last executing test programs: 11m30.133443873s ago: executing program 1 (id=142): r0 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/doi\x00', 0x2, 0x0) writev(r0, &(0x7f0000002680), 0x0) 11m29.778734094s ago: executing program 1 (id=143): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c0e8b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) fchdir(r3) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r8, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) 11m29.238280494s ago: executing program 1 (id=145): openat$kvm(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x2, &(0x7f0000000140)=[{0x20, 0x7, 0x9}, {0x6, 0x7, 0x8, 0x9}]}) 11m28.054424424s ago: executing program 1 (id=146): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x40481, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) r6 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000001c0), 0x12) listen(0xffffffffffffffff, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 11m26.82544044s ago: executing program 1 (id=147): bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x81}, 0x38) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7ffe703ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 11m24.957574571s ago: executing program 1 (id=150): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0xfffffffb, 0x10, &(0x7f00000001c0)=""/16, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x18083, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x638a}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r5, &(0x7f0000000480)={0xa, 0x1, 0x3, @mcast1, 0x5}, 0x1c) r6 = dup2(r5, r5) sendmmsg$unix(r6, &(0x7f0000008380), 0x400000000000174, 0x4008890) 11m7.075139568s ago: executing program 32 (id=150): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0xfffffffb, 0x10, &(0x7f00000001c0)=""/16, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x18083, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x638a}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r5, &(0x7f0000000480)={0xa, 0x1, 0x3, @mcast1, 0x5}, 0x1c) r6 = dup2(r5, r5) sendmmsg$unix(r6, &(0x7f0000008380), 0x400000000000174, 0x4008890) 11m1.607058011s ago: executing program 4 (id=183): socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) fchdir(r3) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) 10m56.260450748s ago: executing program 4 (id=190): bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) getpeername(r3, &(0x7f00000006c0)=@l2={0x1f, 0x0, @none}, &(0x7f0000000740)=0x80) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000780)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, 0x0, 0x0) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r4, @ANYBLOB="050100000000008000000f00000008000300", @ANYRES32=r5, @ANYBLOB="0400800063000e0080340100080211000001080211000000505050505050150008000000000000006c0002000503012509aa01003c"], 0x94}}, 0x0) fcntl$getown(r1, 0x9) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 10m54.842006435s ago: executing program 4 (id=194): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c0e8b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) fchdir(r3) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r7, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) 10m48.932124526s ago: executing program 4 (id=202): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) dup(r0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) 10m45.287634005s ago: executing program 4 (id=207): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x81, r0}, 0x38) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7ffe703ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 10m43.993425546s ago: executing program 4 (id=209): syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getrlimit(0xc, &(0x7f0000000000)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18) timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f00000000c0)={{}, {0x0, 0x989680}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8) getsockname$packet(r8, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000008c0)={'syztnl0\x00', &(0x7f0000000800)={'syztnl2\x00', r9, 0x27, 0x10, 0xfffffffb, 0x3, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x64, 0x0, 0x0, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x3a}}}}}) syz_clone3(&(0x7f0000000780)={0x204118000, &(0x7f0000000200), &(0x7f0000000300), &(0x7f0000000380), {0xd}, &(0x7f00000003c0)=""/245, 0xf5, &(0x7f0000000640)=""/244, &(0x7f0000000740), 0x0, {r1}}, 0x58) 10m28.627144644s ago: executing program 33 (id=209): syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getrlimit(0xc, &(0x7f0000000000)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18) timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f00000000c0)={{}, {0x0, 0x989680}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8) getsockname$packet(r8, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000008c0)={'syztnl0\x00', &(0x7f0000000800)={'syztnl2\x00', r9, 0x27, 0x10, 0xfffffffb, 0x3, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x64, 0x0, 0x0, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x3a}}}}}) syz_clone3(&(0x7f0000000780)={0x204118000, &(0x7f0000000200), &(0x7f0000000300), &(0x7f0000000380), {0xd}, &(0x7f00000003c0)=""/245, 0xf5, &(0x7f0000000640)=""/244, &(0x7f0000000740), 0x0, {r1}}, 0x58) 8m35.085975942s ago: executing program 2 (id=348): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x6c5602, 0x0) fchdir(r0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f0000000180)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x44}, 0x28) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r6, 0x1, 0x4}, 0x50) process_mrelease(r0, 0x0) pipe(&(0x7f0000000200)) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 8m32.451422914s ago: executing program 2 (id=350): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x6c5602, 0x0) fchdir(r0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0xffffffff}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x38}, 0x28) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r6, 0x1, 0x4}, 0x50) process_mrelease(r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r7, 0x0, r9, 0x0, 0x39000, 0x0) write$binfmt_elf64(r8, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 8m31.03520063s ago: executing program 2 (id=352): socket(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000440)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c) sendmmsg$unix(r2, &(0x7f0000007b80)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2404c054}}], 0x1, 0x2000c080) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x33, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x584}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 8m27.332825415s ago: executing program 2 (id=356): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001680)) r2 = eventfd2(0x1, 0x1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000005c0)={[0x5836, 0x8, 0x5, 0x4000000000000e52, 0x8000000000000001, 0x205479, 0x1041, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0xfffffffd, 0x1, 0x4020000000c, 0x8000000000006, 0x800040068], 0x2000, 0x15010}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000001c0)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001ac0)=""/191, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, 0x0) memfd_create(&(0x7f0000000540)='\x02A\xbb\xcc\x96\x0eo\x1f\xe2@\xcc\xb1Yg\x00\x00\x00\x00\x00\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) 8m25.779960187s ago: executing program 2 (id=359): bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) getpeername(r3, &(0x7f00000006c0)=@l2={0x1f, 0x0, @none}, &(0x7f0000000740)=0x80) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000780)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, 0x0, 0x0) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r4, @ANYBLOB="050100000000008000000f00000008000300", @ANYRES32=r5, @ANYBLOB="0400800063000e0080340100080211000001080211000000505050505050150008000000000000006c0002000503012509aa01003c"], 0x94}}, 0x0) fcntl$getown(r1, 0x9) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 8m21.895899282s ago: executing program 2 (id=362): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2}) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) 8m6.597795542s ago: executing program 34 (id=362): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2}) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) 10.559852392s ago: executing program 0 (id=908): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x106, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xb) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) prctl$PR_SET_PTRACER(0x59616d61, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1f, 0xc, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) 7.620475472s ago: executing program 0 (id=910): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mkdir(&(0x7f0000000040)='./file0\x00', 0x80) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000440)='./bus\x00') r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r0, &(0x7f00000007c0)={0xa0, 0xffffffffffffffda, 0x0, {{0x1000000000003, 0x3, 0x8000000000007, 0x7, 0x5, 0xfffffffd, {0x0, 0x181, 0x2101, 0x5, 0x87, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0xcea, 0x1}}, {0x0, 0x11}}}, 0xa0) sendfile(r0, r0, &(0x7f0000000080), 0x7f03) 7.410093818s ago: executing program 0 (id=911): mkdir(&(0x7f00000002c0)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) timer_create(0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000300)='./bus\x00', 0x14103e, 0x18a) r1 = open(&(0x7f00000001c0)='./file0\x00', 0x14b042, 0x83) ftruncate(r1, 0x3000000) sendfile(r0, r1, 0x0, 0x80000001) 6.567887795s ago: executing program 3 (id=912): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="8c38f0ff10"], 0x0, 0x42, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000c9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffca4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1d38}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 6.423530781s ago: executing program 0 (id=913): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ptrace$getregset(0x4204, r2, 0x4, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) prlimit64(r2, 0xd, &(0x7f00000001c0)={0xf4e4, 0x95}, &(0x7f0000000240)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x8102, 0x51) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) r5 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}}) 6.214501595s ago: executing program 3 (id=914): socket(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000440)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c) sendmmsg$unix(r3, &(0x7f0000007b80)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2404c054}}], 0x1, 0x2000c080) sendmsg(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 4.675111448s ago: executing program 3 (id=915): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf94d8000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r3, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) recvmmsg(r3, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0) 3.478823611s ago: executing program 3 (id=916): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c4}, 0x2400c080) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000001840)="b9ff0307683a268cb8091a992f53", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.426983482s ago: executing program 3 (id=917): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x106, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xb) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) prctl$PR_SET_PTRACER(0x59616d61, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1f, 0xc, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) 2.703623788s ago: executing program 0 (id=918): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000200000006110600000000000c6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1ad}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xf, 0x4, 0x4, 0x12}, 0x50) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map=r2, r1, 0x26}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002) sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRES32=0x0, @ANYBLOB], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) r7 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_int(r7, 0x29, 0x31, 0x0, 0x0) 1.165001776s ago: executing program 0 (id=919): syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000002e40)=ANY=[@ANYBLOB="00020201"], 0x18) 0s ago: executing program 3 (id=920): mkdir(&(0x7f00000002c0)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) timer_create(0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000300)='./bus\x00', 0x14103e, 0x18a) r1 = open(&(0x7f00000001c0)='./file0\x00', 0x14b042, 0x83) ftruncate(r1, 0x3000000) sendfile(r0, r1, 0x0, 0x80000001) kernel console output (not intermixed with test programs): 294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6537 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 195.568367][ T37] audit: type=1326 audit(1761692946.081:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6537 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 195.568558][ T37] audit: type=1326 audit(1761692946.081:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6537 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 196.531370][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 196.531458][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.707389][ T6559] netlink: 20 bytes leftover after parsing attributes in process `syz.4.170'. [ 203.740204][ T6570] tipc: Enabling of bearer rejected, failed to enable media [ 204.289089][ T6570] block device autoloading is deprecated and will be removed. [ 205.384399][ T6580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.175'. [ 205.395647][ T6580] smk_cipso_doi:679 remove rc = -2 [ 205.395812][ T6580] smk_cipso_doi:692 cipso add rc = -17 [ 205.417267][ T6580] overlayfs: failed to resolve './file1': -2 [ 208.910329][ T5119] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 208.919927][ T5119] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 208.921014][ T5119] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 208.939867][ T5119] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 208.941178][ T5119] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 211.289052][ T5817] Bluetooth: hci5: command tx timeout [ 211.894672][ T5817] Bluetooth: hci3: command 0x0406 tx timeout [ 211.894917][ T5817] Bluetooth: hci2: command 0x0406 tx timeout [ 211.914432][ T5817] Bluetooth: hci1: command 0x0406 tx timeout [ 211.914698][ T5817] Bluetooth: hci4: command 0x0406 tx timeout [ 212.030705][ T6621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.186'. [ 212.084649][ T6624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.186'. [ 213.405352][ T5119] Bluetooth: hci5: command tx timeout [ 213.414001][ T1164] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.714515][ T5119] Bluetooth: hci5: command tx timeout [ 215.824054][ T37] kauditd_printk_skb: 31 callbacks suppressed [ 215.824069][ T37] audit: type=1326 audit(1761692966.331:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6637 comm="syz.2.189" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x0 [ 217.483827][ T1164] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.477050][ T5119] Bluetooth: hci5: command tx timeout [ 220.392506][ T1164] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.438594][ T1164] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.464820][ T6678] tipc: Enabling of bearer rejected, failed to enable media [ 226.150441][ T6596] chnl_net:caif_netlink_parms(): no params data found [ 228.182695][ T6716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.209'. [ 228.254405][ T6717] netlink: 12 bytes leftover after parsing attributes in process `syz.4.209'. [ 229.173657][ T1164] bridge_slave_1: left allmulticast mode [ 229.173771][ T1164] bridge_slave_1: left promiscuous mode [ 229.215078][ T1164] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.620813][ T1164] bridge_slave_0: left allmulticast mode [ 229.620845][ T1164] bridge_slave_0: left promiscuous mode [ 229.621267][ T1164] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.768329][ T6730] hub 6-0:1.0: USB hub found [ 229.782102][ T6730] hub 6-0:1.0: 1 port detected [ 231.266071][ T37] audit: type=1326 audit(1761692981.781:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.266123][ T37] audit: type=1326 audit(1761692981.781:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285262][ T37] audit: type=1326 audit(1761692981.781:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285319][ T37] audit: type=1326 audit(1761692981.781:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285359][ T37] audit: type=1326 audit(1761692981.781:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285398][ T37] audit: type=1326 audit(1761692981.781:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285436][ T37] audit: type=1326 audit(1761692981.781:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285474][ T37] audit: type=1326 audit(1761692981.781:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285512][ T37] audit: type=1326 audit(1761692981.781:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 231.285551][ T37] audit: type=1326 audit(1761692981.781:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6729 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ff3a9efc9 code=0x7ffc0000 [ 235.568697][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.217'. [ 235.573033][ T6752] smk_cipso_doi:679 remove rc = -2 [ 235.573306][ T6752] smk_cipso_doi:692 cipso add rc = -17 [ 235.583017][ T6752] overlayfs: failed to resolve './file1': -2 [ 240.957225][ T1164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 241.123297][ T37] kauditd_printk_skb: 11 callbacks suppressed [ 241.123315][ T37] audit: type=1326 audit(1761692991.631:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.123357][ T37] audit: type=1326 audit(1761692991.631:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.123395][ T37] audit: type=1326 audit(1761692991.631:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.123433][ T37] audit: type=1326 audit(1761692991.631:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.124559][ T37] audit: type=1326 audit(1761692991.631:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.124604][ T37] audit: type=1326 audit(1761692991.631:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.124643][ T37] audit: type=1326 audit(1761692991.641:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.125367][ T37] audit: type=1326 audit(1761692991.641:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.125408][ T37] audit: type=1326 audit(1761692991.641:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.125446][ T37] audit: type=1326 audit(1761692991.641:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 241.426106][ T1164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.660228][ T1164] bond0 (unregistering): Released all slaves [ 243.159155][ T6746] tipc: Enabling of bearer rejected, failed to enable media [ 243.454497][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'. [ 243.458219][ T6792] smk_cipso_doi:679 remove rc = -2 [ 243.461554][ T6792] smk_cipso_doi:692 cipso add rc = -17 [ 243.471655][ T6792] overlayfs: failed to resolve './file1': -2 [ 245.354945][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.355097][ T6596] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.355325][ T6596] bridge_slave_0: entered allmulticast mode [ 245.694786][ T6596] bridge_slave_0: entered promiscuous mode [ 245.836298][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.836445][ T6596] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.836681][ T6596] bridge_slave_1: entered allmulticast mode [ 245.923628][ T6596] bridge_slave_1: entered promiscuous mode [ 246.415007][ T6808] hub 6-0:1.0: USB hub found [ 246.419940][ T6808] hub 6-0:1.0: 1 port detected [ 249.495838][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 249.512966][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 249.515001][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 249.516036][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 249.516925][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 251.849663][ T6846] hub 6-0:1.0: USB hub found [ 251.850594][ T6846] hub 6-0:1.0: 1 port detected [ 254.170264][ T5806] Bluetooth: hci0: command tx timeout [ 256.814532][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.814611][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.085317][ T5806] Bluetooth: hci0: command tx timeout [ 258.365206][ T6596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.508093][ T6596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.923489][ T5806] Bluetooth: hci0: command tx timeout [ 262.288702][ T6893] hub 6-0:1.0: USB hub found [ 262.292047][ T6893] hub 6-0:1.0: 1 port detected [ 262.345811][ T5806] Bluetooth: hci0: command tx timeout [ 279.207737][ T5119] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 279.225208][ T5119] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 279.234547][ T5119] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 279.278384][ T5119] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 279.279627][ T5119] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 279.312176][ T1164] hsr_slave_0: left promiscuous mode [ 279.324935][ T37] kauditd_printk_skb: 10 callbacks suppressed [ 279.324949][ T37] audit: type=1326 audit(1761693029.841:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.324991][ T37] audit: type=1326 audit(1761693029.841:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.325811][ T37] audit: type=1326 audit(1761693029.841:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.325847][ T37] audit: type=1326 audit(1761693029.841:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.325875][ T37] audit: type=1326 audit(1761693029.841:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.326477][ T37] audit: type=1326 audit(1761693029.841:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.326509][ T37] audit: type=1326 audit(1761693029.841:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.326538][ T37] audit: type=1326 audit(1761693029.841:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.327113][ T37] audit: type=1326 audit(1761693029.841:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.327152][ T37] audit: type=1326 audit(1761693029.841:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6934 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 279.944357][ T1164] hsr_slave_1: left promiscuous mode [ 279.945508][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 279.945645][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 280.905337][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 280.905364][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 280.998689][ T1164] veth1_macvtap: left promiscuous mode [ 280.998974][ T1164] veth0_macvtap: left promiscuous mode [ 281.000677][ T1164] veth1_vlan: left promiscuous mode [ 281.001104][ T1164] veth0_vlan: left promiscuous mode [ 281.442844][ T6945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'. [ 281.504877][ T6946] netlink: 12 bytes leftover after parsing attributes in process `syz.3.262'. [ 281.558729][ T5119] Bluetooth: hci3: command tx timeout [ 283.833651][ T5119] Bluetooth: hci3: command tx timeout [ 285.145017][ T1164] team0 (unregistering): Port device team_slave_1 removed [ 285.345070][ T1164] team0 (unregistering): Port device team_slave_0 removed [ 285.904406][ T5119] Bluetooth: hci3: command tx timeout [ 287.975414][ T5119] Bluetooth: hci3: command tx timeout [ 289.002332][ T6968] hub 6-0:1.0: USB hub found [ 289.003563][ T6968] hub 6-0:1.0: 1 port detected [ 291.520064][ T6975] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 291.582912][ T6976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.269'. [ 293.741340][ T1176] Bluetooth: hci5: Frame reassembly failed (-84) [ 295.044702][ T6996] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 297.010498][ T5119] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 298.171108][ T7022] smk_cipso_doi:679 remove rc = -2 [ 298.171368][ T7022] smk_cipso_doi:692 cipso add rc = -17 [ 298.178952][ T7022] overlayfs: failed to resolve './file1': -2 [ 298.899372][ T6815] chnl_net:caif_netlink_parms(): no params data found [ 302.234070][ T6932] chnl_net:caif_netlink_parms(): no params data found [ 302.323110][ T7047] hub 6-0:1.0: USB hub found [ 302.323448][ T7047] hub 6-0:1.0: 1 port detected [ 310.467188][ T5119] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 310.484134][ T5119] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 310.496443][ T5119] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 310.504439][ T5119] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 310.505264][ T5119] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 312.614574][ T5119] Bluetooth: hci5: command tx timeout [ 312.683332][ T6932] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.683457][ T6932] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.683694][ T6932] bridge_slave_0: entered allmulticast mode [ 312.691582][ T6932] bridge_slave_0: entered promiscuous mode [ 312.914610][ T6932] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.914736][ T6932] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.914983][ T6932] bridge_slave_1: entered allmulticast mode [ 312.917772][ T6932] bridge_slave_1: entered promiscuous mode [ 315.445187][ T5119] Bluetooth: hci5: command tx timeout [ 315.503751][ T7132] tipc: Enabling of bearer rejected, failed to enable media [ 315.550013][ T6932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 315.607513][ T6932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.622953][ T7144] ceph: No mds server is up or the cluster is laggy [ 317.110720][ T5907] libceph: connect (1)[c::]:6789 error -101 [ 317.111338][ T5907] libceph: mon0 (1)[c::]:6789 connect error [ 317.459563][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.459634][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.478923][ T5893] libceph: connect (1)[c::]:6789 error -101 [ 317.479210][ T5893] libceph: mon0 (1)[c::]:6789 connect error [ 317.494797][ T5119] Bluetooth: hci5: command tx timeout [ 317.764937][ T6932] team0: Port device team_slave_0 added [ 317.820907][ T6932] team0: Port device team_slave_1 added [ 319.831689][ T5119] Bluetooth: hci5: command tx timeout [ 320.085305][ T7162] tipc: Enabling of bearer rejected, failed to enable media [ 321.882119][ T7175] random: crng reseeded on system resumption [ 322.215418][ T6932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 322.215434][ T6932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 322.215458][ T6932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.603920][ T6932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.603936][ T6932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 322.603960][ T6932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.670861][ T5119] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 324.905792][ T43] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.205857][ T7202] overlayfs: failed to resolve './file0': -2 [ 330.711726][ T43] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.196811][ T5806] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 331.224126][ T5806] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 331.239619][ T5806] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 331.256872][ T5806] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 331.266965][ T5806] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 331.347999][ T43] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.692373][ T7234] overlayfs: failed to resolve './file1': -2 [ 332.005006][ T43] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.134766][ T7087] chnl_net:caif_netlink_parms(): no params data found [ 333.632795][ T5806] Bluetooth: hci0: command tx timeout [ 334.719298][ T7251] ceph: No mds server is up or the cluster is laggy [ 334.827797][ T7262] overlayfs: failed to resolve './file0': -2 [ 335.791826][ T7087] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.792026][ T7087] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.792258][ T7087] bridge_slave_0: entered allmulticast mode [ 335.824033][ T7087] bridge_slave_0: entered promiscuous mode [ 335.831066][ T5806] Bluetooth: hci0: command tx timeout [ 337.106137][ T7087] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.106286][ T7087] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.106531][ T7087] bridge_slave_1: entered allmulticast mode [ 337.109477][ T7087] bridge_slave_1: entered promiscuous mode [ 337.801053][ T7277] tipc: Enabling of bearer rejected, failed to enable media [ 338.864388][ T5119] Bluetooth: hci0: command tx timeout [ 339.418228][ T7087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 340.307029][ T7087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 340.503170][ T43] bridge_slave_1: left allmulticast mode [ 340.503199][ T43] bridge_slave_1: left promiscuous mode [ 340.505994][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.586028][ T43] bridge_slave_0: left allmulticast mode [ 340.586055][ T43] bridge_slave_0: left promiscuous mode [ 340.586408][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.663980][ T43] bridge_slave_1: left allmulticast mode [ 340.664008][ T43] bridge_slave_1: left promiscuous mode [ 340.666105][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.726060][ T43] bridge_slave_0: left allmulticast mode [ 340.728883][ T43] bridge_slave_0: left promiscuous mode [ 340.730583][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.934512][ T5119] Bluetooth: hci0: command tx timeout [ 341.578683][ T7300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.330'. [ 341.642905][ T7301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.330'. [ 344.228254][ T43] bond0 (unregistering): Released all slaves [ 345.635255][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 346.714037][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 346.981022][ T43] bond0 (unregistering): Released all slaves [ 350.892300][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'. [ 350.912672][ T7337] smk_cipso_doi:679 remove rc = -2 [ 350.912733][ T7337] smk_cipso_doi:692 cipso add rc = -17 [ 350.914490][ T7337] overlayfs: failed to resolve './file1': -2 [ 351.615545][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 351.655038][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 351.680622][ T43] bond0 (unregistering): Released all slaves [ 352.004941][ T7087] team0: Port device team_slave_0 added [ 352.034977][ T7087] team0: Port device team_slave_1 added [ 353.703429][ T7342] tipc: Enabling of bearer rejected, failed to enable media [ 354.876361][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 354.876377][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 354.876400][ T7087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 358.198351][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 358.198367][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 358.198391][ T7087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 359.526208][ T7230] chnl_net:caif_netlink_parms(): no params data found [ 363.839359][ T7408] smk_cipso_doi:679 remove rc = -2 [ 363.839402][ T7408] smk_cipso_doi:692 cipso add rc = -17 [ 363.840591][ T7408] overlayfs: failed to resolve './file1': -2 [ 364.211605][ T7087] hsr_slave_0: entered promiscuous mode [ 364.229188][ T7087] hsr_slave_1: entered promiscuous mode [ 364.231415][ T7087] debugfs: 'hsr0' already exists in 'hsr' [ 364.231440][ T7087] Cannot create hsr debugfs directory [ 364.514401][ T43] hsr_slave_0: left promiscuous mode [ 364.562339][ T43] hsr_slave_1: left promiscuous mode [ 364.563300][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 364.563316][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 364.677696][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 364.677722][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 365.051981][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 365.067910][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 365.071780][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 365.092506][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 365.093393][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 365.825004][ T43] veth1_macvtap: left promiscuous mode [ 365.825116][ T43] veth0_macvtap: left promiscuous mode [ 365.825372][ T43] veth1_vlan: left promiscuous mode [ 365.826930][ T43] veth0_vlan: left promiscuous mode [ 365.878020][ T153] Bluetooth: hci6: Frame reassembly failed (-84) [ 367.297263][ T5119] Bluetooth: hci3: command tx timeout [ 367.900273][ T5806] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 368.251059][ T5894] libceph: connect (1)[c::]:6789 error -101 [ 368.251259][ T5894] libceph: mon0 (1)[c::]:6789 connect error [ 368.352994][ T7444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'. [ 369.172607][ T7443] netlink: 12 bytes leftover after parsing attributes in process `syz.0.361'. [ 369.227626][ T5894] libceph: connect (1)[c::]:6789 error -101 [ 369.227843][ T5894] libceph: mon0 (1)[c::]:6789 connect error [ 369.327103][ T7439] ceph: No mds server is up or the cluster is laggy [ 369.334573][ T5119] Bluetooth: hci3: command tx timeout [ 371.484382][ T5119] Bluetooth: hci3: command tx timeout [ 373.488638][ T7464] smk_cipso_doi:679 remove rc = -2 [ 373.488681][ T7464] smk_cipso_doi:692 cipso add rc = -17 [ 373.489643][ T7464] overlayfs: failed to resolve './file1': -2 [ 373.494589][ T5119] Bluetooth: hci3: command tx timeout [ 374.094997][ T43] team0 (unregistering): Port device team_slave_1 removed [ 374.285705][ T43] team0 (unregistering): Port device team_slave_0 removed [ 378.443003][ T7479] ceph: No mds server is up or the cluster is laggy [ 378.523496][ T44] libceph: connect (1)[c::]:6789 error -101 [ 378.580326][ T44] libceph: mon0 (1)[c::]:6789 connect error [ 378.871218][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.871289][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.902545][ T44] libceph: connect (1)[c::]:6789 error -101 [ 378.902669][ T44] libceph: mon0 (1)[c::]:6789 connect error [ 379.897461][ T7489] random: crng reseeded on system resumption [ 385.522953][ T7230] bridge0: port 1(bridge_slave_0) entered blocking state [ 385.524029][ T7230] bridge0: port 1(bridge_slave_0) entered disabled state [ 385.544337][ T7230] bridge_slave_0: entered allmulticast mode [ 385.565078][ T7230] bridge_slave_0: entered promiscuous mode [ 385.583734][ T7230] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.583882][ T7230] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.584105][ T7230] bridge_slave_1: entered allmulticast mode [ 385.626223][ T7230] bridge_slave_1: entered promiscuous mode [ 385.809392][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809502][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809535][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809568][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809633][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 385.809666][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 388.109274][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 388.124221][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 388.129794][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 388.141733][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 388.155450][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 389.011852][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 389.021291][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 389.022393][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 389.023909][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 389.028092][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 390.892280][ T5119] Bluetooth: hci5: command tx timeout [ 391.228968][ T5119] Bluetooth: hci2: command tx timeout [ 392.974394][ T5119] Bluetooth: hci5: command tx timeout [ 393.273180][ T5119] Bluetooth: hci2: command tx timeout [ 393.707183][ T7581] tipc: Enabling of bearer rejected, failed to enable media [ 395.106544][ T5119] Bluetooth: hci5: command tx timeout [ 395.338456][ T5119] Bluetooth: hci2: command tx timeout [ 395.738394][ T7422] chnl_net:caif_netlink_parms(): no params data found [ 397.175012][ T7604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.392'. [ 397.350946][ T7604] netlink: 12 bytes leftover after parsing attributes in process `syz.3.392'. [ 397.970242][ T5119] Bluetooth: hci5: command tx timeout [ 397.970329][ T5119] Bluetooth: hci2: command tx timeout [ 399.267173][ T7603] ceph: No mds server is up or the cluster is laggy [ 400.216711][ T7534] chnl_net:caif_netlink_parms(): no params data found [ 401.514238][ T7633] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 403.041890][ T7644] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 403.556678][ T7422] bridge0: port 1(bridge_slave_0) entered blocking state [ 403.569640][ T7422] bridge0: port 1(bridge_slave_0) entered disabled state [ 403.570240][ T7422] bridge_slave_0: entered allmulticast mode [ 403.572893][ T7422] bridge_slave_0: entered promiscuous mode [ 403.607540][ T7543] chnl_net:caif_netlink_parms(): no params data found [ 404.471192][ T7655] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 404.648945][ T7422] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.649077][ T7422] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.649345][ T7422] bridge_slave_1: entered allmulticast mode [ 404.687343][ T7422] bridge_slave_1: entered promiscuous mode [ 405.229115][ T7422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 405.308470][ T7422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 405.365259][ T7534] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.366752][ T7534] bridge0: port 1(bridge_slave_0) entered disabled state [ 405.367021][ T7534] bridge_slave_0: entered allmulticast mode [ 405.370291][ T7534] bridge_slave_0: entered promiscuous mode [ 405.516536][ T7534] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.516634][ T7534] bridge0: port 2(bridge_slave_1) entered disabled state [ 405.516888][ T7534] bridge_slave_1: entered allmulticast mode [ 405.522315][ T7534] bridge_slave_1: entered promiscuous mode [ 408.951696][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 408.951713][ T37] audit: type=1326 audit(1761693161.460:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.951758][ T37] audit: type=1326 audit(1761693161.460:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.952770][ T37] audit: type=1326 audit(1761693161.460:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.952814][ T37] audit: type=1326 audit(1761693161.460:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.952853][ T37] audit: type=1326 audit(1761693161.460:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.953296][ T37] audit: type=1326 audit(1761693161.460:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.953549][ T37] audit: type=1326 audit(1761693161.460:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.953594][ T37] audit: type=1326 audit(1761693161.460:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 408.953737][ T37] audit: type=1326 audit(1761693161.460:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 409.176814][ T37] audit: type=1326 audit(1761693161.690:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7695 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x7ffc0000 [ 410.140514][ T7699] ceph: No mds server is up or the cluster is laggy [ 410.152865][ T5894] libceph: connect (1)[c::]:6789 error -101 [ 410.153055][ T5894] libceph: mon0 (1)[c::]:6789 connect error [ 410.187207][ T7422] team0: Port device team_slave_0 added [ 411.247831][ T7707] ceph: No mds server is up or the cluster is laggy [ 411.675388][ T5907] libceph: connect (1)[c::]:6789 error -101 [ 411.675660][ T5907] libceph: mon0 (1)[c::]:6789 connect error [ 412.507581][ T7422] team0: Port device team_slave_1 added [ 412.508409][ T7543] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.508553][ T7543] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.508679][ T7543] bridge_slave_0: entered allmulticast mode [ 412.510380][ T7543] bridge_slave_0: entered promiscuous mode [ 412.524232][ T7534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.615803][ T7543] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.615891][ T7543] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.616052][ T7543] bridge_slave_1: entered allmulticast mode [ 412.617675][ T7543] bridge_slave_1: entered promiscuous mode [ 412.623626][ T7534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 412.896795][ T7422] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 412.896812][ T7422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 412.896837][ T7422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.209212][ T7422] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.209229][ T7422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 413.209251][ T7422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.280066][ T7543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.283925][ T7534] team0: Port device team_slave_0 added [ 413.344215][ T7543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.356566][ T7534] team0: Port device team_slave_1 added [ 417.439206][ T7735] tipc: Enabling of bearer rejected, failed to enable media [ 418.360089][ T7738] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 418.384163][ T7543] team0: Port device team_slave_0 added [ 418.494165][ T7422] hsr_slave_0: entered promiscuous mode [ 418.496179][ T7422] hsr_slave_1: entered promiscuous mode [ 418.497288][ T7422] debugfs: 'hsr0' already exists in 'hsr' [ 418.497311][ T7422] Cannot create hsr debugfs directory [ 418.500166][ T7534] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 418.500178][ T7534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 418.500200][ T7534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 419.954670][ T7746] tipc: Enabling of bearer rejected, failed to enable media [ 419.969705][ T7543] team0: Port device team_slave_1 added [ 419.988782][ T7534] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 419.988799][ T7534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 419.988822][ T7534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 425.785617][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 425.810110][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 425.811341][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 425.812998][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 425.815571][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 427.909034][ T5119] Bluetooth: hci0: command tx timeout [ 428.392707][ T43] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.432199][ T7801] tipc: Enabling of bearer rejected, failed to enable media [ 428.453566][ T7543] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.453584][ T7543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 428.453608][ T7543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 429.394022][ T7543] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 429.394097][ T7543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 429.394184][ T7543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 430.190984][ T5119] Bluetooth: hci0: command tx timeout [ 432.538886][ T5806] Bluetooth: hci0: command tx timeout [ 437.378823][ T5806] Bluetooth: hci0: command tx timeout [ 438.648695][ T43] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.367902][ T7534] hsr_slave_0: entered promiscuous mode [ 439.369354][ T7534] hsr_slave_1: entered promiscuous mode [ 439.370327][ T7534] debugfs: 'hsr0' already exists in 'hsr' [ 439.370349][ T7534] Cannot create hsr debugfs directory [ 439.805314][ T7834] random: crng reseeded on system resumption [ 439.851579][ T7828] ceph: No mds server is up or the cluster is laggy [ 440.351388][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.352945][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.171067][ T43] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.499480][ T7543] hsr_slave_0: entered promiscuous mode [ 443.501031][ T7543] hsr_slave_1: entered promiscuous mode [ 443.502059][ T7543] debugfs: 'hsr0' already exists in 'hsr' [ 443.502084][ T7543] Cannot create hsr debugfs directory [ 444.526540][ T7856] tipc: Enabling of bearer rejected, failed to enable media [ 445.019123][ T43] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.322467][ T7869] netlink: 8 bytes leftover after parsing attributes in process `syz.0.438'. [ 447.488184][ T7873] smk_cipso_doi:679 remove rc = -2 [ 447.488223][ T7873] smk_cipso_doi:692 cipso add rc = -17 [ 447.492203][ T7873] overlayfs: failed to resolve './file1': -2 [ 447.528735][ T5119] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 447.539485][ T5119] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 447.540603][ T5119] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 447.565017][ T5119] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 447.565958][ T5119] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 447.924212][ T43] bridge_slave_1: left allmulticast mode [ 447.924240][ T43] bridge_slave_1: left promiscuous mode [ 447.929363][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.022698][ T43] bridge_slave_0: left allmulticast mode [ 448.022724][ T43] bridge_slave_0: left promiscuous mode [ 448.022994][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.228198][ T43] bridge_slave_1: left allmulticast mode [ 448.228227][ T43] bridge_slave_1: left promiscuous mode [ 448.228465][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.993965][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 451.003112][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 451.004633][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 451.005758][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 451.006473][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 451.108737][ T5119] Bluetooth: hci3: command tx timeout [ 451.168887][ T43] bridge_slave_0: left allmulticast mode [ 451.168916][ T43] bridge_slave_0: left promiscuous mode [ 451.169169][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.838536][ T43] bridge_slave_1: left allmulticast mode [ 451.838571][ T43] bridge_slave_1: left promiscuous mode [ 451.838801][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 454.007523][ T5119] Bluetooth: hci5: command tx timeout [ 454.064733][ T5119] Bluetooth: hci3: command tx timeout [ 455.236218][ T43] bridge_slave_0: left allmulticast mode [ 455.236250][ T43] bridge_slave_0: left promiscuous mode [ 455.236495][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 455.413147][ T43] bridge_slave_1: left allmulticast mode [ 455.413174][ T43] bridge_slave_1: left promiscuous mode [ 455.413485][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.477295][ T7925] overlayfs: failed to resolve './file1': -2 [ 455.481221][ T43] bridge_slave_0: left allmulticast mode [ 455.481247][ T43] bridge_slave_0: left promiscuous mode [ 455.481493][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 455.530869][ T7926] smk_cipso_doi:679 remove rc = -2 [ 455.530914][ T7926] smk_cipso_doi:692 cipso add rc = -17 [ 455.543556][ T7926] overlayfs: failed to resolve './file1': -2 [ 456.054670][ T5119] Bluetooth: hci5: command tx timeout [ 456.134596][ T5119] Bluetooth: hci3: command tx timeout [ 456.322284][ T43] bond0 (unregistering): Released all slaves [ 458.134858][ T5119] Bluetooth: hci5: command tx timeout [ 458.214371][ T5119] Bluetooth: hci3: command tx timeout [ 460.824314][ T5119] Bluetooth: hci5: command tx timeout [ 462.266944][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 462.385188][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 462.408265][ T43] bond0 (unregistering): Released all slaves [ 462.615295][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 462.664478][ T5893] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 462.706108][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 462.768907][ T43] bond0 (unregistering): Released all slaves [ 462.834591][ T5893] usb 1-1: Using ep0 maxpacket: 8 [ 462.838039][ T5893] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 462.838066][ T5893] usb 1-1: config 179 has no interface number 0 [ 462.838119][ T5893] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 462.838144][ T5893] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 462.838170][ T5893] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 462.838194][ T5893] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 462.838219][ T5893] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 462.838270][ T5893] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 462.838292][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.851129][ T7953] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 463.085197][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 463.145919][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 463.197419][ T43] bond0 (unregistering): Released all slaves [ 463.235241][ T7944] tipc: Enabling of bearer rejected, failed to enable media [ 464.034462][ T994] usb 1-1: USB disconnect, device number 5 [ 464.034714][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 464.035084][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 468.014846][ T7788] chnl_net:caif_netlink_parms(): no params data found [ 478.004112][ T8042] evm: overlay not supported [ 478.045509][ T7788] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.045720][ T7788] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.045956][ T7788] bridge_slave_0: entered allmulticast mode [ 478.064894][ T7788] bridge_slave_0: entered promiscuous mode [ 478.216552][ T7788] bridge0: port 2(bridge_slave_1) entered blocking state [ 478.216735][ T7788] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.216986][ T7788] bridge_slave_1: entered allmulticast mode [ 478.219858][ T7788] bridge_slave_1: entered promiscuous mode [ 481.254679][ T43] hsr_slave_0: left promiscuous mode [ 481.304458][ T43] hsr_slave_1: left promiscuous mode [ 481.306661][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 481.306688][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 481.491058][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 481.491086][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 481.574581][ T43] hsr_slave_0: left promiscuous mode [ 481.618876][ T43] hsr_slave_1: left promiscuous mode [ 481.619926][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 481.666911][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 481.707602][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 481.745457][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 481.918057][ T43] veth1_macvtap: left promiscuous mode [ 481.918165][ T43] veth0_macvtap: left promiscuous mode [ 481.918435][ T43] veth1_vlan: left promiscuous mode [ 481.918614][ T43] veth0_vlan: left promiscuous mode [ 484.582568][ T8094] ceph: No mds server is up or the cluster is laggy [ 487.060057][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 487.068679][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 487.069962][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 487.071794][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 487.072701][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 489.094395][ T5119] Bluetooth: hci2: command tx timeout [ 489.186910][ T43] team0 (unregistering): Port device team_slave_1 removed [ 489.467943][ T43] team0 (unregistering): Port device team_slave_0 removed [ 489.639124][ T8125] ceph: No mds server is up or the cluster is laggy [ 491.253457][ T5119] Bluetooth: hci2: command tx timeout [ 494.624324][ T5119] Bluetooth: hci2: command tx timeout [ 497.400045][ T5119] Bluetooth: hci2: command tx timeout [ 501.996701][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.997323][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.176542][ T37] kauditd_printk_skb: 8 callbacks suppressed [ 502.176559][ T37] audit: type=1326 audit(1761693254.942:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.0.503" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 508.757980][ T5806] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 508.766120][ T5806] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 508.770240][ T5806] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 508.771690][ T5806] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 508.773432][ T5806] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 509.029574][ T37] audit: type=1326 audit(1761693262.542:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029632][ T37] audit: type=1326 audit(1761693262.542:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029671][ T37] audit: type=1326 audit(1761693262.542:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029710][ T37] audit: type=1326 audit(1761693262.542:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029749][ T37] audit: type=1326 audit(1761693262.542:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029788][ T37] audit: type=1326 audit(1761693262.542:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029827][ T37] audit: type=1326 audit(1761693262.542:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.029867][ T37] audit: type=1326 audit(1761693262.542:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.154387][ T37] audit: type=1326 audit(1761693262.542:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 509.278558][ T37] audit: type=1326 audit(1761693262.792:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8202 comm="syz.3.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x7ffc0000 [ 510.382376][ T5806] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 510.407864][ T5806] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 510.408929][ T5806] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 510.411801][ T5806] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 510.412827][ T5806] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 510.989376][ T5806] Bluetooth: hci6: command tx timeout [ 513.746016][ T5806] Bluetooth: hci7: command tx timeout [ 513.839874][ T5806] Bluetooth: hci6: command tx timeout [ 516.150144][ T5806] Bluetooth: hci7: command tx timeout [ 516.150183][ T5806] Bluetooth: hci6: command tx timeout [ 520.439479][ T5119] Bluetooth: hci6: command tx timeout [ 520.439509][ T5119] Bluetooth: hci7: command tx timeout [ 523.675891][ T8237] Bluetooth: hci7: command tx timeout [ 525.885243][ T43] team0 (unregistering): Port device team_slave_1 removed [ 527.010540][ T43] team0 (unregistering): Port device team_slave_0 removed [ 527.676812][ T43] team0 (unregistering): Port device team_slave_1 removed [ 527.795076][ T43] team0 (unregistering): Port device team_slave_0 removed [ 528.405558][ T8240] tipc: Enabling of bearer rejected, failed to enable media [ 528.475360][ T7788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 533.928187][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 533.928207][ T37] audit: type=1326 audit(1761693286.802:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8286 comm="syz.0.525" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 540.753046][ T8198] chnl_net:caif_netlink_parms(): no params data found [ 542.340114][ T8113] chnl_net:caif_netlink_parms(): no params data found [ 542.873442][ T8342] ceph: No mds server is up or the cluster is laggy [ 543.089357][ T8212] chnl_net:caif_netlink_parms(): no params data found [ 545.525730][ T8198] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.525899][ T8198] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.526052][ T8198] bridge_slave_0: entered allmulticast mode [ 545.527624][ T8198] bridge_slave_0: entered promiscuous mode [ 546.539974][ T8198] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.540124][ T8198] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.540337][ T8198] bridge_slave_1: entered allmulticast mode [ 546.543405][ T8198] bridge_slave_1: entered promiscuous mode [ 546.573782][ T8113] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.573926][ T8113] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.574132][ T8113] bridge_slave_0: entered allmulticast mode [ 546.598174][ T8113] bridge_slave_0: entered promiscuous mode [ 547.082814][ T8198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 547.103287][ T8198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 548.420022][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 548.437984][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 548.440388][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 548.441842][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 548.442681][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 551.246641][ T5119] Bluetooth: hci0: command tx timeout [ 552.830874][ T37] audit: type=1326 audit(1761693306.342:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8399 comm="syz.3.542" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x0 [ 553.766320][ T5119] Bluetooth: hci0: command tx timeout [ 554.167543][ T8212] bridge0: port 1(bridge_slave_0) entered blocking state [ 554.167679][ T8212] bridge0: port 1(bridge_slave_0) entered disabled state [ 554.167889][ T8212] bridge_slave_0: entered allmulticast mode [ 554.170795][ T8212] bridge_slave_0: entered promiscuous mode [ 555.258306][ T8212] bridge0: port 2(bridge_slave_1) entered blocking state [ 555.258508][ T8212] bridge0: port 2(bridge_slave_1) entered disabled state [ 555.258711][ T8212] bridge_slave_1: entered allmulticast mode [ 555.262033][ T8212] bridge_slave_1: entered promiscuous mode [ 555.281577][ T8198] team0: Port device team_slave_0 added [ 556.011342][ T8414] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 556.238774][ T5119] Bluetooth: hci0: command tx timeout [ 556.359119][ T8198] team0: Port device team_slave_1 added [ 559.818883][ T5119] Bluetooth: hci0: command tx timeout [ 560.013429][ T8212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 561.203780][ T8212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 561.216332][ T8198] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 561.216347][ T8198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 561.216384][ T8198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 562.387436][ T8432] tipc: Enabling of bearer rejected, failed to enable media [ 562.435547][ T8198] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 562.435563][ T8198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 562.435586][ T8198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 562.763782][ T37] audit: type=1326 audit(1761693316.272:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8434 comm="syz.0.550" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 563.613800][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.613866][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.622359][ T8212] team0: Port device team_slave_0 added [ 563.677319][ T8212] team0: Port device team_slave_1 added [ 567.223233][ T8462] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 567.598660][ T8198] hsr_slave_0: entered promiscuous mode [ 567.625050][ T8198] hsr_slave_1: entered promiscuous mode [ 567.626477][ T8198] debugfs: 'hsr0' already exists in 'hsr' [ 567.626501][ T8198] Cannot create hsr debugfs directory [ 567.632719][ T8212] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 567.632734][ T8212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 567.632757][ T8212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 567.658024][ T8212] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 567.658039][ T8212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 567.658063][ T8212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 569.407832][ T5119] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 569.416183][ T5119] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 569.418120][ T5119] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 569.419601][ T5119] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 569.420734][ T5119] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 571.614491][ T8484] Bluetooth: hci2: command tx timeout [ 573.156929][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 573.174586][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 573.180279][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 573.181494][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 573.182865][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 573.654705][ T8484] Bluetooth: hci2: command tx timeout [ 575.604378][ T8484] Bluetooth: hci3: command tx timeout [ 575.734547][ T8484] Bluetooth: hci2: command tx timeout [ 575.813862][ T8383] chnl_net:caif_netlink_parms(): no params data found [ 577.982142][ T37] audit: type=1326 audit(1761693331.492:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8535 comm="syz.0.564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 579.414179][ T5806] Bluetooth: hci2: command tx timeout [ 579.414292][ T8484] Bluetooth: hci3: command tx timeout [ 582.236970][ T8484] Bluetooth: hci3: command tx timeout [ 584.567464][ T5806] Bluetooth: hci3: command tx timeout [ 589.562367][ T8383] bridge0: port 1(bridge_slave_0) entered blocking state [ 589.562540][ T8383] bridge0: port 1(bridge_slave_0) entered disabled state [ 589.562761][ T8383] bridge_slave_0: entered allmulticast mode [ 589.599539][ T8383] bridge_slave_0: entered promiscuous mode [ 589.924977][ T8383] bridge0: port 2(bridge_slave_1) entered blocking state [ 589.925115][ T8383] bridge0: port 2(bridge_slave_1) entered disabled state [ 589.925357][ T8383] bridge_slave_1: entered allmulticast mode [ 589.928429][ T8383] bridge_slave_1: entered promiscuous mode [ 591.109158][ T8480] chnl_net:caif_netlink_parms(): no params data found [ 594.834121][ T43] bridge_slave_1: left allmulticast mode [ 594.834146][ T43] bridge_slave_1: left promiscuous mode [ 594.834602][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.218573][ T43] bridge_slave_0: left allmulticast mode [ 596.218604][ T43] bridge_slave_0: left promiscuous mode [ 596.218868][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.478190][ T8639] FAT-fs (loop1): unable to read boot sector [ 597.424906][ T43] bridge_slave_1: left allmulticast mode [ 597.424941][ T43] bridge_slave_1: left promiscuous mode [ 597.425174][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.469565][ T43] bridge_slave_0: left allmulticast mode [ 597.469592][ T43] bridge_slave_0: left promiscuous mode [ 597.469822][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.516876][ T43] bridge_slave_0: left allmulticast mode [ 597.516897][ T43] bridge_slave_0: left promiscuous mode [ 597.517074][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.571230][ T43] bridge_slave_1: left allmulticast mode [ 597.571301][ T43] bridge_slave_1: left promiscuous mode [ 597.571531][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.635985][ T43] bridge_slave_0: left allmulticast mode [ 597.636013][ T43] bridge_slave_0: left promiscuous mode [ 597.636283][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.718843][ T43] bridge_slave_1: left allmulticast mode [ 597.718871][ T43] bridge_slave_1: left promiscuous mode [ 597.719117][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.766047][ T43] bridge_slave_0: left allmulticast mode [ 597.766075][ T43] bridge_slave_0: left promiscuous mode [ 597.766317][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.840106][ T43] bridge_slave_1: left allmulticast mode [ 597.840136][ T43] bridge_slave_1: left promiscuous mode [ 597.840370][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.906151][ T43] bridge_slave_0: left allmulticast mode [ 597.906179][ T43] bridge_slave_0: left promiscuous mode [ 597.906427][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.008678][ T43] bridge_slave_1: left allmulticast mode [ 598.008706][ T43] bridge_slave_1: left promiscuous mode [ 598.008950][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.217656][ T43] bridge_slave_0: left allmulticast mode [ 598.217677][ T43] bridge_slave_0: left promiscuous mode [ 598.217860][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 599.786279][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.795235][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.836459][ T43] bond0 (unregistering): Released all slaves [ 602.095690][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 602.265132][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 602.307116][ T43] bond0 (unregistering): Released all slaves [ 602.428755][ T43] bond0 (unregistering): Released all slaves [ 602.534696][ T5894] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 602.665730][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 602.724525][ T5894] usb 4-1: Using ep0 maxpacket: 8 [ 602.726961][ T43] bond0 (unregistering): Released all slaves [ 602.850381][ T5894] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 602.850409][ T5894] usb 4-1: config 179 has no interface number 0 [ 602.850460][ T5894] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 602.850490][ T5894] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 602.850516][ T5894] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 602.850544][ T5894] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 602.850577][ T5894] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 602.850613][ T5894] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 602.850625][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.858622][ T8669] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 603.035433][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 603.115331][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 603.158209][ T43] bond0 (unregistering): Released all slaves [ 603.476846][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 603.525491][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 603.857191][ T43] bond0 (unregistering): Released all slaves [ 604.125140][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 604.215409][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 604.268649][ T43] bond0 (unregistering): Released all slaves [ 604.785288][ T8383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 605.108669][ T8383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 605.454508][ T5790] usb 4-1: USB disconnect, device number 4 [ 605.472171][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 605.872576][ T8383] team0: Port device team_slave_0 added [ 606.924914][ T8383] team0: Port device team_slave_1 added [ 607.382165][ T8480] bridge0: port 1(bridge_slave_0) entered blocking state [ 607.382299][ T8480] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.382534][ T8480] bridge_slave_0: entered allmulticast mode [ 607.408003][ T8480] bridge_slave_0: entered promiscuous mode [ 607.492893][ T8480] bridge0: port 2(bridge_slave_1) entered blocking state [ 607.493044][ T8480] bridge0: port 2(bridge_slave_1) entered disabled state [ 607.493255][ T8480] bridge_slave_1: entered allmulticast mode [ 607.526182][ T8480] bridge_slave_1: entered promiscuous mode [ 609.150132][ T8484] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 609.181424][ T8484] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 609.183896][ T8484] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 609.241190][ T8484] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 609.242165][ T8484] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 617.808295][ T8484] Bluetooth: hci0: command tx timeout [ 618.266216][ T8480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 618.284434][ T5961] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 618.299844][ T8480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.303545][ T8505] chnl_net:caif_netlink_parms(): no params data found [ 618.434398][ T5961] usb 4-1: Using ep0 maxpacket: 8 [ 618.438786][ T5961] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 618.438811][ T5961] usb 4-1: config 179 has no interface number 0 [ 618.438861][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 618.438885][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 618.438909][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 618.438932][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 618.438956][ T5961] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 618.438995][ T5961] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 618.439016][ T5961] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.549058][ T8726] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 618.785247][ T8480] team0: Port device team_slave_0 added [ 618.929230][ T8480] team0: Port device team_slave_1 added [ 619.288818][ T5961] usb 4-1: USB disconnect, device number 5 [ 619.288902][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 619.288966][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 619.612352][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 619.612370][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 619.612393][ T8480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 620.054896][ T8484] Bluetooth: hci0: command tx timeout [ 620.186024][ T8480] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 620.186040][ T8480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 620.186059][ T8480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 621.570013][ T8505] bridge0: port 1(bridge_slave_0) entered blocking state [ 621.570221][ T8505] bridge0: port 1(bridge_slave_0) entered disabled state [ 621.570451][ T8505] bridge_slave_0: entered allmulticast mode [ 621.573285][ T8505] bridge_slave_0: entered promiscuous mode [ 621.596367][ T8505] bridge0: port 2(bridge_slave_1) entered blocking state [ 621.596511][ T8505] bridge0: port 2(bridge_slave_1) entered disabled state [ 621.596692][ T8505] bridge_slave_1: entered allmulticast mode [ 621.599870][ T8505] bridge_slave_1: entered promiscuous mode [ 622.615536][ T8484] Bluetooth: hci0: command tx timeout [ 622.671295][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 622.766439][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 622.854724][ T43] hsr_slave_0: left promiscuous mode [ 622.897274][ T43] hsr_slave_1: left promiscuous mode [ 622.898225][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 622.945551][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 623.226603][ T5961] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 623.404460][ T5961] usb 1-1: Using ep0 maxpacket: 8 [ 623.410525][ T5961] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 623.410554][ T5961] usb 1-1: config 179 has no interface number 0 [ 623.410601][ T5961] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 623.410626][ T5961] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 623.410653][ T5961] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 623.410678][ T5961] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 623.410704][ T5961] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 623.410745][ T5961] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 623.410767][ T5961] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 623.526371][ T8773] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 623.565730][ T43] hsr_slave_0: left promiscuous mode [ 624.626742][ T43] hsr_slave_1: left promiscuous mode [ 624.627747][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 624.747155][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.747252][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.782926][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 625.529149][ T5961] usb 1-1: USB disconnect, device number 6 [ 625.535427][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 625.544331][ T8484] Bluetooth: hci0: command tx timeout [ 631.900552][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 631.916240][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 631.921416][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 631.943583][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 631.950856][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 633.194490][ T43] hsr_slave_0: left promiscuous mode [ 633.482142][ T43] hsr_slave_1: left promiscuous mode [ 633.517134][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 633.546516][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 633.648978][ T8484] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 633.674316][ T8484] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 633.685316][ T8484] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 633.724189][ T8484] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 633.741906][ T8484] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 634.364225][ T8484] Bluetooth: hci5: command tx timeout [ 634.574528][ T43] hsr_slave_0: left promiscuous mode [ 635.026421][ T43] hsr_slave_1: left promiscuous mode [ 635.027449][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 635.185551][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 635.402281][ T8821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.625'. [ 636.104437][ T5961] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 636.134186][ T8484] Bluetooth: hci6: command tx timeout [ 636.332458][ T5961] usb 4-1: Using ep0 maxpacket: 8 [ 636.354303][ T5961] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 636.354338][ T5961] usb 4-1: config 179 has no interface number 0 [ 636.354383][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 636.354407][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 636.354432][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 636.354456][ T5961] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 636.354482][ T5961] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 636.354522][ T5961] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 636.354544][ T5961] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 636.374399][ T8484] Bluetooth: hci5: command tx timeout [ 636.467763][ T8819] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 636.493030][ T43] team0 (unregistering): Port device team_slave_1 removed [ 637.655508][ T43] team0 (unregistering): Port device team_slave_0 removed [ 637.873063][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 637.873132][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 637.873183][ T10] usb 4-1: USB disconnect, device number 6 [ 639.240637][ T8484] Bluetooth: hci6: command tx timeout [ 639.241356][ T8484] Bluetooth: hci5: command tx timeout [ 640.887095][ T8839] overlayfs: failed to resolve './file1': -2 [ 641.254573][ T8484] Bluetooth: hci5: command tx timeout [ 641.254606][ T8484] Bluetooth: hci6: command tx timeout [ 644.532306][ T43] team0 (unregistering): Port device team_slave_1 removed [ 644.598978][ T5806] Bluetooth: hci6: command tx timeout [ 645.335183][ T43] team0 (unregistering): Port device team_slave_0 removed [ 647.124510][ T8865] FAT-fs (loop1): unable to read boot sector [ 647.589042][ T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 647.964482][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 647.968743][ T10] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 647.968768][ T10] usb 4-1: config 179 has no interface number 0 [ 647.968813][ T10] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 647.968836][ T10] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 647.968859][ T10] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 647.968881][ T10] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 647.968903][ T10] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 647.968941][ T10] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 647.968963][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 648.071595][ T8858] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 649.092162][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 649.092237][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 649.092298][ T5790] usb 4-1: USB disconnect, device number 7 [ 649.325059][ T43] team0 (unregistering): Port device team_slave_1 removed [ 649.505575][ T43] team0 (unregistering): Port device team_slave_0 removed [ 651.505030][ T43] team0 (unregistering): Port device team_slave_1 removed [ 651.625072][ T43] team0 (unregistering): Port device team_slave_0 removed [ 652.345025][ T43] team0 (unregistering): Port device team_slave_1 removed [ 652.445185][ T43] team0 (unregistering): Port device team_slave_0 removed [ 653.038099][ T8878] overlayfs: failed to resolve './file1': -2 [ 653.711669][ T8883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.640'. [ 661.055949][ T8712] chnl_net:caif_netlink_parms(): no params data found [ 662.725107][ T8946] overlayfs: failed to resolve './file1': -2 [ 663.611651][ T8950] FAT-fs (loop7): unable to read boot sector [ 664.908702][ T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 665.894409][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 665.898771][ T10] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 665.898797][ T10] usb 1-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 665.898815][ T10] usb 1-1: config 179 has no interface number 0 [ 665.898866][ T10] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 665.898889][ T10] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 665.898914][ T10] usb 1-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 665.898955][ T10] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 665.898977][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.906774][ T8960] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 668.285526][ T8712] bridge0: port 1(bridge_slave_0) entered blocking state [ 668.285772][ T8712] bridge0: port 1(bridge_slave_0) entered disabled state [ 668.285987][ T8712] bridge_slave_0: entered allmulticast mode [ 668.289391][ T8712] bridge_slave_0: entered promiscuous mode [ 668.507836][ T8799] chnl_net:caif_netlink_parms(): no params data found [ 668.694911][ T8994] FAT-fs (loop7): unable to read boot sector [ 669.597426][ T8476] usb 1-1: USB disconnect, device number 7 [ 671.549971][ T9010] FAT-fs (loop7): unable to read boot sector [ 671.881660][ T8484] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 671.900896][ T8484] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 671.902397][ T8484] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 671.903700][ T8484] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 671.930333][ T8484] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 672.788435][ T9017] overlayfs: failed to resolve './file0': -2 [ 672.940610][ T8807] chnl_net:caif_netlink_parms(): no params data found [ 673.533598][ T9030] FAT-fs (loop7): unable to read boot sector [ 674.077914][ T8484] Bluetooth: hci2: command tx timeout [ 676.145365][ T8484] Bluetooth: hci2: command tx timeout [ 676.334543][ T9053] FAT-fs (loop7): unable to read boot sector [ 677.376983][ T8799] bridge0: port 1(bridge_slave_0) entered blocking state [ 677.377124][ T8799] bridge0: port 1(bridge_slave_0) entered disabled state [ 677.377328][ T8799] bridge_slave_0: entered allmulticast mode [ 677.380201][ T8799] bridge_slave_0: entered promiscuous mode [ 678.339270][ T8484] Bluetooth: hci2: command tx timeout [ 678.422033][ T8799] bridge0: port 2(bridge_slave_1) entered blocking state [ 678.422164][ T8799] bridge0: port 2(bridge_slave_1) entered disabled state [ 678.422381][ T8799] bridge_slave_1: entered allmulticast mode [ 678.461969][ T8799] bridge_slave_1: entered promiscuous mode [ 679.199783][ T37] audit: type=1326 audit(1761693432.702:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9083 comm="syz.3.665" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x0 [ 679.298196][ T8799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 679.300385][ T8807] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.300521][ T8807] bridge0: port 1(bridge_slave_0) entered disabled state [ 679.300728][ T8807] bridge_slave_0: entered allmulticast mode [ 679.322637][ T8807] bridge_slave_0: entered promiscuous mode [ 679.360960][ T8799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 679.388814][ T8807] bridge0: port 2(bridge_slave_1) entered blocking state [ 679.388952][ T8807] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.389177][ T8807] bridge_slave_1: entered allmulticast mode [ 679.397961][ T8807] bridge_slave_1: entered promiscuous mode [ 679.938942][ T9098] FAT-fs (loop1): unable to read boot sector [ 680.793496][ T8484] Bluetooth: hci2: command tx timeout [ 681.902124][ T9120] FAT-fs (loop7): unable to read boot sector [ 686.228842][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.228913][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.317504][ T37] audit: type=1326 audit(1761693439.832:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9135 comm="syz.3.674" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x0 [ 686.319405][ T8799] team0: Port device team_slave_0 added [ 686.386869][ T8807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 686.400663][ T8799] team0: Port device team_slave_1 added [ 686.423888][ T8807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 691.546542][ T8807] team0: Port device team_slave_0 added [ 691.551879][ T8807] team0: Port device team_slave_1 added [ 693.084029][ T5806] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 693.092736][ T5806] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 693.095861][ T5806] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 693.105944][ T5806] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 693.107158][ T5806] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 695.150473][ T8807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 695.150489][ T8807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 695.150513][ T8807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 695.174462][ T5806] Bluetooth: hci0: command tx timeout [ 695.415383][ T37] audit: type=1326 audit(1761693448.932:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9202 comm="syz.0.683" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 696.944477][ T8484] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 696.968470][ T8484] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 696.969721][ T8484] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 696.971258][ T8484] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 696.976355][ T8484] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 697.254371][ T8484] Bluetooth: hci0: command tx timeout [ 697.863130][ T9014] chnl_net:caif_netlink_parms(): no params data found [ 698.385041][ T9224] FAT-fs (loop1): unable to read boot sector [ 699.026217][ T8484] Bluetooth: hci3: command tx timeout [ 699.354339][ T8484] Bluetooth: hci0: command tx timeout [ 699.438375][ T9231] overlayfs: missing 'lowerdir' [ 700.924581][ T9014] bridge0: port 1(bridge_slave_0) entered blocking state [ 700.924728][ T9014] bridge0: port 1(bridge_slave_0) entered disabled state [ 700.925281][ T9014] bridge_slave_0: entered allmulticast mode [ 700.928172][ T9014] bridge_slave_0: entered promiscuous mode [ 700.940874][ T9014] bridge0: port 2(bridge_slave_1) entered blocking state [ 700.940995][ T9014] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.941270][ T9014] bridge_slave_1: entered allmulticast mode [ 700.942904][ T9014] bridge_slave_1: entered promiscuous mode [ 701.236021][ T8484] Bluetooth: hci3: command tx timeout [ 701.429993][ T8484] Bluetooth: hci0: command tx timeout [ 701.528690][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.691'. [ 702.636556][ T37] audit: type=1326 audit(1761693456.152:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9249 comm="syz.0.693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 703.256975][ T8484] Bluetooth: hci3: command tx timeout [ 703.713798][ T9014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 703.779818][ T9014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 704.945818][ T9265] overlayfs: missing 'lowerdir' [ 705.334618][ T8484] Bluetooth: hci3: command tx timeout [ 706.079629][ T9270] smk_cipso_doi:679 remove rc = -2 [ 706.079670][ T9270] smk_cipso_doi:692 cipso add rc = -17 [ 706.083676][ T9014] team0: Port device team_slave_0 added [ 706.146412][ T9014] team0: Port device team_slave_1 added [ 708.242119][ T9014] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 708.242165][ T9014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 708.242217][ T9014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 708.776207][ T9181] chnl_net:caif_netlink_parms(): no params data found [ 708.807103][ T9014] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 708.807119][ T9014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 708.807145][ T9014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 710.409538][ T9304] overlayfs: missing 'lowerdir' [ 710.431197][ T9014] hsr_slave_0: entered promiscuous mode [ 710.432271][ T9014] hsr_slave_1: entered promiscuous mode [ 710.432859][ T9014] debugfs: 'hsr0' already exists in 'hsr' [ 710.432876][ T9014] Cannot create hsr debugfs directory [ 710.477527][ T9213] chnl_net:caif_netlink_parms(): no params data found [ 710.521644][ T9307] smk_cipso_doi:679 remove rc = -2 [ 710.521675][ T9307] smk_cipso_doi:692 cipso add rc = -17 [ 711.006015][ T9181] bridge0: port 1(bridge_slave_0) entered blocking state [ 711.006770][ T9181] bridge0: port 1(bridge_slave_0) entered disabled state [ 711.008719][ T9181] bridge_slave_0: entered allmulticast mode [ 711.011708][ T9181] bridge_slave_0: entered promiscuous mode [ 713.277315][ T9327] overlayfs: missing 'workdir' [ 713.428702][ T9181] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.428864][ T9181] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.429069][ T9181] bridge_slave_1: entered allmulticast mode [ 713.436164][ T9181] bridge_slave_1: entered promiscuous mode [ 713.504900][ T9330] smk_cipso_doi:679 remove rc = -2 [ 713.504943][ T9330] smk_cipso_doi:692 cipso add rc = -17 [ 715.733698][ T9181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 717.859929][ T9355] overlayfs: missing 'workdir' [ 717.947852][ T9181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 718.266301][ T9213] bridge0: port 1(bridge_slave_0) entered blocking state [ 718.266521][ T9213] bridge0: port 1(bridge_slave_0) entered disabled state [ 718.266741][ T9213] bridge_slave_0: entered allmulticast mode [ 718.276296][ T9213] bridge_slave_0: entered promiscuous mode [ 718.313135][ T9361] overlayfs: failed to resolve './file0': -2 [ 718.381915][ T9213] bridge0: port 2(bridge_slave_1) entered blocking state [ 718.382150][ T9213] bridge0: port 2(bridge_slave_1) entered disabled state [ 718.382799][ T9213] bridge_slave_1: entered allmulticast mode [ 718.400699][ T9213] bridge_slave_1: entered promiscuous mode [ 718.445518][ T9181] team0: Port device team_slave_0 added [ 718.740883][ T9181] team0: Port device team_slave_1 added [ 719.028351][ T9213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 725.778699][ T9381] FAT-fs (loop7): unable to read boot sector [ 726.811109][ T9213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 726.822177][ T9181] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 726.822192][ T9181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 726.822218][ T9181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 727.010321][ T9385] overlayfs: missing 'workdir' [ 727.141120][ T9181] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 727.141136][ T9181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 727.141160][ T9181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 727.568843][ T9395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.734'. [ 728.334704][ T9213] team0: Port device team_slave_0 added [ 728.381274][ T9213] team0: Port device team_slave_1 added [ 728.847371][ T9401] overlayfs: failed to resolve './file1': -2 [ 729.113310][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 729.113327][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 729.113352][ T9213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 729.249385][ T9181] hsr_slave_0: entered promiscuous mode [ 729.252950][ T9181] hsr_slave_1: entered promiscuous mode [ 729.258194][ T9181] debugfs: 'hsr0' already exists in 'hsr' [ 729.258220][ T9181] Cannot create hsr debugfs directory [ 729.261624][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 729.261638][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 729.261660][ T9213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 731.453368][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 731.465243][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 731.475699][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 731.488219][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 731.506502][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 731.737128][ T43] bridge_slave_1: left allmulticast mode [ 731.737156][ T43] bridge_slave_1: left promiscuous mode [ 731.737386][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.574457][ T5806] Bluetooth: hci5: command tx timeout [ 733.860954][ T43] bridge_slave_0: left allmulticast mode [ 733.860983][ T43] bridge_slave_0: left promiscuous mode [ 733.861244][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.888504][ T9425] overlayfs: missing 'lowerdir' [ 733.952465][ T43] bridge_slave_1: left allmulticast mode [ 733.952493][ T43] bridge_slave_1: left promiscuous mode [ 733.952725][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 734.100602][ T43] bridge_slave_0: left allmulticast mode [ 734.100632][ T43] bridge_slave_0: left promiscuous mode [ 734.100869][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 734.261027][ T9433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.743'. [ 734.270828][ T9433] smk_cipso_doi:679 remove rc = -2 [ 734.270873][ T9433] smk_cipso_doi:692 cipso add rc = -17 [ 735.012916][ T9437] overlayfs: failed to resolve './file1': -2 [ 735.027563][ T43] bridge_slave_0: left allmulticast mode [ 735.027582][ T43] bridge_slave_0: left promiscuous mode [ 735.027725][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.119634][ T43] bridge_slave_1: left allmulticast mode [ 735.119663][ T43] bridge_slave_1: left promiscuous mode [ 735.119914][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 735.186048][ T43] bridge_slave_0: left allmulticast mode [ 735.186086][ T43] bridge_slave_0: left promiscuous mode [ 735.186336][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 736.194317][ T5806] Bluetooth: hci5: command tx timeout [ 736.259061][ T43] bridge_slave_1: left allmulticast mode [ 736.259091][ T43] bridge_slave_1: left promiscuous mode [ 736.259368][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 736.616062][ T43] bridge_slave_0: left allmulticast mode [ 736.616091][ T43] bridge_slave_0: left promiscuous mode [ 736.616340][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.991307][ T5806] Bluetooth: hci5: command tx timeout [ 739.042126][ T43] bridge_slave_1: left allmulticast mode [ 739.042157][ T43] bridge_slave_1: left promiscuous mode [ 739.042417][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 739.196070][ T43] bridge_slave_0: left allmulticast mode [ 739.196100][ T43] bridge_slave_0: left promiscuous mode [ 739.196388][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 739.411486][ T9455] overlayfs: missing 'lowerdir' [ 740.028323][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 740.839863][ T9465] overlayfs: failed to resolve './file1': -2 [ 740.889497][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 740.946629][ T43] bond0 (unregistering): Released all slaves [ 741.014598][ T5806] Bluetooth: hci5: command tx timeout [ 741.145324][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 741.225329][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 741.289043][ T43] bond0 (unregistering): Released all slaves [ 741.515899][ T43] bond0 (unregistering): Released all slaves [ 741.929810][ T9469] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 742.058456][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 742.123386][ T9476] overlayfs: missing 'lowerdir' [ 742.163562][ T9477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.757'. [ 742.185185][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 742.394682][ T43] bond0 (unregistering): Released all slaves [ 742.529646][ T43] bond0 (unregistering): Released all slaves [ 742.695558][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 742.815240][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 742.876485][ T43] bond0 (unregistering): Released all slaves [ 742.922235][ T9213] hsr_slave_0: entered promiscuous mode [ 742.923198][ T9213] hsr_slave_1: entered promiscuous mode [ 742.923861][ T9213] debugfs: 'hsr0' already exists in 'hsr' [ 742.923877][ T9213] Cannot create hsr debugfs directory [ 747.369135][ T9497] netlink: 'syz.0.764': attribute type 4 has an invalid length. [ 747.419272][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.419368][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.472490][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 747.507395][ T9499] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 747.516369][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 747.518876][ T9503] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 747.518933][ T9503] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 747.537273][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 748.575941][ T9511] FAT-fs (loop1): unable to read boot sector [ 749.176463][ T43] team0 (unregistering): Port device team_slave_1 removed [ 749.325341][ T43] team0 (unregistering): Port device team_slave_0 removed [ 749.867722][ T43] team0 (unregistering): Port device team_slave_1 removed [ 750.025230][ T43] team0 (unregistering): Port device team_slave_0 removed [ 750.835333][ T43] team0 (unregistering): Port device team_slave_1 removed [ 750.945076][ T43] team0 (unregistering): Port device team_slave_0 removed [ 752.240069][ T9523] FAT-fs (loop7): unable to read boot sector [ 752.746057][ T43] team0 (unregistering): Port device team_slave_1 removed [ 752.860716][ T43] team0 (unregistering): Port device team_slave_0 removed [ 754.121617][ T9413] chnl_net:caif_netlink_parms(): no params data found [ 754.305640][ T8484] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 754.601064][ T8484] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 754.604826][ T8484] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 754.651145][ T8484] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 754.651971][ T8484] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 754.766128][ T9540] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 754.766191][ T9540] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 756.764694][ T9413] bridge0: port 1(bridge_slave_0) entered blocking state [ 756.764909][ T9413] bridge0: port 1(bridge_slave_0) entered disabled state [ 756.765239][ T9413] bridge_slave_0: entered allmulticast mode [ 756.772105][ T9413] bridge_slave_0: entered promiscuous mode [ 756.774691][ T8484] Bluetooth: hci2: command tx timeout [ 756.832979][ T9413] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.833124][ T9413] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.833378][ T9413] bridge_slave_1: entered allmulticast mode [ 756.846830][ T9413] bridge_slave_1: entered promiscuous mode [ 756.969750][ T5806] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 756.986886][ T5806] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 756.989117][ T5806] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 756.990396][ T5806] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 756.991224][ T5806] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 757.435832][ T9413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 758.339773][ T9413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 758.687836][ T9562] C: renamed from team_slave_0 (while UP) [ 758.717117][ T9562] netlink: 'syz.3.780': attribute type 4 has an invalid length. [ 758.717139][ T9562] netlink: 152 bytes leftover after parsing attributes in process `syz.3.780'. [ 758.717946][ T9562] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 758.832184][ T9564] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 758.832614][ T9564] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 758.854530][ T5806] Bluetooth: hci2: command tx timeout [ 758.895460][ T9413] team0: Port device team_slave_0 added [ 758.912480][ T9413] team0: Port device team_slave_1 added [ 759.094885][ T5806] Bluetooth: hci0: command tx timeout [ 760.107843][ T37] audit: type=1326 audit(1761693513.622:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9574 comm="syz.3.786" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x0 [ 760.185515][ T9413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 760.185598][ T9413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 760.185796][ T9413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 760.221474][ T9413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 760.221491][ T9413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 760.221514][ T9413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 760.934538][ T5806] Bluetooth: hci2: command tx timeout [ 760.977645][ T9413] hsr_slave_0: entered promiscuous mode [ 760.979048][ T9413] hsr_slave_1: entered promiscuous mode [ 760.979984][ T9413] debugfs: 'hsr0' already exists in 'hsr' [ 760.980008][ T9413] Cannot create hsr debugfs directory [ 761.178428][ T5806] Bluetooth: hci0: command tx timeout [ 762.027648][ T9591] FAT-fs (loop7): unable to read boot sector [ 762.608634][ T9536] chnl_net:caif_netlink_parms(): no params data found [ 763.018902][ T5806] Bluetooth: hci2: command tx timeout [ 763.297098][ T37] audit: type=1326 audit(1761693516.812:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9603 comm="syz.3.794" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc431fdefc9 code=0x0 [ 763.385118][ T5806] Bluetooth: hci0: command tx timeout [ 765.905417][ T9536] bridge0: port 1(bridge_slave_0) entered blocking state [ 765.905644][ T9536] bridge0: port 1(bridge_slave_0) entered disabled state [ 765.905859][ T9536] bridge_slave_0: entered allmulticast mode [ 765.908692][ T9536] bridge_slave_0: entered promiscuous mode [ 765.917491][ T9553] chnl_net:caif_netlink_parms(): no params data found [ 766.635268][ T9536] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.635485][ T9536] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.635730][ T9536] bridge_slave_1: entered allmulticast mode [ 766.638573][ T9536] bridge_slave_1: entered promiscuous mode [ 767.319675][ T5806] Bluetooth: hci0: command tx timeout [ 768.488374][ T9623] FAT-fs (loop1): unable to read boot sector [ 770.664904][ T9536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 770.792206][ T9536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 771.147222][ T9536] team0: Port device team_slave_0 added [ 771.324079][ T9536] team0: Port device team_slave_1 added [ 771.328046][ T9553] bridge0: port 1(bridge_slave_0) entered blocking state [ 771.328246][ T9553] bridge0: port 1(bridge_slave_0) entered disabled state [ 771.328459][ T9553] bridge_slave_0: entered allmulticast mode [ 771.331076][ T9553] bridge_slave_0: entered promiscuous mode [ 771.435634][ T9553] bridge0: port 2(bridge_slave_1) entered blocking state [ 771.435716][ T9553] bridge0: port 2(bridge_slave_1) entered disabled state [ 771.435851][ T9553] bridge_slave_1: entered allmulticast mode [ 771.440572][ T9553] bridge_slave_1: entered promiscuous mode [ 771.560203][ T37] audit: type=1326 audit(1761693525.072:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9640 comm="syz.0.802" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5ffffefc9 code=0x0 [ 773.047779][ T9652] FAT-fs (loop7): unable to read boot sector [ 773.943295][ T9536] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 773.943313][ T9536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 773.943338][ T9536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 775.075819][ T9536] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 775.075835][ T9536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 775.075861][ T9536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 775.080190][ T9553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 775.150189][ T9553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 778.282377][ T9553] team0: Port device team_slave_0 added [ 780.447707][ T9553] team0: Port device team_slave_1 added [ 780.472984][ T9536] hsr_slave_0: entered promiscuous mode [ 780.477047][ T9536] hsr_slave_1: entered promiscuous mode [ 780.478060][ T9536] debugfs: 'hsr0' already exists in 'hsr' [ 780.478083][ T9536] Cannot create hsr debugfs directory [ 781.744537][ T9553] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 781.744554][ T9553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.744578][ T9553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 781.998559][ T9553] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 781.998576][ T9553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.998601][ T9553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 782.457966][ T9413] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 782.526973][ T9413] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 782.927782][ T9413] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 787.926783][ T9413] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 789.699411][ T9553] hsr_slave_0: entered promiscuous mode [ 789.700929][ T9553] hsr_slave_1: entered promiscuous mode [ 789.701953][ T9553] debugfs: 'hsr0' already exists in 'hsr' [ 789.701977][ T9553] Cannot create hsr debugfs directory [ 791.585009][ T9728] ceph: No mds server is up or the cluster is laggy [ 795.703552][ T9756] smk_cipso_doi:679 remove rc = -2 [ 795.703715][ T9756] smk_cipso_doi:692 cipso add rc = -17 [ 795.709206][ T9756] overlayfs: failed to resolve './file1': -2 [ 796.938378][ T8484] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 796.942046][ T8484] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 796.943488][ T8484] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 796.951169][ T8484] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 796.952767][ T8484] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 797.735406][ T9769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.831'. [ 797.737620][ T9769] smk_cipso_doi:679 remove rc = -2 [ 797.737659][ T9769] smk_cipso_doi:692 cipso add rc = -17 [ 797.775777][ T9769] overlayfs: failed to resolve './file0': -2 [ 799.014787][ T8484] Bluetooth: hci3: command tx timeout [ 801.172165][ T9785] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 801.811302][ T8484] Bluetooth: hci3: command tx timeout [ 802.043668][ T9796] smk_cipso_doi:679 remove rc = -2 [ 802.043715][ T9796] smk_cipso_doi:692 cipso add rc = -17 [ 802.045080][ T9796] overlayfs: failed to resolve './file1': -2 [ 803.912929][ T8484] Bluetooth: hci3: command tx timeout [ 805.103236][ T9809] overlayfs: missing 'lowerdir' [ 805.433859][ T9762] chnl_net:caif_netlink_parms(): no params data found [ 805.983185][ T8484] Bluetooth: hci3: command tx timeout [ 806.182359][ T9818] ceph: No mds server is up or the cluster is laggy [ 806.274830][ T5894] libceph: connect (1)[c::]:6789 error -101 [ 806.275036][ T5894] libceph: mon0 (1)[c::]:6789 connect error [ 806.698639][ T9830] overlayfs: missing 'lowerdir' [ 807.945103][ T9762] bridge0: port 1(bridge_slave_0) entered blocking state [ 807.945278][ T9762] bridge0: port 1(bridge_slave_0) entered disabled state [ 807.945501][ T9762] bridge_slave_0: entered allmulticast mode [ 807.950520][ T9762] bridge_slave_0: entered promiscuous mode [ 808.024168][ T9762] bridge0: port 2(bridge_slave_1) entered blocking state [ 808.032038][ T9762] bridge0: port 2(bridge_slave_1) entered disabled state [ 808.032730][ T9762] bridge_slave_1: entered allmulticast mode [ 808.076727][ T9762] bridge_slave_1: entered promiscuous mode [ 808.318132][ T43] bridge_slave_1: left allmulticast mode [ 808.318162][ T43] bridge_slave_1: left promiscuous mode [ 808.318476][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 808.394176][ T43] bridge_slave_0: left allmulticast mode [ 808.394205][ T43] bridge_slave_0: left promiscuous mode [ 808.402882][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 808.607407][ T43] bridge_slave_1: left allmulticast mode [ 808.607437][ T43] bridge_slave_1: left promiscuous mode [ 808.607681][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 808.807684][ T43] bridge_slave_0: left allmulticast mode [ 808.807713][ T43] bridge_slave_0: left promiscuous mode [ 808.807962][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 809.124513][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.124582][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.180327][ T43] bridge_slave_1: left allmulticast mode [ 809.180358][ T43] bridge_slave_1: left promiscuous mode [ 809.183303][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 809.255903][ T43] bridge_slave_0: left allmulticast mode [ 809.255934][ T43] bridge_slave_0: left promiscuous mode [ 809.256209][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 811.995966][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 812.106272][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 812.174650][ T43] bond0 (unregistering): Released all slaves [ 813.675179][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 813.755883][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 813.812874][ T9862] ceph: No mds server is up or the cluster is laggy [ 813.827486][ T43] bond0 (unregistering): Released all slaves [ 814.186951][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 814.226307][ T9868] overlayfs: missing 'lowerdir' [ 814.285459][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 814.392977][ T43] bond0 (unregistering): Released all slaves [ 814.610518][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 814.613087][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 814.624104][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 814.638222][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 814.639072][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 816.694434][ T5806] Bluetooth: hci5: command tx timeout [ 817.050294][ T9762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 817.068146][ T9762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 817.387606][ T9762] team0: Port device team_slave_0 added [ 817.396388][ T9762] team0: Port device team_slave_1 added [ 817.658501][ T9762] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 817.658513][ T9762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 817.658527][ T9762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 817.665179][ T9762] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 817.665194][ T9762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 817.665218][ T9762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 817.854475][ T43] hsr_slave_0: left promiscuous mode [ 817.894638][ T43] hsr_slave_1: left promiscuous mode [ 817.895666][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 817.915225][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 818.344535][ T43] hsr_slave_0: left promiscuous mode [ 818.373142][ T43] hsr_slave_1: left promiscuous mode [ 818.380479][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 818.407001][ T8484] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 818.428463][ T8484] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 818.430856][ T8484] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 818.432238][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 818.440742][ T8484] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 818.445494][ T8484] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 819.578301][ T5806] Bluetooth: hci5: command tx timeout [ 819.578509][ T43] hsr_slave_0: left promiscuous mode [ 819.797695][ T43] hsr_slave_1: left promiscuous mode [ 819.798660][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 822.672008][ T5806] Bluetooth: hci6: command tx timeout [ 823.073733][ T5806] Bluetooth: hci5: command tx timeout [ 823.080524][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 823.994357][ T9908] ceph: No mds server is up or the cluster is laggy [ 825.672728][ T5806] Bluetooth: hci6: command tx timeout [ 825.672762][ T5806] Bluetooth: hci5: command tx timeout [ 827.221166][ T43] team0 (unregistering): Port device team_slave_1 removed [ 828.534711][ T8237] Bluetooth: hci6: command tx timeout [ 830.698017][ T5806] Bluetooth: hci6: command tx timeout [ 830.704640][ T43] team0 (unregistering): Port device team_slave_0 removed [ 833.886411][ T5910] libceph: connect (1)[c::]:6789 error -101 [ 833.886614][ T5910] libceph: mon0 (1)[c::]:6789 connect error [ 833.914095][ T5910] libceph: connect (1)[c::]:6789 error -101 [ 833.920336][ T5910] libceph: mon0 (1)[c::]:6789 connect error [ 834.177020][ T5910] libceph: connect (1)[c::]:6789 error -101 [ 834.177207][ T5910] libceph: mon0 (1)[c::]:6789 connect error [ 834.322591][ T9947] ceph: No mds server is up or the cluster is laggy [ 835.221278][ T9954] random: crng reseeded on system resumption [ 836.455190][ T43] team0 (unregistering): Port device team_slave_1 removed [ 838.537778][ T43] team0 (unregistering): Port device team_slave_0 removed [ 840.916454][ T9985] netlink: 8 bytes leftover after parsing attributes in process `syz.3.882'. [ 841.009892][ T9985] smk_cipso_doi:679 remove rc = -2 [ 841.011226][ T9985] smk_cipso_doi:692 cipso add rc = -17 [ 842.245574][ T9990] random: crng reseeded on system resumption [ 845.029261][T10006] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 845.029319][T10006] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 848.916928][ T43] team0 (unregistering): Port device team_slave_1 removed [ 850.912689][ T43] team0 (unregistering): Port device team_slave_0 removed [ 851.375959][ T5893] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 851.664617][ T5893] usb 4-1: Using ep0 maxpacket: 8 [ 851.867042][ T5893] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 851.867119][ T5893] usb 4-1: config 179 has no interface number 0 [ 851.871782][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 851.871864][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 851.871939][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 851.872013][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 851.872087][ T5893] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 851.872371][ T5893] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 851.872602][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 852.131057][T10030] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 854.536651][T10046] overlayfs: missing 'lowerdir' [ 856.432696][ T8237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 856.458909][ T8237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 856.460836][ T8237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 856.486035][ T8237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 856.489389][ T8237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 858.139453][ T5790] usb 4-1: USB disconnect, device number 8 [ 858.139515][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 858.139579][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 858.449201][T10062] overlayfs: missing 'lowerdir' [ 858.534449][ T5806] Bluetooth: hci3: command tx timeout [ 861.041607][T10077] overlayfs: missing 'lowerdir' [ 861.041820][ T5806] Bluetooth: hci3: command tx timeout [ 861.207319][T10080] netlink: 160 bytes leftover after parsing attributes in process `syz.3.907'. [ 861.299699][ T9871] chnl_net:caif_netlink_parms(): no params data found [ 862.055330][ T5893] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 862.404888][ T5893] usb 4-1: Using ep0 maxpacket: 8 [ 862.407185][ T5893] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 862.407211][ T5893] usb 4-1: config 179 has no interface number 0 [ 862.407262][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 862.407288][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 862.407316][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 862.407342][ T5893] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 862.407368][ T5893] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 862.407408][ T5893] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 862.407430][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 862.532235][T10089] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 863.104701][ T5806] Bluetooth: hci3: command tx timeout [ 864.327380][T10099] overlayfs: missing 'lowerdir' [ 864.558560][T10101] overlayfs: missing 'lowerdir' [ 864.935311][ T9871] bridge0: port 1(bridge_slave_0) entered blocking state [ 864.935580][ T9871] bridge0: port 1(bridge_slave_0) entered disabled state [ 864.936245][ T9871] bridge_slave_0: entered allmulticast mode [ 864.971510][ T9871] bridge_slave_0: entered promiscuous mode [ 865.040249][ T994] usb 4-1: USB disconnect, device number 9 [ 865.040266][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 865.040327][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 865.083849][ T9871] bridge0: port 2(bridge_slave_1) entered blocking state [ 865.083995][ T9871] bridge0: port 2(bridge_slave_1) entered disabled state [ 865.084210][ T9871] bridge_slave_1: entered allmulticast mode [ 865.108829][ T9871] bridge_slave_1: entered promiscuous mode [ 865.174418][ T8237] Bluetooth: hci3: command tx timeout [ 865.942488][ T9871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 866.938762][ T9871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 870.772788][ T9871] team0: Port device team_slave_0 added [ 870.805198][ T9885] chnl_net:caif_netlink_parms(): no params data found [ 870.859178][ T9871] team0: Port device team_slave_1 added [ 870.954430][ T5790] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 871.104380][ T5790] usb 1-1: Using ep0 maxpacket: 8 [ 871.107607][ T5790] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 871.107633][ T5790] usb 1-1: config 179 has no interface number 0 [ 871.107684][ T5790] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 871.107711][ T5790] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 871.107737][ T5790] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 871.107763][ T5790] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 871.107789][ T5790] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 871.107830][ T5790] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 871.107851][ T5790] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 871.231372][T10130] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 871.873025][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.873315][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.873315][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.894755][ T26] ================================================================== [ 871.894770][ T26] BUG: KASAN: vmalloc-out-of-bounds in run_irq_workd+0x116/0x190 [ 871.894804][ T26] Read of size 8 at addr ffffc90006241090 by task irq_work/1/26 [ 871.894818][ T26] [ 871.894850][ T26] CPU: 1 UID: 0 PID: 26 Comm: irq_work/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 871.894870][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 871.894889][ T26] Call Trace: [ 871.894899][ T26] [ 871.894907][ T26] dump_stack_lvl+0x189/0x250 [ 871.894932][ T26] ? run_irq_workd+0x116/0x190 [ 871.894954][ T26] ? __pfx_dump_stack_lvl+0x10/0x10 [ 871.894976][ T26] ? __pfx__printk+0x10/0x10 [ 871.894997][ T26] ? __virt_addr_valid+0xdc/0x5c0 [ 871.895018][ T26] ? __virt_addr_valid+0xdc/0x5c0 [ 871.895040][ T26] print_report+0xca/0x240 [ 871.895062][ T26] ? run_irq_workd+0x116/0x190 [ 871.895081][ T26] kasan_report+0x118/0x150 [ 871.895104][ T26] ? run_irq_workd+0x116/0x190 [ 871.895128][ T26] run_irq_workd+0x116/0x190 [ 871.895149][ T26] ? __pfx_run_irq_workd+0x10/0x10 [ 871.895170][ T26] ? schedule+0x91/0x360 [ 871.895191][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.895211][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.895229][ T26] smpboot_thread_fn+0x542/0xa60 [ 871.895248][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.895271][ T26] kthread+0x711/0x8a0 [ 871.895294][ T26] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 871.895314][ T26] ? __pfx_kthread+0x10/0x10 [ 871.895334][ T26] ? rt_spin_unlock+0x150/0x200 [ 871.895353][ T26] ? rt_spin_unlock+0x161/0x200 [ 871.895368][ T26] ? __pfx_kthread+0x10/0x10 [ 871.895389][ T26] ret_from_fork+0x4bc/0x870 [ 871.895410][ T26] ? __pfx_ret_from_fork+0x10/0x10 [ 871.895431][ T26] ? __switch_to_asm+0x39/0x70 [ 871.895447][ T26] ? __switch_to_asm+0x33/0x70 [ 871.895462][ T26] ? __pfx_kthread+0x10/0x10 [ 871.895483][ T26] ret_from_fork_asm+0x1a/0x30 [ 871.895505][ T26] [ 871.895511][ T26] [ 871.895515][ T26] The buggy address belongs to a vmalloc virtual mapping [ 871.895541][ T26] Memory state around the buggy address: [ 871.895552][ T26] ffffc90006240f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 871.895563][ T26] ffffc90006241000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 871.895574][ T26] >ffffc90006241080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 871.895586][ T26] ^ [ 871.895596][ T26] ffffc90006241100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 871.895607][ T26] ffffc90006241180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 871.895615][ T26] ================================================================== [ 871.895636][ T26] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 871.895649][ T26] CPU: 1 UID: 0 PID: 26 Comm: irq_work/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 871.895668][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 871.895677][ T26] Call Trace: [ 871.895684][ T26] [ 871.895690][ T26] dump_stack_lvl+0x99/0x250 [ 871.895713][ T26] ? __asan_memcpy+0x40/0x70 [ 871.895731][ T26] ? __pfx_dump_stack_lvl+0x10/0x10 [ 871.895752][ T26] ? __pfx__printk+0x10/0x10 [ 871.895777][ T26] vpanic+0x237/0x6d0 [ 871.895793][ T26] ? __pfx_vpanic+0x10/0x10 [ 871.895813][ T26] panic+0xb9/0xc0 [ 871.895828][ T26] ? __pfx_panic+0x10/0x10 [ 871.895851][ T26] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 871.895873][ T26] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 871.895895][ T26] ? run_irq_workd+0x116/0x190 [ 871.895915][ T26] check_panic_on_warn+0x89/0xb0 [ 871.895932][ T26] ? run_irq_workd+0x116/0x190 [ 871.895951][ T26] end_report+0x78/0x160 [ 871.895971][ T26] kasan_report+0x129/0x150 [ 871.895993][ T26] ? run_irq_workd+0x116/0x190 [ 871.896017][ T26] run_irq_workd+0x116/0x190 [ 871.896038][ T26] ? __pfx_run_irq_workd+0x10/0x10 [ 871.896058][ T26] ? schedule+0x91/0x360 [ 871.896078][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.896097][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.896115][ T26] smpboot_thread_fn+0x542/0xa60 [ 871.896135][ T26] ? smpboot_thread_fn+0x4d/0xa60 [ 871.896158][ T26] kthread+0x711/0x8a0 [ 871.896180][ T26] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 871.896200][ T26] ? __pfx_kthread+0x10/0x10 [ 871.896221][ T26] ? rt_spin_unlock+0x150/0x200 [ 871.896240][ T26] ? rt_spin_unlock+0x161/0x200 [ 871.896255][ T26] ? __pfx_kthread+0x10/0x10 [ 871.896278][ T26] ret_from_fork+0x4bc/0x870 [ 871.896298][ T26] ? __pfx_ret_from_fork+0x10/0x10 [ 871.896319][ T26] ? __switch_to_asm+0x39/0x70 [ 871.896335][ T26] ? __switch_to_asm+0x33/0x70 [ 871.896350][ T26] ? __pfx_kthread+0x10/0x10 [ 871.896372][ T26] ret_from_fork_asm+0x1a/0x30 [ 871.896395][ T26] [ 871.896658][ T26] Kernel Offset: disabled