last executing test programs: 4.863159283s ago: executing program 4 (id=299): r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x2802, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$inet(0x2, 0x6, 0x0) shutdown(r1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x14}) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, 0x0) r3 = add_key$keyring(0x0, &(0x7f0000000440)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key(0x0, 0x0, 0x0, 0x0, r3) r4 = socket$inet_smc(0x2b, 0x1, 0x0) sendto$inet(r4, 0x0, 0x0, 0x4800, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10) shutdown(r4, 0x1) 4.448210574s ago: executing program 4 (id=303): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9c, 0x32, 0x3f, 0x8, 0x4a5, 0x3003, 0x3ab2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x2, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x28, 0xf0, 0xf6}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000940)={0xc, 0x0, &(0x7f0000000900)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x340a}}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 3.687536056s ago: executing program 0 (id=307): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}, {0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xd4}}, 0x0) 3.56545278s ago: executing program 0 (id=308): r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x5) ioctl$sock_SIOCOUTQ(r0, 0x8905, 0x0) 3.403425744s ago: executing program 3 (id=311): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) syz_emit_ethernet(0x68, &(0x7f0000000700)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x5a, 0x3, 0x4000, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x80}, {"7110c2028b043cea00007298e2a21e634e3c7f9b330fb588f2a2bd061906c07edcdc354f46b6390346ad3a9ddc5876dc9411"}}}}}}, 0x0) 3.402889631s ago: executing program 0 (id=312): prctl$PR_TASK_PERF_EVENTS_DISABLE(0x22) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x2, 0x0, 0x1, 0x9}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9}) io_uring_enter(r0, 0x20003d16, 0x80000, 0x0, 0x0, 0x0) io_setup(0x2, &(0x7f0000000540)=0x0) io_pgetevents(r3, 0x6, 0x6, &(0x7f0000000bc0)=[{}, {}, {}, {}, {}, {}], 0x0, 0x0) 3.353598753s ago: executing program 3 (id=313): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e2793f10d10501200002000000010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x18, &(0x7f0000000180)={0x20, 0x3, 0x2, '{\"'}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 2.705093321s ago: executing program 2 (id=315): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000003c80)={0x0, 0x0, &(0x7f0000003c40)={&(0x7f0000000280)={{0x14}, [], {0x14}}, 0x28}}, 0x0) 2.666310779s ago: executing program 1 (id=316): unshare(0x20000400) pipe(&(0x7f0000000100)={0xffffffffffffffff}) tee(r0, 0xffffffffffffffff, 0x3, 0x0) 2.576170829s ago: executing program 4 (id=317): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') fchdir(r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) 2.540976984s ago: executing program 2 (id=318): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_emit_ethernet(0x94, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x5, 0x86, 0x68, 0x0, 0x7, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}, @dev={0xac, 0x14, 0x14, 0x23}}, {0x4e23, 0x4e24, 0x72, 0x0, @opaque="f4af30d8900ca44debfc1ed31c963d65172b210e6d44e95925ab28273086b004519b82d905dafe8926c33e977afab17c03610b74a230c6b268db05169ee1a4544b31213394d2a2ec0e34d26de25c0a1b2e92e86f666ab0e117e6fd443b3eaa5352743698052e63ca7325"}}}}}, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, 0x0) ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r2 = socket$inet(0xa, 0x801, 0x84) ioctl$int_in(r2, 0x5452, 0x0) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x5) getrusage(0x1, &(0x7f0000000540)) r3 = accept4(r2, 0x0, 0x0, 0x0) r4 = fsopen(&(0x7f0000000000)='affs\x00', 0x1) r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x80200, 0x20, 0x11}, 0x18) fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, 0x0, &(0x7f00000000c0)='./file0\x00', r5) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0xf1, 0xc, 0x2, 0xff, 0xa7, 0x80, 0x0, 0x0, 0x7, 0x8, 0x0, 0x6, 0x3, 0x20}, 0xe) 2.499582891s ago: executing program 1 (id=319): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}, {0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xc0}}, 0x0) 2.236054413s ago: executing program 4 (id=320): r0 = socket$nl_route(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f0000000000)={0x0, 0xf2a9, 0x7, 0x10000, 0xff, 0x1, 0x3f80, 0x5}, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="78000000100001040000", @ANYRES32=r2, @ANYBLOB="60300300001400005800128009000100626f6e6400000000480002802c0008"], 0x78}}, 0x0) 2.174648876s ago: executing program 1 (id=321): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$peeksig(0x4209, r0, &(0x7f0000000000)={0x10000, 0xd8d175e601c06e2f}, 0x0) 1.743604335s ago: executing program 2 (id=322): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}}], {0x14}}, 0x5c}}, 0x0) 1.696862493s ago: executing program 0 (id=323): r0 = syz_io_uring_setup(0xec7, &(0x7f00000003c0)={0x0, 0x4bb6}, &(0x7f00000002c0)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) 1.540087205s ago: executing program 2 (id=324): r0 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b00000001a007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d522ac78876a4595146add31b35355848794ca3f8b38aef1e114ab9fb0200000000000000a3b0c81c6f8144e74fe13b80ca46c1a6c04ad73c9d44b605f900"/156, 0x9c}, {&(0x7f00000001c0)="68cabf2dfb58fc0af787a8ffff0200258f00", 0x12}], 0x2}, 0x40004000) 1.523592375s ago: executing program 1 (id=325): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007100000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 1.467261227s ago: executing program 0 (id=326): setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1a}}], 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.423105452s ago: executing program 2 (id=327): socket$packet(0x11, 0xa, 0x300) r0 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r0, &(0x7f0000003080)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000001b40)=[{&(0x7f00000007c0)="451fb88ae975f58b82298dca2a6ee73f3cb4da03d559c14582e34297893c5f4fee2bf9d29330a460441f8cf14b0db1f32807d00c8ebdd96da9b1f10d67bb1302d966b57255173f30cbca9833", 0x4c}, {&(0x7f00000003c0)="d52e92474549bd65ef6523dc5df08533801fbfe79baa95b6da9ee1f1803bd2c5447f92f8f5ad1c2db22485cd893ba9a2b93927395305506d3a98fc5d0acb4dc7bc7f2976bfb8718b4fb05ab6d2f244ce6bb844f9489464eb2ee9083b0d3b9da2c3e6a0c0cd6a902c7a9ad950eb3f4f086d0300000000000000", 0x79}, {&(0x7f0000000a40)="13ab3eeee593968811a98ce0eb08018efc054c8faeba6abd27c981fdbba854db371d3ef85fff0c5a815bce21f63166c801401f654ac3fd484338b4ccb726d2eb2e87f4a952aab9c6ab538365407a9b5b3f5d19b4d7d9afc8072d1d259130729a6745080c9db7398d70da7c1db8bc139e937a2a41f903526d5e15b06b01a068396389ed6dde3749593c274c153ecfa407e7aeb7f20f2eb436898fac9f0724b1894b286db08902dee46666f3af3c6a667eefa37e7eba83b8ddf74f0127ef456502cb08b0dcd36ff606a82b01910f", 0xcd}, {&(0x7f0000000b40)}, {&(0x7f0000000440)}, {0x0}], 0x6}}, {{&(0x7f0000000080)={0xa, 0xfffd, 0x6, @mcast2, 0x2}, 0x1c, &(0x7f0000002f40)=[{&(0x7f0000002e80)}], 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="1400000000000000290000000800000000000000000000002e1dcf9d80782b6a2d6fda419b6ab5766ac80f59d18cc593d0936f5261ab4f698145192b622bc513a4d83ef600c1eec8ceabdbe76b95792976fb71e116719f0a18da3bdee9fcb8cd8cc440c07c5ca4"], 0x18}}], 0x3, 0x0) 1.25179708s ago: executing program 1 (id=328): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r5 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$UHID_CREATE(r5, &(0x7f0000002a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000080)=""/58, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x1ff}}, 0x11c) readv(r5, &(0x7f0000000400), 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r6, &(0x7f000000a400)={0x2020, 0x0, 0x0}, 0x2028) quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000180)=@filename='./file0/file0\x00', 0x0, 0x0) syz_fuse_handle_req(r6, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x4, 0x1, 0x0, 0x0, {0x0, 0x40000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6000, 0x3, 0x0, 0x0, 0x801}}}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130}}) write$FUSE_INIT(r6, &(0x7f0000000340)={0x50, 0x0, r7}, 0x50) openat$ptp0(0xffffff9c, &(0x7f0000000080), 0x400, 0x0) r8 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r8, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010101, 0x0, 0x2, 'fo\x00', 0x0, 0x20}, 0x2c) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x1c, 0x18, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x58}}, 0x0) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r11 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x2, 0x810, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000180)="396f6a6f828dc5a30e2567c5857e2e869361f5cd915d9f2baa77d7df5e41df800f05d383485a76a57c957073e4a1309f9d7bb136a721587e7b25383905a905f092aabf7c052b790e", 0x0, 0x48) r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r12, 0x4048aecb, &(0x7f0000000040)={0x6, 0x0, [{0x7}, {}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x6}, {0x1, 0xfffffffb, 0x0, 0x9, 0x1, 0x80000001, 0x8}, {0xc0000000, 0x4, 0x1, 0x5, 0x3, 0x7f, 0x4}]}) setsockopt$IP_VS_SO_SET_ADD(r8, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r8, 0x0, 0x485, 0x0, 0x0) 1.24186767s ago: executing program 2 (id=329): socket$inet6_tcp(0xa, 0x1, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000800000009500"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000240), 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, 0x0) syz_mount_image$fuse(&(0x7f0000000040), 0x0, 0x0, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000001940)="1f18e395312d0af6d9de516f9695d0191a15a3d0c6def581b80f341767d56ac6", 0x20) r6 = accept4(r5, 0x0, 0x0, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r7, r6, 0x0, 0x8f) setsockopt(r4, 0x84, 0x81, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r4, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f00000001c0), &(0x7f0000000180)=0x8) 1.200080175s ago: executing program 3 (id=330): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810540010000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) 1.113603537s ago: executing program 3 (id=331): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}, {0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xc0}}, 0x0) 834.273721ms ago: executing program 3 (id=332): syz_io_uring_submit(0x0, 0x0, 0x0) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", "5161dc20", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]}) r1 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02) ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000d40)={0x0, 0x0, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"}) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x5, 0x0, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "bf513d1d", "136712b9", ["27e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", "cb0e83d3a15978155c384d00", "79f56ca74227234da829edb7"]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000200)={0xffffffffffffffff}) close_range(r4, 0xffffffffffffffff, 0x0) 833.477088ms ago: executing program 4 (id=333): recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000600)}, 0x100) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x13, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/237, 0xe}], 0x4) r1 = socket$kcm(0x2, 0xa, 0x2) r2 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 651.840575ms ago: executing program 3 (id=334): prctl$PR_TASK_PERF_EVENTS_DISABLE(0x22) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x2, 0x0, 0x1, 0x9}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9}) io_uring_enter(r0, 0x20003d16, 0x80000, 0x0, 0x0, 0x0) io_setup(0x2, &(0x7f0000000540)=0x0) io_pgetevents(r3, 0x6, 0x6, &(0x7f0000000bc0)=[{}, {}, {}, {}, {}, {}], 0x0, 0x0) 243.150767ms ago: executing program 4 (id=335): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) 235.138147ms ago: executing program 0 (id=336): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c) sendto$inet6(r0, &(0x7f00000000c0)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x8, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000240)={0x0, 0x2}, &(0x7f0000000280)=0x8) 0s ago: executing program 1 (id=337): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a00)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x44810}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.175' (ED25519) to the list of known hosts. [ 71.589052][ T5821] cgroup: Unknown subsys name 'net' [ 71.777557][ T5821] cgroup: Unknown subsys name 'cpuset' [ 71.785978][ T5821] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 73.298910][ T5821] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.211856][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.227154][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.229984][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.236123][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.245736][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.250481][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.257707][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.263925][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.270072][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.277436][ T5840] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.291338][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.291606][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.300323][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.313443][ T5843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.321702][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.332220][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.343345][ T5839] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.351464][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.359807][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.369960][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 77.378596][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 77.387534][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 77.396874][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 77.404801][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 77.412552][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.423745][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.433735][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.442157][ T5143] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.453359][ T5850] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.460846][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.777064][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 77.872359][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 77.991163][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 78.020931][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 78.041791][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.049930][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.057557][ T5831] bridge_slave_0: entered allmulticast mode [ 78.064928][ T5831] bridge_slave_0: entered promiscuous mode [ 78.074331][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.081499][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.088840][ T5831] bridge_slave_1: entered allmulticast mode [ 78.095828][ T5831] bridge_slave_1: entered promiscuous mode [ 78.172277][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.196114][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.205438][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.212605][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.219942][ T5846] bridge_slave_0: entered allmulticast mode [ 78.227132][ T5846] bridge_slave_0: entered promiscuous mode [ 78.291151][ T5831] team0: Port device team_slave_0 added [ 78.297663][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.304996][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.312209][ T5846] bridge_slave_1: entered allmulticast mode [ 78.319366][ T5846] bridge_slave_1: entered promiscuous mode [ 78.355786][ T5831] team0: Port device team_slave_1 added [ 78.386516][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.393787][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.401052][ T5833] bridge_slave_0: entered allmulticast mode [ 78.408188][ T5833] bridge_slave_0: entered promiscuous mode [ 78.447967][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.457419][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 78.472992][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.480884][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.488406][ T5833] bridge_slave_1: entered allmulticast mode [ 78.495298][ T5833] bridge_slave_1: entered promiscuous mode [ 78.503459][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.510448][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.536481][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.550522][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.610314][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.618276][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.644431][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.670993][ T5846] team0: Port device team_slave_0 added [ 78.681118][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.688656][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.696184][ T5832] bridge_slave_0: entered allmulticast mode [ 78.702934][ T5832] bridge_slave_0: entered promiscuous mode [ 78.712224][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.725965][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.742247][ T5846] team0: Port device team_slave_1 added [ 78.767115][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.774682][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.781894][ T5832] bridge_slave_1: entered allmulticast mode [ 78.789210][ T5832] bridge_slave_1: entered promiscuous mode [ 78.874790][ T5833] team0: Port device team_slave_0 added [ 78.893991][ T5831] hsr_slave_0: entered promiscuous mode [ 78.900543][ T5831] hsr_slave_1: entered promiscuous mode [ 78.908611][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.915945][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.942993][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.960026][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.970832][ T5833] team0: Port device team_slave_1 added [ 79.004124][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.011124][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.037190][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.068086][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.116440][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.123810][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.130981][ T5847] bridge_slave_0: entered allmulticast mode [ 79.138264][ T5847] bridge_slave_0: entered promiscuous mode [ 79.154532][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.161536][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.187859][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.201523][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.208891][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.235514][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.251496][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.259084][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.266475][ T5847] bridge_slave_1: entered allmulticast mode [ 79.273533][ T5847] bridge_slave_1: entered promiscuous mode [ 79.282829][ T5832] team0: Port device team_slave_0 added [ 79.291486][ T5832] team0: Port device team_slave_1 added [ 79.365895][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.372892][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.403404][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.404419][ T5843] Bluetooth: hci0: command tx timeout [ 79.414676][ T5850] Bluetooth: hci2: command tx timeout [ 79.430289][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.447730][ T5846] hsr_slave_0: entered promiscuous mode [ 79.454341][ T5846] hsr_slave_1: entered promiscuous mode [ 79.460634][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.469309][ T5850] Bluetooth: hci4: command tx timeout [ 79.473354][ T5850] Bluetooth: hci1: command tx timeout [ 79.475701][ T5846] Cannot create hsr debugfs directory [ 79.496860][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.503960][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.530380][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.543479][ T5850] Bluetooth: hci3: command tx timeout [ 79.555201][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.639973][ T5833] hsr_slave_0: entered promiscuous mode [ 79.647283][ T5833] hsr_slave_1: entered promiscuous mode [ 79.657890][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.665902][ T5833] Cannot create hsr debugfs directory [ 79.694481][ T5847] team0: Port device team_slave_0 added [ 79.703044][ T5847] team0: Port device team_slave_1 added [ 79.799016][ T5832] hsr_slave_0: entered promiscuous mode [ 79.805780][ T5832] hsr_slave_1: entered promiscuous mode [ 79.813119][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.821133][ T5832] Cannot create hsr debugfs directory [ 79.848439][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.855766][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.881944][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.922221][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.930080][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.956582][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.087832][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 80.110909][ T5847] hsr_slave_0: entered promiscuous mode [ 80.118570][ T5847] hsr_slave_1: entered promiscuous mode [ 80.125281][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.132874][ T5847] Cannot create hsr debugfs directory [ 80.157637][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.167607][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.180716][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.330626][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 80.344621][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 80.377065][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 80.409712][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 80.462123][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.511074][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.528656][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.550441][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.561013][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.582111][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.594142][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.605125][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.696235][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.713935][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.728614][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.748829][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.846303][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.886370][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.899637][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.936660][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.986919][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.000534][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.007959][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.017912][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.025606][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.042285][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.054310][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.061484][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.099711][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.106911][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.121733][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.128931][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.164214][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.177545][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.184727][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.211110][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.259389][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.290017][ T5831] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 81.301273][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.327422][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.334713][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.377177][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.384396][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.460756][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.469805][ T5850] Bluetooth: hci2: command tx timeout [ 81.475167][ T5843] Bluetooth: hci0: command tx timeout [ 81.492586][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.499857][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.544314][ T5850] Bluetooth: hci1: command tx timeout [ 81.548100][ T5843] Bluetooth: hci4: command tx timeout [ 81.597680][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.604903][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.625576][ T5843] Bluetooth: hci3: command tx timeout [ 81.721193][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.827590][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.952263][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.037967][ T5831] veth0_vlan: entered promiscuous mode [ 82.052581][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.131869][ T5831] veth1_vlan: entered promiscuous mode [ 82.240795][ T5847] veth0_vlan: entered promiscuous mode [ 82.265713][ T5833] veth0_vlan: entered promiscuous mode [ 82.288847][ T5847] veth1_vlan: entered promiscuous mode [ 82.311398][ T5831] veth0_macvtap: entered promiscuous mode [ 82.321487][ T5833] veth1_vlan: entered promiscuous mode [ 82.336810][ T5831] veth1_macvtap: entered promiscuous mode [ 82.369024][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.380659][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.407584][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.418864][ T5847] veth0_macvtap: entered promiscuous mode [ 82.439315][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.448838][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.457945][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.467041][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.497508][ T5847] veth1_macvtap: entered promiscuous mode [ 82.525509][ T5833] veth0_macvtap: entered promiscuous mode [ 82.535678][ T5833] veth1_macvtap: entered promiscuous mode [ 82.602812][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.617741][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.629700][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.647156][ T5846] veth0_vlan: entered promiscuous mode [ 82.680768][ T5832] veth0_vlan: entered promiscuous mode [ 82.693106][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.711448][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.722737][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.732750][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.743876][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.754969][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.765890][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.777996][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.812783][ T4873] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.814361][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.832675][ T4873] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.842775][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.851640][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.860453][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.872827][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.883723][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.893950][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.904655][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.916327][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.924513][ T5846] veth1_vlan: entered promiscuous mode [ 82.960513][ T5832] veth1_vlan: entered promiscuous mode [ 82.971229][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.980911][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.990156][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.999160][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.018157][ T1005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.030934][ T1005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.079651][ T5832] veth0_macvtap: entered promiscuous mode [ 83.115904][ T5832] veth1_macvtap: entered promiscuous mode [ 83.140944][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.201395][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.212308][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.223801][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.236400][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.269084][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.293388][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.305833][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.325564][ T5846] veth0_macvtap: entered promiscuous mode [ 83.345478][ T5846] veth1_macvtap: entered promiscuous mode [ 83.366366][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.388506][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.399018][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.409893][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.410816][ T5918] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET) [ 83.421368][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.437569][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.449511][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.489635][ T1005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.491602][ T5832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.506615][ T1005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.512379][ T5832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.522709][ T5832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.531753][ T5832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.543660][ T5843] Bluetooth: hci2: command tx timeout [ 83.553503][ T5843] Bluetooth: hci0: command tx timeout [ 83.586764][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.597627][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.608159][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.619142][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.630749][ T5843] Bluetooth: hci1: command tx timeout [ 83.632938][ T5850] Bluetooth: hci4: command tx timeout [ 83.636741][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.652181][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.662483][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.673021][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.685207][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.696109][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.704504][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.704895][ T5850] Bluetooth: hci3: command tx timeout [ 83.738817][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.752515][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.762548][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.773243][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.783079][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.793836][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.803875][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.814397][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.825334][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.845665][ T3535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.857489][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.867112][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.873798][ T3535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.876425][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.892090][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.998545][ T4873] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.028135][ T4873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.065241][ T1005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.078098][ T1005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.148519][ T4873] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.178325][ T4873] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.290287][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.344717][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.450452][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.458642][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.928577][ T5939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2'. [ 84.978854][ T5939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2'. [ 85.644945][ T5850] Bluetooth: hci0: command tx timeout [ 85.650119][ T5843] Bluetooth: hci2: command tx timeout [ 85.708256][ T5843] Bluetooth: hci4: command tx timeout [ 85.715405][ T5843] Bluetooth: hci1: command tx timeout [ 85.826084][ T5850] Bluetooth: hci3: command tx timeout [ 85.842594][ T5963] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16'. [ 85.851765][ T5963] nbd: must specify at least one socket [ 87.713517][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.596211][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.607129][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.615847][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.661368][ T5985] loop2: detected capacity change from 0 to 4096 [ 88.708036][ T5998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27'. [ 88.773685][ T5998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27'. [ 88.944144][ T5985] ======================================================= [ 88.944144][ T5985] WARNING: The mand mount option has been deprecated and [ 88.944144][ T5985] and is ignored by this kernel. Remove the mand [ 88.944144][ T5985] option from the mount to silence this warning. [ 88.944144][ T5985] ======================================================= [ 89.158380][ T5985] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 89.345745][ T6006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.33'. [ 89.354724][ T6006] nbd: must specify at least one socket [ 90.087851][ T5985] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 92.410763][ T837] cfg80211: failed to load regulatory.db [ 93.580639][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 93.589842][ T6035] Zero length message leads to an empty skb [ 93.637808][ T6018] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 93.645031][ T6018] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 93.667951][ T6042] loop2: detected capacity change from 0 to 256 [ 93.836114][ T6018] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 93.847541][ T6018] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 93.854559][ T6018] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 93.862095][ T6018] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 93.870870][ T6018] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 93.876972][ T6018] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 93.883508][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.883531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.945828][ T6018] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 93.971362][ T6018] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 93.978177][ T6018] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 94.008928][ T6018] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 94.021501][ T6042] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 94.045742][ T6018] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 94.051897][ T6018] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 94.062494][ T6018] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 94.684113][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.706538][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 95.335357][ T6052] exFAT-fs (loop2): start_clu is invalid cluster(0xffffffff) [ 95.435297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 95.445796][ T6055] loop4: detected capacity change from 0 to 4096 [ 95.477912][ T6055] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 95.571151][ T6055] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 95.704308][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 95.863369][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 95.943349][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.023295][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 96.105019][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 96.371890][ T6068] netlink: 68 bytes leftover after parsing attributes in process `syz.2.51'. [ 97.839688][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 97.965505][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 98.065311][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 98.113294][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 98.843307][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 99.121714][ T6094] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.290742][ T6099] loop3: detected capacity change from 0 to 256 [ 99.412533][ T6099] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 99.437844][ T6103] loop4: detected capacity change from 0 to 256 [ 99.497223][ T6103] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 99.908441][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 100.024550][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 100.106944][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 100.183540][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 100.903519][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout [ 101.028943][ T6117] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.861721][ T6132] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 101.924677][ T6129] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff) [ 105.635053][ T5901] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 106.473662][ T5901] usb 2-1: Using ep0 maxpacket: 32 [ 106.484784][ T5901] usb 2-1: config 0 has no interfaces? [ 106.492119][ T5901] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 106.503349][ T5901] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.517949][ T5901] usb 2-1: config 0 descriptor?? [ 106.807525][ T6161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'. [ 106.927920][ T6179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.88'. [ 106.936912][ T6179] nbd: must specify at least one socket [ 109.183886][ T6193] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 109.189972][ T6193] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 109.196093][ T6193] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 109.202103][ T6193] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 109.208202][ T6193] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 109.819348][ T6212] netlink: 48 bytes leftover after parsing attributes in process `syz.4.99'. [ 111.037679][ T6220] tipc: Started in network mode [ 111.056851][ T25] usb 2-1: USB disconnect, device number 2 [ 111.074203][ T6220] tipc: Node identity 7f000001, cluster identity 4711 [ 111.153744][ T6220] tipc: Enabled bearer , priority 10 [ 111.371635][ T5850] Bluetooth: hci4: command 0x0c1a tx timeout [ 111.373722][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 111.378403][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout [ 111.383905][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 111.389826][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 112.082104][ T6227] sctp: failed to load transform for md5: -2 [ 112.151285][ T25] tipc: Node number set to 2130706433 [ 112.642600][ T6254] netlink: 48 bytes leftover after parsing attributes in process `syz.2.112'. [ 113.914078][ T6272] tipc: Enabling of bearer rejected, already enabled [ 114.148961][ T5901] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 114.549840][ T5901] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.563037][ T5901] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.607334][ T5901] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 114.620644][ T5901] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.632713][ T5901] usb 2-1: config 0 descriptor?? [ 116.482728][ T5901] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0 [ 116.952792][ T5901] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0 [ 116.979149][ T5901] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0001/input/input6 [ 117.025367][ T5901] cm6533_jd 0003:0D8C:0022.0001: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 117.044678][ T5901] usb 2-1: USB disconnect, device number 3 [ 117.366212][ T6304] loop4: detected capacity change from 0 to 1024 [ 118.054228][ T6311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.094204][ T6311] bond0: (slave rose0): Enslaving as an active interface with an up link [ 119.933434][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz.4.144'. [ 119.942363][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz.4.144'. [ 120.688909][ T6368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.152'. [ 120.698299][ T6368] netlink: 4 bytes leftover after parsing attributes in process `syz.4.152'. [ 121.226878][ T6380] tipc: Started in network mode [ 121.236590][ T6380] tipc: Node identity 7f000001, cluster identity 4711 [ 121.256122][ T6380] tipc: Enabled bearer , priority 10 [ 121.273723][ T5853] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 121.374658][ T6385] netlink: 188 bytes leftover after parsing attributes in process `syz.3.161'. [ 121.422066][ T6386] loop4: detected capacity change from 0 to 1024 [ 121.459047][ T5853] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 122.324588][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.332773][ T5853] usb 3-1: Product: syz [ 122.473677][ T5885] tipc: Node number set to 2130706433 [ 122.480273][ T5853] usb 3-1: Manufacturer: syz [ 122.493377][ T5853] usb 3-1: SerialNumber: syz [ 122.602333][ T5853] usb 3-1: config 0 descriptor?? [ 122.671031][ T6394] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 123.128350][ T5850] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 125.115220][ T5853] usb 3-1: f81604_read: reg: 200f failed: -EPROTO [ 125.126558][ T5853] usb 3-1: USB disconnect, device number 2 [ 125.150116][ T6424] tipc: Enabling of bearer rejected, already enabled [ 126.177404][ T6450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.179'. [ 126.203794][ T6450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.179'. [ 126.307104][ T5853] usb 3-1: f81604_read: reg: 100f failed: -ENODEV [ 126.423904][ T5853] usb 3-1: f81604_read: reg: 200f failed: -ENODEV [ 126.593281][ T6467] tipc: Enabling of bearer rejected, already enabled [ 132.412072][ T6553] netlink: 188 bytes leftover after parsing attributes in process `syz.3.214'. [ 132.440798][ T6553] netlink: 'syz.3.214': attribute type 1 has an invalid length. [ 133.233265][ T5885] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 133.307328][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.321511][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.393582][ T5885] usb 1-1: Using ep0 maxpacket: 32 [ 133.406835][ T5885] usb 1-1: config 0 has no interfaces? [ 133.426233][ T5885] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 133.440199][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.470490][ T5885] usb 1-1: config 0 descriptor?? [ 133.730538][ T6573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.222'. [ 135.293524][ T6600] process 'syz.3.228' launched './file1' with NULL argv: empty string added [ 135.411450][ T6604] loop1: detected capacity change from 0 to 1024 [ 135.460227][ T5885] usb 1-1: USB disconnect, device number 2 [ 136.477012][ T6614] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 137.281734][ T6631] nfs4: Unknown parameter 'rans' [ 140.300955][ T6669] nfs4: Unknown parameter 'rans' [ 140.308022][ T5901] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 140.508952][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.643748][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.796551][ T5901] usb 1-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 140.971951][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.011711][ T5901] usb 1-1: config 0 descriptor?? [ 141.589972][ T5901] usbhid 1-1:0.0: can't add hid device: -71 [ 141.614687][ T5901] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 141.691547][ T5901] usb 1-1: USB disconnect, device number 3 [ 144.264024][ T6710] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 144.273558][ T6710] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 144.279665][ T6710] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 144.290038][ T6710] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 144.296233][ T6710] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 144.615254][ T6715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'. [ 144.681252][ T6715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.269'. [ 145.516267][ T6733] loop9: detected capacity change from 0 to 1 [ 145.549761][ T6733] Dev loop9: unable to read RDB block 1 [ 145.558339][ T6733] loop9: unable to read partition table [ 145.566506][ T6733] loop9: partition table beyond EOD, truncated [ 145.572883][ T6733] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 146.344867][ T5850] Bluetooth: hci4: command 0x0c1a tx timeout [ 146.351243][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 146.357716][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.357856][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.370175][ T54] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.093401][ T6764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'. [ 149.583710][ T6783] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 149.591818][ T6783] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 149.600149][ T6783] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 149.606245][ T6783] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 149.612243][ T6783] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 150.213451][ T5886] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 150.415104][ T5886] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 150.426483][ T5886] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 150.528435][ T5886] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 150.557321][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 150.577757][ T5886] usb 1-1: SerialNumber: syz [ 150.684360][ T6803] netlink: 88 bytes leftover after parsing attributes in process `syz.3.302'. [ 150.809438][ T5886] usb 1-1: 0:2 : does not exist [ 150.852815][ T5886] usb 1-1: USB disconnect, device number 4 [ 150.973245][ T5885] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 151.133189][ T5885] usb 5-1: Using ep0 maxpacket: 8 [ 151.142528][ T5885] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 151.157502][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.179711][ T5885] usb 5-1: Product: syz [ 151.187388][ T5885] usb 5-1: Manufacturer: syz [ 151.192053][ T5885] usb 5-1: SerialNumber: syz [ 151.210859][ T5885] usb 5-1: config 0 descriptor?? [ 151.446435][ C1] raw-gadget.1 gadget.4: ignoring, device is not running [ 151.466052][ T5885] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 151.493584][ C1] raw-gadget.1 gadget.4: ignoring, device is not running [ 151.501440][ T5885] gspca_sunplus: reg_w_riv err -32 [ 151.506934][ T5885] sunplus 5-1:0.0: probe with driver sunplus failed with error -32 [ 151.528177][ T5885] usb 5-1: USB disconnect, device number 2 [ 151.713369][ T5850] Bluetooth: hci4: command 0x0c1a tx timeout [ 151.719627][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 151.725796][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.732029][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.738270][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.888825][ T6829] loop1: detected capacity change from 0 to 1024 [ 152.410652][ T6829] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 152.455656][ T5885] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 152.623067][ T5885] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 152.632435][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.668777][ T5885] usb 4-1: config 0 descriptor?? [ 152.684447][ T5885] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 152.934593][ T5885] usb 4-1: Detected FT232B [ 153.135692][ T5885] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 153.276445][ T5885] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 153.357410][ T5885] usb 4-1: USB disconnect, device number 2 [ 153.378768][ T5885] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 153.402989][ T5885] ftdi_sio 4-1:0.0: device disconnected [ 153.429076][ T6849] netlink: 88 bytes leftover after parsing attributes in process `syz.4.320'. [ 154.283810][ T5853] IPVS: starting estimator thread 0... [ 154.387611][ T6879] IPVS: using max 18 ests per chain, 43200 per kthread [ 155.351940][ T6893] [ 155.354423][ T6893] ============================================ [ 155.360588][ T6893] WARNING: possible recursive locking detected [ 155.366746][ T6893] 6.13.0-rc3-next-20241218-syzkaller #0 Not tainted [ 155.373336][ T6893] -------------------------------------------- [ 155.379486][ T6893] syz.4.335/6893 is trying to acquire lock: [ 155.385389][ T6893] ffff888028470d48 (vm_lock){++++}-{0:0}, at: move_pages+0x26b/0x1680 [ 155.393615][ T6893] [ 155.393615][ T6893] but task is already holding lock: [ 155.400980][ T6893] ffff8880792bf988 (vm_lock){++++}-{0:0}, at: uffd_lock_vma+0x20c/0x2c0 [ 155.409359][ T6893] [ 155.409359][ T6893] other info that might help us debug this: [ 155.417424][ T6893] Possible unsafe locking scenario: [ 155.417424][ T6893] [ 155.424877][ T6893] CPU0 [ 155.428157][ T6893] ---- [ 155.431442][ T6893] lock(vm_lock); [ 155.435182][ T6893] lock(vm_lock); [ 155.438933][ T6893] [ 155.438933][ T6893] *** DEADLOCK *** [ 155.438933][ T6893] [ 155.447079][ T6893] May be due to missing lock nesting notation [ 155.447079][ T6893] [ 155.455405][ T6893] 2 locks held by syz.4.335/6893: [ 155.460517][ T6893] #0: ffff8880792bf988 (vm_lock){++++}-{0:0}, at: uffd_lock_vma+0x20c/0x2c0 [ 155.469337][ T6893] #1: ffffffff8e937d20 (rcu_read_lock){....}-{1:3}, at: lock_vma_under_rcu+0x1dd/0xa40 [ 155.479112][ T6893] [ 155.479112][ T6893] stack backtrace: [ 155.485022][ T6893] CPU: 0 UID: 0 PID: 6893 Comm: syz.4.335 Not tainted 6.13.0-rc3-next-20241218-syzkaller #0 [ 155.485048][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 155.485063][ T6893] Call Trace: [ 155.485071][ T6893] [ 155.485079][ T6893] dump_stack_lvl+0x241/0x360 [ 155.485102][ T6893] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.485119][ T6893] ? __pfx__printk+0x10/0x10 [ 155.485146][ T6893] ? lockdep_unlock+0x16a/0x300 [ 155.485171][ T6893] print_deadlock_bug+0x483/0x620 [ 155.485188][ T6893] ? lockdep_unlock+0x16a/0x300 [ 155.485209][ T6893] validate_chain+0x15e2/0x5920 [ 155.485244][ T6893] ? __pfx_validate_chain+0x10/0x10 [ 155.485270][ T6893] ? __pfx_validate_chain+0x10/0x10 [ 155.485297][ T6893] ? __pfx_validate_chain+0x10/0x10 [ 155.485324][ T6893] ? __pfx_validate_chain+0x10/0x10 [ 155.485350][ T6893] ? __lock_acquire+0x1397/0x2100 [ 155.485372][ T6893] ? look_up_lock_class+0x77/0x170 [ 155.485398][ T6893] ? register_lock_class+0x102/0x980 [ 155.485421][ T6893] ? __pfx_register_lock_class+0x10/0x10 [ 155.485445][ T6893] ? mark_lock+0x9a/0x360 [ 155.485471][ T6893] __lock_acquire+0x1397/0x2100 [ 155.485498][ T6893] lock_acquire+0x1ed/0x550 [ 155.485520][ T6893] ? move_pages+0x26b/0x1680 [ 155.485540][ T6893] ? __pfx_lock_acquire+0x10/0x10 [ 155.485567][ T6893] ? mas_walk+0x1f3/0x280 [ 155.485589][ T6893] lock_vma_under_rcu+0x370/0xa40 [ 155.485609][ T6893] ? move_pages+0x26b/0x1680 [ 155.485624][ T6893] ? lock_vma_under_rcu+0x1dd/0xa40 [ 155.485645][ T6893] ? move_pages+0x26b/0x1680 [ 155.485662][ T6893] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 155.485686][ T6893] ? uffd_lock_vma+0x22b/0x2c0 [ 155.485705][ T6893] move_pages+0x26b/0x1680 [ 155.485727][ T6893] ? __pfx___might_resched+0x10/0x10 [ 155.485747][ T6893] ? __might_fault+0xaa/0x120 [ 155.485769][ T6893] ? preempt_count_add+0x93/0x190 [ 155.485787][ T6893] ? __pfx_move_pages+0x10/0x10 [ 155.485816][ T6893] ? __might_fault+0xc6/0x120 [ 155.485837][ T6893] userfaultfd_ioctl+0x5221/0x6840 [ 155.485867][ T6893] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 155.485887][ T6893] ? stack_trace_save+0x118/0x1d0 [ 155.485905][ T6893] ? __pfx_stack_trace_save+0x10/0x10 [ 155.485924][ T6893] ? stack_depot_save_flags+0x37/0x940 [ 155.485953][ T6893] ? kasan_save_track+0x51/0x80 [ 155.485974][ T6893] ? kasan_save_track+0x3f/0x80 [ 155.485995][ T6893] ? kasan_save_free_info+0x40/0x50 [ 155.486012][ T6893] ? __kasan_slab_free+0x59/0x70 [ 155.486034][ T6893] ? kfree+0x196/0x430 [ 155.486047][ T6893] ? tomoyo_path_number_perm+0x679/0x860 [ 155.486064][ T6893] ? security_file_ioctl+0xc6/0x2a0 [ 155.486079][ T6893] ? __se_sys_ioctl+0x46/0x170 [ 155.486099][ T6893] ? do_syscall_64+0xf3/0x230 [ 155.486113][ T6893] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.486137][ T6893] ? do_vfs_ioctl+0xf07/0x2e40 [ 155.486161][ T6893] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 155.486183][ T6893] ? mark_lock+0x9a/0x360 [ 155.486211][ T6893] ? tomoyo_path_number_perm+0x206/0x860 [ 155.486227][ T6893] ? __pfx_lock_release+0x10/0x10 [ 155.486249][ T6893] ? tomoyo_path_number_perm+0x679/0x860 [ 155.486267][ T6893] ? tomoyo_path_number_perm+0x679/0x860 [ 155.486284][ T6893] ? tomoyo_path_number_perm+0x6f9/0x860 [ 155.486300][ T6893] ? __lock_acquire+0x1397/0x2100 [ 155.486322][ T6893] ? tomoyo_path_number_perm+0x206/0x860 [ 155.486339][ T6893] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 155.486369][ T6893] ? __fget_files+0x2a/0x410 [ 155.486386][ T6893] ? __fget_files+0x2a/0x410 [ 155.486404][ T6893] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 155.486426][ T6893] __se_sys_ioctl+0xf5/0x170 [ 155.486448][ T6893] do_syscall_64+0xf3/0x230 [ 155.486463][ T6893] ? clear_bhb_loop+0x35/0x90 [ 155.486488][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.486511][ T6893] RIP: 0033:0x7f823d185d29 [ 155.486528][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.486542][ T6893] RSP: 002b:00007f823df72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.486561][ T6893] RAX: ffffffffffffffda RBX: 00007f823d375fa0 RCX: 00007f823d185d29 [ 155.486574][ T6893] RDX: 0000000020000040 RSI: 00000000c028aa05 RDI: 0000000000000003 [ 155.486585][ T6893] RBP: 00007f823d201a20 R08: 0000000000000000 R09: 0000000000000000 [ 155.486595][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.486605][ T6893] R13: 0000000000000000 R14: 00007f823d375fa0 R15: 00007ffce9688d78 [ 155.486622][ T6893]