last executing test programs: 6m15.907534981s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 6m14.443675902s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 5m45.465423063s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 5m43.923247308s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 5m0.29392953s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 5m0.116481783s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 3m7.722008835s ago: executing program 2 (id=1029): request_key(&(0x7f0000000200)='dns_resolver\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000280)='built\x00\xdf\x00\x00\x80r}sted', 0xfffffffffffffffd) request_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9n::e\x00\x00\x00\x00\x00\x00\x00\x00H\x00\x00\x00', 0x0) r0 = socket$isdn(0x22, 0x3, 0x23) sendto$isdn(r0, &(0x7f0000000480)=ANY=[], 0x2b, 0x0, &(0x7f0000000080)={0x22, 0xf0, 0xe7}, 0x6) socket$netlink(0x10, 0x3, 0x14) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000008100)={0x0, 0x0, &(0x7f00000080c0)={&(0x7f0000000240)=@newtaction={0x64, 0x30, 0x0, 0x0, 0x0, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x2, 0x20000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000100)={0x1, "fa02c8098000", 0xffffffffffffffff}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x3d}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000000)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r4}) syz_io_uring_setup(0x10024ff, &(0x7f0000000080)={0x0, 0x6fb1, 0x10100, 0x3}, &(0x7f0000000100), &(0x7f00000005c0)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001280)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x3}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(r8, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8440}, 0xc, &(0x7f0000000540)={&(0x7f0000000600)=ANY=[@ANYBLOB="74000000fe071bd4b4daee97aebdf3ea667bda57d6987b644e3f3fa1e4c6c9e979335a3c78f71e8847b6fe0ab387a3942cdb3d358665518ab10d1b4a13ddf99df7e3fe82204c52e74df9", @ANYBLOB="000127bd7000fddbdf250e00000060000480440007800800010011000000080002004000000008000200010000000800030005000000080002007600000008000400010000000800010013000000080001000d0000000900010073797a31000000000c0007800800010007000000"], 0x74}, 0x1, 0x0, 0x0, 0xe53fbe0e1d6cad41}, 0x20044080) io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000080)=""/39, 0x27}, {&(0x7f0000000240)=""/127, 0x7f}, {0x0}, {&(0x7f0000000440)=""/92, 0x5c}, {&(0x7f00000001c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/42, 0x2a}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x8) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd502000000090001"], 0x7c}}, 0x0) sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="6c00000010001fff2bbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800b000100697036746e6c000034000280050009000400000008000100", @ANYRES32=r8, @ANYRESHEX=r7], 0x6c}}, 0x0) 3m6.302325585s ago: executing program 2 (id=1079): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000f40)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x40}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x3, 0x4, 0x27ff, 0xc}, 0x48) socket$can_j1939(0x1d, 0x2, 0x7) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40) 3m5.341923221s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 3m2.572230251s ago: executing program 2 (id=1081): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000002c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@my=0x0, 0x1}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f00000008c0)={@local, 0x2}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) r2 = memfd_secret(0x0) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0) 2m59.017211507s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 2m11.190934266s ago: executing program 2 (id=1081): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000002c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@my=0x0, 0x1}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f00000008c0)={@local, 0x2}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) r2 = memfd_secret(0x0) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0) 1m21.733595851s ago: executing program 2 (id=1081): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000002c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@my=0x0, 0x1}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f00000008c0)={@local, 0x2}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) r2 = memfd_secret(0x0) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0) 1m10.110610632s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 1m5.570456818s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 31.547104236s ago: executing program 2 (id=1081): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000002c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@my=0x0, 0x1}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f00000008c0)={@local, 0x2}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) r2 = memfd_secret(0x0) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0) 17.70830741s ago: executing program 1 (id=237): open(&(0x7f0000000000)='./file0\x00', 0x4c143, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) 14.982653339s ago: executing program 4 (id=307): getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000580)={0x0}, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r0}, 0x8) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x0, 0xffffffffffffffff}}, 0x30) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000f8ffffc0"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r6, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) userfaultfd(0x1) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200), 0x4) r7 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_buf(r7, 0x1, 0x0, 0x0, &(0x7f00000001c0)) r8 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000040)={0x15, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500"}) io_uring_setup(0x13b8, &(0x7f0000000300)={0x0, 0xdbc2, 0x1000, 0x1, 0x25}) 10.746919394s ago: executing program 0 (id=1261): r0 = socket$kcm(0x10, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = socket(0x0, 0x0, 0x0) unshare(0x8040080) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, 0x0, 0x25, 0x0, @void}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000180), 0x0) io_setup(0x20, &(0x7f0000001140)) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r5, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x20000000000004}}) ioctl$sock_netdev_private(r4, 0x89f3, &(0x7f0000000000)) socket$inet_tcp(0x2, 0x1, 0x0) unshare(0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a00f00000088080ffb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) 9.809078045s ago: executing program 3 (id=1262): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x8c) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$NL80211_CMD_VENDOR(r0, 0x0, 0x4084) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x14) fcntl$dupfd(r2, 0x0, r5) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xff) write$binfmt_aout(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="03040000b5000000", @ANYRESDEC=0x0, @ANYRES32=r2, @ANYBLOB="214c8936384dcba0f363a9d71fe3139706aea2ddcfa6256d307c382958ed4bb38e3826d0c5f10c7c64977c03c9da8f2fba16de6fc440c0551d", @ANYRES16], 0xc8) socket$inet6(0xa, 0x0, 0x3) write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="03000000b500000001000000feef"], 0xc8) close_range(r3, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) close(0xffffffffffffffff) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f00000005c0)={'#! ', '', [{0x20, '\\:],:%{)!`'}, {0x20, 'macvlan0\x00'}]}, 0x19) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x14d27e, 0x0) syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) 7.753963579s ago: executing program 3 (id=1263): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) socket$inet6(0xa, 0x4, 0x800) mkdir(&(0x7f00000004c0)='./bus\x00', 0x5) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x400, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x13, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x5000200d}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10) ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2, 0x7ffffffe}) ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f0000000140)={0x1, 0x1}) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000000c0)={0x11, @remote, 0x0, 0x3, 'dh\x00'}, 0x2c) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_SERVICE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000140)={'ip_vti0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x8, 0x20, 0xfffffffc, 0x10, {{0x6, 0x4, 0x2, 0x37, 0x18, 0x67, 0x0, 0x8, 0x4, 0x0, @multicast2, @loopback, {[@rr={0x7, 0x0, 0x50}]}}}}}) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000380)={r0, 0x5b, 0x99}, &(0x7f0000000440)={'enc=', 'raw', ' hash=', {'poly1305-simd\x00'}}, &(0x7f0000000500)="3f7897cecbd5f7b764c400c408df9b7486cf460541b4f4c4a692b4ac3236e676519cae625397d09c780a70de70f6310a6dc7875840dfa975ee362f7b068baa31f41894657d3b037f5227d2b0291a3bcfe30ce5ca514fd1d0ac8b2a", &(0x7f0000000580)=""/153) 6.641623608s ago: executing program 3 (id=1264): r0 = socket$pptp(0x18, 0x1, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=@newqdisc={0x88, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0xc, [0x8, 0x5, 0x8, 0x9, 0x2, 0x3, 0x4, 0x1, 0xb, 0x2, 0x6, 0xd, 0x8, 0x5, 0x9, 0x7], 0x0, [0x6, 0x36, 0x4, 0xe, 0xff, 0x4, 0x3, 0x8a, 0x5, 0x4, 0xb84, 0x89, 0x8, 0x3, 0x34e, 0x8000], [0x1, 0x441b, 0x80, 0x2, 0x0, 0x9ef7, 0x6, 0x5, 0x1, 0x0, 0xe35, 0xdd9, 0x3, 0x4, 0x7, 0x9]}}}}]}, 0x88}}, 0x0) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000940)="aa40e7503676a38a5de0479711764886e45e57b62bf716001d6cd3ca67c471a700fb23a75c37488abe01ff028b06719748658b6b74569917e11d055ca0270252ca2d9a6f2354e41a1a1a1223f2cb583b8532d534da4d15cd233c114b2858190824780fe4cd7fc9dd6639b330b1aaf4f4e8df88d5d66840ff3bf272cc51c5a61d654cfad886f1108b942e6dbb3a901fcf9c166b3c3e86160c75ed03b3f79380b6786651339b8f8722e301571ea4f39903c82baa53602125bf78c59f1c1b", 0xbd}, {&(0x7f0000000a00)="9e618776cabbfa4e994383a96b3330a92ce168885827e765df4fca8de07b9874e7ebf4ad30d7170aa2f745ce8a99c0329af22125a5aef8f0051f2aaf30d3100004dc118636844aa56807843ea611d548ef1935b85479c8a2d63a50312026e531f697289e40fd62e7a2ab63d788bf131a21f0820806415e96029be268ae2a277dd9e07ce2e4fc46c56c07b2567d30d3a2a3ae0fd028cb85e9a6fcf6fa695dc56f5d96aba39db451ce08f9e5991abdb37ba35364fb6c613d24a239062fea", 0xbd}, {&(0x7f0000000ac0)="44ed4ae37a1b9f4ff06204dca2d584e4099933cbb7c3f7cbdadbe91ba8e1e42c807bd45555c61569e6cc6dd2ffa9a6059bee10f75e2d415bcce94a9eccb2ffd03b99cc020114b54b96824d8c015abc443f493607efad21d3a9050960bad9dc96ec49f5b1278bcf182409059f634f8561aac4e8a9fe5a4dfc0bfe1d094e4cbddb6688919e8919955d729ef3fba69dfafdb48b934678afb43cf8d61abf4c21c63192a97b31fc444f2e21dce0f49307e88cc740391f1c7653e12cf3e79860567a1debbb8d10d2db008145bb2f93ff519bc7", 0xd0}, {&(0x7f0000000bc0)="cd22b6114cfd3e2b88461aee7de38bfe4546cb56e3c9ee930770b1e4a9cdb54cd79bb4b56e3adbc34d5e8c64b476c6fac132b5ebfc25a23c91355ca6f335cf59be391333806df5bfa504a4284e12a408561f9bdd12e5ecfedbe6011c6a5e56afaea26b9338a6f718952b18b1cb7eabd2de76270aa7948019fb48c0a7e7afc36fa26a4214f03e084f9e51a87722913922bcf90039b50117c044f1d9a879ac578634373d97450628bcfd33e405fec7fcf88438857d31fe631cc1fce74f860611dcf2bfafd90e2311bb0fdb925b995f3b015d0272fd4d7f7b7f86f37d", 0xdb}], 0x4, &(0x7f0000000cc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010102, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x81}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0xe8}, 0x80) r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_control_io(r4, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r4, 0x0, 0x0) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r5, 0x5b02, 0x0) 5.352297372s ago: executing program 0 (id=1265): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a}}, 0x20}}, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x11c, 0x1, 0x0, 0x74efdfe049b861ab) socket$inet6(0xa, 0x40000080806, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f00000014c0)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a40)={0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r4, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20) recvmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xe5}], 0x1}, 0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000200), 0xc, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x1) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x4, 0x0, @empty, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 4.468398302s ago: executing program 0 (id=1266): socket$nl_netfilter(0x10, 0x3, 0xc) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) readv(r0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r4 = syz_open_pts(r0, 0x801) dup3(r4, r0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r6, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303050000000000000002000020d3"]) setresuid(0x0, 0xee01, 0x0) ioctl$KDGKBTYPE(r5, 0x4b48, &(0x7f0000002340)) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000001200)=""/175}, 0x20) 3.33369647s ago: executing program 3 (id=1267): setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f00000009c0)=ANY=[@ANYBLOB="001800000000000007100000000002000000000000000000000007080000000000000000000100c910fe8800000000000000000000000000010092933e12cb5dac73e22042f770164eef64f6c85da9edf3a3729dbd1e96a7a1da31bceeb9e9b2cd4af8d15428aedc4366bf4b6dac4e8ece1a7fae9f4d7346f948c654751238712a2b9d1e343ef999995c3a6c3b85ebf147f9e090e470ab23d5ae4fa623d1e86c04a6e9640e95dfdf3ecc16640a547f67db394c4ee86aaefa1ae992b61480d55bc10dbe1cd042e2fe95093c27a4000000196463348b476e57f5c9eba75c7ba7f20ec3727c0395ed272ae2016da662949ef6fd2d94f9fde323ec5342cb35142dad6355c43a11ba46585ca08debb6d1c8e81e9d4e6d1b56a829326ae7bb"], 0xd0) syz_open_dev$vim2m(0x0, 0x8000, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00'}) syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010400e5876e4040200516940a0000000109021b00010000000009040000015883b200090585010000000000"], 0x0) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x1) ioctl$UI_DEV_CREATE(r1, 0x5501) syz_open_dev$tty20(0xc, 0x4, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) 3.211630395s ago: executing program 0 (id=1268): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000480)='mm_shrink_slab_start\x00', r1}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) close(r2) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000180)={r2, r0, 0x4, r0}, 0x10) syz_init_net_socket$llc(0x1a, 0x0, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4008af25, &(0x7f0000000000)=0x1) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x8) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[]) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x0, @loopback={0x2e000000, 0x5f}}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) read$char_usb(r9, &(0x7f00000001c0)=""/4068, 0xfe4) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 1.673710313s ago: executing program 0 (id=1269): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000440)="6306bc3795f8", 0x6}], 0x2}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0x0, 0xee00, &(0x7f0000000480)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003440), 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r9}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r10}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r7, 0xc00c642e, &(0x7f0000000200)) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r8, {0xa0}}, './file0\x00'}) 1.596871859s ago: executing program 3 (id=1270): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r5, 0x40084149, &(0x7f0000000080)) writev(0xffffffffffffffff, 0x0, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) accept$alg(r0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 389.998356ms ago: executing program 3 (id=1271): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x0, 0x0) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x50009405, &(0x7f0000000080)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/card0/oss_mixer\x00', 0x101340, 0x0) sendmmsg$unix(r3, &(0x7f000001c100)=[{{&(0x7f0000000340)=@file={0x0, './file0/../file0\x00'}, 0x6e, &(0x7f0000000440)=[{&(0x7f0000019580)="39eb20a1e3d03b0e8c3bcf565fde012badf76bd06fa521a05c8bc1f1fb50867696b86d4fce5143237f6ddaf1d9d59f93d635a40c0426491c40d1cece2a5b02802e2f189f6cbd5f42f27cc57a3294c130b35d812e12458effaa89e6faf21fbf8ae0037a966cfbdf76186e713d1c412bacbcfad8bdbad962a44bf4aa4b6577ed70a0bbb7a4d1eab2255733a8df77c4d2fd043e478224777ad4017bbfc92eb72e052861a79b493fbe9b74237b57f999d70223f604177a70fc430011d0b949feedbe8dc6e0d85d6cbf2a49a3edfd1098a56cb247a456ba0a9beec1c9f47d46e82496de7592c763ce027403bbf63996d42487d740e00a33197c4d04341ff296adea08d04148de8392b71bd916a1e2fa408f778fefb55e3437d8afe3f3225955b8e55cd8bd413da01696a3dae2b4333653ddae23b72edfa394a485964533e65a8bb711aa41acda32c9a91a05ba6c2b76dcad9c8db72acc3d7f926f35b5a6a62a726b93e521baa803de6096801f093239602a977d71d2e244d6f2209895bf9c22874d4808ccc38004c36a3d27f7a3e9dee7cd2ad590259a1fd2673bd87857b7c92212271f41fa0e1817d7caac8f518542680b9d019b78d17a1b889a9baf8e701642c3b4780f4e65da707b1851efdfee78df672e210f016a637b2b7ddc981ee65e1fd9e50ccbe1ffa2676d92c8441ca4c95d8d145b2faf2c3fdccc05d6f7fcd6c5ad6ab8baa671e8a1e4fc239f833b6433f67edfa7d7aafad5a01ec9dd985f4eeaec63bdf1a322a9df07c52d625e13c608bb5ccb39776ea2ca3ced05e3f099ec4fe0a878cdef4a8a02dfd78cdcf05ea7cf655b4224c6c003315d082dc7b18107cdca49e787ae580e9c788e1faa050c06852c9e198b50f2294e257ebd2241110483bfd7c14febc1a03488f9718e73869871c21b237dacd9c7a64ddfaa0ef6c5cd44e068fc5aed3091577f145ab79df2894b8a52c585a06f0d53a6178253928a43a501f3eca17b32e5cc5991a0090dedaab141ee7fae50cc083f3d15c60cfc3b4465665007e9d9b3d25415a082b0847895ab311cdd23534d05761c3c6f0d880e4b5bf762b57603caf96cfe774029514ef56f9daf8eafbfbeec599e28fd346f3c846221b50ba587b0076794cb686dcb9670e78f59160495f9dcb37bf686f756db5aae2d523a40cb3ed170ccb1f0c1d92a2fc1746780b8adfa7da37e2ddbc0fce3f454b96e2b836da44396e978e24469947c475d41d8d73d0c8c4674287112cc5e62be6a8976d7cc8e9340e4c8599fd6754758606efa787eca6435d80d90b7c159e02328d4c6652a870b915068e5657b213caaf17cf6b385ba6d11eaee4a0f5d441dfcb71e37e73f4973ebb43d97a15cc5c3a4cf98705e735e76bcbe7a2a36c8aa1032ff8af74c72d1d0cbaa7a3cbeb0e5192c339025980e73d3a4bb5079fb083b41b7bd583b1e1d61651c4ee6e8fe5e0d50b367956351eed44514f49813f0b7c165383351289dfd24985dd4b67aec145db564c950d71ba7f113829211a7018cb1f590c17465e1e5959b44210dbecb13fba5b73b41ae6af0f87eae3cd288e7bdafefdd2b2d22262a969b62a0a1cc5efc6017ebd29915032d687ae4b5b3567aa3b77e68ab1a337cf9e6ec930ca28ad02593671d1a36c2ed466e59cf2eeaab4a38c2c52700d93ceac308cc440c64ea80156829467f6bf88c252eb869997d3096e682ef06f4d804a40c9356e69f09994f1c63c94a9ad1a988da68979869715fd9b26149837c90e75c1f1492ffb630099dbd601bd24d2208a42539771eab548932837e29f9942feb13c9a0cb52b8160816ee9287cc0a83dddc8e2ab50c34d03a7a89a2b251a75436df83d4a09ea694a121de6273a627b300786a0564d5729bc2762859c31bb4d139b0cf7945292315c22b79225d26ac9e98b92eea0bb881901a46d95f579d1af0b7b134ea647c267dfbd936b31f8d8db9dce1e416ef398b9dd63b9a80c338a0de3f9cb334cf0eaf1d202110149f0dc1c11fc976d69a678a9299e1ac8041947055778e2b17df25811fab85746884398f8092e9e441ac4b71e725e6640abde2b5aaee663169c5a2e17bc1992a62ca4d48cdb041b098d9cb0e101b66ae7e2233d310a975176da97c60c310354efabaaaf17609652684496a0c46e7cbf79e8444a61388322b31cac78790ba0454c0291a768ae370cd36b1b5410325655b0b8e3fea426b1d2501166949cc72973f4c4782e918b2aa3df9905f19d1cb6acbee9472301e0072493bd10e50af59735b4185f7acd96a4824a21e007a9d10ca67bbda1a7ee8bdb61b94075a9f698e78542912be337e41a68579fe58143a6eb29b9beb53deb557d9067d74c4ef058aea9950e58d8877f9e68ec7b76220561eadd305a4608227a3055e121bbb74485eaddc51377dd61ebf6786aac61cf7090769356345af67b1a6bc7f7fa34cec3d4521477bf58f7bcbae1bceab4d7a5538f66550a8cb75677b49a9289d2ce56d99e141f9169c3c6a95feefe4703dd7660c0d48f81322ba832d60cc6df3c855cff6c7fd3421e504af9fa0ae60e49a6445b727a08643c61df37b2eef04231d50bfda5242c92456291093ca4586bd9980dba8a525f888cfc313d174d2becff8468f236f88cae7c0e29539c226abc1597c63d9e2ddf1843b192697ec33e9eff5d71682b3fe5cee87e49e5cc44ce1d0a13c2bd9e3171a077bba126a5dc47a2618a5edb65b4c150f421207de2ec2df6a52e65fb27bb2435d6b995ec228c860d3f1db77e28298cf302c51ff1ae0d1ef69ca9c4b8f8f380c33ef526d8ecff352eb26ec99f3e33d1c54f1d36943938bd36fb92feac379e0a20bb4956eba6861509dbafd987659067af0b68c378744c080c304b678077a8dc13aaa0c92e1242907c395bff6129281b17c4db13a1517450d193e393df5dd2b07f1039aae9e05d11725867cdf0750510350900eeaa4bddf87ddef2b61db4001c0ec58293ab909e1b32f39fa43ebdef31fb232c1391d369a56073a058c77ee66264f2c67f61e6bed577689e00d1ddd369d1b9fb1a30908ba6a9aa436da3ce80f0aeb2d71260a79ea4df73aeb089d712364628964d2c5149bbe0a853276b920273aa9817331075178fdb179a295b925d6f4c8541873c90b4c6b7ed46b7888ade953a94baa39bdd0fb66f7c46a05da08e3611ff222d0af35546d50443b2707a57ed908a8cf88c11d99084733a83475ad133087983d0d67a1f6290800da53b6232d0c1e5038b3da8ca2d29b7f79ffd7b456dff9b7812a5148abd3cddf8dc8fd7cc7e5f72cb463e1d297c4b1662b77821725a7fc817f665cb9d47c65a0dbb4d56ca1facec6f88a344ee57cb4c35cc4431d39175d28c2be38a9ed51f007a0065034d707416db6ee9aeaa48e1f5d0afc537523870b53dc0796ccccd2f2dace9834be647a6338932cd2f80cdd87eb64102d7fb13360143e05f14f00a7e6771593adc269ab34259d364697d36bb7511555e541eb0ffb8c17acf42dfc39562edd7c7796175a2fe27bb060fcf43b6056eaed2c870ad7db8eea07fe09b1cc0834ef44e9f223eaddd9058c2e74af7b86f632f18254bb8e1c1bafaeb683fd045a2e935baf27f1709c21f700363001c91be477bdd54ff25d3970505293ac7c0c9d38ca098e0fc18acf4b250ffa459b96faba7980ac3b981bd6ca96f8f76ca5067de050eef162ba305b92ef3acebe0a72366238510edce791b05bfd80cef4cea9816b3c643fd0de74c26abba3e362b0b1e7affdb399d1e55454f3a8cc06dff8becc599a00d97f7c148ba6027a0d67e4f2586fbad6e885c2b50b722337eab180eaccb34d3f512e409e8c894ef80ed3032fe1e0ba0172a1e11cdef55fba6ce1eedba6bcde8d444c673b3b63823518e28573c2373bfb59ae3332fae18584b81a668fe0963127d53b92f6054cb4f481e956a907f33c8cb50c56857442abcaa1c933ba01b86ceb12aa8f640f8f4cb6002f80ae7efdc44c81861cbac5b494c00b829b809d865c006bbea39ca9e4aa0d238f1374d0073ea5117171e07cf11cd4454fb3ebdb35e181262b15a0c3a65357159075ed392615c59c049342c999a056dbc5e8127210b6ef743be906e2e80fd70c71c76a28fb6a131995b0d82c43940cec8e367e917578fb2f60b7dd800956899e9da4a925f7d11d17ff2679960b0c5f34e1e44a92342390438a80917b03fc5785cf2d35ae2978905c8b459dc74f4887a1fb24f33681e70b354aa8238a94e4f9a4116f0d38b0b9310267d4738f176a1802e4b4784d91cf6fbabe28976b8d0d577dc5f8ee7a45a75ea6876ff20b4351a54481903d201d87ea4f1fb88baa1178f1627435ea0b160e522cfeb98af0273b40e4fc68d7dc5b7a3ce298e14b9c4064f4bc00befbd68874898775967e2a94eba916d55b1ba8c04c2797345c4eb9827e4b49f4ca39e20d2764d5e1b931bc725509db1395cf1ccc81c5ed8d742f63c099d687dc8f04f6eace8b3e67992276323ba383887d64a3f304f923da207f2451538f52872530390af62436c77c8da717014ef644a3228a76e6c280d12f820b8545db1e3e541aaccb85326d2a1c30ed7883cb4c5478afa0eb8eb7603b00070782f22ce952ad0ca3343480dd1b9efd163260ead99cd03b67d3b092b17e7c601991927780e7d60ce70867b8f57c73330a8ec5f809feafc5a1c784f88de625fb7c5a3b607847b1711ddb1ef98b303c968009cce5d3504fdba7e9a4529f9439f5ee735c532269702b0f1757d3ea16cbdb2c22c51d0e238f9f9108b04ac51a6c9bcbdf886c926d7e630ee44c0133eeb9d090654c1f157cafcbf24ef8390f6446c9c0082955395cc113cde019024b0a4739e4f781a559225c2d8a53ea394ae104420621405f3297fc4e6ce198156b94bb9d71412698de057300661b8b1d4f4b683f34fa6f17de6b32dc49a03c82c61313f91bacdc21a00751c62b62bafa6d5630fe18fc50903c14bfa1aa0afea74d11132c4b9c8edfba20d03e811c2f63e094f81f066dbcff877d46f53338f0c891d7f8126b26f1c659643169400b98aa42750eee3707e64bc736335eee1a57e084d384ec4ac5e1dc5b9d3be7f305e654443453c62b640270f6425e878c601ba6b97308c80c598c5f38d7e2bebddf87119213ae37693a7a43e2071109e4386657d1340d77de1d85cdee23aa9f8095cf9c20eb7a63e10857af934a66bbe200a12538c8ef37f0fc490d52a1349e6f471dfc9b2c55e37949ec3ea5181d33b6ffdd72afe05f2ed6f2ca56348eb2a50eb8083049c7e2751fef8c6f8da83f550d8d8060ff097c24b289044a2a733b4ea9ca6529103a4376b9b58363fd300b48b0faeef8610679a731539fd418ba796294ae0421826d90387e9f2be167df500a487840652b5c229f3608bbb2432aa0d16b1afa7099c15a0397b1010f04ad7fde34c63d05d55ea6fb67bbd2339f40e5d3497dd1b81c84da8b6e3df1cb2f09aadf1c2886c36fe2326af88c4fdc0dc67ec55b3df3cd2536d3215a9ed10c460fe4c9c625987d8d0547b9c62e32834192ccb3d16831f43ef7308ad11a7dfe159f95c77b9e8f5bcc5c82fa6daded2affe3250ea5865340ba71bddeab4d506c77c2cd43b5c61b0813670881053f67fb6134b7ae3b6649a28d1b7b2a0e5f5f5cc3b3f1c0895bba3c1f039772da6c0ea2ec3c7331a405c78fc545d23d2ddcde3da6ec87092fc3cdb0335774276e3a5adc855a5d969b9b3339da654980c871b3d26b1508e5432dc36fb63d0b0179a53709e6dbdfb725d49590b1939c569aa5209a1e75", 0x1000}, {&(0x7f00000003c0)="a79cc083adba76b074d2a2175674ab41eec0aa5c055dbef7b74b0f475ee28fde48241fc930b12628fd1dacebff472cfb4b8b6758680238d7b48bd65a54bcb2fd4b0585a51d483f474c652a71787825d55fd0daf39cf37fc0ac7afaba75f0bacd2849b6c7c2e47b4fb2f7d99c508788cd61", 0x71}, {&(0x7f000001a580)="2022ad5f6f1ee46c5d6bb26fc12d0db3c23aca3737ac88435a808a233dd7ae1bc19e71bc80824a02733e9be7a2bd1bd69a925a47932c4d7f6d53725659f7da279966787a321ba2ec52f85531462bff58b47dc23976ea30dedb8af6514cbf69dd893bee715b78fff4a38d1395790ee21939941f7392c8e8601dba179e4b5d0d3698b32af10615c5b22531ec44a53594", 0x8f}, {&(0x7f000001a640)="4fdf9ef04b0e59c4b1b4d6d1acfbc724742b33d8cfd2229e25a52fe722b1d6ad8f12978c64cac1c0763ee26aa78d5a6830c554de848b3c098fa43cb1b7c47a0838419267cf01fa2528ccf7bb9f46ff21e0f0495c69d8f156adeb1265a53999975b3a93e0193ba0493a389fe1663aa24e53b8417d26e24630a3b0532563b6c18b1b39ae4c2cabeb22c6ef628e524387e495690844f398282347afbbbb65b3627a64a0ee03c3dcce270f041996fb1307246474c59141ec1435", 0xb8}], 0x4, &(0x7f000001aac0)=[@rights={{0x28, 0x1, 0x1, [r2, r0, r4, r0, r3, r3]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r2, r3]}}, @rights={{0x1c, 0x1, 0x1, [r2, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee00, 0xffffffffffffffff}}}, @rights={{0x20, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r2]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x28, 0x1, 0x1, [r2, r3, r2, 0xffffffffffffffff, r0, r3]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x34, 0x1, 0x1, [r2, 0xffffffffffffffff, r2, r0, 0xffffffffffffffff, r3, r3, r2, r0]}}], 0x168, 0x40800}}, {{&(0x7f000001ac40)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f000001bf00)=[{&(0x7f000001acc0)="09147f0abd39edc0ca4b6999e84db0fb9238e23c17334b5e3be060f7b3ae7540a8f3120668652747a59279127e5814e4fbbeb2ba325bb7733fd2054e1979c78ef9ee2a81b4f58520e911ea98fe128259b17569a8982bbd20a8bfc07570b32e0622d1d1f284d203c65f64d5a0aaae1fb116e57981065452e24f3e15f830351f7bfaa343d8a8832fc1a58212f5e81b2b063320543bd7ddd4c06fe18a9bd13e3f2e64d79cf1086c56450db9e74f3fe44a01f0dd3b856bbac6aa7bb4c484cc9413b891b97f1cef65483dcf5e90eda34c59ab84231c4e248317d2329c51b8f835752b87f5cb2ffc4488dead636b686a99028275386566fa0764754f82efb6efbecb0626482d7acfe13807ed65ae85071cdef8b078b4c324df9c5239203e27078824658982cf629282347e67107df379c6e5d3dc3de390f3fa99aeb0b4de9a57aa8d652ed7e3695f60ec59a36678cc9b5269ce45d51c0797fc1b9a4740f050a95ba178ed20f246d3db7bcd4c749fa1674f75cc904f224190ae5442dc3598c1f283afcf505b8e90dee77dce7d834c6985683a0ea5408c7ea0373c130e98d01ca398fc8985fdea422f97cfbbc7f563e8686ae51522421c3e6b9f320a24df7092ad43124682251088fbdaf87e25ea2268450e892e6e60efc7c4300680e06059ab53566642b6611eaed8ae67726db5219ca66a96e00a80ff83389f261aaf7ac18b0d8769bade9bf30b463ab8f488c6a14511bd6cc5482e6f643b5c59c09307620f18550239fc7a51d91eb2ce464ac1c84ae7d42cf1c2455fbe4817b08da1aa2e8f2b2152468e9d365c80051b6ffdee5db7201317acd1fd8208a17b7c27d66f2ac0ac46fd72e2c4e0da4184bde5e6b1dad89e5a5633b1d05d0a7a1f3ab6adad6c524fdc8f1ec0a2568aa6b7f6fad45647171a0668aa8e0216c0ec965abca182d265e34df733fcd0c1407426582625f831cf2f25f2adffefa5826dedb8787b876ad39c977007e6f335a1116e66926ffa801a41ccf5292bfca616dd4dbc47bd3be2529d648a83d2b139984af4f2ab03f35541c77e5c99620a9df58bad6fd653f851f3dae699fbb8a77207f08fe434d496ca006f58885a9819215fc50ce533a84c4a6ed92575fe7fc84a5fc9849a281e24f5055b7101875d18c9765c368401e29b7ac1805cffb3e78e745b02d1f55ef00d1299282ea3c87ef3033064e47a6af1eda44c75ec193ef4fe7751eada82698c84f431dc8a3eaeeb968804b9ddd6f60524d9e160c3c0e0b58033ef8cae9da2c72ba1e51835b06b5ca3324a853f66a6aeb3f19fc2a76c9782716c7520d8effe22194f6eb74c1c3c0919d8593d8fc1a0671549da2ad09edfcef235795ee8ba05ec1a29d123126300560935c54f66b042c708bb739ef09c4684b98d85fd5a1c3aca09a568bbd7732fc45e30d9d087070044d40ff9dac308e2974d4ccd8d5b6937cbb7e0b95dbffbbb3dd5e6dda7239a091345297744819e0a80a8a21c3abd8b0b1ecab58f7c6353e45e6f8f0f90cf047b8878cf485cc2b4b7e87bc7a124c3a9f2b60437202b173d0a34e611acfa28eba5d9b1991f2092e8826371fe4a6b1dd902319232b609e2b2626c6463b3ae439a1671ee930d87dfc43a283d70a7b7872320b7ce6fc1b68db48325143e7c063d3b3f4cf5bbcd066b7b3e089200b24fa0af64950c6a11b2da543e94047a0df09cffc56d4cdafbb4b4bfff01e9f419ddfa74a75241ede73581044fb02bfcb098989f68b2586c78aeb23024a3ad94db7c466084990f1fd67a069b2a499a7a791c5816bdbd9d6e88b6b20b7000869fa4ff28ae2df875a33f1ecc7108d13dcfbaba45d3e4bf358b7c50cec6e2af7376f74b0db50a0394606b4439abca0626be7f69f6044847001d52f406e625959707da03827b086edeba96c7b95b16c28671534f949afdea08f71207c412f6b2a7ee023cdf5cc03ba3b20878a8ec809c85d1c4565051824f7b000cdb7fe1312ab7c32c37486bb93b67f4ef7e88662153f1b3cddd3b8806bb318fef1eb6419b11996f404dfc9b2c4d5e8ee3fbaa33f9310cc36597c90ba0513958e0fecb18483d0c5664e873068b4a617eb686f362aa968aedadf6b3f07acc2b234eabf661b9cfe31a895e363a6693543e85ad5e1e8dc7d5f7191be3ec0f388aaee27de69e1e9bb50f9a510b5638d70c0b25d5d2ef1489d8dfdd34c1c815424150ce10bdac3ffa07b62da3744bbffee806ae8fb4cf1debe438c65dfc507d12bf07fe5ce0802f8493acbcd98531cf51ed69d82a6736ab84c571d7610b82bfdc7ed7945acf9cf3630f53feaeb8cb65b4cbc255d2037f50cb98849525d6e87005651bf68a17b26c293ea10b81e15c6f4d040b7d6f2e633fa0b9c653fc3cc3f4320baf50b132404f9d1a92d891862e3f0af352ba065bc0758223466a6939a174dee67eaf76e42c976b30562e8270cc3c3284ef62c3b02d84ada0bf04a7828a7779de6e05954a2e8ae70632a5351ad3a8483bedd9dc5f7986ce0d5f21c69975865c4e2145f0299c271fc88846baca47811ba29c60bcd224322215c3003750d1c485b108c0da94d2f1fd7df1bcd7a9681a5630298650140c5c6bf6b74fc542dcfd186b61b460bfd872ca80c0b50cbe81e98c32958105f80bc9c9fe0cc814f043ee6cbf75208b36d73731246a710010387a3580bdf660ccd86e3033c90d44819d8a9a4048132498e52ec34290d0a2dbe0ec0465d05f3035e1b993e7be0b02862aa4706b5700845654f9d7a893cad5774532d2eca2770a0d4903d50e6de26c2b8319480205597e1951731c7025824ac5f9dd1890eff7576365c91c3cf4ad7fd3f31cb83390cae2a4e1573b70ccf74d133cc6df6dceed8efc6b817c9bd40fe1be208fd9d72a0b8f1dfb8a1f3d4eac1e62c6c2e5ea321cf02422ce33e22d1f10c56b99bb74829a2cd41a623e787aab743ddc1c2604688eb33d3e687beb2be870c82434467a7fd47cb1cedc408680168500a8705256f00f137f4ca047c299dc98f9cdb9743b141367a316a77fd9995ed46b291afb78e54bf37a4a611010019f32c8257bbc854fceb30d0cd276e7606d818f419b72a1eed7c7f3b6d113fc08eeccf358f3ac0b642d40b065664d40a4989133567b91d9438168ba01d9bf497ff5d5583721b0a981fd47a601ad12280d1b9b389138e40a58d75cfe691d0ba1064b593335ff4233867a0e0ad08e07be48768fdc424020c4b000f946e4821102c3c93411076ed18fbe8020cf4b099b0f7366960ffe2b832b91316650937eae65a8b7e5bfd7a4a96499a9011cbb8eff8a11af90dd029d1dabd6464b5959c802fe7d212efeb556fa950afed8e1c8266fae90600244706c7033535c34f5389ceaa0a746affb8604bf739ce138b0a66c69cf0854a7e07be85b109cd1e58cd639bd42dad0afa630aecb0338c0dfc56b47df01cdd9489ae37cace60b9fe2bf6977c92d3726af5e8d5a07d3564f97a0658151d3b115ac4ddce525428d69254b7a2f645909b988d422c33b07facfb840f233fe2aba7f050ed26ca26e9fe2c91f1532e0dc36519d38c22b782c1d7c70412c2d5f9b72a9263a1f3a651393b7b0efc36476c6c94afdba80b2ab77c434564e3fbc2aa5cc99407943d95b7406c98e6ad2201709f1e0921a28462d8885104bb8c3b0eed4e8f27ddf9cef34985bf10c66e5d8cbf338908283f9bad1ad76b9ea2db19538cff6ca346ac594c4c98298fa446244c143be721f22d34a449b3ee379308058da384cc5a975bd6ceff2908c055a7ed94f96ef191a1279365cdeabc8a500ef14b237ee4e0e8bc256b33491ebfe1d2de7330bea3da16ccf29f62cbb8751b19baafe4944bd2658cfdfb1f8e369cee341ac43ebaf4a0e790651203a56f50d3cf3f909feb8de25b1ee1d3b2152ed4902a10243ffc9ec482b898ff1f13c52efd5f28b1a4149b8e1dfd435cd6704e56f2713402968893e9c7e2dcb46c940d468155510a41a5f5a7e5335118ceff92cef5828ff05aa9ba2f1779bf383dc714d708f18e44924248d1923530d508560e10eb4d6cf51f51f4126b3dedf23bb1269fbddf5ed97136ac86cc5c3197e82ad70ffceafc297fc982adb3cd897248349a367454dfe5335aa54811d4e5675d6cca5340cae2ebd82f03285801a66d0899b91a9c1e97d6460467ff61cb096e23324f622fec8f1132f581c4dc4e1bdebbd326acdc6439d95c36cec8212d93f5d4988ef7c894d854aa690f3b8ad5c8e524dda1b197450aa7c4b3f562a8a626161bd0b3c82e375b03ce3cf67845560ba2073e131b2b54a810411d912862ca73675fd911f12594dbbb95167f8166e39dc0923b79b85d4a86413db7d368b7963530ed3336620e344ba6aaed3e82fa016711986beb16ce28b2629bf29a0b0c4e43d6123bf3a6d85c1f8c18076c2c5db4ecc3a6e02d1233be2366bc39e467c45ed44f2b772c259bf416bb4605e6782ed786f9142b604be3f8bd9686496d9a41f16340b2a4cd70d3966650745163c6faa637bdffae7175ef8bc9d02a6756d1222704eff2c7ba8f88f9ab4719df1c903efd6814458ec0e23d39401c109fa8d871359a5876e552caf300b05e153358b0f555c1eda9c2d0120fce127be976b3a69761a4c81e3d9e076984e9f416c655968a4c1bf400d86b13d71f827e72b32def247ac13efb25fdf4fe09c7d8cee4f7b7f56569d623085e2d0ae034b05fd0e8e50e54eead4ec8c857fc781ec4fc3258caf92ca848e64c840a213dc4eb8228cf99a1dbd52926b7308b40ee4cf26f3ab72cc3a54d62f9e75ae105f10db3a0a3857a19a101c333e5371f8367b0b9ef5023ac4aa11330e338bdbd8afd0e58614bbdcbbb8fe045f8b6fa65ce63e9083030687503f1299107d78bc66251eb08a2cd22f5fc3b7b40140dcf5cc34c70e9221e89b20f101940911967785ed7c31c7db655e8fc7095503f2c8ecddd2962bfe5933d6ca60aa7d28d011bd72fd2e5e3a8ba8b7a85dacd2f5a741610ece2b9faaaec9f1ba83ddebd61d7582a25f16b30088eb5b75193ba3f36403a8b005620b57404780a2d40597d1211c2ca6937d3240f8dbd18d5895b3e7ea20016b1d334df196f1c73cad74a137af07a6facf72fd378f1a501612f42c429aa04a2417c31931878a114efad8dec5749d26bdfe90e9e0ff05329e7370c9d3c0bd87075d1bc92da2034fc6da761a3feadad945a19b8fe61c2b8eb428fd1f064199abbe1d693b935afcea7dd22a188b1d3ddc88e70d674fada4b64c357c74bccfb8e542281edf3001ee980aae8ff2220312ff30af6b33d2306764e10d35f34b7cd4ef36c65931922543e84b07369b97baf7872b69acfe8f9432d7f5e094b6a875a71ff7d86335a450c718620bd98ccddcbfa05acb6c2d451f1cdc132bd2dc1751c56d123c138750f151ef4b4c9a80fbe073277c4407231552cdcf93fc798c06274ecc5cb1985e867683ea27ea77704f14eb40fe4c44f2e45dd05b3d56faf584118f7d3e496fb3699de883f5d7d23439c84cddbb1c3fab4463657c59fa0ec7902554ec075a7b1cd7307a8488f410d2fa58a28e360ba821c63b30543514c54b06cb7059a0c68dea520ca9db207fad8c84cf823bbe9b6b225e205396083b24bd83ff25f1ea6db6335afb2070f0a00bac13327ec845520359ea69588f331bcac33076750b36acbb0a28d56b2c0ef2414327d658ad9e07acdf454e02fea14a0c95260761536e6af93002951c8317087aa43320320e451588ed62778027db19bfdbcca9d18cd521dafe4f2ebb3ccd14bfdceeadc84b5b8f6edb", 0x1000}, {&(0x7f000001bcc0)="e0b654a19e72c4cc51fa1370057d4828972f3d7aa25c18e4c0c98b10d3ea2e2e2c48d4bc6c179176f90f2aeceea1ae4e8bde1a41d112f99431dd54fc703c55f85e9c307bc5983d71fce31e2897eb8ce4", 0x50}, {&(0x7f000001bd40)="92dfe9ad51fb7f848cbc15b20107dd1ea8f8bc1b5a0eab6a5999b7b8036c02a9b6fcfa0d716b2912c4c57a6c5cc0ed14abef26241aa65382b59daae831a190e119ea312126e2ef7a569732602dbfe3606ade6dd0ba8626611c30fbedb81f", 0x5e}, {&(0x7f000001bdc0)="09ad0b4fbbacd13ba12653631f550c124885c08116ca08424039413980d0cb6297b363e3ea3b7bd149dea64c68b8947d3774eb0674", 0x35}, {&(0x7f000001be00)="b9ee500f8bd56a0ce2dfdfa9023b4055ac2fb7929c4a02080a58c39dff12b4c00100a69e9be8edf03959694cf7baa712ff99b0201e78c3f322180437dc992cc1b423b147903721608948d731d0c57b57310ebd8a62b6b1f75922d867a66df0db4d628e4443ab37b077a50c65ee41ea423de9b95b7705caeb99073779aeac18e31332999d29f1548ef70ca85c595bf05c3df6881340c2fd9f3a0e898bb0b499c62e6262f05198bf48e5b87201d5c3922df90110658a9c9fa9aa0f860e2d3d6a972ec7ade4b5b3f4336537105ef091ce82e36c2b42ed332ff53cd51e65f0823abc8daed02e839e0398961707fb40b2362ba1608cd841", 0xf5}], 0x5, &(0x7f000001c040)=[@rights={{0x28, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xe, 0x1, 0x1, [0xffffffffffffffff, r2, 0xffffffffffffffff, r3, 0xffffffffffffffff, r4, r2, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}], 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) r6 = socket(0x15, 0x5, 0x0) getsockopt(r6, 0x200000000114, 0x2710, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x300, 0x0) preadv(r7, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) r8 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r8, 0x0, 0x0}) io_uring_enter(r8, 0x6b4d, 0x0, 0x0, 0x0, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r12, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r15 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x2c, r15, 0x18fe2a01ed25d92f, 0x0, 0x0, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r14}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_ELP_INTERVAL={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40) io_uring_enter(r8, 0x0, 0x3, 0x7, 0x0, 0x0) 0s ago: executing program 0 (id=1272): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe40400000056bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a05cbee30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3157f00000000000000a06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630000000002232017810e743bdaf879946547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e6dafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e097585ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994a0002000000000000e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb50409fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4d8521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060fd2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3bca426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db00000000000001f915268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde000006c06d4d551e81ee73459cf1c00000000000000000000628a663ed417be6ff5b172cba4a1ec629a39ec253c087b1e9ce84e25b8717ae8581bf28c16a8bbda8d69358e885ddf5387e419c64847b8953070cdefe7d6a35197638e929f8f3c005f9de3fe351def9ed5"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x56, 0x109, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c96", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0x0, 0x162, 0x0, &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d8", 0x2, 0x0, 0x3ff}, 0x50) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000647e674685000000040000001801000020756c2500000000002020207b1ae8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='block_plug\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0x43400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x4}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00'}, 0x10) getdents(r3, &(0x7f0000001140)=""/27, 0x1b) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0x2, @private}}, 0x1e) r6 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r6, &(0x7f0000002440)={0x18, 0x2, {0x2, @remote}}, 0x1e) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x9) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) r7 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) kernel console output (not intermixed with test programs): 458787.873:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1054.383901][ T29] audit: type=1326 audit(1725458787.903:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1054.939312][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.951104][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.163290][ T29] audit: type=1326 audit(1725458787.903:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.283866][ T29] audit: type=1326 audit(1725458787.903:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.391624][ T29] audit: type=1326 audit(1725458787.913:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.479873][ T29] audit: type=1326 audit(1725458787.913:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.538818][ T29] audit: type=1326 audit(1725458787.913:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.694750][ T29] audit: type=1326 audit(1725458787.933:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.775524][ T29] audit: type=1326 audit(1725458787.933:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.819408][ T29] audit: type=1326 audit(1725458787.933:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.843496][ T29] audit: type=1326 audit(1725458787.943:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1055.881498][ T29] audit: type=1326 audit(1725458787.953:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12697 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1056.012385][T12729] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 1056.782862][T12417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1056.922249][T12417] 8021q: adding VLAN 0 to HW filter on device team0 [ 1057.011988][T12735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1128'. [ 1057.021212][T12735] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1128'. [ 1057.158058][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 1057.165340][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1057.213198][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 1057.220464][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1057.436388][T12417] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1057.767295][T12480] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1057.805257][T12480] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1057.844952][T12480] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1057.878047][T12480] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1058.285239][T12415] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1058.319272][T12415] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1058.348650][T12415] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1058.443001][T12417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1058.554064][T12415] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1058.804865][T12749] exFAT-fs (nullb0): invalid boot record signature [ 1058.811864][T12749] exFAT-fs (nullb0): failed to read boot sector [ 1058.818249][T12749] exFAT-fs (nullb0): failed to recognize exfat type [ 1059.767425][T12480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1059.840084][T12480] 8021q: adding VLAN 0 to HW filter on device team0 [ 1059.908725][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1059.915924][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1059.978420][ T1294] bridge0: port 2(bridge_slave_1) entered blocking state [ 1059.985627][ T1294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1060.106834][T12417] veth0_vlan: entered promiscuous mode [ 1060.201854][T12417] veth1_vlan: entered promiscuous mode [ 1061.729600][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 1061.729672][ T29] audit: type=1326 audit(1725458795.933:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12764 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1062.143917][ T29] audit: type=1326 audit(1725458795.933:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12764 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1062.144379][T12415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1062.364395][T12415] 8021q: adding VLAN 0 to HW filter on device team0 [ 1062.411957][T12417] veth0_macvtap: entered promiscuous mode [ 1062.467506][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 1062.474785][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1062.522506][T12417] veth1_macvtap: entered promiscuous mode [ 1062.586086][ T8] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 1062.597012][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 1062.604257][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1062.761360][T12417] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1062.798128][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1062.839746][ T8] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1062.859585][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1062.879867][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1062.905361][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1062.931367][ T8] usb 4-1: config 0 descriptor?? [ 1062.954502][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1062.982753][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1063.037210][T12417] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1063.080332][T12417] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1063.090298][T12417] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1063.104734][T12417] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1063.142697][T12417] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1063.220603][T12775] input: syz0 as /devices/virtual/input/input33 [ 1063.277249][T12415] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1063.313986][ T5276] usb 4-1: USB disconnect, device number 42 [ 1063.379845][T12480] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1063.749682][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1063.795756][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1063.951100][ T3026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1063.988985][ T3026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1066.213790][ T29] audit: type=1326 audit(1725458800.003:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1066.533715][ T29] audit: type=1326 audit(1725458800.003:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1066.683808][ T29] audit: type=1326 audit(1725458800.003:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1066.793432][ T29] audit: type=1326 audit(1725458800.003:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1066.868071][T12415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1066.913767][ T29] audit: type=1326 audit(1725458800.003:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1066.956618][ T29] audit: type=1326 audit(1725458800.003:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.003780][ T29] audit: type=1326 audit(1725458800.003:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.075999][ T29] audit: type=1326 audit(1725458800.003:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.164537][ T29] audit: type=1326 audit(1725458800.013:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.214680][ T29] audit: type=1326 audit(1725458800.013:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.239279][ T29] audit: type=1326 audit(1725458800.013:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.303443][ T29] audit: type=1326 audit(1725458800.013:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1067.450938][ T29] audit: type=1326 audit(1725458800.013:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12812 comm="syz.3.1137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1068.339438][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1068.449950][T12480] veth0_vlan: entered promiscuous mode [ 1068.651502][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1068.770091][T12480] veth1_vlan: entered promiscuous mode [ 1068.959292][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1071.880265][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1071.931245][T12415] veth0_vlan: entered promiscuous mode [ 1072.009969][T12415] veth1_vlan: entered promiscuous mode [ 1072.113204][T12480] veth0_macvtap: entered promiscuous mode [ 1072.210674][T12480] veth1_macvtap: entered promiscuous mode [ 1072.478994][T10435] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1072.489474][T10435] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1072.497825][T10435] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1072.506237][T10435] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1072.514402][T10435] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1072.521678][T10435] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1072.551854][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1072.615199][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1072.649447][T12480] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1072.663031][T12415] veth0_macvtap: entered promiscuous mode [ 1072.720715][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1072.753758][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1072.802377][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1072.820190][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1072.833279][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1072.844759][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1072.862982][T12480] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1073.048418][T12415] veth1_macvtap: entered promiscuous mode [ 1073.103010][T12480] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.145051][T12480] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.154530][T12480] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.176906][T12480] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.220721][ T11] bridge_slave_1: left allmulticast mode [ 1073.243618][ T11] bridge_slave_1: left promiscuous mode [ 1073.617738][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1073.640047][ T11] bridge_slave_0: left allmulticast mode [ 1074.615660][T10435] Bluetooth: hci3: command tx timeout [ 1075.343774][ T11] bridge_slave_0: left promiscuous mode [ 1075.349814][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1076.715804][T10435] Bluetooth: hci3: command tx timeout [ 1077.630944][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1077.642222][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1077.653275][ T11] bond0 (unregistering): Released all slaves [ 1078.366762][ T11] hsr_slave_0: left promiscuous mode [ 1078.375765][ T11] hsr_slave_1: left promiscuous mode [ 1078.382199][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1078.398942][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1078.410839][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1078.422688][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1078.461441][ T11] veth1_macvtap: left promiscuous mode [ 1078.469916][ T11] veth0_macvtap: left promiscuous mode [ 1078.481960][ T11] veth1_vlan: left promiscuous mode [ 1078.490187][ T11] veth0_vlan: left promiscuous mode [ 1078.895927][T10435] Bluetooth: hci3: command tx timeout [ 1079.014377][T12932] netlink: 'syz.0.1146': attribute type 1 has an invalid length. [ 1080.983852][T10435] Bluetooth: hci3: command tx timeout [ 1081.601146][T10647] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1081.613750][T10647] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1081.622267][T10647] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1081.829609][T10647] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1081.855691][T10647] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1081.863821][T10647] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1082.732686][ T5277] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 1083.337329][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1083.396798][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1084.374265][T10647] Bluetooth: hci1: command tx timeout [ 1084.736321][ T5322] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 1084.833839][T12863] chnl_net:caif_netlink_parms(): no params data found [ 1084.836039][T12953] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1084.963812][ T5322] usb 1-1: Using ep0 maxpacket: 8 [ 1085.006697][ T5322] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 1085.063527][ T5322] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1085.116393][ T5322] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1085.131319][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 1085.131338][ T29] audit: type=1400 audit(1725458819.393:1699): avc: denied { listen } for pid=12952 comm="syz.3.1152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1085.200158][ T5322] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1085.254846][ T5322] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1085.283768][ T29] audit: type=1400 audit(1725458819.423:1700): avc: denied { accept } for pid=12952 comm="syz.3.1152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1085.304920][ T5322] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1085.348658][T12960] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1152'. [ 1085.448066][T10435] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1085.471733][T10435] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1085.490207][T10435] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1085.507094][T10435] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1085.543920][T10435] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1085.565950][T10435] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1085.573969][ T5322] usb 1-1: usb_control_msg returned -32 [ 1085.605361][ T5322] usbtmc 1-1:16.0: can't read capabilities [ 1085.638481][ T5322] usb 1-1: USB disconnect, device number 30 [ 1086.060347][ T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1086.115778][T12863] bridge0: port 1(bridge_slave_0) entered blocking state [ 1086.127810][T12863] bridge0: port 1(bridge_slave_0) entered disabled state [ 1086.138174][T12863] bridge_slave_0: entered allmulticast mode [ 1086.150052][T12863] bridge_slave_0: entered promiscuous mode [ 1086.466018][T10435] Bluetooth: hci1: command tx timeout [ 1086.468064][ T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1086.497865][ T8] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 1086.511173][T12863] bridge0: port 2(bridge_slave_1) entered blocking state [ 1086.523050][T12863] bridge0: port 2(bridge_slave_1) entered disabled state [ 1086.551778][T12863] bridge_slave_1: entered allmulticast mode [ 1086.601762][T12863] bridge_slave_1: entered promiscuous mode [ 1086.646807][T12933] chnl_net:caif_netlink_parms(): no params data found [ 1086.723691][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 1086.740245][ T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC6, changing to 0x86 [ 1086.778743][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1086.807112][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0 [ 1086.842247][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1086.863548][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1086.883678][ T8] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 1086.910168][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1086.932825][ T8] usb 4-1: Product: syz [ 1086.944332][ T8] usb 4-1: Manufacturer: syz [ 1086.956432][ T8] usb 4-1: SerialNumber: syz [ 1086.994066][ T8] usb 4-1: config 0 descriptor?? [ 1087.002411][ T8] port100 4-1:0.0: NFC: Could not get supported command types [ 1087.018032][ T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.518673][ T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.637918][T12863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1087.654619][T10435] Bluetooth: hci2: command tx timeout [ 1087.908479][T12863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1088.340477][T12933] bridge0: port 1(bridge_slave_0) entered blocking state [ 1088.372880][T12933] bridge0: port 1(bridge_slave_0) entered disabled state [ 1088.394449][T12933] bridge_slave_0: entered allmulticast mode [ 1088.423930][T12933] bridge_slave_0: entered promiscuous mode [ 1088.487204][T12863] team0: Port device team_slave_0 added [ 1088.497686][T12863] team0: Port device team_slave_1 added [ 1088.539343][T10435] Bluetooth: hci1: command tx timeout [ 1088.555477][T12933] bridge0: port 2(bridge_slave_1) entered blocking state [ 1088.573097][T12933] bridge0: port 2(bridge_slave_1) entered disabled state [ 1088.582086][T12933] bridge_slave_1: entered allmulticast mode [ 1088.593565][T12933] bridge_slave_1: entered promiscuous mode [ 1089.076160][T12863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1089.197479][T12863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1089.508540][T12863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1089.551332][T12863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1089.600957][T12863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1089.667057][T12863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1089.733136][ T5322] usb 4-1: USB disconnect, device number 44 [ 1089.739250][T10435] Bluetooth: hci2: command tx timeout [ 1089.880647][T12933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1090.098493][T12933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1090.176625][T13022] netlink: 'syz.0.1156': attribute type 1 has an invalid length. [ 1091.114715][T10435] Bluetooth: hci1: command tx timeout [ 1091.796960][T12863] hsr_slave_0: entered promiscuous mode [ 1091.823994][T10435] Bluetooth: hci2: command tx timeout [ 1091.844382][T12863] hsr_slave_1: entered promiscuous mode [ 1091.900978][T12863] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1091.922746][T12863] Cannot create hsr debugfs directory [ 1093.054626][T10747] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 1093.074505][T12933] team0: Port device team_slave_0 added [ 1093.177529][T12933] team0: Port device team_slave_1 added [ 1093.305190][T10747] usb 1-1: config 0 has no interfaces? [ 1093.313541][T10747] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 1093.349330][T10747] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1093.392336][T10747] usb 1-1: config 0 descriptor?? [ 1093.504986][T13046] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1160'. [ 1093.516407][T13046] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1160'. [ 1093.578150][T12933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1093.598628][T12933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.686049][T12933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1093.721896][T12933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1093.732025][T12933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.759904][T12933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1093.874584][T12964] chnl_net:caif_netlink_parms(): no params data found [ 1093.893735][T10435] Bluetooth: hci2: command tx timeout [ 1094.148051][T12933] hsr_slave_0: entered promiscuous mode [ 1094.191503][T12933] hsr_slave_1: entered promiscuous mode [ 1094.198937][T12933] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1094.208090][T12933] Cannot create hsr debugfs directory [ 1094.383988][T10876] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1094.456289][T12964] bridge0: port 1(bridge_slave_0) entered blocking state [ 1094.464139][T12964] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.472108][T12964] bridge_slave_0: entered allmulticast mode [ 1094.481094][T12964] bridge_slave_0: entered promiscuous mode [ 1094.511386][ T11] bridge_slave_1: left allmulticast mode [ 1094.517421][ T11] bridge_slave_1: left promiscuous mode [ 1094.523149][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1094.540456][ T11] bridge_slave_0: left allmulticast mode [ 1094.546544][ T11] bridge_slave_0: left promiscuous mode [ 1094.552236][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.595509][T10876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1094.613090][ T11] bridge_slave_1: left allmulticast mode [ 1094.620306][T10876] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1094.629772][ T11] bridge_slave_1: left promiscuous mode [ 1094.635742][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1094.643287][T10876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1094.655970][ T11] bridge_slave_0: left allmulticast mode [ 1094.662598][ T11] bridge_slave_0: left promiscuous mode [ 1094.672746][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.681132][T10876] usb 4-1: config 0 descriptor?? [ 1094.905191][T13050] input: syz0 as /devices/virtual/input/input35 [ 1094.995472][T10747] usb 4-1: USB disconnect, device number 45 [ 1095.015341][T10876] usb 1-1: USB disconnect, device number 31 [ 1095.360029][T13057] FAULT_INJECTION: forcing a failure. [ 1095.360029][T13057] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1095.373334][T13057] CPU: 1 UID: 0 PID: 13057 Comm: syz.0.1162 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1095.384135][T13057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1095.394195][T13057] Call Trace: [ 1095.397485][T13057] [ 1095.400413][T13057] dump_stack_lvl+0x16c/0x1f0 [ 1095.405101][T13057] should_fail_ex+0x497/0x5b0 [ 1095.409788][T13057] _copy_from_user+0x30/0xf0 [ 1095.414383][T13057] sk_setsockopt+0x5b8/0x3d40 [ 1095.419106][T13057] ? __pfx_sk_setsockopt+0x10/0x10 [ 1095.424226][T13057] ? avc_has_perm+0x11b/0x1c0 [ 1095.428913][T13057] ? __pfx_avc_has_perm+0x10/0x10 [ 1095.433954][T13057] ? sock_has_perm+0x25a/0x2f0 [ 1095.438729][T13057] udp_lib_setsockopt+0x721/0xfe0 [ 1095.443762][T13057] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 1095.450004][T13057] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 1095.455559][T13057] ? find_held_lock+0x2d/0x110 [ 1095.460331][T13057] udpv6_setsockopt+0xbc/0xd0 [ 1095.465025][T13057] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 1095.471275][T13057] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1095.477170][T13057] do_sock_setsockopt+0x222/0x480 [ 1095.482197][T13057] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1095.487775][T13057] ? __fget_light+0x173/0x210 [ 1095.492463][T13057] __sys_setsockopt+0x1a4/0x270 [ 1095.497338][T13057] ? __pfx___sys_setsockopt+0x10/0x10 [ 1095.502910][T13057] ? fput+0x32/0x390 [ 1095.506850][T13057] ? ksys_write+0x1ab/0x260 [ 1095.511356][T13057] ? __pfx_ksys_write+0x10/0x10 [ 1095.516231][T13057] __x64_sys_setsockopt+0xbd/0x160 [ 1095.521373][T13057] ? do_syscall_64+0x91/0x250 [ 1095.526074][T13057] ? lockdep_hardirqs_on+0x7c/0x110 [ 1095.531304][T13057] do_syscall_64+0xcd/0x250 [ 1095.535830][T13057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.541744][T13057] RIP: 0033:0x7f512397cef9 [ 1095.546165][T13057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1095.565777][T13057] RSP: 002b:00007f51247f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1095.574190][T13057] RAX: ffffffffffffffda RBX: 00007f5123b36058 RCX: 00007f512397cef9 [ 1095.582243][T13057] RDX: 0000000000000031 RSI: 0000000000000001 RDI: 0000000000000003 [ 1095.590208][T13057] RBP: 00007f51247f2090 R08: 0000000000000004 R09: 0000000000000000 [ 1095.598176][T13057] R10: 0000000020001600 R11: 0000000000000246 R12: 0000000000000001 [ 1095.606142][T13057] R13: 0000000000000000 R14: 00007f5123b36058 R15: 00007ffc32e76ba8 [ 1095.614124][T13057] [ 1095.648634][ T29] audit: type=1400 audit(1725458829.914:1701): avc: denied { accept } for pid=13055 comm="syz.0.1162" path="socket:[56197]" dev="sockfs" ino=56197 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 1096.112591][T13062] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1163'. [ 1096.128847][T13062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1163'. [ 1096.161065][T13062] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1163'. [ 1096.243778][T13062] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1163'. [ 1096.464233][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1096.493634][ T5322] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 1096.501745][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1096.570627][ T11] bond0 (unregistering): Released all slaves [ 1096.711704][ T5322] usb 4-1: config 0 has no interfaces? [ 1096.763750][ T5322] usb 4-1: New USB device found, idVendor=12ef, idProduct=0100, bcdDevice=e2.c2 [ 1096.782771][ T5322] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1096.803991][ T5322] usb 4-1: Product: syz [ 1096.808284][ T5322] usb 4-1: Manufacturer: syz [ 1096.812996][ T5322] usb 4-1: SerialNumber: syz [ 1096.821705][ T5322] usb 4-1: config 0 descriptor?? [ 1096.930185][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1096.949356][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1096.969065][ T11] bond0 (unregistering): Released all slaves [ 1096.991616][T12964] bridge0: port 2(bridge_slave_1) entered blocking state [ 1097.002075][T12964] bridge0: port 2(bridge_slave_1) entered disabled state [ 1097.012820][T12964] bridge_slave_1: entered allmulticast mode [ 1097.023296][T12964] bridge_slave_1: entered promiscuous mode [ 1097.109679][T13066] tipc: Started in network mode [ 1097.116013][T13066] tipc: Node identity , cluster identity 4711 [ 1097.163554][T13066] tipc: Failed to set node id, please configure manually [ 1097.221246][T13066] tipc: Enabling of bearer rejected, failed to enable media [ 1097.546292][T12964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1097.695947][ T11] hsr_slave_0: left promiscuous mode [ 1097.711338][ T11] hsr_slave_1: left promiscuous mode [ 1097.725076][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1097.732839][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1097.745190][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1097.753479][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1097.780916][ T11] hsr_slave_0: left promiscuous mode [ 1097.792616][ T11] hsr_slave_1: left promiscuous mode [ 1097.807400][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1097.828405][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1097.889416][ T11] veth1_macvtap: left promiscuous mode [ 1097.895160][ T11] veth0_macvtap: left promiscuous mode [ 1097.901116][ T11] veth1_vlan: left promiscuous mode [ 1097.908309][ T11] veth0_vlan: left promiscuous mode [ 1097.919960][ T11] veth1_macvtap: left promiscuous mode [ 1097.926384][ T11] veth0_macvtap: left promiscuous mode [ 1097.932341][ T11] veth1_vlan: left promiscuous mode [ 1097.945464][ T11] veth0_vlan: left promiscuous mode [ 1098.971241][T10876] usb 4-1: USB disconnect, device number 46 [ 1099.801204][T13085] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1167'. [ 1100.232003][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1100.339103][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1100.585539][ T29] audit: type=1400 audit(1725458834.854:1702): avc: denied { write } for pid=13087 comm="syz.3.1168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 1102.032418][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1102.097209][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1102.822621][T12964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1102.983010][T13089] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1168'. [ 1103.088714][T12964] team0: Port device team_slave_0 added [ 1103.904124][T12964] team0: Port device team_slave_1 added [ 1105.500867][T12964] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1105.560348][T12964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1105.644080][T12964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1105.715898][T12964] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1105.763943][T12964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1105.808433][T12964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1105.821050][T13120] tipc: Started in network mode [ 1105.829584][T13120] tipc: Node identity , cluster identity 4711 [ 1105.842154][T13120] tipc: Failed to set node id, please configure manually [ 1105.849696][T13120] tipc: Enabling of bearer rejected, failed to enable media [ 1105.953751][ T5277] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 1106.117792][T12964] hsr_slave_0: entered promiscuous mode [ 1106.150650][T12964] hsr_slave_1: entered promiscuous mode [ 1106.168959][T12964] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1106.179890][ T5277] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1106.192562][T12964] Cannot create hsr debugfs directory [ 1106.198516][ T5277] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1106.231535][ T5277] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1106.251623][ T5277] usb 4-1: config 0 descriptor?? [ 1106.473607][T13122] input: syz0 as /devices/virtual/input/input36 [ 1106.503866][ T47] usb 4-1: USB disconnect, device number 47 [ 1106.581530][ T29] audit: type=1400 audit(1725458840.844:1703): avc: denied { write } for pid=13136 comm="syz.0.1175" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 1106.625111][T12863] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1106.768116][T12863] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1106.870373][T12863] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1106.911772][T12863] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1107.518912][T12863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1107.690264][T12863] 8021q: adding VLAN 0 to HW filter on device team0 [ 1107.780899][T12933] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1107.806796][ T3774] bridge0: port 1(bridge_slave_0) entered blocking state [ 1107.814000][ T3774] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1107.849285][T12933] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1107.904607][T12933] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1107.922247][T12933] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1107.965895][ T3774] bridge0: port 2(bridge_slave_1) entered blocking state [ 1107.973070][ T3774] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1108.289915][ T29] audit: type=1400 audit(1725458842.554:1704): avc: denied { ioctl } for pid=13148 comm="syz.0.1177" path="socket:[57488]" dev="sockfs" ino=57488 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 1108.571443][T12933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1110.983192][T12933] 8021q: adding VLAN 0 to HW filter on device team0 [ 1110.999702][T13154] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1178'. [ 1111.159303][ T3774] bridge0: port 1(bridge_slave_0) entered blocking state [ 1111.166546][ T3774] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1111.242659][ T3774] bridge0: port 2(bridge_slave_1) entered blocking state [ 1111.249820][ T3774] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1111.305516][T12964] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1111.377013][T12964] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1111.467594][T12964] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1111.512919][T12964] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1111.901537][T13166] netlink: 'syz.0.1180': attribute type 1 has an invalid length. [ 1113.650562][T12863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1114.209641][T12863] veth0_vlan: entered promiscuous mode [ 1114.256904][T12964] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1114.339354][T12863] veth1_vlan: entered promiscuous mode [ 1114.442734][T12964] 8021q: adding VLAN 0 to HW filter on device team0 [ 1114.571649][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.578822][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1114.672708][T13187] tipc: Started in network mode [ 1114.679851][T13187] tipc: Node identity , cluster identity 4711 [ 1114.686238][T13187] tipc: Failed to set node id, please configure manually [ 1114.695984][T13187] tipc: Enabling of bearer rejected, failed to enable media [ 1114.708536][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 1114.715781][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1114.909142][T12863] veth0_macvtap: entered promiscuous mode [ 1114.993764][T12863] veth1_macvtap: entered promiscuous mode [ 1115.116875][T12933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1115.263952][T12863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1115.321944][T12863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.356848][T12863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.393704][T12863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.422438][T12863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.484208][T12863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1115.567675][T12863] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.596325][T12863] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.606758][T12863] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.616697][T12863] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.745984][ T5277] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 1115.809326][T12933] veth0_vlan: entered promiscuous mode [ 1115.967325][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1115.991311][T12933] veth1_vlan: entered promiscuous mode [ 1115.992218][ T5277] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1116.011134][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.041465][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1116.046131][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1116.077441][ T5277] usb 1-1: config 0 descriptor?? [ 1116.201304][T12964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1116.233802][ T1294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.272542][ T1294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1116.313887][T13211] input: syz0 as /devices/virtual/input/input37 [ 1116.359876][T12933] veth0_macvtap: entered promiscuous mode [ 1116.399339][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.406603][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.418395][T10747] usb 1-1: USB disconnect, device number 32 [ 1116.440435][T12933] veth1_macvtap: entered promiscuous mode [ 1116.857224][T12933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1116.898254][T12933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1116.935340][T12933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1116.972076][T12933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1117.045078][T12933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1117.073140][T12933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1117.086086][T12933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1117.125731][T12933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1117.161733][T12933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1117.195379][T12933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1117.264726][T12933] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.288607][T12933] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.522130][T12933] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.531413][T12933] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1118.590402][ T53] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1118.846644][T13257] input: syz1 as /devices/virtual/input/input38 [ 1119.025367][ T53] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1121.195532][T13263] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1190'. [ 1121.291679][ T53] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1121.504623][T12964] veth0_vlan: entered promiscuous mode [ 1121.607770][T10647] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1121.620340][T10647] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1121.629292][T10647] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1121.638983][T10647] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1121.641940][ T53] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1121.665650][T10647] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1121.678075][T10647] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1121.679569][T13276] FAULT_INJECTION: forcing a failure. [ 1121.679569][T13276] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1121.704257][T13276] CPU: 0 UID: 0 PID: 13276 Comm: syz.3.1191 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1121.715064][T13276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1121.725128][T13276] Call Trace: [ 1121.728432][T13276] [ 1121.731364][T13276] dump_stack_lvl+0x16c/0x1f0 [ 1121.736054][T13276] should_fail_ex+0x497/0x5b0 [ 1121.740743][T13276] _copy_from_user+0x30/0xf0 [ 1121.745344][T13276] copy_msghdr_from_user+0x99/0x160 [ 1121.750556][T13276] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1121.756385][T13276] ? find_held_lock+0x2d/0x110 [ 1121.761160][T13276] ___sys_recvmsg+0xdc/0x1a0 [ 1121.765771][T13276] ? __pfx____sys_recvmsg+0x10/0x10 [ 1121.771000][T13276] ? __fget_light+0x173/0x210 [ 1121.775692][T13276] do_recvmmsg+0x2ba/0x750 [ 1121.780133][T13276] ? __pfx_do_recvmmsg+0x10/0x10 [ 1121.785098][T13276] ? vfs_write+0x14d/0x1140 [ 1121.789631][T13276] ? __mutex_unlock_slowpath+0x164/0x650 [ 1121.795319][T13276] __x64_sys_recvmmsg+0x239/0x290 [ 1121.800364][T13276] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1121.805929][T13276] do_syscall_64+0xcd/0x250 [ 1121.810450][T13276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1121.816353][T13276] RIP: 0033:0x7f214a57cef9 [ 1121.820856][T13276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1121.840476][T13276] RSP: 002b:00007f214b437038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1121.848895][T13276] RAX: ffffffffffffffda RBX: 00007f214a735f80 RCX: 00007f214a57cef9 [ 1121.856953][T13276] RDX: 0000000000000001 RSI: 00000000200008c0 RDI: 0000000000000004 [ 1121.864991][T13276] RBP: 00007f214b437090 R08: 0000000000000000 R09: 0000000000000000 [ 1121.872993][T13276] R10: 00000000000000cb R11: 0000000000000246 R12: 0000000000000001 [ 1121.880969][T13276] R13: 0000000000000000 R14: 00007f214a735f80 R15: 00007ffed5c01408 [ 1121.888965][T13276] [ 1121.967762][T12964] veth1_vlan: entered promiscuous mode [ 1122.234656][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1122.245631][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1122.323244][T10747] usb 4-1: new full-speed USB device number 48 using dummy_hcd [ 1122.469286][T12964] veth0_macvtap: entered promiscuous mode [ 1122.538552][T12964] veth1_macvtap: entered promiscuous mode [ 1122.632151][ T53] bridge_slave_1: left allmulticast mode [ 1122.647703][ T53] bridge_slave_1: left promiscuous mode [ 1122.655032][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 1122.668583][ T53] bridge_slave_0: left allmulticast mode [ 1122.757109][T10747] usb 4-1: not running at top speed; connect to a high speed hub [ 1122.812598][ T53] bridge_slave_0: left promiscuous mode [ 1122.830284][T10747] usb 4-1: config 15 has an invalid interface number: 112 but max is 1 [ 1122.889389][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 1122.931826][T10747] usb 4-1: config 15 has an invalid interface number: 219 but max is 1 [ 1123.059727][T10747] usb 4-1: config 15 contains an unexpected descriptor of type 0x2, skipping [ 1123.211108][T10747] usb 4-1: config 15 has 3 interfaces, different from the descriptor's value: 2 [ 1123.242512][T10747] usb 4-1: config 15 has no interface number 1 [ 1123.267538][T10747] usb 4-1: config 15 has no interface number 2 [ 1123.285811][T10747] usb 4-1: config 15 interface 112 altsetting 2 has an invalid descriptor for endpoint zero, skipping [ 1123.332653][T10747] usb 4-1: config 15 interface 219 altsetting 5 endpoint 0x8 has an invalid bInterval 0, changing to 10 [ 1123.391606][T10747] usb 4-1: config 15 interface 219 altsetting 5 endpoint 0x8 has invalid maxpacket 1040, setting to 64 [ 1123.459731][T10747] usb 4-1: config 15 interface 219 altsetting 5 endpoint 0xD has invalid maxpacket 43683, setting to 64 [ 1123.640017][T10747] usb 4-1: config 15 interface 219 altsetting 5 endpoint 0x2 has invalid maxpacket 1024, setting to 64 [ 1123.655172][T10747] usb 4-1: config 15 interface 219 altsetting 5 has a duplicate endpoint with address 0xD, skipping [ 1123.668905][T10747] usb 4-1: config 15 interface 219 altsetting 5 endpoint 0xE has invalid maxpacket 1024, setting to 64 [ 1123.680194][T10747] usb 4-1: config 15 interface 219 altsetting 5 has 5 endpoint descriptors, different from the interface descriptor's value: 15 [ 1123.693743][T10747] usb 4-1: too many endpoints for config 15 interface 0 altsetting 186: 34, using maximum allowed: 30 [ 1124.275322][T10435] Bluetooth: hci3: command tx timeout [ 1124.316207][T10747] usb 4-1: config 15 interface 0 altsetting 186 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 1124.389586][T10747] usb 4-1: config 15 interface 0 altsetting 186 endpoint 0x4 has invalid maxpacket 415, setting to 64 [ 1124.429929][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0xC, skipping [ 1124.467712][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0x4, skipping [ 1124.499836][T10747] usb 4-1: config 15 interface 0 altsetting 186 has an endpoint descriptor with address 0x6B, changing to 0xB [ 1124.531563][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0xB, skipping [ 1124.564474][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0x2, skipping [ 1124.593236][T10747] usb 4-1: config 15 interface 0 altsetting 186 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 1124.628298][T10747] usb 4-1: config 15 interface 0 altsetting 186 has an invalid descriptor for endpoint zero, skipping [ 1124.660556][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0xB, skipping [ 1124.692185][T10747] usb 4-1: config 15 interface 0 altsetting 186 has a duplicate endpoint with address 0x4, skipping [ 1124.734617][T10747] usb 4-1: config 15 interface 0 altsetting 186 has 12 endpoint descriptors, different from the interface descriptor's value: 34 [ 1124.769253][T10747] usb 4-1: config 15 interface 112 has no altsetting 0 [ 1124.819262][T10747] usb 4-1: config 15 interface 219 has no altsetting 0 [ 1124.852281][T10747] usb 4-1: config 15 interface 0 has no altsetting 0 [ 1124.916251][T10747] usb 4-1: New USB device found, idVendor=10c4, idProduct=84b6, bcdDevice=65.d6 [ 1124.930434][T10747] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1124.962437][T10747] usb 4-1: Product: ⦿嶖鞾琞퉶翩闏녝硏젿粶죙襡⺇ウ㗒ᬦ粡틣⦟鷍顼飕䟚怢膄䱟㮐锏골鑔닅㛱ᵥꗴ箏ﭦ규Ꙉ뷬貽容术敊뙳麣骒縊窛絕 [ 1125.018858][T10747] usb 4-1: Manufacturer: ᰊ [ 1125.028317][T10747] usb 4-1: SerialNumber: 봽嬝睕㬛﵋ꊇᎶ꯮䫁ខ爒➸쫭粂쉑覒㰴⧌黓嗽젠潪鋻뾈暱ᕅ䱋閼䨇憤렚燃䍨裱矜왶馍勬盥Є顷╲ꢧ薸Å僚䛎㞰㽸ৢ኷矙⌲黰ꢼ젝ḃ峐뛗⾮읕Ⱀ㛳쳅㮼ᠯ须쪄㲋秡苿笠覟ㇼ{䐩㝰蚦뎊ᐟ㦽玷⥤鱣羠马冡㊌㬊퀓亸ꢻ⼂蝹⩩ꀕ菒ꖝ泌㨱傃慬 [ 1125.307047][T10747] usb 4-1: can't set config #15, error -71 [ 1125.323961][T10747] usb 4-1: USB disconnect, device number 48 [ 1126.393254][T10435] Bluetooth: hci3: command tx timeout [ 1126.400249][ T29] audit: type=1326 audit(1725458860.544:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1126.694719][ T29] audit: type=1326 audit(1725458860.544:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1126.857112][ T29] audit: type=1326 audit(1725458860.554:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1126.932954][ T29] audit: type=1326 audit(1725458860.554:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.066718][ T29] audit: type=1326 audit(1725458860.554:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.143940][ T29] audit: type=1326 audit(1725458860.554:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.204259][ T29] audit: type=1326 audit(1725458860.564:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.229925][ T29] audit: type=1326 audit(1725458860.564:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.282448][ T29] audit: type=1326 audit(1725458860.564:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.307748][ T29] audit: type=1326 audit(1725458860.564:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13310 comm="syz.0.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512397cef9 code=0x7ffc0000 [ 1127.323380][T10747] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 1127.480761][T13321] zonefs (nbd0) ERROR: Not a zoned block device [ 1127.545389][T10747] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1127.556081][T10747] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1127.578895][T10747] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1127.614399][T10747] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1127.655586][T10747] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1127.664944][T10747] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1127.699924][T10747] usb 4-1: Product: syz [ 1127.704230][T10747] usb 4-1: Manufacturer: syz [ 1127.731631][T10747] cdc_wdm 4-1:1.0: skipping garbage [ 1127.749374][T10747] cdc_wdm 4-1:1.0: skipping garbage [ 1127.765445][T10747] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 1127.772962][T10747] cdc_wdm 4-1:1.0: Unknown control protocol [ 1127.863923][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1127.906030][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1127.931070][T13318] FAULT_INJECTION: forcing a failure. [ 1127.931070][T13318] name failslab, interval 1, probability 0, space 0, times 0 [ 1127.956473][T13318] CPU: 1 UID: 0 PID: 13318 Comm: syz.3.1196 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1127.961857][ T53] bond0 (unregistering): Released all slaves [ 1127.967302][T13318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1127.967318][T13318] Call Trace: [ 1127.967327][T13318] [ 1127.967338][T13318] dump_stack_lvl+0x16c/0x1f0 [ 1127.967372][T13318] should_fail_ex+0x497/0x5b0 [ 1127.967400][T13318] ? fs_reclaim_acquire+0xae/0x160 [ 1127.967435][T13318] should_failslab+0xc2/0x120 [ 1127.967462][T13318] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 1127.967499][T13318] ? getname_flags.part.0+0x4c/0x550 [ 1127.967541][T13318] ? vfs_write+0x14d/0x1140 [ 1127.967571][T13318] getname_flags.part.0+0x4c/0x550 [ 1127.967608][T13318] getname+0x8d/0xe0 [ 1128.033032][T13318] do_sys_openat2+0x104/0x1e0 [ 1128.037759][T13318] ? __pfx_do_sys_openat2+0x10/0x10 [ 1128.043094][T13318] __x64_sys_openat+0x175/0x210 [ 1128.047973][T13318] ? __pfx___x64_sys_openat+0x10/0x10 [ 1128.053358][T13318] ? ksys_write+0x1ab/0x260 [ 1128.057980][T13318] do_syscall_64+0xcd/0x250 [ 1128.062492][T13318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1128.068388][T13318] RIP: 0033:0x7f214a57b890 [ 1128.072814][T13318] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 1128.092416][T13318] RSP: 002b:00007f214b436b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1128.100828][T13318] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f214a57b890 [ 1128.108803][T13318] RDX: 0000000000000002 RSI: 00007f214b436c10 RDI: 00000000ffffff9c [ 1128.116869][T13318] RBP: 00007f214b436c10 R08: 0000000000000000 R09: 00007f214b436987 [ 1128.124843][T13318] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1128.132810][T13318] R13: 0000000000000000 R14: 00007f214a735f80 R15: 00007ffed5c01408 [ 1128.140846][T13318] [ 1128.182066][T10876] usb 4-1: USB disconnect, device number 49 [ 1128.347961][ T3026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1128.367814][ T3026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1128.466462][T10435] Bluetooth: hci3: command tx timeout [ 1128.517096][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1128.529534][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.551485][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1128.562322][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.588876][T12964] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1128.858536][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1128.884164][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.913347][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1128.926604][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.972174][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1128.988038][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1129.002636][T12964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1129.032966][T12964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1129.101795][T12964] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1129.324297][T12964] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1129.338526][T12964] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1129.359803][T12964] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1129.368846][T12964] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1129.383237][T10876] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 1129.441862][ T53] hsr_slave_0: left promiscuous mode [ 1129.449118][ T53] hsr_slave_1: left promiscuous mode [ 1129.458370][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1129.465884][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1129.479346][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1129.489056][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1129.514658][ T53] veth1_macvtap: left promiscuous mode [ 1129.520213][ T53] veth0_macvtap: left promiscuous mode [ 1129.526486][ T53] veth1_vlan: left promiscuous mode [ 1129.531835][ T53] veth0_vlan: left promiscuous mode [ 1129.590783][T10876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1129.611620][T10876] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1129.621367][T10876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1129.635996][T10876] usb 4-1: config 0 descriptor?? [ 1129.915936][T13324] input: syz0 as /devices/virtual/input/input39 [ 1129.973922][T10876] usb 4-1: USB disconnect, device number 50 [ 1130.360197][ T53] team0 (unregistering): Port device team_slave_1 removed [ 1130.430671][ T53] team0 (unregistering): Port device team_slave_0 removed [ 1130.534059][T10435] Bluetooth: hci3: command tx timeout [ 1131.347819][T13330] FAULT_INJECTION: forcing a failure. [ 1131.347819][T13330] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1131.396530][T13272] chnl_net:caif_netlink_parms(): no params data found [ 1131.412116][T13330] CPU: 1 UID: 0 PID: 13330 Comm: syz.0.1199 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1131.422936][T13330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1131.433023][T13330] Call Trace: [ 1131.436495][T13330] [ 1131.439547][T13330] dump_stack_lvl+0x16c/0x1f0 [ 1131.444272][T13330] should_fail_ex+0x497/0x5b0 [ 1131.448994][T13330] _copy_from_user+0x30/0xf0 [ 1131.453619][T13330] move_addr_to_kernel+0x68/0x160 [ 1131.458677][T13330] __sys_bind+0xc4/0x220 [ 1131.462932][T13330] ? __pfx___sys_bind+0x10/0x10 [ 1131.467802][T13330] ? __pfx_ksys_write+0x10/0x10 [ 1131.472658][T13330] __x64_sys_bind+0x72/0xb0 [ 1131.477168][T13330] ? lockdep_hardirqs_on+0x7c/0x110 [ 1131.482381][T13330] do_syscall_64+0xcd/0x250 [ 1131.486898][T13330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1131.492880][T13330] RIP: 0033:0x7f512397cef9 [ 1131.497301][T13330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1131.516917][T13330] RSP: 002b:00007f5124813038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 1131.525334][T13330] RAX: ffffffffffffffda RBX: 00007f5123b35f80 RCX: 00007f512397cef9 [ 1131.533309][T13330] RDX: 0000000000000010 RSI: 0000000020000540 RDI: 0000000000000005 [ 1131.541296][T13330] RBP: 00007f5124813090 R08: 0000000000000000 R09: 0000000000000000 [ 1131.549364][T13330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1131.557344][T13330] R13: 0000000000000000 R14: 00007f5123b35f80 R15: 00007ffc32e76ba8 [ 1131.565336][T13330] [ 1131.652488][T10855] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1131.712520][T10855] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1131.821202][T11777] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1131.952946][T11777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1131.963708][ T9449] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 1132.185172][ T9449] usb 1-1: device descriptor read/64, error -71 [ 1132.593313][ T9449] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 1132.826914][T13341] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1201'. [ 1132.882570][T13272] bridge0: port 1(bridge_slave_0) entered blocking state [ 1132.902514][ T9449] usb 1-1: device descriptor read/64, error -71 [ 1132.924984][T13272] bridge0: port 1(bridge_slave_0) entered disabled state [ 1132.953416][T13272] bridge_slave_0: entered allmulticast mode [ 1132.975683][T13272] bridge_slave_0: entered promiscuous mode [ 1132.995030][T10647] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1133.026368][T10647] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1133.036991][T10647] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1133.038152][T13272] bridge0: port 2(bridge_slave_1) entered blocking state [ 1133.052704][T13272] bridge0: port 2(bridge_slave_1) entered disabled state [ 1133.060389][ T9449] usb usb1-port1: attempt power cycle [ 1133.066245][T10647] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1133.066780][T13272] bridge_slave_1: entered allmulticast mode [ 1133.080605][T10647] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1133.082439][T13272] bridge_slave_1: entered promiscuous mode [ 1133.111516][T10647] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1133.282737][T13272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1133.307392][T13272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1133.493465][ T9449] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 1133.546872][ T9449] usb 1-1: device descriptor read/8, error -71 [ 1133.608838][T13272] team0: Port device team_slave_0 added [ 1134.226611][T13272] team0: Port device team_slave_1 added [ 1134.448652][T13272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1134.460099][T13272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1134.488627][T13272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1134.505617][T13272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1134.512652][T13272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1134.539722][T13272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1134.594819][ T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1134.694564][T13272] hsr_slave_0: entered promiscuous mode [ 1134.701019][T13272] hsr_slave_1: entered promiscuous mode [ 1134.708217][T13272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1134.717962][T13272] Cannot create hsr debugfs directory [ 1134.768910][ T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1134.930609][ T53] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1135.046738][ T53] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1135.254529][T10435] Bluetooth: hci1: command tx timeout [ 1135.527670][T13347] chnl_net:caif_netlink_parms(): no params data found [ 1135.598287][ T53] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1135.708967][ T53] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1135.838353][ T53] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1135.855808][T13347] bridge0: port 1(bridge_slave_0) entered blocking state [ 1135.863233][T13347] bridge0: port 1(bridge_slave_0) entered disabled state [ 1135.870625][T13347] bridge_slave_0: entered allmulticast mode [ 1135.879937][T13347] bridge_slave_0: entered promiscuous mode [ 1135.889381][T13347] bridge0: port 2(bridge_slave_1) entered blocking state [ 1135.902561][T13347] bridge0: port 2(bridge_slave_1) entered disabled state [ 1135.909900][T13347] bridge_slave_1: entered allmulticast mode [ 1135.917071][T13347] bridge_slave_1: entered promiscuous mode [ 1136.137612][ T53] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1136.373328][ T9449] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 1136.394071][T13347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1136.470160][T13347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1137.174442][T10647] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1137.186218][T10647] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1137.196133][T10647] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1137.205271][T10647] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1137.215675][T10647] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1137.226528][T10647] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1137.334003][ T9449] usb 1-1: Using ep0 maxpacket: 16 [ 1137.336068][T10647] Bluetooth: hci1: command tx timeout [ 1137.383426][ T9449] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 1137.403423][T13347] team0: Port device team_slave_0 added [ 1137.487852][ T9449] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0 [ 1137.719254][ T9449] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1138.133108][ T9449] usb 1-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 1138.180266][ T9449] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1138.193096][ T9449] usb 1-1: Product: syz [ 1138.198183][ T9449] usb 1-1: Manufacturer: syz [ 1138.202206][T13347] team0: Port device team_slave_1 added [ 1138.203499][ T9449] usb 1-1: SerialNumber: syz [ 1138.245638][ T9449] usb 1-1: config 0 descriptor?? [ 1138.254181][ T9449] port100 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 1138.480716][ T53] bridge_slave_1: left allmulticast mode [ 1138.487432][ T53] bridge_slave_1: left promiscuous mode [ 1138.512102][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 1138.574456][ T53] bridge_slave_0: left allmulticast mode [ 1138.580168][ T53] bridge_slave_0: left promiscuous mode [ 1138.614152][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 1138.672267][ T53] bridge_slave_1: left allmulticast mode [ 1138.682923][ T53] bridge_slave_1: left promiscuous mode [ 1138.705978][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 1138.729963][ T53] bridge_slave_0: left allmulticast mode [ 1138.737773][ T53] bridge_slave_0: left promiscuous mode [ 1138.745903][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 1138.759482][T13398] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.1207'. [ 1138.799470][T13398] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1139.333365][T10647] Bluetooth: hci2: command tx timeout [ 1139.413565][T10647] Bluetooth: hci1: command tx timeout [ 1140.440747][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1140.472142][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1140.486436][ T53] bond0 (unregistering): Released all slaves [ 1140.702918][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1140.718005][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1140.729515][ T53] bond0 (unregistering): Released all slaves [ 1140.788558][ T5322] usb 1-1: USB disconnect, device number 37 [ 1140.930039][T13347] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1140.937466][T13347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1140.967354][T13347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1140.981604][T13347] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1141.000091][T13347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1141.081546][T13347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1141.972379][T10647] Bluetooth: hci2: command tx timeout [ 1141.978213][T10435] Bluetooth: hci1: command tx timeout [ 1142.063998][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 1142.064042][ T29] audit: type=1400 audit(1725458876.314:1725): avc: denied { nlmsg_read } for pid=13417 comm="syz.3.1209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1142.594972][T13419] FAULT_INJECTION: forcing a failure. [ 1142.594972][T13419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1142.609831][T13419] CPU: 0 UID: 0 PID: 13419 Comm: syz.3.1209 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1142.620730][T13419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1142.630781][T13419] Call Trace: [ 1142.634058][T13419] [ 1142.636984][T13419] dump_stack_lvl+0x16c/0x1f0 [ 1142.641659][T13419] should_fail_ex+0x497/0x5b0 [ 1142.646374][T13419] _copy_from_user+0x30/0xf0 [ 1142.650984][T13419] do_tcp_setsockopt+0x6a8/0x2660 [ 1142.656238][T13419] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 1142.661785][T13419] ? sock_has_perm+0x25a/0x2f0 [ 1142.666553][T13419] ? __pfx_sock_has_perm+0x10/0x10 [ 1142.671671][T13419] ? selinux_netlbl_socket_setsockopt+0x142/0x420 [ 1142.678173][T13419] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1142.684938][T13419] ? find_held_lock+0x2d/0x110 [ 1142.689697][T13419] tcp_setsockopt+0xe2/0x100 [ 1142.694326][T13419] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 1142.699891][T13419] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1142.705799][T13419] do_sock_setsockopt+0x222/0x480 [ 1142.710841][T13419] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1142.716395][T13419] ? __fget_light+0x173/0x210 [ 1142.721163][T13419] __sys_setsockopt+0x1a4/0x270 [ 1142.726040][T13419] ? __pfx___sys_setsockopt+0x10/0x10 [ 1142.731428][T13419] ? fput+0x32/0x390 [ 1142.735333][T13419] ? ksys_write+0x1ab/0x260 [ 1142.739836][T13419] ? __pfx_ksys_write+0x10/0x10 [ 1142.744686][T13419] __x64_sys_setsockopt+0xbd/0x160 [ 1142.749824][T13419] ? do_syscall_64+0x91/0x250 [ 1142.754533][T13419] ? lockdep_hardirqs_on+0x7c/0x110 [ 1142.759738][T13419] do_syscall_64+0xcd/0x250 [ 1142.764250][T13419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.770237][T13419] RIP: 0033:0x7f214a57cef9 [ 1142.774647][T13419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1142.794257][T13419] RSP: 002b:00007f214b416038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1142.802672][T13419] RAX: ffffffffffffffda RBX: 00007f214a736058 RCX: 00007f214a57cef9 [ 1142.810642][T13419] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000005 [ 1142.818608][T13419] RBP: 00007f214b416090 R08: 0000000000000004 R09: 0000000000000000 [ 1142.826581][T13419] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000001 [ 1142.834718][T13419] R13: 0000000000000000 R14: 00007f214a736058 R15: 00007ffed5c01408 [ 1142.842695][T13419] [ 1142.986416][T13272] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1143.175880][T13272] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1143.426149][T13347] hsr_slave_0: entered promiscuous mode [ 1143.438745][T13347] hsr_slave_1: entered promiscuous mode [ 1143.449126][T13347] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1143.458314][T13347] Cannot create hsr debugfs directory [ 1143.472791][T13272] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1143.525337][T13272] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1144.053281][T10647] Bluetooth: hci2: command tx timeout [ 1144.235168][ T53] hsr_slave_0: left promiscuous mode [ 1144.257164][ T53] hsr_slave_1: left promiscuous mode [ 1144.313329][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1144.323215][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1144.351333][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1144.373559][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1144.460512][ T53] hsr_slave_0: left promiscuous mode [ 1144.466865][ T53] hsr_slave_1: left promiscuous mode [ 1144.495637][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1144.516349][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1144.539535][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1144.556441][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1144.662717][ T53] veth1_macvtap: left promiscuous mode [ 1144.683486][ T53] veth0_macvtap: left promiscuous mode [ 1144.693277][ T53] veth1_vlan: left promiscuous mode [ 1144.698635][ T29] audit: type=1400 audit(1725458878.954:1726): avc: denied { read } for pid=13425 comm="syz.0.1211" name="rtc0" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 1144.698685][ T53] veth0_vlan: left promiscuous mode [ 1144.739728][T13427] SELinux: Context system_u: is not valid (left unmapped). [ 1144.753685][ T29] audit: type=1400 audit(1725458878.954:1727): avc: denied { open } for pid=13425 comm="syz.0.1211" path="/dev/rtc0" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 1144.790231][ T29] audit: type=1400 audit(1725458878.984:1728): avc: denied { ioctl } for pid=13425 comm="syz.0.1211" path="/dev/rtc0" dev="devtmpfs" ino=838 ioctlcmd=0x7008 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 1144.818174][ T53] veth1_macvtap: left promiscuous mode [ 1144.833121][ T53] veth0_macvtap: left promiscuous mode [ 1144.849101][ T53] veth1_vlan: left promiscuous mode [ 1144.870477][ T53] veth0_vlan: left promiscuous mode [ 1144.875774][ T29] audit: type=1400 audit(1725458878.994:1729): avc: denied { relabelfrom } for pid=13425 comm="syz.0.1211" name="" dev="pipefs" ino=59805 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 1144.903557][ T29] audit: type=1400 audit(1725458879.054:1730): avc: denied { relabelto } for pid=13425 comm="syz.0.1211" name="" dev="pipefs" ino=59805 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:" [ 1146.033642][T13445] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1146.090753][T13441] kvm: pic: non byte read [ 1146.096469][T13441] kvm: pic: level sensitive irq not supported [ 1146.096637][T13441] kvm: pic: non byte read [ 1146.107798][T13441] kvm: pic: level sensitive irq not supported [ 1146.107864][T13441] kvm: pic: non byte read [ 1146.144376][T10647] Bluetooth: hci2: command tx timeout [ 1146.522241][ T29] audit: type=1400 audit(1725458880.774:1731): avc: denied { setopt } for pid=13440 comm="syz.0.1213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1147.135098][ T53] team0 (unregistering): Port device team_slave_1 removed [ 1147.256106][ T53] team0 (unregistering): Port device team_slave_0 removed [ 1147.290318][T13455] qrtr: Invalid version 48 [ 1149.014998][ T53] team0 (unregistering): Port device team_slave_1 removed [ 1149.093460][ T53] team0 (unregistering): Port device team_slave_0 removed [ 1153.164291][T13383] chnl_net:caif_netlink_parms(): no params data found [ 1153.204146][T13494] FAULT_INJECTION: forcing a failure. [ 1153.204146][T13494] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1153.273107][T13494] CPU: 0 UID: 0 PID: 13494 Comm: syz.3.1221 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1153.283930][T13494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1153.294010][T13494] Call Trace: [ 1153.297314][T13494] [ 1153.300280][T13494] dump_stack_lvl+0x16c/0x1f0 [ 1153.304990][T13494] should_fail_ex+0x497/0x5b0 [ 1153.309710][T13494] _copy_from_user+0x30/0xf0 [ 1153.314339][T13494] __sys_bpf+0x21c/0x4a00 [ 1153.318696][T13494] ? ksys_write+0x21c/0x260 [ 1153.323231][T13494] ? reacquire_held_locks+0x4b0/0x4c0 [ 1153.328651][T13494] ? __pfx___sys_bpf+0x10/0x10 [ 1153.333447][T13494] ? vfs_write+0x14d/0x1140 [ 1153.337981][T13494] ? __mutex_unlock_slowpath+0x164/0x650 [ 1153.343673][T13494] ? fput+0x32/0x390 [ 1153.347604][T13494] ? ksys_write+0x1ab/0x260 [ 1153.352138][T13494] ? __pfx_ksys_write+0x10/0x10 [ 1153.357029][T13494] __x64_sys_bpf+0x78/0xc0 [ 1153.361484][T13494] ? lockdep_hardirqs_on+0x7c/0x110 [ 1153.366720][T13494] do_syscall_64+0xcd/0x250 [ 1153.371975][T13494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.372014][T13494] RIP: 0033:0x7f214a57cef9 [ 1153.372038][T13494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1153.372064][T13494] RSP: 002b:00007f214b437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1153.372091][T13494] RAX: ffffffffffffffda RBX: 00007f214a735f80 RCX: 00007f214a57cef9 [ 1153.372110][T13494] RDX: 0000000000000048 RSI: 00000000200000c0 RDI: 000000000000000a [ 1153.372128][T13494] RBP: 00007f214b437090 R08: 0000000000000000 R09: 0000000000000000 [ 1153.372146][T13494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1153.372163][T13494] R13: 0000000000000000 R14: 00007f214a735f80 R15: 00007ffed5c01408 [ 1153.372200][T13494] [ 1153.544047][T13498] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 1154.203945][T13272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1154.668837][T13272] 8021q: adding VLAN 0 to HW filter on device team0 [ 1155.537802][T13383] bridge0: port 1(bridge_slave_0) entered blocking state [ 1155.553777][T13383] bridge0: port 1(bridge_slave_0) entered disabled state [ 1155.573463][T13383] bridge_slave_0: entered allmulticast mode [ 1155.581549][T13383] bridge_slave_0: entered promiscuous mode [ 1155.615578][T13383] bridge0: port 2(bridge_slave_1) entered blocking state [ 1155.622759][T13383] bridge0: port 2(bridge_slave_1) entered disabled state [ 1155.637502][T13383] bridge_slave_1: entered allmulticast mode [ 1155.661100][T13383] bridge_slave_1: entered promiscuous mode [ 1155.967828][T13516] netlink: 'syz.0.1225': attribute type 1 has an invalid length. [ 1156.839357][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 1156.846625][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1156.896431][T13383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1156.927607][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state [ 1156.934746][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1157.003568][T13383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1157.174299][T13522] qrtr: Invalid version 48 [ 1157.554281][T13347] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1157.615441][T13383] team0: Port device team_slave_0 added [ 1157.756999][T13347] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1157.837114][T13383] team0: Port device team_slave_1 added [ 1157.930832][T13347] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1157.964574][T13347] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1158.158507][T13383] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1158.968921][T13383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1159.053080][T13383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1159.107864][T13383] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1159.115268][T13383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1159.141626][T13383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1159.322323][T13383] hsr_slave_0: entered promiscuous mode [ 1159.329810][T13383] hsr_slave_1: entered promiscuous mode [ 1159.338567][T13383] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1159.350147][T13383] Cannot create hsr debugfs directory [ 1159.433004][T10876] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 1159.650358][T10876] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1159.679715][T10876] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1159.724056][T10876] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1159.757521][T10876] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1159.785171][T10876] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1159.806847][T10876] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1159.821633][T10876] usb 4-1: Product: syz [ 1159.827359][T10876] usb 4-1: Manufacturer: syz [ 1159.839488][T10876] cdc_wdm 4-1:1.0: skipping garbage [ 1159.852417][T10876] cdc_wdm 4-1:1.0: skipping garbage [ 1159.899791][T10876] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 1159.913970][T10876] cdc_wdm 4-1:1.0: Unknown control protocol [ 1160.049191][T13544] FAULT_INJECTION: forcing a failure. [ 1160.049191][T13544] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.062526][T13544] CPU: 1 UID: 0 PID: 13544 Comm: syz.3.1228 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1160.073410][T13544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1160.083586][T13544] Call Trace: [ 1160.086891][T13544] [ 1160.089841][T13544] dump_stack_lvl+0x116/0x1f0 [ 1160.094557][T13544] should_fail_ex+0x497/0x5b0 [ 1160.099288][T13544] should_failslab+0xc2/0x120 [ 1160.104026][T13544] __kmalloc_noprof+0xcb/0x400 [ 1160.108858][T13544] raw_event_queue_add+0x82/0x220 [ 1160.114292][T13544] ? __pfx_gadget_suspend+0x10/0x10 [ 1160.119526][T13544] gadget_suspend+0x5a/0x130 [ 1160.124144][T13544] ? __pfx_gadget_suspend+0x10/0x10 [ 1160.129348][T13544] set_link_state+0xa23/0xee0 [ 1160.134044][T13544] dummy_pullup+0x11f/0x270 [ 1160.138731][T13544] ? __pfx_dummy_pullup+0x10/0x10 [ 1160.143762][T13544] usb_gadget_disconnect_locked+0x13f/0x4e0 [ 1160.149677][T13544] gadget_unbind_driver+0xd7/0x4e0 [ 1160.154805][T13544] ? kernfs_remove_by_name_ns+0xe8/0x130 [ 1160.160440][T13544] ? __pfx_gadget_unbind_driver+0x10/0x10 [ 1160.166274][T13544] device_remove+0xc8/0x170 [ 1160.170898][T13544] device_release_driver_internal+0x44a/0x610 [ 1160.177169][T13544] driver_detach+0xd8/0x1b0 [ 1160.181685][T13544] ? __pfx_raw_release+0x10/0x10 [ 1160.186622][T13544] bus_remove_driver+0x13b/0x2c0 [ 1160.191584][T13544] driver_unregister+0x76/0xb0 [ 1160.196445][T13544] usb_gadget_unregister_driver+0x49/0x70 [ 1160.202171][T13544] raw_release+0x1b4/0x2c0 [ 1160.206592][T13544] __fput+0x408/0xbb0 [ 1160.210600][T13544] task_work_run+0x14e/0x250 [ 1160.215210][T13544] ? __pfx_task_work_run+0x10/0x10 [ 1160.220341][T13544] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1160.225986][T13544] do_syscall_64+0xda/0x250 [ 1160.230502][T13544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1160.236399][T13544] RIP: 0033:0x7f214a57cef9 [ 1160.240827][T13544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1160.260483][T13544] RSP: 002b:00007f214b437038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1160.268992][T13544] RAX: 0000000000000000 RBX: 00007f214a735f80 RCX: 00007f214a57cef9 [ 1160.276965][T13544] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 1160.285024][T13544] RBP: 00007f214b437090 R08: 0000000000000000 R09: 0000000000000000 [ 1160.292995][T13544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1160.300984][T13544] R13: 0000000000000000 R14: 00007f214a735f80 R15: 00007ffed5c01408 [ 1160.308991][T13544] [ 1160.312127][T13544] raw-gadget.0 gadget.3: failed to queue suspend event [ 1160.350967][T10747] usb 4-1: USB disconnect, device number 51 [ 1160.546842][T13272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1160.690078][T10647] Bluetooth: hci4: unexpected event for opcode 0x0c12 [ 1161.082628][T13347] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1161.175477][T13272] veth0_vlan: entered promiscuous mode [ 1161.255682][T13272] veth1_vlan: entered promiscuous mode [ 1161.367549][T13347] 8021q: adding VLAN 0 to HW filter on device team0 [ 1161.578168][T13578] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1232'. [ 1161.588462][T13578] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1232'. [ 1161.632543][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 1161.640031][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1161.692311][T13383] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1161.729047][T13383] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1161.768631][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 1161.775796][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1161.820461][T13272] veth0_macvtap: entered promiscuous mode [ 1161.838903][T13383] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1161.919042][T13383] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1162.014548][T13272] veth1_macvtap: entered promiscuous mode [ 1162.625454][T13272] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1163.328678][T13272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1163.348112][T13272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1163.359642][T13272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1164.352503][T13272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1164.428971][T13272] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1164.472163][T13272] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.509553][T13272] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.518430][T13272] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.527321][T13272] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1165.952182][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1166.024388][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1166.132657][T13383] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1166.326622][T13383] 8021q: adding VLAN 0 to HW filter on device team0 [ 1166.405243][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 1166.412531][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1166.449102][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 1166.456381][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1166.553860][T13630] dlm: no local IP address has been set [ 1166.559999][T13630] dlm: cannot start dlm midcomms -107 [ 1166.708436][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1166.751180][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1166.763864][T13347] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1166.986424][T13636] qrtr: Invalid version 48 [ 1167.112494][T13347] veth0_vlan: entered promiscuous mode [ 1167.395394][T13347] veth1_vlan: entered promiscuous mode [ 1167.553197][ T8] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 1167.577526][ T54] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1167.805844][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1167.813510][ T54] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1167.853081][ T8] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1167.862173][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1167.898209][T13347] veth0_macvtap: entered promiscuous mode [ 1167.917070][ T8] usb 1-1: config 0 descriptor?? [ 1168.048126][ T54] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.106330][T13347] veth1_macvtap: entered promiscuous mode [ 1168.138193][T13643] input: syz0 as /devices/virtual/input/input40 [ 1168.196427][ T8] usb 1-1: USB disconnect, device number 38 [ 1168.262094][ T54] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.371694][T13383] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1168.391892][T13347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1168.411126][T13347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1168.439844][T13347] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1168.487076][T13347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1168.506637][T13347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1168.530310][T13347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1168.558371][T13347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1168.771304][T13347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1168.786907][T13347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1168.803976][T13347] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1169.546464][T13347] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.587618][T13347] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.612886][T13347] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.652285][T13347] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.684702][ T29] audit: type=1400 audit(1725458903.944:1732): avc: denied { ioctl } for pid=13674 comm="syz.3.1242" path="socket:[62497]" dev="sockfs" ino=62497 ioctlcmd=0x9436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 1169.992983][T10435] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1170.014535][T10435] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1170.307968][T10435] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1170.399986][T10435] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1170.436027][T10435] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1170.524319][T10435] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1170.653807][ T29] audit: type=1400 audit(1725458904.924:1733): avc: denied { connect } for pid=13684 comm="syz.0.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 1171.426151][ T29] audit: type=1326 audit(1725458905.694:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13689 comm="syz.3.1244" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x0 [ 1171.711313][ T54] bridge_slave_1: left allmulticast mode [ 1171.726671][ T54] bridge_slave_1: left promiscuous mode [ 1171.737581][ T54] bridge0: port 2(bridge_slave_1) entered disabled state [ 1171.766830][ T54] bridge_slave_0: left allmulticast mode [ 1171.772613][ T54] bridge_slave_0: left promiscuous mode [ 1171.881487][ T54] bridge0: port 1(bridge_slave_0) entered disabled state [ 1172.685606][T10435] Bluetooth: hci3: command tx timeout [ 1174.715302][T10435] Bluetooth: hci3: command tx timeout [ 1175.492526][ T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1175.505978][ T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1175.520845][ T54] bond0 (unregistering): Released all slaves [ 1175.609970][T13701] tipc: Started in network mode [ 1175.616159][T13701] tipc: Node identity , cluster identity 4711 [ 1175.622290][T13701] tipc: Failed to set node id, please configure manually [ 1175.652934][T13701] tipc: Enabling of bearer rejected, failed to enable media [ 1175.963219][ T3774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1175.983869][ T3774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1176.290359][ T29] audit: type=1326 audit(1725458910.464:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.371740][ T29] audit: type=1326 audit(1725458910.474:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.405202][ T29] audit: type=1326 audit(1725458910.474:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.506482][ T29] audit: type=1326 audit(1725458910.474:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.561232][ T29] audit: type=1326 audit(1725458910.474:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.610785][ T29] audit: type=1326 audit(1725458910.484:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.634896][ T5322] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 1176.729374][ T29] audit: type=1326 audit(1725458910.484:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.801868][ T29] audit: type=1326 audit(1725458910.484:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.832574][ T29] audit: type=1326 audit(1725458910.494:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.857260][ T5322] usb 1-1: Using ep0 maxpacket: 8 [ 1176.862529][T10435] Bluetooth: hci3: command tx timeout [ 1176.889003][ T5322] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 1176.929730][ T29] audit: type=1326 audit(1725458910.494:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x7ffc0000 [ 1176.934958][ T5322] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1177.040705][ T5322] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1177.051209][ T5322] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1177.061620][ T5322] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1177.061859][ T54] hsr_slave_0: left promiscuous mode [ 1177.076582][ T5322] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1177.091523][ T5322] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1177.091543][ T54] hsr_slave_1: left promiscuous mode [ 1177.134556][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1177.163090][ T54] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1177.171830][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1177.181797][ T54] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1177.219777][T13748] qrtr: Invalid version 48 [ 1177.242395][ T54] veth1_macvtap: left promiscuous mode [ 1177.251340][ T54] veth0_macvtap: left promiscuous mode [ 1177.266770][ T54] veth1_vlan: left promiscuous mode [ 1177.272780][ T54] veth0_vlan: left promiscuous mode [ 1177.358066][ T5322] usb 1-1: usb_control_msg returned -32 [ 1177.377795][ T5322] usbtmc 1-1:16.0: can't read capabilities [ 1177.831182][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.837918][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.216314][T13752] usbtmc 1-1:16.0: usb_control_msg returned -32 [ 1178.370035][T13743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1178.395922][T13743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1178.596667][ T54] team0 (unregistering): Port device team_slave_1 removed [ 1178.680765][ T54] team0 (unregistering): Port device team_slave_0 removed [ 1178.933056][T10435] Bluetooth: hci3: command tx timeout [ 1179.536226][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1179.544366][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1179.659663][T13383] veth0_vlan: entered promiscuous mode [ 1180.609018][T10876] usb 1-1: USB disconnect, device number 39 [ 1180.692166][T13383] veth1_vlan: entered promiscuous mode [ 1180.976127][T13677] chnl_net:caif_netlink_parms(): no params data found [ 1181.071984][T13383] veth0_macvtap: entered promiscuous mode [ 1181.139288][T13383] veth1_macvtap: entered promiscuous mode [ 1181.224075][T10876] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 1181.351964][T13677] bridge0: port 1(bridge_slave_0) entered blocking state [ 1181.373300][T13677] bridge0: port 1(bridge_slave_0) entered disabled state [ 1181.380505][T13677] bridge_slave_0: entered allmulticast mode [ 1181.407793][T13677] bridge_slave_0: entered promiscuous mode [ 1181.449210][T10876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1181.476023][T13383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1181.488895][T10876] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1181.495084][T13383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1181.513853][T13383] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1181.527598][T13383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1181.538499][T13383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1181.548942][T10876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1181.549397][T13383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1181.568924][T13383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1181.579143][T13383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1181.589867][T13383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1181.604978][T13383] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1181.616729][T10876] usb 1-1: config 0 descriptor?? [ 1181.621832][T13677] bridge0: port 2(bridge_slave_1) entered blocking state [ 1181.664785][T13677] bridge0: port 2(bridge_slave_1) entered disabled state [ 1181.672351][T13677] bridge_slave_1: entered allmulticast mode [ 1181.706345][T13677] bridge_slave_1: entered promiscuous mode [ 1181.800195][ T54] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1181.882438][T13765] input: syz0 as /devices/virtual/input/input41 [ 1181.883519][T13677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1181.908586][T13383] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.923592][T13383] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.932416][T13383] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.946311][T13383] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.999160][ T9449] usb 1-1: USB disconnect, device number 40 [ 1182.003515][ T54] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.042429][T13677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1182.182422][ T54] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.214299][T13677] team0: Port device team_slave_0 added [ 1182.258951][T13677] team0: Port device team_slave_1 added [ 1182.380886][ T54] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.419471][T13677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1182.427032][T13677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1182.462063][T13677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1182.500498][T13677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1182.519098][T13677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1182.577738][T13677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1182.724526][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1182.732390][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1182.732880][T13677] hsr_slave_0: entered promiscuous mode [ 1182.747592][T13677] hsr_slave_1: entered promiscuous mode [ 1182.754297][T13677] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1182.762037][T13677] Cannot create hsr debugfs directory [ 1182.899263][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1182.917780][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1183.037910][ T54] bridge_slave_1: left allmulticast mode [ 1183.046012][ T54] bridge_slave_1: left promiscuous mode [ 1183.051841][ T54] bridge0: port 2(bridge_slave_1) entered disabled state [ 1183.068219][ T54] bridge_slave_0: left allmulticast mode [ 1183.074237][ T54] bridge_slave_0: left promiscuous mode [ 1183.080037][ T54] bridge0: port 1(bridge_slave_0) entered disabled state [ 1183.585032][ T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1183.597683][ T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1183.611732][ T54] bond0 (unregistering): Released all slaves [ 1183.761024][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 1183.761042][ T29] audit: type=1326 audit(1725458918.024:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13799 comm="syz.3.1256" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f214a57cef9 code=0x0 [ 1184.937133][T13802] qrtr: Invalid version 48 [ 1185.517249][ T54] hsr_slave_0: left promiscuous mode [ 1185.541647][ T54] hsr_slave_1: left promiscuous mode [ 1185.568974][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1185.597590][ T54] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1185.637001][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1185.661412][ T54] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1185.683858][T10647] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1185.703237][T10647] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1185.712042][T10647] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1185.724098][T10647] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1185.734509][T10647] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1185.741907][T10647] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1185.810925][ T54] veth1_macvtap: left promiscuous mode [ 1185.818029][ T54] veth0_macvtap: left promiscuous mode [ 1185.827147][ T54] veth1_vlan: left promiscuous mode [ 1185.833067][ T54] veth0_vlan: left promiscuous mode [ 1186.907690][ T54] team0 (unregistering): Port device team_slave_1 removed [ 1186.968836][ T54] team0 (unregistering): Port device team_slave_0 removed [ 1187.629544][T13835] netlink: 'syz.0.1258': attribute type 25 has an invalid length. [ 1187.824770][T10647] Bluetooth: hci1: command tx timeout [ 1189.248404][T10435] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1189.266069][T10435] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1189.275730][T10435] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1189.289976][T10435] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1189.299738][T10435] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1189.310355][T10435] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1189.907311][T10435] Bluetooth: hci1: command tx timeout [ 1191.417036][T10435] Bluetooth: hci2: command tx timeout [ 1191.974170][T10435] Bluetooth: hci1: command tx timeout [ 1192.962896][ T5322] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 1193.092391][T13677] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1193.115445][T13677] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1193.153430][ T5322] usb 4-1: Using ep0 maxpacket: 8 [ 1193.167406][ T5322] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 1193.182062][T13818] chnl_net:caif_netlink_parms(): no params data found [ 1193.194205][ T5322] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1193.209171][ T5322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1193.219502][ T5322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1193.230891][ T5322] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1193.244665][T13677] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1193.253221][ T5322] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1193.262444][ T5322] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1193.274833][T13677] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1193.431064][T13843] chnl_net:caif_netlink_parms(): no params data found [ 1193.494840][T10435] Bluetooth: hci2: command tx timeout [ 1193.532424][ T5322] usb 4-1: usb_control_msg returned -32 [ 1193.577553][ T5322] usbtmc 4-1:16.0: can't read capabilities [ 1193.640158][ T54] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1193.881715][ T54] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1194.054922][ T54] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1194.066318][T10435] Bluetooth: hci1: command tx timeout [ 1194.217821][ T54] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1194.253224][T13818] bridge0: port 1(bridge_slave_0) entered blocking state [ 1194.270019][T13908] usbtmc 4-1:16.0: usb_control_msg returned -32 [ 1194.277353][T13818] bridge0: port 1(bridge_slave_0) entered disabled state [ 1194.297452][T13818] bridge_slave_0: entered allmulticast mode [ 1194.309275][T13818] bridge_slave_0: entered promiscuous mode [ 1194.327421][T13818] bridge0: port 2(bridge_slave_1) entered blocking state [ 1194.339183][T13818] bridge0: port 2(bridge_slave_1) entered disabled state [ 1194.348890][T13818] bridge_slave_1: entered allmulticast mode [ 1194.361302][T13818] bridge_slave_1: entered promiscuous mode [ 1194.471693][ T5276] usb 4-1: USB disconnect, device number 52 [ 1194.547430][T13843] bridge0: port 1(bridge_slave_0) entered blocking state [ 1194.581501][T13843] bridge0: port 1(bridge_slave_0) entered disabled state [ 1194.590138][T13843] bridge_slave_0: entered allmulticast mode [ 1194.600450][T13843] bridge_slave_0: entered promiscuous mode [ 1194.620240][T13843] bridge0: port 2(bridge_slave_1) entered blocking state [ 1194.636099][T13843] bridge0: port 2(bridge_slave_1) entered disabled state [ 1194.650593][T13843] bridge_slave_1: entered allmulticast mode [ 1194.668110][T13843] bridge_slave_1: entered promiscuous mode [ 1194.858819][T13818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1195.126680][T13920] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 1195.380164][T13818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1195.583502][T10435] Bluetooth: hci2: command tx timeout [ 1196.045717][T13843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1196.077641][T13843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1196.152794][ T5276] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 1196.163970][T13818] team0: Port device team_slave_0 added [ 1196.171028][ T54] bridge_slave_1: left allmulticast mode [ 1196.192051][ T54] bridge_slave_1: left promiscuous mode [ 1196.207126][ T54] bridge0: port 2(bridge_slave_1) entered disabled state [ 1196.226178][ T54] bridge_slave_0: left allmulticast mode [ 1196.232926][ T54] bridge_slave_0: left promiscuous mode [ 1196.239030][ T54] bridge0: port 1(bridge_slave_0) entered disabled state [ 1196.364973][ T5276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1196.403330][ T5276] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1196.428783][ T5276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1196.459491][ T5276] usb 4-1: config 0 descriptor?? [ 1196.731302][T13924] input: syz0 as /devices/virtual/input/input42 [ 1196.798504][ T5276] usb 4-1: USB disconnect, device number 53 [ 1197.179480][ T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1197.192052][ T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1197.207167][ T54] bond0 (unregistering): Released all slaves [ 1197.233773][T13930] tipc: Started in network mode [ 1197.238964][T13930] tipc: Node identity , cluster identity 4711 [ 1197.245176][T13930] tipc: Failed to set node id, please configure manually [ 1197.252257][T13930] tipc: Enabling of bearer rejected, failed to enable media [ 1197.272322][T13818] team0: Port device team_slave_1 added [ 1197.430078][T13843] team0: Port device team_slave_0 added [ 1197.457579][T13677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1197.531094][T13677] 8021q: adding VLAN 0 to HW filter on device team0 [ 1197.689737][T10435] Bluetooth: hci2: command tx timeout [ 1198.626225][T13843] team0: Port device team_slave_1 added [ 1198.664033][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 1198.671284][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1198.720065][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 1198.727353][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1198.771522][ T29] audit: type=1400 audit(1725458933.034:1760): avc: denied { read } for pid=13951 comm="syz.3.1271" name="btrfs-control" dev="devtmpfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 1198.795405][ C1] vkms_vblank_simulate: vblank timer overrun [ 1198.844097][ T29] audit: type=1400 audit(1725458933.034:1761): avc: denied { open } for pid=13951 comm="syz.3.1271" path="/dev/btrfs-control" dev="devtmpfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 1198.877057][ T29] audit: type=1400 audit(1725458933.074:1762): avc: denied { ioctl } for pid=13951 comm="syz.3.1271" path="/dev/btrfs-control" dev="devtmpfs" ino=1120 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 1198.990497][T13818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1198.998966][T13818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1199.027811][T13818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1199.041888][T13818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1199.049176][T13818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1199.075277][T13818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1199.448766][T13843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1199.461930][T13843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1199.496506][T13843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1199.547785][ T54] hsr_slave_0: left promiscuous mode [ 1199.569144][ T54] hsr_slave_1: left promiscuous mode [ 1199.578439][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1200.627465][ T54] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1200.647007][ T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1201.629261][ T54] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1205.622754][ T54] veth1_macvtap: left promiscuous mode [ 1205.640241][ T54] veth0_macvtap: left promiscuous mode [ 1206.632987][ T54] veth1_vlan: left promiscuous mode [ 1206.638550][ T54] veth0_vlan: left promiscuous mode [ 1239.613356][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.627100][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1240.640033][T10647] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1241.625091][T10647] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1242.633207][T10647] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1243.620921][T10647] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1243.630074][T10647] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1243.638100][T10647] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1247.620231][T10647] Bluetooth: hci4: command tx timeout [ 1248.634834][T10435] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1249.610738][T10435] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1249.622814][T10435] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1249.634504][T10435] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1249.642822][T10435] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1250.612458][ T5226] Bluetooth: hci4: command tx timeout [ 1250.620022][T10435] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1253.617249][T10647] Bluetooth: hci4: command tx timeout [ 1254.632503][T10647] Bluetooth: hci5: command tx timeout [ 1256.620137][T10647] Bluetooth: hci4: command tx timeout [ 1257.612485][T10647] Bluetooth: hci5: command tx timeout [ 1260.612879][T10647] Bluetooth: hci5: command tx timeout [ 1260.624121][T13968] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1260.637820][T13968] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1260.647421][T13968] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1261.640716][T13968] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1261.648912][T13968] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1262.614999][T13968] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1263.612957][T10647] Bluetooth: hci5: command tx timeout [ 1265.612464][T10647] Bluetooth: hci6: command tx timeout [ 1268.623244][T10647] Bluetooth: hci6: command tx timeout [ 1271.616872][T10647] Bluetooth: hci6: command tx timeout [ 1274.622305][T10647] Bluetooth: hci6: command tx timeout [ 1276.615986][T13968] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1276.632663][T13968] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1276.642076][T13968] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1277.633928][T13968] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1278.622751][T13968] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1278.630385][T13968] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1284.630736][T10647] Bluetooth: hci7: command tx timeout [ 1287.602834][T10647] Bluetooth: hci7: command tx timeout [ 1288.627182][T13968] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1288.639780][T13968] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1289.612403][T13968] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1290.628269][T13968] Bluetooth: hci7: command tx timeout [ 1290.642427][T10435] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1291.611720][T10435] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1291.619813][T10435] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1293.620834][T10647] Bluetooth: hci7: command tx timeout [ 1295.613091][T10647] Bluetooth: hci8: command tx timeout [ 1298.633515][T13968] Bluetooth: hci3: command 0x0406 tx timeout [ 1298.639691][T10647] Bluetooth: hci8: command tx timeout [ 1301.623911][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1301.630295][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1302.632186][T10435] Bluetooth: hci8: command tx timeout [ 1305.618200][T10435] Bluetooth: hci8: command tx timeout [ 1309.622881][T10647] Bluetooth: hci1: command 0x0406 tx timeout [ 1314.617280][T13968] Bluetooth: hci2: command 0x0406 tx timeout [ 1316.624209][T13968] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1316.636791][T13968] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1316.645430][T13968] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1319.618964][T13968] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1319.635896][T13968] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1319.645123][T13968] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1320.629128][T10435] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1320.645579][T10435] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1321.614493][T10435] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1321.626134][T10435] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1321.636274][T10435] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1321.645145][T10435] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1323.616706][T10647] Bluetooth: hci9: command tx timeout [ 1324.640537][ T54] team0 (unregistering): Port device team_slave_1 removed [ 1326.613090][T10435] Bluetooth: hci9: command tx timeout [ 1326.618702][T10435] Bluetooth: hci10: command tx timeout [ 1329.602197][T10435] Bluetooth: hci10: command tx timeout [ 1329.607780][T10435] Bluetooth: hci9: command tx timeout [ 1332.619526][T10435] Bluetooth: hci9: command tx timeout [ 1332.622061][T10647] Bluetooth: hci10: command tx timeout [ 1334.638986][ T54] team0 (unregistering): Port device team_slave_0 removed [ 1334.648046][T10435] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1335.622134][T13968] Bluetooth: hci10: command tx timeout [ 1335.631328][T13968] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1335.643501][T13968] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1336.612915][T13968] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1336.629516][T13968] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 1336.647956][T13968] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1341.618532][T10647] Bluetooth: hci11: command tx timeout [ 1344.619588][T10647] Bluetooth: hci11: command tx timeout [ 1347.612054][T10647] Bluetooth: hci11: command tx timeout [ 1350.612048][T10647] Bluetooth: hci11: command tx timeout [ 1353.616140][ T30] INFO: task kworker/u8:10:3774 blocked for more than 147 seconds. [ 1354.602061][ T30] Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 1354.609742][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1354.641886][ T30] task:kworker/u8:10 state:D stack:22336 pid:3774 tgid:3774 ppid:2 flags:0x00004000 [ 1355.639642][ T30] Workqueue: events_unbound linkwatch_event [ 1356.619481][ T30] Call Trace: [ 1356.635048][ T30] [ 1356.638047][ T30] __schedule+0xe37/0x5490 [ 1357.618725][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 1357.624128][ T30] ? __pfx___schedule+0x10/0x10 [ 1357.629031][ T30] ? schedule+0x298/0x350 [ 1357.634035][ T30] ? __pfx_lock_release+0x10/0x10 [ 1357.639104][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 1357.643902][ T30] ? __mutex_trylock_common+0x78/0x250 [ 1358.620735][ T30] schedule+0xe7/0x350 [ 1358.631917][ T30] schedule_preempt_disabled+0x13/0x30 [ 1358.637454][ T30] __mutex_lock+0x5b8/0x9c0 [ 1359.606107][ T30] ? linkwatch_event+0x51/0xc0 [ 1359.611041][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1359.616190][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1359.621262][ T30] ? __pfx_lock_release+0x10/0x10 [ 1359.626448][ T30] ? linkwatch_event+0x51/0xc0 [ 1359.631248][ T30] ? rtnl_lock+0x9/0x20 [ 1359.635527][ T30] linkwatch_event+0x51/0xc0 [ 1359.640149][ T30] ? __pfx_linkwatch_event+0x10/0x10 [ 1359.645560][ T30] ? rcu_is_watching+0x12/0xc0 [ 1360.621102][ T30] process_one_work+0x9c5/0x1b40 [ 1360.641903][ T30] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 1360.647607][ T30] ? __pfx_process_one_work+0x10/0x10 [ 1361.644312][ T30] ? assign_work+0x1a0/0x250 [ 1361.649063][ T30] worker_thread+0x6c8/0xed0 [ 1362.612689][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.619060][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.630235][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1362.635513][ T30] kthread+0x2c1/0x3a0 [ 1362.639615][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1362.644984][ T30] ? __pfx_kthread+0x10/0x10