last executing test programs: 5.077069176s ago: executing program 3 (id=4518): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) setuid(0xee01) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 4.955834053s ago: executing program 3 (id=4520): rt_sigaction(0xd, &(0x7f0000000100)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f00000000c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6f, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = userfaultfd(0x801) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f00000001c0)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}}) 4.368896462s ago: executing program 0 (id=4528): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r4, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc000000190067"], 0xfc}}, 0x0) 4.276570363s ago: executing program 0 (id=4530): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r4, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) 3.355269539s ago: executing program 2 (id=4535): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0) 3.241934527s ago: executing program 2 (id=4536): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, 0x0, 0x0, 0x4) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) 3.13232193s ago: executing program 2 (id=4537): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x38, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008080}, 0x0) 3.018272826s ago: executing program 2 (id=4538): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c12020", 0x44000004, 0x0}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r4, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f00000000c0)='user\x00', 0x0) 2.892285647s ago: executing program 3 (id=4539): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="240000002800010023bd700000000000050000000c000000000000f7ffffff"], 0x24}], 0x1}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)=ANY=[], 0x30}], 0x1}, 0x0) 2.31978234s ago: executing program 0 (id=4541): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) getsockname$packet(r1, 0x0, 0x0) 2.167799954s ago: executing program 3 (id=4542): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6f, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6(0xa, 0x2, 0x6c5) 2.078224193s ago: executing program 3 (id=4543): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = dup(r0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, 0x0, 0x10000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r3, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) accept4$inet(r5, 0x0, 0x0, 0x80000) 1.947809339s ago: executing program 3 (id=4544): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r4, 0x0, 0x0, 0x805, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r5, 0x0, 0x0) sendto$inet(r4, 0x0, 0x0, 0x80, 0x0, 0x0) 1.24435132s ago: executing program 0 (id=4546): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) 1.162732595s ago: executing program 0 (id=4548): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, 0x0, 0x0, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_gettime(r6, 0x0) 1.045038257s ago: executing program 0 (id=4549): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r4, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) 809.805886ms ago: executing program 2 (id=4552): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r5, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) 807.363889ms ago: executing program 1 (id=4553): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="240000002800010023bd700000000000050000000c000000000000f7ffffff"], 0x24}], 0x1}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)=ANY=[], 0x30}], 0x1}, 0x0) 679.89812ms ago: executing program 1 (id=4554): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x0, 0xfcee) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 516.405964ms ago: executing program 1 (id=4555): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) listen(r2, 0xf) 425.803782ms ago: executing program 1 (id=4556): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00), 0x0, 0x4) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) 307.615168ms ago: executing program 1 (id=4557): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, 0x0, 0x0, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_gettime(r6, 0x0) 159.494963ms ago: executing program 1 (id=4558): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) r4 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = syz_pidfd_open(r4, 0x0) setns(r5, 0x24020000) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r8, 0x0, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r9, 0x0, 0x0, 0x1, 0x0, 0x0) unshare(0x62020680) 0s ago: executing program 2 (id=4559): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) close_range(r0, r2, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r5, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r5, 0x0, 0x0, 0x80, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.145' (ED25519) to the list of known hosts. [ 67.074991][ T5813] cgroup: Unknown subsys name 'net' [ 67.201296][ T5813] cgroup: Unknown subsys name 'cpuset' [ 67.210310][ T5813] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.561844][ T5813] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.433900][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.440623][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 75.739419][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.740401][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.748421][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.755119][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.763531][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.776799][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.777122][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.785044][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.793844][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.800471][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.806617][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.813829][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.828287][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.828681][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.836644][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.845659][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.856613][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.857718][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.864039][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.874220][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.322678][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 76.523002][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 76.542696][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.550517][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.557979][ T5825] bridge_slave_0: entered allmulticast mode [ 76.565098][ T5825] bridge_slave_0: entered promiscuous mode [ 76.607500][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.614834][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.622332][ T5825] bridge_slave_1: entered allmulticast mode [ 76.629524][ T5825] bridge_slave_1: entered promiscuous mode [ 76.636870][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 76.762892][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.788994][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 76.815093][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.833473][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.841310][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.848803][ T5823] bridge_slave_0: entered allmulticast mode [ 76.855951][ T5823] bridge_slave_0: entered promiscuous mode [ 76.903728][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.910918][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.918617][ T5823] bridge_slave_1: entered allmulticast mode [ 76.925656][ T5823] bridge_slave_1: entered promiscuous mode [ 76.988321][ T5825] team0: Port device team_slave_0 added [ 76.994185][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.001562][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.009185][ T5824] bridge_slave_0: entered allmulticast mode [ 77.016209][ T5824] bridge_slave_0: entered promiscuous mode [ 77.042326][ T5825] team0: Port device team_slave_1 added [ 77.062624][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.069831][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.076967][ T5824] bridge_slave_1: entered allmulticast mode [ 77.084756][ T5824] bridge_slave_1: entered promiscuous mode [ 77.099308][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.145610][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.166536][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.173977][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.199989][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.246770][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.253858][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.280000][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.293662][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.303378][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.310734][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.318443][ T5822] bridge_slave_0: entered allmulticast mode [ 77.325421][ T5822] bridge_slave_0: entered promiscuous mode [ 77.335302][ T5823] team0: Port device team_slave_0 added [ 77.354636][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.364253][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.371439][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.378711][ T5822] bridge_slave_1: entered allmulticast mode [ 77.385687][ T5822] bridge_slave_1: entered promiscuous mode [ 77.394288][ T5823] team0: Port device team_slave_1 added [ 77.489082][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.499612][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.506566][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.532842][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.550587][ T5824] team0: Port device team_slave_0 added [ 77.569567][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.579597][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.586591][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.613184][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.626422][ T5824] team0: Port device team_slave_1 added [ 77.638489][ T5825] hsr_slave_0: entered promiscuous mode [ 77.644920][ T5825] hsr_slave_1: entered promiscuous mode [ 77.711278][ T5822] team0: Port device team_slave_0 added [ 77.720513][ T5822] team0: Port device team_slave_1 added [ 77.736951][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.744285][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.770383][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.782937][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.789975][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.815891][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.902800][ T5823] hsr_slave_0: entered promiscuous mode [ 77.909073][ T52] Bluetooth: hci3: command tx timeout [ 77.909387][ T5837] Bluetooth: hci2: command tx timeout [ 77.916307][ T5823] hsr_slave_1: entered promiscuous mode [ 77.920866][ T5832] Bluetooth: hci0: command tx timeout [ 77.932510][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 77.938539][ T5823] Cannot create hsr debugfs directory [ 77.944939][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.952321][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.978690][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.988000][ T5832] Bluetooth: hci1: command tx timeout [ 77.992318][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.001698][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.028011][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.149838][ T5824] hsr_slave_0: entered promiscuous mode [ 78.156296][ T5824] hsr_slave_1: entered promiscuous mode [ 78.162716][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 78.168547][ T5824] Cannot create hsr debugfs directory [ 78.206124][ T5822] hsr_slave_0: entered promiscuous mode [ 78.212903][ T5822] hsr_slave_1: entered promiscuous mode [ 78.219256][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 78.224991][ T5822] Cannot create hsr debugfs directory [ 78.588660][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.611946][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.632282][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.642542][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 78.709131][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 78.720064][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.749399][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.768431][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 78.831610][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 78.843199][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 78.854195][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 78.864621][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 78.977140][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.992822][ T5822] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 79.012121][ T5822] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 79.023801][ T5822] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 79.036070][ T5822] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 79.070919][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.107119][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.114539][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.125370][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.132535][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.251925][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.288826][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.311307][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.343244][ T1016] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.350449][ T1016] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.365628][ T1016] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.372818][ T1016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.394811][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.430675][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.439061][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.451560][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.458776][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.593304][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.681998][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.711424][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.729846][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.737018][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.787535][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.794794][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.963263][ T5825] veth0_vlan: entered promiscuous mode [ 79.989552][ T5832] Bluetooth: hci3: command tx timeout [ 79.998949][ T5832] Bluetooth: hci0: command tx timeout [ 80.004385][ T5832] Bluetooth: hci2: command tx timeout [ 80.019980][ T5825] veth1_vlan: entered promiscuous mode [ 80.056925][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.068137][ T52] Bluetooth: hci1: command tx timeout [ 80.094379][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.124752][ T5825] veth0_macvtap: entered promiscuous mode [ 80.173760][ T5825] veth1_macvtap: entered promiscuous mode [ 80.253042][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.264687][ T5824] veth0_vlan: entered promiscuous mode [ 80.293311][ T5823] veth0_vlan: entered promiscuous mode [ 80.313992][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.330625][ T5823] veth1_vlan: entered promiscuous mode [ 80.340511][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.355082][ T5824] veth1_vlan: entered promiscuous mode [ 80.371910][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.381281][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.409107][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.420708][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.484660][ T5824] veth0_macvtap: entered promiscuous mode [ 80.522123][ T5823] veth0_macvtap: entered promiscuous mode [ 80.534980][ T5824] veth1_macvtap: entered promiscuous mode [ 80.570228][ T5823] veth1_macvtap: entered promiscuous mode [ 80.596774][ T5822] veth0_vlan: entered promiscuous mode [ 80.609211][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.617214][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.617243][ T5822] veth1_vlan: entered promiscuous mode [ 80.674074][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.683294][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.683393][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.715883][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.729026][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.756574][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.765333][ T50] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.775862][ T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.815780][ T50] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.818911][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 80.839350][ T5822] veth0_macvtap: entered promiscuous mode [ 80.853093][ T50] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.865070][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.881314][ T5822] veth1_macvtap: entered promiscuous mode [ 80.908767][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.960741][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.973843][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.041604][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.093496][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.104589][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.126851][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.170250][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.207472][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.223060][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.267099][ T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.305009][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.317120][ T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.329002][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.337514][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.360477][ T1016] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.376014][ T1016] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.514543][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.540747][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.692698][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.730850][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.076730][ T52] Bluetooth: hci2: command tx timeout [ 82.084030][ T5832] Bluetooth: hci0: command tx timeout [ 82.088061][ T52] Bluetooth: hci3: command tx timeout [ 82.113580][ T5941] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2'. [ 82.148415][ T52] Bluetooth: hci1: command tx timeout [ 83.295469][ T5971] syz.2.25 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 84.148330][ T52] Bluetooth: hci0: command tx timeout [ 84.153856][ T52] Bluetooth: hci2: command tx timeout [ 84.159380][ T5832] Bluetooth: hci3: command tx timeout [ 84.228618][ T52] Bluetooth: hci1: command tx timeout [ 84.368099][ T5991] netlink: 24 bytes leftover after parsing attributes in process `syz.1.34'. [ 86.525041][ T6025] 9p: Unknown access argument a: -22 [ 86.809334][ T43] cfg80211: failed to load regulatory.db [ 87.438970][ T6048] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 87.636203][ T6052] netlink: 388 bytes leftover after parsing attributes in process `syz.2.54'. [ 87.737115][ T6054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.65'. [ 88.051592][ T6062] 9p: Bad value for 'rfdno' [ 90.049589][ T6108] 9p: Bad value for 'rfdno' [ 91.453936][ T6143] Zero length message leads to an empty skb [ 92.765696][ T6167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.120'. [ 96.104535][ T6253] 9p: Bad value for 'rfdno' [ 96.846224][ T6273] netlink: 40 bytes leftover after parsing attributes in process `syz.3.172'. [ 98.408274][ T6314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.192'. [ 99.739110][ T6349] netlink: 40 bytes leftover after parsing attributes in process `syz.1.209'. [ 100.725372][ T6381] netlink: 40 bytes leftover after parsing attributes in process `syz.1.224'. [ 101.264175][ T6401] netlink: 40 bytes leftover after parsing attributes in process `syz.2.235'. [ 102.369401][ T6439] 9p: Unknown access argument a: -22 [ 103.152760][ T6458] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 103.172657][ T6458] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 103.500427][ T6462] netlink: 24 bytes leftover after parsing attributes in process `syz.0.264'. [ 103.643148][ T6464] 9p: Unknown access argument a: -22 [ 104.531225][ T6482] netlink: 24 bytes leftover after parsing attributes in process `syz.2.273'. [ 105.948441][ T6511] 9p: Bad value for 'rfdno' [ 106.862535][ T6535] 9p: Bad value for 'rfdno' [ 107.551700][ T6553] 9p: Bad value for 'rfdno' [ 107.996489][ T6567] 9p: Bad value for 'rfdno' [ 108.095181][ T6569] netlink: 8 bytes leftover after parsing attributes in process `syz.0.304'. [ 108.219121][ T6575] overlayfs: missing 'workdir' [ 108.346362][ T6578] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 108.371290][ T6578] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 108.594054][ T6586] 9p: Unknown access argument a: -22 [ 108.732636][ T6590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'. [ 108.910729][ T6594] netlink: 'syz.1.330': attribute type 4 has an invalid length. [ 110.538196][ T43] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 110.727886][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 110.742303][ T43] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.773762][ T43] usb 2-1: config 0 interface 0 has no altsetting 0 [ 110.794119][ T43] usb 2-1: New USB device found, idVendor=044f, idProduct=b304, bcdDevice= 0.00 [ 110.807826][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.825536][ T43] usb 2-1: config 0 descriptor?? [ 111.051755][ T43] usbhid 2-1:0.0: can't add hid device: -71 [ 111.067910][ T43] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 111.112107][ T43] usb 2-1: USB disconnect, device number 2 [ 112.019987][ T6650] 9p: Bad value for 'rfdno' [ 116.044237][ T6710] netlink: 40 bytes leftover after parsing attributes in process `syz.1.383'. [ 118.159187][ T6744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.398'. [ 120.061337][ T6787] 9p: Unknown access argument a: -22 [ 120.990091][ T6797] 9p: Bad value for 'rfdno' [ 121.937201][ T6813] 9p: Bad value for 'rfdno' [ 125.251245][ T6864] 9p: Bad value for 'rfdno' [ 130.393810][ T6933] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 130.402806][ T6933] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 130.663211][ T6940] netlink: 40 bytes leftover after parsing attributes in process `syz.3.496'. [ 131.526567][ T6958] netlink: 40 bytes leftover after parsing attributes in process `syz.3.506'. [ 132.348982][ T6976] 9p: Bad value for 'rfdno' [ 132.875639][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.886734][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.911317][ T6988] netlink: 24 bytes leftover after parsing attributes in process `syz.1.520'. [ 134.453017][ T7006] 9p: Unknown access argument a: -22 [ 136.543284][ T7055] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 136.562496][ T7055] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 137.085730][ T7063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.557'. [ 138.274652][ T7079] netlink: 8 bytes leftover after parsing attributes in process `syz.2.567'. [ 147.936395][ T7186] 9p: Bad value for 'rfdno' [ 154.039498][ T7258] 9p: Bad value for 'rfdno' [ 154.288338][ T7264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.657'. [ 154.851520][ T7280] 9p: Bad value for 'rfdno' [ 156.602639][ T7338] 9p: Bad value for 'rfdno' [ 157.240585][ T7362] 9p: Bad value for 'rfdno' [ 158.172884][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.718'. [ 159.922882][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.732'. [ 160.989256][ T7431] 9p: Unknown access argument a: -22 [ 161.407073][ T7439] 9p: Bad value for 'rfdno' [ 161.700885][ T7447] netlink: 24 bytes leftover after parsing attributes in process `syz.1.748'. [ 161.713186][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.749'. [ 162.444320][ T7468] netlink: 24 bytes leftover after parsing attributes in process `syz.3.759'. [ 164.253013][ T7549] 9p: Bad value for 'rfdno' [ 164.779882][ T7568] 9p: Bad value for 'rfdno' [ 168.011668][ T7610] 9p: Bad value for 'rfdno' [ 168.137348][ T7614] 9p: Unknown access argument a: -22 [ 168.255635][ T7616] netlink: 12 bytes leftover after parsing attributes in process `syz.1.830'. [ 169.145807][ T7628] netlink: 56 bytes leftover after parsing attributes in process `syz.1.836'. [ 169.601428][ T7636] 9p: Bad value for 'rfdno' [ 170.376683][ T7644] ======================================================= [ 170.376683][ T7644] WARNING: The mand mount option has been deprecated and [ 170.376683][ T7644] and is ignored by this kernel. Remove the mand [ 170.376683][ T7644] option from the mount to silence this warning. [ 170.376683][ T7644] ======================================================= [ 170.449310][ T7644] binder: Unknown parameter 'contextÌ' [ 171.272407][ T7670] 9p: Unknown access argument a: -22 [ 171.282806][ T7668] netlink: 24 bytes leftover after parsing attributes in process `syz.3.856'. [ 171.525368][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.861'. [ 171.552371][ T7681] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 171.561335][ T7681] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 171.729808][ T7690] 9p: Unknown access argument a: -22 [ 171.863382][ T7692] netlink: 24 bytes leftover after parsing attributes in process `syz.3.868'. [ 172.198359][ T7702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.874'. [ 172.423339][ T7708] 9p: Unknown access argument a: -22 [ 172.955971][ T7716] netlink: 24 bytes leftover after parsing attributes in process `syz.1.880'. [ 174.610289][ T7742] 9p: Unknown access argument a: -22 [ 174.905165][ T7753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.900'. [ 175.095511][ T7757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.902'. [ 175.662635][ T7779] netlink: 24 bytes leftover after parsing attributes in process `syz.2.911'. [ 175.700603][ T7781] binder: Unknown parameter 'contextÌ' [ 175.991409][ T7791] overlayfs: failed to resolve './file0': -2 [ 176.011412][ T7793] 9p: Unknown access argument a: -22 [ 176.748679][ T7813] netlink: 12 bytes leftover after parsing attributes in process `syz.2.926'. [ 176.870844][ T7815] 9p: Unknown access argument a: -22 [ 177.271119][ T7824] binder: Unknown parameter 'contextÌ' [ 179.259012][ T7868] 9p: Unknown access argument a: -22 [ 179.487271][ T7874] binder: Unknown parameter 'contextÌ' [ 180.956641][ T7930] binder: Unknown parameter 'contextÌ' [ 182.171038][ T7965] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 182.179980][ T7965] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 183.129767][ T7993] 9p: Unknown access argument a: -22 [ 185.135465][ T8042] binder: Unknown parameter 'contextÌ' [ 186.098310][ T8062] binder: Unknown parameter 'contextÌ' [ 189.065987][ T8116] 9p: Bad value for 'rfdno' [ 189.906352][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1086'. [ 190.087307][ T8140] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1087'. [ 192.132750][ T8174] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1105'. [ 192.428516][ T8184] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1108'. [ 192.765072][ T8199] 9p: Unknown access argument a: -22 [ 194.103379][ T8233] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1133'. [ 194.280571][ T8239] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1136'. [ 194.315572][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.323035][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.651013][ T8251] 9p: Unknown access argument a: -22 [ 194.756433][ T8255] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1145'. [ 194.845709][ T8259] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1148'. [ 195.496023][ T8275] 9p: Could not find request transport: fd0xffffffffffffffff0xffffffffffffffff [ 195.505023][ T8280] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1156'. [ 196.606754][ T8301] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1166'. [ 198.054513][ T8323] 9pnet_fd: Insufficient options for proto=fd [ 198.416318][ T8333] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1184'. [ 199.046678][ T8358] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1195'. [ 199.190639][ T8364] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 199.207360][ T8367] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1199'. [ 199.235490][ T8364] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 201.510631][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 201.516683][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 201.523115][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 201.523169][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 201.793720][ T8381] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1209'. [ 202.225815][ T8391] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'. [ 202.681816][ T8403] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 202.690686][ T8403] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 203.488364][ T8415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1223'. [ 205.690526][ T8435] 9p: Unknown access argument a: -22 [ 206.707428][ T8459] 9p: Unknown access argument a: -22 [ 207.488330][ T8474] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 207.497201][ T8474] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 207.919078][ T8481] 9p: Unknown access argument a: -22 [ 211.075021][ T8543] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 211.083909][ T8543] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 214.255705][ T8577] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1302'. [ 219.576196][ T8637] 9p: Unknown access argument a: -22 [ 222.139911][ T8701] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 222.218263][ T8701] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 223.464730][ T8749] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 223.473644][ T8749] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 223.905478][ T8775] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 223.965312][ T8775] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 224.519377][ T8804] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 224.557084][ T8804] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 228.061816][ T8902] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 228.071123][ T8902] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 228.747883][ T8924] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 228.756818][ T8924] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 229.477086][ T8947] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 229.506706][ T8947] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 233.213061][ T9034] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 233.237920][ T9034] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 233.492598][ T9038] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1535'. [ 234.290530][ T9058] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1544'. [ 236.034866][ T9120] netlink: 'syz.0.1573': attribute type 27 has an invalid length. [ 236.900392][ T9143] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 236.909234][ T9143] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 238.174649][ T9181] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 238.193734][ T9181] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 238.886035][ T9204] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 238.908682][ T9204] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 239.713765][ T9226] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1624'. [ 240.217061][ T9242] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 240.247901][ T9242] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 241.401499][ T9283] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 241.428115][ T9283] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 241.432477][ T9285] overlayfs: missing 'lowerdir' [ 242.039959][ T9315] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1665'. [ 243.079431][ T9375] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1695'. [ 243.857237][ T9405] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 243.897529][ T9405] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 244.947346][ T9442] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1729'. [ 248.013143][ T9493] overlayfs: missing 'lowerdir' [ 251.620927][ T9539] overlayfs: missing 'lowerdir' [ 253.807121][ T9563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1790'. [ 254.852600][ T9595] binder: Unknown parameter 'contextÌ' [ 255.173704][ T9611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1812'. [ 255.393674][ T9617] binder: Unknown parameter 'contextÌ' [ 255.468099][ T5929] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 255.640721][ T5929] usb 4-1: unable to get BOS descriptor or descriptor too short [ 255.649551][ T5929] usb 4-1: not running at top speed; connect to a high speed hub [ 255.679866][ T5929] usb 4-1: config 129 has an invalid interface number: 135 but max is 0 [ 255.699850][ T5929] usb 4-1: config 129 has an invalid interface number: 5 but max is 0 [ 255.727944][ T5929] usb 4-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 255.756779][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.757972][ T5929] usb 4-1: config 129 has no interface number 0 [ 255.766443][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.797873][ T5929] usb 4-1: config 129 has no interface number 1 [ 255.817905][ T5929] usb 4-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 255.857938][ T5929] usb 4-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 255.897838][ T5929] usb 4-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 255.927801][ T5929] usb 4-1: config 129 interface 135 has no altsetting 0 [ 255.955187][ T5929] usb 4-1: config 129 interface 5 has no altsetting 0 [ 255.968140][ T5929] usb 4-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 255.977481][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.987599][ T5929] usb 4-1: Product: syz [ 255.998159][ T5929] usb 4-1: Manufacturer: syz [ 256.002801][ T5929] usb 4-1: SerialNumber: syz [ 256.093456][ T9637] 9p: Bad value for 'access' [ 256.256013][ T5929] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 256.287701][ T5929] usb 4-1: MIDIStreaming interface descriptor not found [ 256.359191][ T5929] usb 4-1: USB disconnect, device number 2 [ 256.512432][ T9648] udevd[9648]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:129.5/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 257.624638][ T9683] binder: Unknown parameter 'contextÌ' [ 258.201075][ T9703] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1856'. [ 258.276380][ T9705] binder: Unknown parameter 'contextÌ' [ 259.058497][ T9727] binder: Unknown parameter 'contextÌ' [ 262.438390][ T9780] 9p: Bad value for 'rfdno' [ 264.668144][ T30] audit: type=1326 audit(1763353726.137:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9797 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf838f6c9 code=0x7ffc0000 [ 264.737864][ T30] audit: type=1326 audit(1763353726.137:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9797 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7efcf838f6c9 code=0x7ffc0000 [ 264.821676][ T30] audit: type=1326 audit(1763353726.137:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9797 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0x200000000006 code=0x7ffc0000 [ 264.864215][ T30] audit: type=1326 audit(1763353726.137:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9797 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf838f6c9 code=0x7ffc0000 [ 268.437560][ T9822] 9p: Bad value for 'rfdno' [ 271.517538][ T9863] 9p: Bad value for 'rfdno' [ 272.080018][ T9889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1948'. [ 272.539922][ T9910] binder: Unknown parameter 'contextÌÈf@âÞ®N [ 272.539922][ T9910] úòFoðÀÄ"á™ÅÁ cß' [ 273.513186][ T9958] 9p: Unknown access argument a: -22 [ 273.886577][ T9974] binder: Unknown parameter 'contextÌÈf@âÞ®N [ 273.886577][ T9974] úòFoðÀÄ"á™ÅÁ cß' [ 274.278676][ T9997] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2001'. [ 275.425643][T10077] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2038'. [ 276.673174][T10142] 9p: Unknown access argument a: -22 [ 277.001771][T10152] binder: 10151:10152 ioctl 40046205 0 returned -22 [ 277.332680][T10158] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2080'. [ 280.015817][T10204] 9p: Bad value for 'wfdno' [ 280.523020][T10212] binder: 10211:10212 ioctl 40046205 0 returned -22 [ 282.990145][T10270] 9p: Bad value for 'rfdno' [ 285.101672][T10292] binder: Unknown parameter 'contextÌ' [ 285.739850][T10310] binder: Unknown parameter 'contextÌ' [ 291.026159][T10422] binder: 10421:10422 ioctl 40046205 0 returned -22 [ 291.501259][T10430] binder: Unknown parameter 'contextÌ' [ 291.797058][T10442] 9pnet_fd: Insufficient options for proto=fd [ 292.021573][T10448] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2225'. [ 292.932001][T10482] cgroup: Invalid name [ 293.954690][T10518] binder: 10517:10518 ioctl 40046205 0 returned -22 [ 294.369615][T10531] 9pnet_fd: Insufficient options for proto=fd [ 297.648245][T10574] 9p: Bad value for 'rfdno' [ 298.737674][T10607] binder: 10605:10607 ioctl 40046205 0 returned -22 [ 299.558645][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 299.572807][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 299.581640][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 299.590096][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 299.597806][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 300.217675][ T50] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.251232][T10643] chnl_net:caif_netlink_parms(): no params data found [ 300.343546][ T50] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.511304][ T50] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.711533][ T50] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.762325][T10643] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.778055][T10643] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.785318][T10643] bridge_slave_0: entered allmulticast mode [ 300.811908][T10643] bridge_slave_0: entered promiscuous mode [ 300.827388][T10643] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.841054][T10643] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.858010][T10643] bridge_slave_1: entered allmulticast mode [ 300.876068][T10643] bridge_slave_1: entered promiscuous mode [ 300.996407][T10643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 301.037651][T10643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 301.217565][T10643] team0: Port device team_slave_0 added [ 301.282005][T10643] team0: Port device team_slave_1 added [ 301.340888][ T50] bridge_slave_1: left allmulticast mode [ 301.367094][ T50] bridge_slave_1: left promiscuous mode [ 301.380981][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.434196][ T50] bridge_slave_0: left allmulticast mode [ 301.439987][ T50] bridge_slave_0: left promiscuous mode [ 301.461129][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.668635][ T5832] Bluetooth: hci4: command tx timeout [ 302.453634][T10749] 9p: Bad value for 'rfdno' [ 302.545049][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 302.578325][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 302.589890][ T50] bond0 (unregistering): Released all slaves [ 302.666871][T10643] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 302.688185][T10643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 302.726359][T10643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 302.902418][T10643] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 302.921307][T10643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 302.969711][T10643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 303.217288][T10643] hsr_slave_0: entered promiscuous mode [ 303.247330][T10643] hsr_slave_1: entered promiscuous mode [ 303.272382][T10643] debugfs: 'hsr0' already exists in 'hsr' [ 303.298157][T10643] Cannot create hsr debugfs directory [ 303.358155][ T50] hsr_slave_0: left promiscuous mode [ 303.377993][ T50] hsr_slave_1: left promiscuous mode [ 303.384208][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.414387][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.445971][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.478068][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.576087][ T50] veth1_macvtap: left promiscuous mode [ 303.582985][ T50] veth0_macvtap: left promiscuous mode [ 303.604520][T10774] binder: Unknown parameter 'contextÌ' [ 303.608330][ T50] veth1_vlan: left promiscuous mode [ 303.615561][ T50] veth0_vlan: left promiscuous mode [ 303.747937][ T5832] Bluetooth: hci4: command tx timeout [ 304.885011][ T50] team0 (unregistering): Port device team_slave_1 removed [ 304.979645][ T50] team0 (unregistering): Port device team_slave_0 removed [ 305.828153][ T5832] Bluetooth: hci4: command tx timeout [ 306.109722][T10813] 9p: Could not find request transport: fd0x0000000000000009 [ 306.487906][T10823] binder: 10822:10823 ioctl 40046205 0 returned -22 [ 307.123763][T10643] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 307.164486][T10643] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 307.201933][T10643] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 307.234543][T10643] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 307.494001][T10643] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.550410][T10643] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.595827][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.603073][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.650689][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.657914][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 307.908053][ T5832] Bluetooth: hci4: command tx timeout [ 308.216567][T10883] cgroup: Invalid name [ 308.234489][T10643] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.383839][T10643] veth0_vlan: entered promiscuous mode [ 308.440789][T10643] veth1_vlan: entered promiscuous mode [ 308.537182][T10643] veth0_macvtap: entered promiscuous mode [ 308.581136][T10643] veth1_macvtap: entered promiscuous mode [ 308.644140][T10643] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 308.679858][T10643] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 308.735982][ T60] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.760848][ T60] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.793143][T10896] binder: Unknown parameter 'contextÌ' [ 308.813245][ T60] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.834917][ T60] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.980939][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 308.997851][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.093244][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.136121][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.718473][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 310.727229][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 310.747986][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 310.763658][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 310.772468][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 311.373520][T10933] chnl_net:caif_netlink_parms(): no params data found [ 311.780607][T10933] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.788004][T10933] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.795244][T10933] bridge_slave_0: entered allmulticast mode [ 311.821042][T10933] bridge_slave_0: entered promiscuous mode [ 311.832646][T10933] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.839968][T10933] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.850072][T10933] bridge_slave_1: entered allmulticast mode [ 311.864062][T10933] bridge_slave_1: entered promiscuous mode [ 312.110323][T10933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 312.153498][T10933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 312.324721][T10933] team0: Port device team_slave_0 added [ 312.377330][T10933] team0: Port device team_slave_1 added [ 312.562025][T10933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 312.588046][T10933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 312.637924][T10933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 312.660207][T10933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 312.667174][T10933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 312.738020][T10933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 312.868477][ T5838] Bluetooth: hci3: command tx timeout [ 312.916422][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.042467][T10933] hsr_slave_0: entered promiscuous mode [ 313.055435][T10933] hsr_slave_1: entered promiscuous mode [ 313.065083][T10971] 9pnet_fd: Insufficient options for proto=fd [ 313.073648][T10933] debugfs: 'hsr0' already exists in 'hsr' [ 313.087962][T10933] Cannot create hsr debugfs directory [ 313.119617][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.286897][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.422241][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.724194][ T12] bridge_slave_1: left allmulticast mode [ 313.738498][ T12] bridge_slave_1: left promiscuous mode [ 313.745209][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.793627][ T12] bridge_slave_0: left allmulticast mode [ 313.815872][ T12] bridge_slave_0: left promiscuous mode [ 313.829110][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.811189][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 314.830695][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 314.866518][ T12] bond0 (unregistering): Released all slaves [ 314.947908][ T5838] Bluetooth: hci3: command tx timeout [ 315.545327][T11029] overlayfs: workdir and upperdir must be separate subtrees [ 315.648220][ T12] hsr_slave_0: left promiscuous mode [ 315.655364][ T12] hsr_slave_1: left promiscuous mode [ 315.670723][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 315.687165][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 315.736913][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 315.768775][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 315.829643][ T12] veth1_macvtap: left promiscuous mode [ 315.835226][ T12] veth0_macvtap: left promiscuous mode [ 315.858088][ T12] veth1_vlan: left promiscuous mode [ 315.867406][ T12] veth0_vlan: left promiscuous mode [ 316.817225][T11066] 9p: Bad value for 'rfdno' [ 316.987376][T11076] overlayfs: workdir and upperdir must be separate subtrees [ 317.027970][ T5838] Bluetooth: hci3: command tx timeout [ 317.143269][ T12] team0 (unregistering): Port device team_slave_1 removed [ 317.198756][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.205097][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.229454][T11086] binder: Unknown parameter '%' [ 317.239627][ T12] team0 (unregistering): Port device team_slave_0 removed [ 317.716245][T11102] binder: 11101:11102 ioctl 40046205 0 returned -22 [ 317.853599][T11104] overlayfs: workdir and upperdir must be separate subtrees [ 318.110166][T10933] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 318.145037][T10933] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 318.169173][T10933] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 318.239157][T10933] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 318.290539][T11111] binder: Unknown parameter '%' [ 318.524638][T10933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 318.668469][T10933] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.703600][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.710880][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.741377][ T3518] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.748596][ T3518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 318.886447][T10933] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 318.982375][T11135] binder: 11133:11135 ioctl 40046205 0 returned -22 [ 319.108007][ T5838] Bluetooth: hci3: command tx timeout [ 319.270908][T10933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 319.413867][T10933] veth0_vlan: entered promiscuous mode [ 319.447616][T10933] veth1_vlan: entered promiscuous mode [ 319.508678][T10933] veth0_macvtap: entered promiscuous mode [ 319.541589][T10933] veth1_macvtap: entered promiscuous mode [ 319.608940][T10933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 319.633986][T10933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.670849][ T60] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.732815][ T60] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.749563][ T60] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.798913][ T60] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.942252][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 319.989069][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 320.102225][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 320.128270][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 320.681068][T11170] binder: Unknown parameter 'contÿ' [ 320.894947][T11174] overlayfs: workdir and upperdir must be separate subtrees [ 321.277443][T11184] binder: 11182:11184 ioctl 40046205 0 returned -22 [ 321.563825][T11188] 9p: Bad value for 'rfdno' [ 321.833425][T11192] cgroup: Invalid name [ 322.248188][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 322.258775][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 322.267368][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 322.286063][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 322.293935][ T5838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 323.014456][T11200] chnl_net:caif_netlink_parms(): no params data found [ 323.520063][T11200] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.527326][T11200] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.542379][T11200] bridge_slave_0: entered allmulticast mode [ 323.565310][T11200] bridge_slave_0: entered promiscuous mode [ 323.601339][T11200] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.638239][T11200] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.659136][T11200] bridge_slave_1: entered allmulticast mode [ 323.681342][T11200] bridge_slave_1: entered promiscuous mode [ 323.854184][T11200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.878165][T11200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 324.044944][ T50] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.108075][T11200] team0: Port device team_slave_0 added [ 324.108853][T11216] 9p: Bad value for 'rfdno' [ 324.132542][T11200] team0: Port device team_slave_1 added [ 324.276424][ T50] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.349760][T11200] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 324.356730][T11200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 324.397578][ T5832] Bluetooth: hci2: command tx timeout [ 324.417295][T11200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.451482][ T50] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.525131][T11200] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.567966][T11200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 324.610883][T11200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.739076][ T50] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.904568][T11200] hsr_slave_0: entered promiscuous mode [ 324.919118][T11200] hsr_slave_1: entered promiscuous mode [ 324.949853][T11200] debugfs: 'hsr0' already exists in 'hsr' [ 324.955635][T11200] Cannot create hsr debugfs directory [ 325.450338][ T50] bridge_slave_1: left allmulticast mode [ 325.457173][ T50] bridge_slave_1: left promiscuous mode [ 325.473447][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.503625][ T50] bridge_slave_0: left allmulticast mode [ 325.519488][ T50] bridge_slave_0: left promiscuous mode [ 325.525332][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.702784][T11251] cgroup: Invalid name [ 326.136804][T11268] 9p: Bad value for 'rfdno' [ 326.468228][ T5832] Bluetooth: hci2: command tx timeout [ 326.581831][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 326.629297][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 326.669737][ T50] bond0 (unregistering): Released all slaves [ 327.348508][ T50] hsr_slave_0: left promiscuous mode [ 327.365027][ T50] hsr_slave_1: left promiscuous mode [ 327.381970][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 327.397845][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 327.446815][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 327.476210][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 327.543680][ T50] veth1_macvtap: left promiscuous mode [ 327.577943][ T50] veth0_macvtap: left promiscuous mode [ 327.583674][ T50] veth1_vlan: left promiscuous mode [ 327.618034][ T50] veth0_vlan: left promiscuous mode [ 328.550240][ T5832] Bluetooth: hci2: command tx timeout [ 328.828507][ T50] team0 (unregistering): Port device team_slave_1 removed [ 328.896363][ T50] team0 (unregistering): Port device team_slave_0 removed [ 329.352220][T11322] 9p: Bad value for 'rfdno' [ 329.991561][T11200] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 330.030382][T11200] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 330.086644][T11200] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 330.127327][T11200] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 330.416791][T11200] 8021q: adding VLAN 0 to HW filter on device bond0 [ 330.464034][T11200] 8021q: adding VLAN 0 to HW filter on device team0 [ 330.497834][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.505073][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 330.550920][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.558203][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 330.628891][ T5832] Bluetooth: hci2: command tx timeout [ 330.639407][T11200] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 331.015317][T11200] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 331.131876][T11200] veth0_vlan: entered promiscuous mode [ 331.161965][T11200] veth1_vlan: entered promiscuous mode [ 331.232628][T11200] veth0_macvtap: entered promiscuous mode [ 331.253328][T11200] veth1_macvtap: entered promiscuous mode [ 331.300487][T11200] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 331.331244][T11200] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 331.365416][ T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.398348][ T60] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.417409][ T60] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.443356][ T60] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.537403][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.570000][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 331.650119][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.680161][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.907097][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 332.916483][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 332.924775][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 332.932985][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 332.940692][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 333.007343][T11375] 9p: Bad value for 'rfdno' [ 333.295104][ T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.374796][T11384] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2564'. [ 333.489809][ T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.670175][ T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.835228][ T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.032544][T11373] chnl_net:caif_netlink_parms(): no params data found [ 334.148829][ T60] bridge_slave_1: left allmulticast mode [ 334.154506][ T60] bridge_slave_1: left promiscuous mode [ 334.169617][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.188397][ T60] bridge_slave_0: left allmulticast mode [ 334.208238][ T60] bridge_slave_0: left promiscuous mode [ 334.214513][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.016573][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.028403][ T5838] Bluetooth: hci1: command tx timeout [ 335.068453][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 335.109035][ T60] bond0 (unregistering): Released all slaves [ 335.315296][T11373] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.328169][T11373] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.342957][T11373] bridge_slave_0: entered allmulticast mode [ 335.379955][T11373] bridge_slave_0: entered promiscuous mode [ 335.501855][T11373] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.517033][T11373] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.531277][T11373] bridge_slave_1: entered allmulticast mode [ 335.551955][T11373] bridge_slave_1: entered promiscuous mode [ 335.671065][T11373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 335.803962][T11373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.033935][ T60] hsr_slave_0: left promiscuous mode [ 336.062897][ T60] hsr_slave_1: left promiscuous mode [ 336.078823][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.088265][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.118878][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.126292][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.205886][ T60] veth1_macvtap: left promiscuous mode [ 336.228381][ T60] veth0_macvtap: left promiscuous mode [ 336.234148][ T60] veth1_vlan: left promiscuous mode [ 336.248654][ T60] veth0_vlan: left promiscuous mode [ 336.276357][T11472] 9p: Bad value for 'rfdno' [ 337.107874][ T5838] Bluetooth: hci1: command tx timeout [ 337.497213][ T60] team0 (unregistering): Port device team_slave_1 removed [ 337.590659][ T60] team0 (unregistering): Port device team_slave_0 removed [ 338.456003][T11373] team0: Port device team_slave_0 added [ 338.521705][T11373] team0: Port device team_slave_1 added [ 338.641438][T11373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 338.659319][T11373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 338.716276][T11373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 338.754506][T11373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 338.761852][T11373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 338.811402][T11373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 339.129043][T11373] hsr_slave_0: entered promiscuous mode [ 339.169047][T11373] hsr_slave_1: entered promiscuous mode [ 339.187996][ T5838] Bluetooth: hci1: command tx timeout [ 340.422787][T11373] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 340.444464][T11373] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 340.500069][T11373] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 340.562053][T11373] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 340.870754][T11373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.917464][T11373] 8021q: adding VLAN 0 to HW filter on device team0 [ 340.971908][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.979146][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 341.009861][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.017189][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 341.268816][ T5838] Bluetooth: hci1: command tx timeout [ 341.609194][T11373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 341.771265][T11575] 9p: Bad value for 'rfdno' [ 341.792740][T11373] veth0_vlan: entered promiscuous mode [ 341.848255][T11373] veth1_vlan: entered promiscuous mode [ 341.956257][T11373] veth0_macvtap: entered promiscuous mode [ 341.988458][T11373] veth1_macvtap: entered promiscuous mode [ 342.056887][T11373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.093481][T11373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 342.131466][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.169026][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.184299][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.239937][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.347981][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.355811][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.449270][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.472895][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.698502][T11599] binder: 11598:11599 ioctl 40046205 0 returned -22 [ 343.594456][T11628] syz.0.2640 (11628) used greatest stack depth: 17864 bytes left [ 345.301861][T11683] 9p: Bad value for 'rfdno' [ 345.923501][T11705] cgroup: Invalid name [ 346.404794][T11723] 9p: Bad value for 'rfdno' [ 346.435627][T11725] binder: 11724:11725 ioctl 40046205 0 returned -22 [ 346.688832][T11733] 9p: Bad value for 'rfdno' [ 347.161150][T11757] 9p: Bad value for 'rfdno' [ 347.380009][T11767] cgroup: Invalid name [ 348.429343][T11808] binder: 11807:11808 ioctl 40046205 0 returned -22 [ 350.683812][T11848] 9p: Bad value for 'rfdno' [ 351.114949][T11866] overlayfs: workdir and upperdir must be separate subtrees [ 351.864328][T11890] overlayfs: workdir and upperdir must be separate subtrees [ 352.433594][T11916] overlayfs: workdir and upperdir must be separate subtrees [ 353.119347][T11936] 9p: Bad value for 'rfdno' [ 356.389114][T12065] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2846'. [ 357.229332][T12101] 9p: Bad value for 'rfdno' [ 361.188261][T12163] binder: 12162:12163 ioctl 40046205 0 returned -22 [ 361.813494][T12172] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2898'. [ 364.396159][T12210] overlayfs: workdir and upperdir must be separate subtrees [ 364.630335][T12216] 9p: Bad value for 'rfdno' [ 366.365301][T12254] 9p: Bad value for 'rfdno' [ 368.748688][T12305] cgroup: Invalid name [ 369.573002][T12331] binder: 12329:12331 ioctl 40046205 0 returned -22 [ 370.253975][T12355] 9p: Bad value for 'rfdno' [ 372.471257][T12415] 9p: Bad value for 'rfdno' [ 372.729776][T12419] 9p: Bad value for 'rfdno' [ 373.118678][T12425] cgroup: Invalid name [ 374.358485][T12453] netlink: 'syz.3.3037': attribute type 16 has an invalid length. [ 374.377834][T12453] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.3037'. [ 374.414422][T12455] 9p: Bad value for 'rfdno' [ 374.999850][T12474] binder: 12472:12474 ioctl 40046205 0 returned -22 [ 378.636672][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.643072][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.967993][T12532] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3074'. [ 380.157402][T12544] syz.2.3081 uses obsolete (PF_INET,SOCK_PACKET) [ 380.272415][T12546] 9p: Bad value for 'rfdno' [ 382.355874][T12590] 9p: Bad value for 'rfdno' [ 383.619224][T12622] overlayfs: failed to resolve './file1': -2 [ 384.149450][T12642] 9p: Bad value for 'rfdno' [ 384.913380][T12666] overlayfs: failed to resolve './file1': -2 [ 386.542182][T12746] 9p: Bad value for 'rfdno' [ 387.654688][T12766] 9p: Bad value for 'rfdno' [ 389.173501][T12774] overlayfs: workdir and upperdir must be separate subtrees [ 389.624006][T12786] 9p: Bad value for 'rfdno' [ 390.191985][T12806] 9p: Bad value for 'rfdno' [ 390.242140][T12808] cgroup: Invalid name [ 390.373119][T12812] overlayfs: workdir and upperdir must be separate subtrees [ 390.501359][T12816] binder: 12815:12816 ioctl 40046205 0 returned -22 [ 390.971484][T12830] 9p: Bad value for 'rfdno' [ 391.703498][T12852] netlink: 'syz.1.3235': attribute type 16 has an invalid length. [ 391.716162][T12852] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.3235'. [ 396.055692][T12916] cgroup: Invalid name [ 396.833443][T12934] netlink: 'syz.3.3275': attribute type 16 has an invalid length. [ 396.841513][T12934] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.3275'. [ 397.560486][T12948] 9p: Bad value for 'rfdno' [ 398.457608][T12974] overlayfs: workdir and upperdir must be separate subtrees [ 398.474721][T12972] netlink: 'syz.3.3295': attribute type 16 has an invalid length. [ 398.483348][T12972] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.3295'. [ 398.857695][T12986] cgroup: Invalid name [ 399.105946][T12994] overlayfs: workdir and upperdir must be separate subtrees [ 399.439578][T13012] cgroup: Invalid name [ 399.823106][T13024] netlink: 'syz.0.3320': attribute type 16 has an invalid length. [ 399.847974][T13024] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3320'. [ 401.104975][T13068] netlink: 'syz.1.3330': attribute type 16 has an invalid length. [ 401.116401][T13068] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.3330'. [ 401.326201][T13078] cgroup: Invalid name [ 401.902048][T13102] binder: 13101:13102 ioctl 40046205 0 returned -22 [ 402.172860][T13114] 9p: Bad value for 'rfdno' [ 402.566638][T13132] netlink: 'syz.0.3374': attribute type 16 has an invalid length. [ 402.574568][T13132] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3374'. [ 403.069894][T13154] 9p: Bad value for 'rfdno' [ 403.725646][T13176] 9p: Bad value for 'rfdno' [ 404.168968][T13192] binder: 13191:13192 ioctl 40046205 0 returned -22 [ 405.036944][T13218] overlayfs: workdir and upperdir must be separate subtrees [ 406.959532][T13280] 9p: Bad value for 'rfdno' [ 408.286752][T13310] overlayfs: workdir and upperdir must be separate subtrees [ 408.961494][T13333] 9p: Bad value for 'rfdno' [ 408.979261][T13334] overlayfs: workdir and upperdir must be separate subtrees [ 409.623604][T13357] overlayfs: workdir and upperdir must be separate subtrees [ 415.698335][T13463] 9p: Bad value for 'rfdno' [ 415.893379][T13470] overlayfs: workdir and upperdir must be separate subtrees [ 417.300877][T13510] netlink: 'syz.2.3564': attribute type 16 has an invalid length. [ 417.328087][T13510] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.3564'. [ 417.975987][T13524] 9p: Bad value for 'rfdno' [ 418.356833][T13536] overlayfs: workdir and upperdir must be separate subtrees [ 421.634114][T13574] 9p: Bad value for 'rfdno' [ 425.906462][T13614] overlayfs: workdir and upperdir must be separate subtrees [ 426.190829][T13618] cgroup: Invalid name [ 426.468587][T13622] 9p: Bad value for 'rfdno' [ 426.788173][ T5832] Bluetooth: hci4: command 0x0406 tx timeout [ 427.049054][T13633] cgroup: Invalid name [ 430.733558][T13683] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3650'. [ 431.146497][T13700] fuse: Bad value for 'group_id' [ 431.151607][T13700] fuse: Bad value for 'group_id' [ 431.448141][T13720] 9p: Bad value for 'rfdno' [ 431.688630][T13732] fuse: Bad value for 'group_id' [ 431.693843][T13732] fuse: Bad value for 'group_id' [ 434.053069][T13743] 9p: Bad value for 'rfdno' [ 434.618612][T13761] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 434.657874][T13761] overlayfs: missing 'lowerdir' [ 434.971857][T13771] netlink: 'syz.0.3690': attribute type 16 has an invalid length. [ 435.003890][T13771] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3690'. [ 435.454967][T13779] fuse: Bad value for 'group_id' [ 435.460112][T13779] fuse: Bad value for 'group_id' [ 435.791122][T13785] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3697'. [ 437.030441][ T5832] Bluetooth: hci3: command 0x0406 tx timeout [ 437.966450][T13822] overlayfs: workdir and upperdir must be separate subtrees [ 438.177413][T13831] cgroup: Invalid name [ 438.644841][T13846] fuse: Bad value for 'group_id' [ 438.667873][T13846] fuse: Bad value for 'group_id' [ 440.082301][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.088712][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.340018][T13896] netlink: 'syz.1.3754': attribute type 16 has an invalid length. [ 444.348883][T13896] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.3754'. [ 444.731517][T13908] overlayfs: workdir and upperdir must be separate subtrees [ 445.296749][T13930] overlayfs: workdir and upperdir must be separate subtrees [ 447.270901][ T5832] Bluetooth: hci2: command 0x0406 tx timeout [ 447.736424][T13951] overlayfs: workdir and upperdir must be separate subtrees [ 448.750343][T13967] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3786'. [ 449.185667][T13973] 9p: Bad value for 'rfdno' [ 450.362727][T13989] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3799'. [ 451.046179][T14001] overlayfs: workdir and upperdir must be separate subtrees [ 451.303552][T14007] 9p: Bad value for 'rfdno' [ 452.089120][T14040] 9pnet_fd: Insufficient options for proto=fd [ 452.559687][T14053] overlayfs: workdir and upperdir must be separate subtrees [ 452.682128][T14059] cgroup: Invalid name [ 452.738255][T14061] 9p: Bad value for 'rfdno' [ 453.072424][T14079] 9p: Bad value for 'rfdno' [ 453.204897][T14087] 9p: Bad value for 'rfdno' [ 453.497903][T14101] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3851'. [ 453.607966][T14109] 9p: Bad value for 'rfdno' [ 453.743862][T14115] netlink: 'syz.0.3861': attribute type 16 has an invalid length. [ 453.757983][T14115] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3861'. [ 453.885339][T14122] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3864'. [ 454.130981][T14135] fuse: Bad value for 'group_id' [ 454.135968][T14135] fuse: Bad value for 'group_id' [ 454.304144][T14142] overlayfs: workdir and upperdir must be separate subtrees [ 454.522824][T14153] cgroup: Invalid name [ 454.784871][T14170] netlink: 'syz.2.3887': attribute type 16 has an invalid length. [ 454.792980][T14170] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.3887'. [ 454.941803][T14178] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3891'. [ 455.072289][T14180] cgroup: Invalid name [ 455.448434][T14192] netlink: 'syz.0.3898': attribute type 16 has an invalid length. [ 455.507999][T14192] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3898'. [ 455.722431][T14200] cgroup: Invalid name [ 455.782905][T14202] overlayfs: workdir and upperdir must be separate subtrees [ 456.393106][T14220] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3913'. [ 457.507916][ T5832] Bluetooth: hci1: command 0x0406 tx timeout [ 457.670795][T14255] cgroup: Invalid name [ 458.630134][T14285] netlink: 'syz.2.3945': attribute type 16 has an invalid length. [ 458.646260][T14285] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.3945'. [ 459.257674][T14305] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3955'. [ 460.140097][T14343] netlink: 'syz.1.3973': attribute type 16 has an invalid length. [ 460.159908][T14343] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.3973'. [ 460.923578][T14367] netlink: 'syz.0.3984': attribute type 16 has an invalid length. [ 460.948060][T14367] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.3984'. [ 465.615322][T14429] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4015'. [ 466.006493][T14438] netlink: 'syz.3.4020': attribute type 16 has an invalid length. [ 466.020546][T14438] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.4020'. [ 466.932152][T14468] overlayfs: missing 'lowerdir' [ 468.240346][T14500] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4052'. [ 469.274105][T14538] fuse: Bad value for 'group_id' [ 469.287907][T14538] fuse: Bad value for 'group_id' [ 472.499996][T14636] 9pnet_fd: Insufficient options for proto=fd [ 473.253047][T14650] overlayfs: missing 'workdir' [ 474.002359][T14674] overlayfs: missing 'workdir' [ 477.013668][T14704] overlayfs: missing 'lowerdir' [ 477.159871][T14708] fuse: Bad value for 'group_id' [ 477.164857][T14708] fuse: Bad value for 'group_id' [ 477.318348][T14714] netlink: 'syz.3.4158': attribute type 16 has an invalid length. [ 477.326207][T14714] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.4158'. [ 477.778968][T14728] overlayfs: missing 'lowerdir' [ 478.136635][T14738] netlink: 'syz.2.4169': attribute type 16 has an invalid length. [ 478.155021][T14738] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.4169'. [ 480.131945][T14754] 9pnet_fd: Insufficient options for proto=fd [ 480.430850][T14760] overlayfs: missing 'lowerdir' [ 484.159481][T14810] 9p: Bad value for 'rfdno' [ 484.612476][T14834] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 484.638099][T14834] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 484.667861][T14834] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 484.765718][T14841] fuse: Bad value for 'group_id' [ 484.785658][T14841] fuse: Bad value for 'group_id' [ 487.398923][T14907] netlink: 'syz.0.4255': attribute type 16 has an invalid length. [ 487.417113][T14907] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.4255'. [ 488.174957][T14937] fuse: Bad value for 'group_id' [ 488.197956][T14937] fuse: Bad value for 'group_id' [ 489.566176][T14981] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4291'. [ 498.066490][T15162] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4381'. [ 500.344213][T15223] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4409'. [ 501.514611][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.521092][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.315444][T15272] fuse: Bad value for 'group_id' [ 502.334312][T15272] fuse: Bad value for 'group_id' [ 509.452431][T15462] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4528'. [ 513.751831][T15522] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000017: 0000 [#1] SMP KASAN PTI [ 513.763756][T15522] KASAN: null-ptr-deref in range [0x00000000000000b8-0x00000000000000bf] [ 513.772206][T15522] CPU: 1 UID: 0 PID: 15522 Comm: syz.1.4558 Not tainted syzkaller #0 PREEMPT(full) [ 513.781579][T15522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 513.791642][T15522] RIP: 0010:put_pid_ns+0x37/0x2a0 [ 513.796702][T15522] Code: 53 48 89 fb e8 0a ba 03 00 48 85 db 0f 84 e8 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d b3 d0 00 00 00 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 f9 12 6a 00 4d 8b 3e 31 ff 4c [ 513.816345][T15522] RSP: 0018:ffffc9000ead7cd0 EFLAGS: 00010206 [ 513.822416][T15522] RAX: ffffffff81be2646 RBX: ffffffffffffffea RCX: 0000000000080000 [ 513.830372][T15522] RDX: ffffc900195d3000 RSI: 00000000000020d2 RDI: 00000000000020d3 [ 513.838330][T15522] RBP: 0000000000000004 R08: 0000000000000003 R09: 0000000000000004 [ 513.846290][T15522] R10: dffffc0000000000 R11: fffff52001d5af78 R12: dffffc0000000000 [ 513.854244][T15522] R13: 0000000000000017 R14: 00000000000000ba R15: ffff88805feb12c4 [ 513.862228][T15522] FS: 00007f9c4395f6c0(0000) GS:ffff888125b78000(0000) knlGS:0000000000000000 [ 513.871143][T15522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 513.877708][T15522] CR2: 0000001b30b21ff8 CR3: 0000000067952000 CR4: 00000000003526f0 [ 513.885667][T15522] Call Trace: [ 513.888941][T15522] [ 513.891856][T15522] nsproxy_free+0x20f/0x7c0 [ 513.896349][T15522] create_new_namespaces+0x47a/0x540 [ 513.901618][T15522] unshare_nsproxy_namespaces+0x11c/0x170 [ 513.907325][T15522] ksys_unshare+0x4c8/0x8c0 [ 513.911826][T15522] ? __pfx_ksys_unshare+0x10/0x10 [ 513.916844][T15522] __x64_sys_unshare+0x38/0x50 [ 513.921598][T15522] do_syscall_64+0xfa/0xfa0 [ 513.926085][T15522] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.932133][T15522] ? clear_bhb_loop+0x60/0xb0 [ 513.936793][T15522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.942667][T15522] RIP: 0033:0x7f9c42b8f6c9 [ 513.947075][T15522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.966662][T15522] RSP: 002b:00007f9c4395f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 513.975065][T15522] RAX: ffffffffffffffda RBX: 00007f9c42de5fa0 RCX: 00007f9c42b8f6c9 [ 513.983020][T15522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062020680 [ 513.990975][T15522] RBP: 00007f9c42c11f91 R08: 0000000000000000 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 513.998926][T15522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 514.006878][T15522] R13: 00007f9c42de6038 R14: 00007f9c42de5fa0 R15: 00007ffe83f28b88 [ 514.014845][T15522] [ 514.017859][T15522] Modules linked in: [ 514.022411][T15522] ---[ end trace 0000000000000000 ]--- [ 514.068095][T15522] RIP: 0010:put_pid_ns+0x37/0x2a0 [ 514.075555][T15522] Code: 53 48 89 fb e8 0a ba 03 00 48 85 db 0f 84 e8 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d b3 d0 00 00 00 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 f9 12 6a 00 4d 8b 3e 31 ff 4c [ 514.139705][T15522] RSP: 0018:ffffc9000ead7cd0 EFLAGS: 00010206 [ 514.187820][T15522] RAX: ffffffff81be2646 RBX: ffffffffffffffea RCX: 0000000000080000 [ 514.212411][T15522] RDX: ffffc900195d3000 RSI: 00000000000020d2 RDI: 00000000000020d3 [ 514.276676][T15522] RBP: 0000000000000004 R08: 0000000000000003 R09: 0000000000000004 [ 514.313488][T15522] R10: dffffc0000000000 R11: fffff52001d5af78 R12: dffffc0000000000 [ 514.357886][T15522] R13: 0000000000000017 R14: 00000000000000ba R15: ffff88805feb12c4 [ 514.365894][T15522] FS: 00007f9c4395f6c0(0000) GS:ffff888125b78000(0000) knlGS:0000000000000000 [ 514.407793][T15522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 514.414417][T15522] CR2: 0000001b30b21ff8 CR3: 0000000067952000 CR4: 00000000003526f0 [ 514.427932][T15522] Kernel panic - not syncing: Fatal exception [ 514.434330][T15522] Kernel Offset: disabled [ 514.438642][T15522] Rebooting in 86400 seconds..