumber: syz [ 91.768862][ T5892] usb 3-1: config 0 descriptor?? [ 93.002185][ T6202] 9pnet_virtio: no channels available for device syz [ 93.298959][ T6204] netlink: 36 bytes leftover after parsing attributes in process `syz.2.76'. [ 94.657553][ T6218] netlink: 12 bytes leftover after parsing attributes in process `syz.0.84'. [ 95.329890][ T5920] usb 3-1: USB disconnect, device number 2 [ 96.041278][ T6229] 9pnet_virtio: no channels available for device syz [ 96.956629][ T29] audit: type=1326 audit(1732626699.273:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6225 comm="syz.2.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 97.139510][ T29] audit: type=1326 audit(1732626699.273:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6225 comm="syz.2.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 97.177072][ T29] audit: type=1326 audit(1732626699.273:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6225 comm="syz.2.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 97.198655][ T29] audit: type=1326 audit(1732626699.273:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6225 comm="syz.2.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 97.220532][ T29] audit: type=1326 audit(1732626699.273:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6225 comm="syz.2.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 101.062894][ T6275] netlink: 12 bytes leftover after parsing attributes in process `syz.2.97'. [ 101.700615][ T5843] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 101.709260][ T5843] Bluetooth: hci4: Injecting HCI hardware error event [ 101.717940][ T5843] Bluetooth: hci4: hardware error 0x00 [ 102.253428][ T29] audit: type=1326 audit(1732626705.353:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6281 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee057e819 code=0x7ffc0000 [ 102.275815][ T29] audit: type=1326 audit(1732626705.353:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6281 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee057e819 code=0x7ffc0000 [ 103.312400][ T6289] 9pnet_virtio: no channels available for device syz [ 104.277410][ T5843] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 104.365860][ T6306] netlink: 88 bytes leftover after parsing attributes in process `syz.0.106'. [ 104.404620][ T6306] netlink: 88 bytes leftover after parsing attributes in process `syz.0.106'. [ 105.053272][ T6315] netlink: 36 bytes leftover after parsing attributes in process `syz.4.110'. [ 105.223784][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 105.235224][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.243507][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.252265][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.261110][ T5840] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 105.271763][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 106.024298][ T6327] nbd: socks must be embedded in a SOCK_ITEM attr [ 106.446800][ T6336] 9pnet_virtio: no channels available for device syz [ 108.045197][ T5840] Bluetooth: hci0: command tx timeout [ 108.589697][ T6350] syz.2.117: attempt to access beyond end of device [ 108.589697][ T6350] loop2: rw=0, sector=16, nr_sectors = 1 limit=0 [ 108.603079][ T6350] qnx6: unable to read the first superblock [ 108.610190][ T6350] syz.2.117: attempt to access beyond end of device [ 108.610190][ T6350] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 108.623168][ T6350] qnx6: unable to read the first superblock [ 108.629190][ T6350] qnx6: unable to read the first superblock [ 109.280216][ T6318] chnl_net:caif_netlink_parms(): no params data found [ 109.982905][ T6318] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.012545][ T6318] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.054078][ T6318] bridge_slave_0: entered allmulticast mode [ 110.076925][ T6318] bridge_slave_0: entered promiscuous mode [ 110.102923][ T6318] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.113801][ T5840] Bluetooth: hci0: command tx timeout [ 110.138794][ T6318] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.170530][ T6318] bridge_slave_1: entered allmulticast mode [ 110.240322][ T6318] bridge_slave_1: entered promiscuous mode [ 110.246615][ T5893] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 110.376335][ T6368] netlink: 36 bytes leftover after parsing attributes in process `syz.4.123'. [ 110.404677][ T6318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 110.438425][ T6318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.453570][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1120, setting to 1024 [ 110.523875][ T5893] usb 4-1: New USB device found, idVendor=056a, idProduct=010d, bcdDevice= 0.00 [ 110.541093][ T6369] netlink: 88 bytes leftover after parsing attributes in process `syz.2.122'. [ 110.550285][ T6369] netlink: 88 bytes leftover after parsing attributes in process `syz.2.122'. [ 110.628012][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.664958][ T5893] usb 4-1: config 0 descriptor?? [ 110.676283][ T6318] team0: Port device team_slave_0 added [ 110.700387][ T6362] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 110.721434][ T6318] team0: Port device team_slave_1 added [ 110.993929][ T6318] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 111.001312][ T6318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.010339][ T5893] wacom 0003:056A:010D.0001: hidraw0: USB HID v0.00 Device [HID 056a:010d] on usb-dummy_hcd.3-1/input0 [ 112.347685][ T6376] netlink: 120 bytes leftover after parsing attributes in process `syz.0.124'. [ 112.358124][ T5840] Bluetooth: hci0: command tx timeout [ 112.372390][ T6318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.425193][ T6318] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.435840][ T6318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.661489][ T6383] hub 6-0:1.0: USB hub found [ 112.673934][ T6383] hub 6-0:1.0: 1 port detected [ 112.777117][ T6362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.793718][ T6318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.900164][ T6362] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.947159][ T6362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.105329][ T6362] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.179269][ T118] usb 4-1: USB disconnect, device number 2 [ 113.662442][ T6318] hsr_slave_0: entered promiscuous mode [ 113.674922][ T6318] hsr_slave_1: entered promiscuous mode [ 113.681035][ T6318] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 113.721211][ T6318] Cannot create hsr debugfs directory [ 114.084690][ T6397] syz.2.128: attempt to access beyond end of device [ 114.084690][ T6397] loop2: rw=0, sector=16, nr_sectors = 1 limit=0 [ 114.097797][ T6397] qnx6: unable to read the first superblock [ 114.105143][ T6397] syz.2.128: attempt to access beyond end of device [ 114.105143][ T6397] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 114.118166][ T6397] qnx6: unable to read the first superblock [ 114.124168][ T6397] qnx6: unable to read the first superblock [ 114.624060][ T5840] Bluetooth: hci0: command tx timeout [ 115.767092][ T6318] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 115.786137][ T6318] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 115.804176][ T6318] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 115.823795][ T5885] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 115.904417][ T6409] 9pnet_virtio: no channels available for device syz [ 115.993829][ T5885] usb 5-1: Using ep0 maxpacket: 16 [ 116.088735][ T6318] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 116.096546][ T5885] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 116.154855][ T5885] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 116.209693][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.264056][ T5885] usb 5-1: Product: syz [ 116.268265][ T5885] usb 5-1: Manufacturer: syz [ 116.322488][ T5885] usb 5-1: SerialNumber: syz [ 116.406885][ T5885] usb 5-1: config 0 descriptor?? [ 116.448778][ T6318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.470402][ T6318] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.503118][ T6318] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 116.533252][ T6318] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 116.715940][ T6223] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.723085][ T6223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.733498][ T6223] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.741489][ T6223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.907148][ T6318] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.084029][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 117.140883][ T5920] usb 5-1: USB disconnect, device number 2 [ 117.255505][ T8] usb 1-1: config 0 has no interfaces? [ 117.272030][ T8] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 117.297930][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.357891][ T8] usb 1-1: Product: syz [ 117.362567][ T8] usb 1-1: Manufacturer: syz [ 117.367332][ T8] usb 1-1: SerialNumber: syz [ 117.376513][ T8] usb 1-1: config 0 descriptor?? [ 117.705850][ T6432] netlink: 36 bytes leftover after parsing attributes in process `syz.0.134'. [ 118.144269][ T6438] netlink: 88 bytes leftover after parsing attributes in process `syz.2.137'. [ 118.155380][ T6438] netlink: 88 bytes leftover after parsing attributes in process `syz.2.137'. [ 118.204141][ T6318] veth0_vlan: entered promiscuous mode [ 118.215230][ T6318] veth1_vlan: entered promiscuous mode [ 118.238855][ T6318] veth0_macvtap: entered promiscuous mode [ 118.248864][ T6318] veth1_macvtap: entered promiscuous mode [ 118.263820][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.274827][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.284993][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.295598][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.305434][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.315939][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.325817][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.336326][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.346240][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.357031][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.368883][ T6318] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.379245][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.389862][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.400272][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.411467][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.421659][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.432555][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.442903][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.453681][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.463508][ T6318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.475956][ T6318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.489152][ T6318] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.500479][ T6318] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.509278][ T6318] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.518188][ T6318] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.527051][ T6318] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.580751][ T5893] usb 1-1: USB disconnect, device number 2 [ 118.602666][ T6442] bridge: RTM_NEWNEIGH with invalid ether address [ 118.680727][ T3559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.705837][ T3559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.753850][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.808511][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.104935][ T6457] 9pnet_virtio: no channels available for device syz [ 120.629303][ T6463] input: syz0 as /devices/virtual/input/input10 [ 122.434485][ T29] audit: type=1326 audit(1732626724.813:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6480 comm="syz.0.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfdf7e819 code=0x7ffc0000 [ 122.499331][ T29] audit: type=1326 audit(1732626724.813:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6480 comm="syz.0.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfdf7e819 code=0x7ffc0000 [ 122.709242][ T29] audit: type=1326 audit(1732626724.813:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6480 comm="syz.0.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fbcfdf7e819 code=0x7ffc0000 [ 123.707842][ T29] audit: type=1326 audit(1732626724.813:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6480 comm="syz.0.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfdf7e819 code=0x7ffc0000 [ 123.766027][ T29] audit: type=1326 audit(1732626724.813:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6480 comm="syz.0.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfdf7e819 code=0x7ffc0000 [ 124.264281][ T118] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 124.570241][ T118] usb 6-1: config 0 has no interfaces? [ 124.633492][ T118] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 124.748442][ T118] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.759707][ T118] usb 6-1: Product: syz [ 124.764455][ T118] usb 6-1: Manufacturer: syz [ 124.784946][ T118] usb 6-1: SerialNumber: syz [ 124.798684][ T118] usb 6-1: config 0 descriptor?? [ 125.934156][ T6511] netlink: 36 bytes leftover after parsing attributes in process `syz.5.155'. [ 126.252304][ T6523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.159'. [ 127.012049][ T118] usb 6-1: USB disconnect, device number 2 [ 127.250830][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.019624][ T29] audit: type=1326 audit(1732626730.433:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6524 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 128.344766][ T6540] binder: 6536:6540 ioctl c0306201 0 returned -14 [ 128.363827][ T6540] binder: 6536:6540 ioctl 4018620d 0 returned -22 [ 128.732081][ T29] audit: type=1326 audit(1732626730.433:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6524 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 128.753682][ T29] audit: type=1326 audit(1732626730.433:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6524 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 128.774943][ C0] vkms_vblank_simulate: vblank timer overrun [ 128.781217][ T29] audit: type=1326 audit(1732626730.433:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6524 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 128.807252][ T29] audit: type=1326 audit(1732626730.433:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6524 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ad457e819 code=0x7ffc0000 [ 130.034183][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.877928][ T6574] 9pnet_virtio: no channels available for device syz [ 133.505164][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.511554][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.969802][ T6585] process 'syz.4.176' launched './file0' with NULL argv: empty string added [ 135.391425][ T6612] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.654626][ T6611] tty tty29: ldisc open failed (-12), clearing slot 28 [ 138.920986][ T6619] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 138.928508][ T6619] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 139.217289][ T6636] netlink: 12 bytes leftover after parsing attributes in process `syz.2.187'. [ 139.351441][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.927455][ T6619] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 139.992433][ T6619] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 139.999480][ T6619] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 140.104138][ T6619] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 140.112237][ T6619] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 140.119995][ T6619] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 140.135792][ T6619] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 140.558232][ T6646] hub 6-0:1.0: USB hub found [ 140.563997][ T6646] hub 6-0:1.0: 1 port detected [ 141.292313][ T6619] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 141.323997][ T6619] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 141.564298][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 141.570950][ T6619] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 142.036042][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.430480][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 143.437073][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 143.641094][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.773837][ T909] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 144.113739][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 144.354334][ T6664] binder: 6662:6664 ioctl 4018620d 0 returned -22 [ 145.212696][ T909] usb 3-1: unable to read config index 0 descriptor/all [ 145.220468][ T909] usb 3-1: can't read configurations, error -71 [ 145.473752][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.479899][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.219709][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 147.563628][ T6694] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.737699][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 147.743831][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 147.793994][ T6694] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.810997][ T6694] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 148.085978][ T6694] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 149.263644][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.894545][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.900792][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.153858][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 152.943072][ T6744] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 153.000861][ T6744] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.031271][ T6744] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 153.072718][ T6744] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 154.767167][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.121103][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 155.121177][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.121294][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 156.556812][ T6784] 9pnet_virtio: no channels available for device syz [ 159.266393][ T6814] 9pnet_virtio: no channels available for device syz [ 161.493439][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 161.509756][ T6803] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 161.774167][ T6803] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 161.789011][ T6803] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 161.797350][ T6803] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 161.883019][ T6838] 9pnet_virtio: no channels available for device syz [ 162.865041][ T6842] syz.5.240: attempt to access beyond end of device [ 162.865041][ T6842] loop5: rw=0, sector=16, nr_sectors = 1 limit=0 [ 162.878889][ T6842] qnx6: unable to read the first superblock [ 162.885931][ T6842] syz.5.240: attempt to access beyond end of device [ 162.885931][ T6842] loop5: rw=0, sector=0, nr_sectors = 1 limit=0 [ 162.898905][ T6842] qnx6: unable to read the first superblock [ 162.904954][ T6842] qnx6: unable to read the first superblock [ 163.633779][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 164.184880][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 164.191179][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 166.370281][ T6858] 9pnet_virtio: no channels available for device syz [ 167.848440][ T6878] Illegal XDP return value 4294967262 on prog (id 46) dev N/A, expect packet loss! [ 168.438910][ T6873] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 168.470353][ T6873] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 168.529746][ T6873] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 168.553916][ T6873] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 169.794771][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.533689][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.596149][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.597381][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 171.124515][ T6915] 9pnet_virtio: no channels available for device syz [ 171.843668][ T29] audit: type=1326 audit(1732626774.363:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 171.944059][ T29] audit: type=1326 audit(1732626774.363:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 172.219292][ T29] audit: type=1326 audit(1732626774.373:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 172.364968][ T29] audit: type=1326 audit(1732626774.373:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 172.635789][ T29] audit: type=1326 audit(1732626774.373:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 172.697441][ T6921] wireguard0: entered promiscuous mode [ 172.702936][ T6921] wireguard0: entered allmulticast mode [ 172.739184][ T29] audit: type=1326 audit(1732626774.383:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 173.743726][ T29] audit: type=1326 audit(1732626774.393:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 173.765211][ T29] audit: type=1326 audit(1732626774.403:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 173.786964][ T29] audit: type=1326 audit(1732626774.413:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 173.808714][ T29] audit: type=1326 audit(1732626774.423:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 174.096768][ T6930] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 174.106680][ T6930] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 175.373913][ T6934] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 175.396242][ T6934] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 175.414467][ T6934] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 175.420434][ T6934] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.514001][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.933713][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 177.933731][ T29] audit: type=1326 audit(1732626780.193:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.114558][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.120622][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.126694][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.210296][ T29] audit: type=1326 audit(1732626780.203:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.239602][ T29] audit: type=1326 audit(1732626780.203:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.261266][ T29] audit: type=1326 audit(1732626780.203:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.283477][ T29] audit: type=1326 audit(1732626780.203:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.305877][ T29] audit: type=1326 audit(1732626780.203:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.327375][ T29] audit: type=1326 audit(1732626780.203:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.349007][ T29] audit: type=1326 audit(1732626780.203:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.370526][ T29] audit: type=1326 audit(1732626780.203:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 178.393092][ T29] audit: type=1326 audit(1732626780.203:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6959 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 188.763917][ T5892] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 188.890404][ T6994] netlink: 12 bytes leftover after parsing attributes in process `syz.2.278'. [ 189.604365][ T5892] usb 6-1: unable to get BOS descriptor or descriptor too short [ 189.612732][ T5892] usb 6-1: not running at top speed; connect to a high speed hub [ 189.720683][ T7001] input: syz0 as /devices/virtual/input/input15 [ 189.885420][ T5892] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 189.894315][ T5892] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 189.904661][ T5892] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 189.913754][ T5892] usb 6-1: config 1 has no interface number 1 [ 190.024243][ T7004] 9pnet_virtio: no channels available for device syz [ 190.685804][ T5892] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 190.697153][ T5892] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.706007][ T5892] usb 6-1: Product: syz [ 190.710280][ T5892] usb 6-1: Manufacturer: syz [ 190.715126][ T5892] usb 6-1: SerialNumber: syz [ 191.683859][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 191.683881][ T29] audit: type=1326 audit(1732626794.133:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 191.852829][ T29] audit: type=1326 audit(1732626794.133:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 191.880038][ T5892] usb 6-1: 2:1 : no or invalid class specific endpoint descriptor [ 191.918874][ T5892] usb 6-1: 2:1 : unsupported format bits 0x80 [ 192.101647][ T29] audit: type=1326 audit(1732626794.133:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.143623][ T29] audit: type=1326 audit(1732626794.133:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.154293][ T5892] usb 6-1: USB disconnect, device number 3 [ 193.229823][ T29] audit: type=1326 audit(1732626794.133:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.251325][ T29] audit: type=1326 audit(1732626794.143:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.272824][ T29] audit: type=1326 audit(1732626794.143:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.294235][ T29] audit: type=1326 audit(1732626794.143:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.315638][ T29] audit: type=1326 audit(1732626794.143:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.337389][ T29] audit: type=1326 audit(1732626794.143:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7005 comm="syz.3.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e4797e819 code=0x7ffc0000 [ 193.744206][ T6977] udevd[6977]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 194.442201][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.449114][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.337221][ T7025] netlink: 'syz.0.292': attribute type 27 has an invalid length. [ 205.347830][ T7042] netlink: 12 bytes leftover after parsing attributes in process `syz.4.294'. [ 205.762636][ T7025] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.493469][ T7025] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 206.566579][ T7034] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 206.576921][ T7034] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 206.621295][ T7025] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.707546][ T7025] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.843471][ T7025] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.855650][ T7025] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.868260][ T7025] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.098844][ T7062] binder: 7056:7062 ioctl c0306201 0 returned -14 [ 208.164183][ T7062] binder: 7056:7062 ioctl 4018620d 0 returned -22 [ 255.877688][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.884257][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.318681][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.325170][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 362.114088][ T30] INFO: task kworker/u8:6:1093 blocked for more than 143 seconds. [ 362.121948][ T30] Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 362.129345][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 362.146974][ T30] task:kworker/u8:6 state:D stack:20344 pid:1093 tgid:1093 ppid:2 flags:0x00004000 [ 362.157437][ T30] Workqueue: ext4-rsv-conversion ext4_end_io_rsv_work [ 362.164384][ T30] Call Trace: [ 362.167876][ T30] [ 362.170841][ T30] __schedule+0x17fb/0x4be0 [ 362.175456][ T30] ? __pfx___schedule+0x10/0x10 [ 362.180307][ T30] ? __pfx_lock_release+0x10/0x10 [ 362.185979][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 362.191988][ T30] ? kthread_data+0x52/0xd0 [ 362.196619][ T30] ? schedule+0x90/0x320 [ 362.200911][ T30] ? wq_worker_sleeping+0x66/0x240 [ 362.206167][ T30] ? schedule+0x90/0x320 [ 362.210426][ T30] schedule+0x14b/0x320 [ 362.214856][ T30] io_schedule+0x8d/0x110 [ 362.219219][ T30] bit_wait_io+0x12/0xd0 [ 362.223468][ T30] __wait_on_bit+0xb0/0x2f0 [ 362.228149][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.233079][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 362.238644][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.243752][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 362.249764][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 362.255414][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 362.260627][ T30] ? jbd2_write_access_granted+0x71/0x310 [ 362.266523][ T30] do_get_write_access+0x121/0xe60 [ 362.271676][ T30] jbd2_journal_get_write_access+0x1ee/0x240 [ 362.277788][ T30] __ext4_journal_get_write_access+0x1c8/0x680 [ 362.284128][ T30] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 362.291117][ T30] ext4_reserve_inode_write+0x271/0x360 [ 362.296939][ T30] ? __pfx_ext4_reserve_inode_write+0x10/0x10 [ 362.303040][ T30] ? _raw_write_unlock+0x28/0x50 [ 362.308145][ T30] __ext4_mark_inode_dirty+0x1ec/0x880 [ 362.313710][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 362.319732][ T30] ? ext4_ext_try_to_merge+0x1d5/0x690 [ 362.325372][ T30] ? __ext4_ext_dirty+0x103/0x1c0 [ 362.330430][ T30] ext4_ext_map_blocks+0x3876/0x7e40 [ 362.335893][ T30] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 362.341522][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 362.346682][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 362.351744][ T30] ? __pfx___might_resched+0x10/0x10 [ 362.357135][ T30] ? __pfx_lock_release+0x10/0x10 [ 362.362177][ T30] ? __pfx_down_write+0x10/0x10 [ 362.367156][ T30] ? ext4_es_lookup_extent+0x61a/0xa90 [ 362.372631][ T30] ext4_map_blocks+0x8bf/0x1990 [ 362.377559][ T30] ? __pfx_ext4_map_blocks+0x10/0x10 [ 362.382858][ T30] ? ext4_convert_unwritten_io_end_vec+0x34/0x170 [ 362.389749][ T30] ext4_convert_unwritten_extents+0x2f3/0x6c0 [ 362.395918][ T30] ? __pfx_ext4_convert_unwritten_extents+0x10/0x10 [ 362.402505][ T30] ? jbd2_journal_start_reserved+0x1db/0x300 [ 362.408776][ T30] ? __ext4_journal_start_reserved+0x24b/0x460 [ 362.415060][ T30] ext4_convert_unwritten_io_end_vec+0x101/0x170 [ 362.421404][ T30] ext4_end_io_rsv_work+0x36c/0x6f0 [ 362.426768][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 362.433115][ T30] ? __pfx_ext4_end_io_rsv_work+0x10/0x10 [ 362.438998][ T30] ? process_scheduled_works+0x976/0x1850 [ 362.445132][ T30] process_scheduled_works+0xa63/0x1850 [ 362.450720][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 362.456853][ T30] ? assign_work+0x364/0x3d0 [ 362.461505][ T30] worker_thread+0x870/0xd30 [ 362.466286][ T30] ? __kthread_parkme+0x169/0x1d0 [ 362.471336][ T30] ? __pfx_worker_thread+0x10/0x10 [ 362.476532][ T30] kthread+0x2f0/0x390 [ 362.480615][ T30] ? __pfx_worker_thread+0x10/0x10 [ 362.485893][ T30] ? __pfx_kthread+0x10/0x10 [ 362.490929][ T30] ret_from_fork+0x4b/0x80 [ 362.495528][ T30] ? __pfx_kthread+0x10/0x10 [ 362.500151][ T30] ret_from_fork_asm+0x1a/0x30 [ 362.505084][ T30] [ 362.508186][ T30] INFO: task jbd2/sda1-8:5176 blocked for more than 143 seconds. [ 362.516279][ T30] Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 362.523749][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 362.532456][ T30] task:jbd2/sda1-8 state:D stack:24624 pid:5176 tgid:5176 ppid:2 flags:0x00004000 [ 362.542721][ T30] Call Trace: [ 362.546147][ T30] [ 362.549093][ T30] __schedule+0x17fb/0x4be0 [ 362.553693][ T30] ? __pfx___schedule+0x10/0x10 [ 362.558568][ T30] ? __pfx_lock_release+0x10/0x10 [ 362.563713][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 362.569813][ T30] ? schedule+0x90/0x320 [ 362.574155][ T30] schedule+0x14b/0x320 [ 362.578325][ T30] io_schedule+0x8d/0x110 [ 362.582671][ T30] bit_wait_io+0x12/0xd0 [ 362.587107][ T30] __wait_on_bit+0xb0/0x2f0 [ 362.591647][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.597735][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 362.603252][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.608378][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 362.614461][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 362.619945][ T30] ? _raw_read_unlock+0x28/0x50 [ 362.625107][ T30] jbd2_journal_commit_transaction+0x34cb/0x66d0 [ 362.631513][ T30] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 362.638308][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 362.643664][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 362.649604][ T30] ? __try_to_del_timer_sync+0x2ad/0x340 [ 362.655373][ T30] ? __pfx___timer_delete_sync+0x10/0x10 [ 362.661021][ T30] ? __pfx_do_raw_write_lock+0x10/0x10 [ 362.666625][ T30] ? prepare_to_wait+0x186/0x210 [ 362.671601][ T30] ? schedule+0x90/0x320 [ 362.676173][ T30] kjournald2+0x41c/0x7b0 [ 362.680527][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 362.687030][ T30] ? __pfx_kjournald2+0x10/0x10 [ 362.691909][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 362.698457][ T30] ? __kthread_parkme+0x169/0x1d0 [ 362.703657][ T30] ? __pfx_kjournald2+0x10/0x10 [ 362.708537][ T30] kthread+0x2f0/0x390 [ 362.712619][ T30] ? __pfx_kjournald2+0x10/0x10 [ 362.717560][ T30] ? __pfx_kthread+0x10/0x10 [ 362.722170][ T30] ret_from_fork+0x4b/0x80 [ 362.726721][ T30] ? __pfx_kthread+0x10/0x10 [ 362.731376][ T30] ret_from_fork_asm+0x1a/0x30 [ 362.736403][ T30] [ 362.739476][ T30] INFO: task syz-executor:5826 blocked for more than 143 seconds. [ 362.747439][ T30] Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 362.754885][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 362.763703][ T30] task:syz-executor state:D stack:20528 pid:5826 tgid:5826 ppid:5824 flags:0x00000002 [ 362.774096][ T30] Call Trace: [ 362.777368][ T30] [ 362.780286][ T30] __schedule+0x17fb/0x4be0 [ 362.784972][ T30] ? __pfx___schedule+0x10/0x10 [ 362.789842][ T30] ? __pfx_lock_release+0x10/0x10 [ 362.794951][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 362.801228][ T30] ? schedule+0x90/0x320 [ 362.805653][ T30] schedule+0x14b/0x320 [ 362.809828][ T30] io_schedule+0x8d/0x110 [ 362.814265][ T30] bit_wait_io+0x12/0xd0 [ 362.818529][ T30] __wait_on_bit+0xb0/0x2f0 [ 362.823061][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.828146][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 362.834185][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 362.839172][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 362.845660][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 362.851167][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 362.856764][ T30] ? jbd2_write_access_granted+0x71/0x310 [ 362.862524][ T30] do_get_write_access+0x121/0xe60 [ 362.867825][ T30] jbd2_journal_get_write_access+0x1ee/0x240 [ 362.873951][ T30] __ext4_journal_get_write_access+0x1c8/0x680 [ 362.880130][ T30] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 362.886979][ T30] ? __pfx_start_this_handle+0x10/0x10 [ 362.892454][ T30] ext4_reserve_inode_write+0x271/0x360 [ 362.898094][ T30] ? __pfx_ext4_reserve_inode_write+0x10/0x10 [ 362.904679][ T30] __ext4_mark_inode_dirty+0x1ec/0x880 [ 362.910172][ T30] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 362.916243][ T30] ? trace_jbd2_handle_start+0x9c/0x250 [ 362.921798][ T30] ? jbd2__journal_start+0x3b8/0x5d0 [ 362.927228][ T30] ? __ext4_journal_start_sb+0x239/0x600 [ 362.933070][ T30] ext4_dirty_inode+0xce/0x110 [ 362.937936][ T30] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 362.943330][ T30] __mark_inode_dirty+0x2ee/0xe90 [ 362.948503][ T30] file_update_time+0x3d2/0x450 [ 362.953376][ T30] ext4_page_mkwrite+0x206/0xdf0 [ 362.958549][ T30] ? do_wp_page+0x71c/0x5160 [ 362.963147][ T30] ? do_wp_page+0x2273/0x5160 [ 362.967976][ T30] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 362.973454][ T30] do_page_mkwrite+0x198/0x480 [ 362.978308][ T30] do_wp_page+0x2352/0x5160 [ 362.982845][ T30] ? __pfx_do_wp_page+0x10/0x10 [ 362.987843][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 362.992887][ T30] ? rcu_is_watching+0x15/0xb0 [ 362.998031][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 363.003409][ T30] ? __pfx___pte_offset_map+0x10/0x10 [ 363.009043][ T30] handle_pte_fault+0x111e/0x68a0 [ 363.014181][ T30] ? mark_lock+0x9a/0x360 [ 363.018526][ T30] ? __pfx_handle_pte_fault+0x10/0x10 [ 363.024055][ T30] ? __lock_acquire+0x1397/0x2100 [ 363.029109][ T30] ? reacquire_held_locks+0x3eb/0x690 [ 363.034576][ T30] ? lock_vma_under_rcu+0x34b/0x790 [ 363.039799][ T30] ? __pfx_reacquire_held_locks+0x10/0x10 [ 363.045677][ T30] handle_mm_fault+0x1053/0x1ad0 [ 363.050645][ T30] ? __pfx_handle_mm_fault+0x10/0x10 [ 363.056027][ T30] ? lock_vma_under_rcu+0x602/0x790 [ 363.061240][ T30] ? lock_vma_under_rcu+0x1dd/0x790 [ 363.066737][ T30] ? exc_page_fault+0x113/0x8c0 [ 363.071613][ T30] exc_page_fault+0x459/0x8c0 [ 363.076790][ T30] asm_exc_page_fault+0x26/0x30 [ 363.081683][ T30] RIP: 0033:0x7f3e690678fc [ 363.086289][ T30] RSP: 002b:00007ffde5ae4ee0 EFLAGS: 00010202 [ 363.092377][ T30] RAX: 00007f3e670c8000 RBX: 00005555731287a0 RCX: 0000000000000006 [ 363.100418][ T30] RDX: 1ffffffff14e4426 RSI: 0000555573129348 RDI: 0000000000000040 [ 363.108932][ T30] RBP: 00007ffde5ae53e0 R08: 0000555573129350 R09: 0000000000000884 [ 363.117028][ T30] R10: 00007f3e69fab038 R11: 0000000000000246 R12: 00007ffde5ae5230 [ 363.125142][ T30] R13: 0000000000000005 R14: 00007ffde5ae4f50 R15: 00007ffde5ae5020 [ 363.133158][ T30] [ 363.136358][ T30] INFO: task kworker/u8:13:7048 blocked for more than 144 seconds. [ 363.144392][ T30] Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 363.151693][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 363.160435][ T30] task:kworker/u8:13 state:D stack:21464 pid:7048 tgid:7048 ppid:2 flags:0x00004000 [ 363.170741][ T30] Workqueue: writeback wb_workfn (flush-8:0) [ 363.176983][ T30] Call Trace: [ 363.180270][ T30] [ 363.183193][ T30] __schedule+0x17fb/0x4be0 [ 363.187888][ T30] ? __pfx___schedule+0x10/0x10 [ 363.192759][ T30] ? __blk_flush_plug+0x449/0x500 [ 363.197946][ T30] ? __pfx_lock_release+0x10/0x10 [ 363.203068][ T30] ? __blk_flush_plug+0x449/0x500 [ 363.208564][ T30] ? kthread_data+0x52/0xd0 [ 363.213086][ T30] ? schedule+0x90/0x320 [ 363.217389][ T30] ? wq_worker_sleeping+0x66/0x240 [ 363.222512][ T30] ? schedule+0x90/0x320 [ 363.226924][ T30] schedule+0x14b/0x320 [ 363.231096][ T30] io_schedule+0x8d/0x110 [ 363.235609][ T30] bit_wait_io+0x12/0xd0 [ 363.239898][ T30] __wait_on_bit+0xb0/0x2f0 [ 363.244575][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 363.249542][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 363.255106][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 363.260069][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 363.266218][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 363.271690][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 363.276979][ T30] ? jbd2_write_access_granted+0x71/0x310 [ 363.282709][ T30] do_get_write_access+0x121/0xe60 [ 363.288142][ T30] jbd2_journal_get_write_access+0x1ee/0x240 [ 363.294232][ T30] __ext4_journal_get_write_access+0x1c8/0x680 [ 363.300403][ T30] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 363.307252][ T30] ? ext4_wait_block_bitmap+0x69/0x1f0 [ 363.313006][ T30] ext4_mb_mark_context+0x196/0xfb0 [ 363.318451][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 363.323647][ T30] ? ext4_sb_block_valid+0x1a4/0x5c0 [ 363.328973][ T30] ? __pfx_ext4_mb_mark_context+0x10/0x10 [ 363.334798][ T30] ? ext4_sb_block_valid+0x1a4/0x5c0 [ 363.340098][ T30] ext4_mb_mark_diskspace_used+0x3c8/0x960 [ 363.346064][ T30] ? __pfx_ext4_mb_mark_diskspace_used+0x10/0x10 [ 363.352407][ T30] ? kmem_cache_alloc_noprof+0x22d/0x380 [ 363.358147][ T30] ext4_mb_new_blocks+0x1494/0x4e30 [ 363.363358][ T30] ? _raw_write_unlock+0x28/0x50 [ 363.368447][ T30] ? __pfx_ext4_es_cache_extent+0x10/0x10 [ 363.374268][ T30] ? rcu_is_watching+0x15/0xb0 [ 363.379063][ T30] ? trace_kmalloc+0x1f/0xd0 [ 363.383834][ T30] ? __kmalloc_noprof+0x2a5/0x4c0 [ 363.388889][ T30] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 363.395940][ T30] ? ext4_ext_search_right+0x394/0x860 [ 363.401939][ T30] ? ext4_ext_check_overlap+0x37e/0x5b0 [ 363.407821][ T30] ? ext4_ext_find_goal+0xec/0x1d0 [ 363.413306][ T30] ext4_ext_map_blocks+0x1beb/0x7e40 [ 363.418762][ T30] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 363.424516][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 363.429625][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 363.434752][ T30] ? __pfx___might_resched+0x10/0x10 [ 363.440052][ T30] ? ext4_alloc_io_end_vec+0x2b/0x160 [ 363.445576][ T30] ? __pfx_lock_release+0x10/0x10 [ 363.450638][ T30] ? kasan_save_track+0x51/0x80 [ 363.455570][ T30] ? __kasan_slab_alloc+0x66/0x80 [ 363.460613][ T30] ? ext4_writepages+0x213/0x3c0 [ 363.465705][ T30] ? __writeback_inodes_wb+0x11b/0x260 [ 363.471181][ T30] ? wb_workfn+0xba1/0x1090 [ 363.476062][ T30] ? __pfx_down_write+0x10/0x10 [ 363.480939][ T30] ? ext4_es_lookup_extent+0x61a/0xa90 [ 363.486551][ T30] ext4_map_blocks+0x8bf/0x1990 [ 363.491431][ T30] ? __pfx_ext4_map_blocks+0x10/0x10 [ 363.496823][ T30] ? rcu_is_watching+0x15/0xb0 [ 363.501606][ T30] ? ext4_inode_journal_mode+0x3a4/0x460 [ 363.507540][ T30] ext4_do_writepages+0x20ef/0x3d10 [ 363.512774][ T30] ? __pfx_ext4_do_writepages+0x10/0x10 [ 363.519728][ T30] ? validate_chain+0x11e/0x5920 [ 363.524774][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 363.530305][ T30] ext4_writepages+0x213/0x3c0 [ 363.535198][ T30] ? __pfx_ext4_writepages+0x10/0x10 [ 363.540521][ T30] ? reacquire_held_locks+0x3eb/0x690 [ 363.545964][ T30] ? __pfx_ext4_writepages+0x10/0x10 [ 363.551283][ T30] do_writepages+0x35f/0x880 [ 363.556011][ T30] ? __pfx_do_writepages+0x10/0x10 [ 363.561166][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 363.566327][ T30] ? writeback_sb_inodes+0x595/0x1370 [ 363.571730][ T30] ? __pfx_lock_release+0x10/0x10 [ 363.576890][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 363.581944][ T30] __writeback_single_inode+0x14f/0x10d0 [ 363.588789][ T30] ? wbc_attach_and_unlock_inode+0x561/0x580 [ 363.594928][ T30] writeback_sb_inodes+0x80c/0x1370 [ 363.600154][ T30] ? mark_lock+0x9a/0x360 [ 363.604759][ T30] ? __lock_acquire+0x1397/0x2100 [ 363.609815][ T30] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 363.615745][ T30] ? __pfx_move_expired_inodes+0x10/0x10 [ 363.621694][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 363.626911][ T30] __writeback_inodes_wb+0x11b/0x260 [ 363.632238][ T30] wb_writeback+0x427/0xbc0 [ 363.636911][ T30] ? queue_io+0x3a1/0x5a0 [ 363.641265][ T30] ? __pfx_wb_writeback+0x10/0x10 [ 363.646460][ T30] wb_workfn+0xba1/0x1090 [ 363.650840][ T30] ? __pfx_wb_workfn+0x10/0x10 [ 363.655763][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 363.661773][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 363.668292][ T30] ? process_scheduled_works+0x976/0x1850 [ 363.674175][ T30] process_scheduled_works+0xa63/0x1850 [ 363.679796][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 363.686012][ T30] ? assign_work+0x364/0x3d0 [ 363.690641][ T30] worker_thread+0x870/0xd30 [ 363.695323][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 363.701234][ T30] ? __kthread_parkme+0x169/0x1d0 [ 363.706411][ T30] ? __pfx_worker_thread+0x10/0x10 [ 363.711546][ T30] kthread+0x2f0/0x390 [ 363.715966][ T30] ? __pfx_worker_thread+0x10/0x10 [ 363.721456][ T30] ? __pfx_kthread+0x10/0x10 [ 363.726389][ T30] ret_from_fork+0x4b/0x80 [ 363.730824][ T30] ? __pfx_kthread+0x10/0x10 [ 363.735491][ T30] ret_from_fork_asm+0x1a/0x30 [ 363.740284][ T30] [ 363.743313][ T30] [ 363.743313][ T30] Showing all locks held in the system: [ 363.751181][ T30] 1 lock held by khungtaskd/30: [ 363.756135][ T30] #0: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 363.766197][ T30] 4 locks held by kworker/u8:6/1093: [ 363.771486][ T30] #0: ffff88814e18a148 ((wq_completion)ext4-rsv-conversion){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 363.783800][ T30] #1: ffffc90003ecfd00 ((work_completion)(&ei->i_rsv_conversion_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 363.797010][ T30] #2: ffff88814e436958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110 [ 363.806914][ T30] #3: ffff88807efb0c70 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x7a6/0x1990 [ 363.816838][ T30] 2 locks held by getty/5595: [ 363.821516][ T30] #0: ffff8880354ea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 363.831789][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 363.842150][ T30] 3 locks held by syz-executor/5826: [ 363.847593][ T30] #0: ffff8880351a2df0 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x34b/0x790 [ 363.857978][ T30] #1: ffff88814e432518 (sb_pagefaults){.+.+}-{0:0}, at: ext4_page_mkwrite+0x1ef/0xdf0 [ 363.867832][ T30] #2: ffff88814e436958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110 [ 363.877978][ T30] 2 locks held by kworker/1:4/5889: [ 363.883209][ T30] 6 locks held by kworker/u8:13/7048: [ 363.889101][ T30] #0: ffff888143ade148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 363.900482][ T30] #1: ffffc900031a7d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 363.913106][ T30] #2: ffff88814e4320e0 (&type->s_umount_key#30){++++}-{4:4}, at: super_trylock_shared+0x22/0xf0 [ 363.923819][ T30] #3: ffff88814e434b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1bf/0x3c0 [ 363.934749][ T30] #4: ffff88814e436958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110 [ 363.944803][ T30] #5: ffff88807d05e598 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x7a6/0x1990 [ 363.954691][ T30] [ 363.957030][ T30] ============================================= [ 363.957030][ T30] [ 363.966184][ T30] NMI backtrace for cpu 1 [ 363.970549][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 363.980699][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 363.990750][ T30] Call Trace: [ 363.994045][ T30] [ 363.996983][ T30] dump_stack_lvl+0x241/0x360 [ 364.001690][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 364.006895][ T30] ? __pfx__printk+0x10/0x10 [ 364.011492][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 364.016426][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 364.021914][ T30] ? _printk+0xd5/0x120 [ 364.026069][ T30] ? __pfx__printk+0x10/0x10 [ 364.030687][ T30] ? __wake_up_klogd+0xcc/0x110 [ 364.035544][ T30] ? __pfx__printk+0x10/0x10 [ 364.040133][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 364.045178][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 364.051168][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 364.057151][ T30] watchdog+0xffb/0x1040 [ 364.061390][ T30] ? watchdog+0x1ea/0x1040 [ 364.065807][ T30] ? __pfx_watchdog+0x10/0x10 [ 364.070479][ T30] kthread+0x2f0/0x390 [ 364.074547][ T30] ? __pfx_watchdog+0x10/0x10 [ 364.079228][ T30] ? __pfx_kthread+0x10/0x10 [ 364.083814][ T30] ret_from_fork+0x4b/0x80 [ 364.088220][ T30] ? __pfx_kthread+0x10/0x10 [ 364.092806][ T30] ret_from_fork_asm+0x1a/0x30 [ 364.097575][ T30] [ 364.101181][ T30] Sending NMI from CPU 1 to CPUs 0: [ 364.106730][ C0] NMI backtrace for cpu 0 [ 364.106742][ C0] CPU: 0 UID: 0 PID: 6391 Comm: kworker/u8:11 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 364.106761][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.106770][ C0] Workqueue: 0x0 (bat_events) [ 364.106793][ C0] RIP: 0010:process_scheduled_works+0x385/0x1850 [ 364.106817][ C0] Code: af c1 48 c1 e8 3a 48 8b 4c 24 60 4c 8d b4 c1 70 01 00 00 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 <74> 08 4c 89 f7 e8 11 44 9e 00 49 8b 1e 48 8b 7c 24 20 48 89 f9 48 [ 364.106829][ C0] RSP: 0018:ffffc9000457fbc0 EFLAGS: 00000046 [ 364.106841][ C0] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: ffff88801aca0000 [ 364.106852][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 364.106862][ C0] RBP: ffffc9000457fdc0 R08: ffffffff9a60482b R09: 1ffffffff34c0905 [ 364.106873][ C0] R10: dffffc0000000000 R11: fffffbfff34c0906 R12: ffff888029de0660 [ 364.106885][ C0] R13: 1ffff11003594045 R14: ffff88801aca0228 R15: ffff888029de0668 [ 364.106903][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 364.106916][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 364.106926][ C0] CR2: 00005597274eb600 CR3: 000000000e738000 CR4: 00000000003526f0 [ 364.106940][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 364.106949][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 364.106959][ C0] Call Trace: [ 364.106964][ C0] [ 364.106971][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 364.106987][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 364.107004][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 364.107018][ C0] ? nmi_handle+0x2a/0x5a0 [ 364.107040][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 364.107059][ C0] ? nmi_handle+0x14f/0x5a0 [ 364.107073][ C0] ? nmi_handle+0x2a/0x5a0 [ 364.107089][ C0] ? process_scheduled_works+0x385/0x1850 [ 364.107108][ C0] ? default_do_nmi+0x63/0x160 [ 364.107123][ C0] ? exc_nmi+0x123/0x1f0 [ 364.107137][ C0] ? end_repeat_nmi+0xf/0x53 [ 364.107155][ C0] ? process_scheduled_works+0x385/0x1850 [ 364.107175][ C0] ? process_scheduled_works+0x385/0x1850 [ 364.107195][ C0] ? process_scheduled_works+0x385/0x1850 [ 364.107214][ C0] [ 364.107219][ C0] [ 364.107237][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 364.107259][ C0] ? assign_work+0x364/0x3d0 [ 364.107279][ C0] worker_thread+0x870/0xd30 [ 364.107299][ C0] ? __kthread_parkme+0x169/0x1d0 [ 364.107316][ C0] ? __pfx_worker_thread+0x10/0x10 [ 364.107329][ C0] kthread+0x2f0/0x390 [ 364.107344][ C0] ? __pfx_worker_thread+0x10/0x10 [ 364.107357][ C0] ? __pfx_kthread+0x10/0x10 [ 364.107373][ C0] ret_from_fork+0x4b/0x80 [ 364.107386][ C0] ? __pfx_kthread+0x10/0x10 [ 364.107401][ C0] ret_from_fork_asm+0x1a/0x30 [ 364.107426][ C0] [ 364.107954][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 364.393485][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 364.403644][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.413692][ T30] Call Trace: [ 364.416956][ T30] [ 364.419873][ T30] dump_stack_lvl+0x241/0x360 [ 364.424545][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 364.429748][ T30] ? __pfx__printk+0x10/0x10 [ 364.434335][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 364.440307][ T30] ? vscnprintf+0x5d/0x90 [ 364.444654][ T30] panic+0x349/0x880 [ 364.448569][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 364.454748][ T30] ? __pfx_panic+0x10/0x10 [ 364.459148][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 364.464611][ T30] ? __irq_work_queue_local+0x137/0x410 [ 364.470156][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 364.475506][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 364.481653][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 364.487786][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 364.493916][ T30] watchdog+0x103a/0x1040 [ 364.498229][ T30] ? watchdog+0x1ea/0x1040 [ 364.502711][ T30] ? __pfx_watchdog+0x10/0x10 [ 364.507386][ T30] kthread+0x2f0/0x390 [ 364.511438][ T30] ? __pfx_watchdog+0x10/0x10 [ 364.516093][ T30] ? __pfx_kthread+0x10/0x10 [ 364.520668][ T30] ret_from_fork+0x4b/0x80 [ 364.525069][ T30] ? __pfx_kthread+0x10/0x10 [ 364.529661][ T30] ret_from_fork_asm+0x1a/0x30 [ 364.534470][ T30] [ 364.537792][ T30] Kernel Offset: disabled [ 364.542140][ T30] Rebooting in 86400 seconds..