last executing test programs: 14.114617151s ago: executing program 2 (id=83): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, 0x1c, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r4, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94) 13.652130921s ago: executing program 0 (id=84): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$kcm(0x2, 0x1, 0x0) sendmsg$inet(r2, 0x0, 0x20000811) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r3, &(0x7f0000000000)={0xfc, {"fce3ad0eed0d07f91b50091887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f353163030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b233107200773090acd3b78130daa61d8e8040040005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bde7095d6a345badc56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a91e0dad47f36fd9f73c152a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76ea0270e4c10d64cd5a62427264f2377fe763c434708337c8de98f371bb943a8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa7ea5677747430af4162b987b80c3e001cd34e1c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df11847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e30400f7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad046581927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fc83c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad83872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddba02635478d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f79400000000ddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df04b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e785419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02b7fa64b6de3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd502ac8044ae185d2ba300004e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f08df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88e4facfd4c735a20307c737afa2d60399473296b831dbd933d93990f00064279b10ea0c5833f41f157ea2302993dbe97fb1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea10c00a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeee964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac3fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2102596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e42df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed62480ec43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e069160f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df076f0ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f87296ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb90372927db6ff959c0837d2e7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef869c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d050000008926407a4eddd5d0fc5a752f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000023dd0000000400", 0x1000}}, 0x1006) 13.107832796s ago: executing program 2 (id=85): sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) socket(0xa, 0x3, 0x3a) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x141, 0x0, 0x12}, 0x18) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000280)={0xf0f002, 0x2}) 12.318856363s ago: executing program 1 (id=88): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) openat$autofs(0xffffffffffffff9c, 0x0, 0x200800, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x7}, {0x12, 0x2, 0x0, 0x501, 0x81, 0x1400}, 0x20000a6, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r3, {0x0, 0xc}, {0x6, 0xa}, {0x1, 0xfff3}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x1c, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8, 0x7, 0x9f02}, @TCA_HHF_NON_HH_WEIGHT={0x8, 0x7, 0x7}, @TCA_HHF_HH_FLOWS_LIMIT={0x8, 0x3, 0xffffffff}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x55}, 0xc010) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 12.26100688s ago: executing program 0 (id=89): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) r3 = socket(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) getsockname$packet(r5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x1, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x34, 0x28, 0x575ac7824d421509, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, r6, {}, {0x1}, {0x4, 0x3d}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x40) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x2, 0x9}, {0x5, 0x1}, {0x6}}}, 0x24}}, 0x400c810) 11.113311001s ago: executing program 4 (id=90): r0 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x0) fchdir(r1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r4 = inotify_init() inotify_add_watch(r4, &(0x7f0000000000)='.\x00', 0x40007c0) rename(&(0x7f0000000440)='./bus\x00', &(0x7f00000003c0)='./file1\x00') 10.956994088s ago: executing program 1 (id=92): syz_emit_ethernet(0xb8, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$squashfs(&(0x7f00000002c0), &(0x7f0000000580)='./cgroup\x00', 0x5, &(0x7f0000000c00)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRESHEX, @ANYBLOB="73325bb9629cd81d63ae646d452628", @ANYRES64, @ANYRES32, @ANYRES16, @ANYBLOB="2507e8579b20993242fdf42d33fe4cdfba93d588f4470c70729c837f576a965d92f7507650459eb153fa8195f532e0d894e732133100bc53a6150b79fc66153dfbd1e2d615370b53033f859740457a26fa9f3296930b2ae529fc9a95"], 0x9f, 0x1a5, &(0x7f0000000a40)="$eJzs0b+LE08Yx/H3MzPZzR588zWn1VncgoF1Rckm/iisgtUdZMFWJOhyxstxieglhXcoxkqQ0/sbrLQUwU7EA2uxECw0ItiJKYKFWJwrm2z+CufF/ng+u8zszjOd/q2+CxxM7qzRYMpQ4r0rGGBZWMieKTV7JwL3ge8yjaU9wAcuzDK7QjG7P8vzwtCZFfjn/WJebibdbnvLR09++pS/0t/e2Uy62bTTUWOhgXyc6LVErsaC0FPXYspNTjxCtzzCxyyZ/zhyBU0a7LKq0lSCJvxfHfRuVvvbO6c2epfX2+vtG/X66XPRmSg6W69e3+i2o5dI+FCUmS4T3BgvvEuhhUd2IIQdNdLigdNi750+fuzkGBX+IEV4E4xxP5tOKV8IZVjhsPAEHVNp4ilMei/70ApyUb2QmvlgfhUUxaHOh1xS+rfjzicoBDWSVSCCJRYP9nkwojLikObpyHz7wrK8wuNPmvfTDLPr8zwdzfbG4XYyGGzVHIpvJYipZ2cZFIvso+JGpZn952uhwLzFwKd5YVmWZVmWZVmWZf0D/gYAAP//xtVW1g==") sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000) openat$sysfs(0xffffffffffffff9c, 0x0, 0x2400c0, 0x0) 9.82627718s ago: executing program 1 (id=93): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r3, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00) 9.75350248s ago: executing program 4 (id=94): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x140) r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000000)={0x210a, r0}, 0x0) landlock_restrict_self(r1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0) r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1/file4/file7\x00', 0x0, 0x50) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000340)={0x2000, r3}, 0x0) landlock_restrict_self(r2, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0) 9.347986802s ago: executing program 4 (id=95): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x3c}}, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x40020c1}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x428a4}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x8000) 8.749413986s ago: executing program 3 (id=96): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1e, 0x805, 0x0) connect$tipc(r3, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10) 8.588311916s ago: executing program 2 (id=97): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18050000000004000000000000000000850000007a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240)=r5, 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) 8.239732087s ago: executing program 1 (id=98): r0 = socket$kcm(0x10, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r1 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000500a8000600200006400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0) 7.434316729s ago: executing program 3 (id=99): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000500)=[@nested_vmresume={0x130, 0x18}, @code={0xa, 0x5a, {"b96a0a00000f320f01cac7442400d0000000c744240200000000ff1c24660ff597e1000000c4817162dd66baa100b00aee0fa1b805000000b9000000000f01d966ba4000ec660fd7f7"}}, @nested_vmresume={0x130, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x9f1}}, @set_irq_handler={0xc8, 0x20, {0x8e}}, @enable_nested={0x12c, 0x18}, @nested_create_vm={0x12d, 0x18, 0x1}, @out_dx={0x6a, 0x28, {0x5ea8, 0x5, 0x101}}, @nested_vmresume={0x130, 0x18, 0x2}, @wr_crn={0x67, 0x20, {0xa, 0x45}}, @nested_vmresume={0x130, 0x18, 0x1}, @nested_vmlaunch={0x12f, 0x18, 0x3}], 0x182}) syz_usb_connect$uac1(0x0, 0xb4, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902a20003010070000904000000010100000a24010800000201020d2406000003080000000000000c24020601010608000010000c24020800000300000000000924060506010100020924030000000005000c24020601fb0302060033050904010000010200"], 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000040)=ANY=[@ANYBLOB="000702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f00000002c0)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @multicast, @val={@val={0x88a8, 0x3, 0x1, 0x1}, {0x8100, 0x6, 0x1, 0x3}}, {@mpls_mc={0x8848, {[], @ipv4=@generic={{0x5, 0x4, 0x3, 0x37, 0x14, 0x65, 0x0, 0xf9, 0x73, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) futex(&(0x7f000000cffc), 0x5, 0x1000000, 0x0, 0x0, 0x0) 6.689257639s ago: executing program 0 (id=100): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b35d25a806f8c6394f90424fc602f0009000a740200053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 6.647930374s ago: executing program 2 (id=101): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'}) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000100)={0x23, 0x1, 0x11, 0x1, 0x0, 0xb, 0x0}) 5.824040375s ago: executing program 1 (id=102): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) syz_open_dev$swradio(&(0x7f0000000300), 0x0, 0x2) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) syz_open_procfs$namespace(0x0, &(0x7f00000003c0)='ns/net\x00') writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 5.82044364s ago: executing program 4 (id=103): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = memfd_create(&(0x7f00000001c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xf7\x00d2*Nha\x97\xd5\f\xde@\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\x91\xeb\xfc_q\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1a\x81]\x01*\x1b\xfd\xbcMA\xdcq\xa1b\x17\xab\xe4\x14l\x9b$\x13\xa7\x00MO\xb8\xfdX\xaaf*Du\x02z\x89(\xbcu\x9e\xdf\xe7es\xb9\x1e\xb2\x83\xdc\x82\xed\xcf\x1e\xff\x00\x00\x00\x00g\xa2-\xb1\x94\x9b\x04\x899\xf25\xae\xbb[C\x8aH\xa0\xb1\xa4&\xfb\xe4\xae\xf9R[jQ\x92\xc6K\xe6U\xaa3\xeb\x93\x84bIn\xc9\x11e\xf6;\xce\xee\xe2\x84]\x1eF\xee\xaf\x97Md\xbb\xd1}\x91\x12`\x02\xaa\xb2\xe8F7\t\x92\xedO`\xf7jc\x00\x11|]\x13\xaa<)0\x95-\xe7\xc5\xceuB\xba\xd5\x10\x1d4\x8f@\xfd6\xed?\xe5\xb7\x9d\xb7\xc3+m\x94\xf7\x00g\xa8\xd0y\xaa\x86\f?c\x8c.\x05\n\xf1\x9dw8\xbb\xcf\x9a\xfewx\xb7\xea\xb0\xe0\xa2\xa6/u\x18\xb8\x912g\x19\xcauw\xa8\x93\x80h\xad\x04\xf9sCB?b?\x1a\x04\x11U\xac\b\x9b\xd3\x04\xd9\xdb\xa3?qny\x19f{F\xb0\xb2\xc6\xe9\x1f\x13\x14\xbb\xde\x06\x16\b\x95^q\x0f\xc6\x16\xfeG\xf9\xf3D\xe9:\x86\xc8!4\xa0+\xba\x87\xdd\xbc\xbd\x93\xbb\xef*:\x00Ld\x00'/408, 0x4) ftruncate(r3, 0x40000001) r4 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) getdents64(r4, 0x0, 0x0) 5.757817811s ago: executing program 3 (id=104): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) setpriority(0x2, 0x0, 0xffffffffffffffcd) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x4, './file0/file1\x00'}}) 5.569556334s ago: executing program 0 (id=105): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3}) r3 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000540)="bc3009bb66682c9d4233b0cc644f5fdae5b9d17f7ada03bc77aea173022c18232e1fb162caf50d08fda40c6e9c515c4a2c7245660296c0460cbff563b781695432f5a83f5ab8979bf6fd1c17aa", 0x4d, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 3.372996541s ago: executing program 3 (id=106): ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000080)={0x4, 0xbde, 0x0, &(0x7f0000000180)="a1984ec3aec3fc2e025f90eda6dbc903939aac644fd36f1e65174cae030c42cbacc392851a695f247112e91f059460a2c031929dc0515ac7cd20775ff9da9c2b", 0x0, 0x40}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0x1, 0x60, {"3ef30fc735fc9a00003e0f01c8c4417df1a9b398000066b824008ec8460f79f2c4e1717db49c26000000b9800000c00f3235000400000f307b9666baa00066b8000066ef66bad1040f01c2260f78da"}}], 0x60}) syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@enable_nested={0x12c, 0x18}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @save_area=0x595, 0x100000005, 0x7ff, 0x4}}], 0x50}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xb}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000380)=[@enable_nested={0x12c, 0x18}, @nested_create_vm={0x12d, 0x18, 0x6}, @nested_load_code={0x12e, 0x72, {0x2, "440f20c03502000000440f22c00fc7b60000000066b8bf000f00d0b9800000c07f3235000400000f300f20a666bad104b801000000ef3e43c1dc1966baf80cb8983fe78fef66bafc0ced0fc7ba099d716a430fc7bc3700000000"}}], 0xa2}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f00000001c0)={0xbc, 0x0, 0x2}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000002300)={[0x35, 0x7, 0x0, 0x180, 0x5fffffffffffffff, 0x10, 0xf4, 0x3ff, 0x80, 0x2, 0x6, 0x7fff, 0x0, 0x9, 0x0, 0xbdb], 0x51001, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.793131733s ago: executing program 0 (id=107): r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) read$FUSE(0xffffffffffffffff, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0xc0) r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xd086, 0xc000, 0x80008, 0xc1}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f0000000100)="64be365de974de7ab149b947a8218d12625b0c29c0496e90", 0x0, 0x18) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}}) 2.788281896s ago: executing program 4 (id=108): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)={0x4c, r4, 0x1, 0x0, 0x0, {0x4f}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}}]}, 0x4c}}, 0x0) 2.702071562s ago: executing program 1 (id=109): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x9) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) r3 = dup(r2) timerfd_gettime(0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c) ftruncate(r4, 0x200004) sendfile(r3, r4, 0x0, 0x1d00c0ce) 2.565821603s ago: executing program 2 (id=110): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r3, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 1.487587392s ago: executing program 0 (id=111): fallocate(0xffffffffffffffff, 0x10, 0x80, 0x1) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) close(0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) rename(0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x60, r3, 0xb7a006d1969b963b, 0x1, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x42, 0x33, @probe_request={{{}, {}, @device_a, @device_b}, @void, @val, @void, @val={0x2d, 0x1a, {0x8802, 0x3, 0x6, 0x0, {0x6, 0xd, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x1, 0x95ce, 0x9}}, @val={0x72, 0x6}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x8011}, 0x10) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 1.427670773s ago: executing program 2 (id=112): connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000ff0300fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa000000000400000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) 1.313583974s ago: executing program 4 (id=113): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) close(r0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1) fcntl$setlease(r2, 0x400, 0x1) r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r4 = memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)={0x2c, r4, 0x211, 0x0, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xb}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3}]}, 0x2c}, 0x1, 0x100000000000000, 0x0, 0x4000059}, 0x0) 0s ago: executing program 3 (id=115): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x803, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$IPC_RMID(0x0, 0x0, 0x10) r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f0000000580)="303e3080020000000900f190", 0xc, r3) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.73' (ED25519) to the list of known hosts. [ 84.708809][ T5822] cgroup: Unknown subsys name 'net' [ 84.827923][ T5822] cgroup: Unknown subsys name 'cpuset' [ 84.837554][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.475317][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 88.730628][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.739370][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.753451][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.762810][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.763216][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.779288][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.787376][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.794711][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.803030][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.812897][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.822367][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.839352][ T5157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.852896][ T5157] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.852901][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.867553][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.884293][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.893449][ T5157] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.901679][ T5157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.911610][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.911770][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.970485][ T5157] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.978568][ T5157] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.994994][ T5157] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.003368][ T5157] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.011833][ T5157] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.589192][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 89.647151][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 89.690636][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 89.773204][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 89.958113][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.966498][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.973891][ T5835] bridge_slave_0: entered allmulticast mode [ 89.982133][ T5835] bridge_slave_0: entered promiscuous mode [ 90.030919][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.038368][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.045777][ T5835] bridge_slave_1: entered allmulticast mode [ 90.053161][ T5835] bridge_slave_1: entered promiscuous mode [ 90.082877][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.090109][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.097595][ T5845] bridge_slave_0: entered allmulticast mode [ 90.105712][ T5845] bridge_slave_0: entered promiscuous mode [ 90.152983][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.160334][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.167843][ T5845] bridge_slave_1: entered allmulticast mode [ 90.175763][ T5845] bridge_slave_1: entered promiscuous mode [ 90.183784][ T5851] chnl_net:caif_netlink_parms(): no params data found [ 90.207662][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.214984][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.222171][ T5834] bridge_slave_0: entered allmulticast mode [ 90.229792][ T5834] bridge_slave_0: entered promiscuous mode [ 90.237451][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.245253][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.252485][ T5837] bridge_slave_0: entered allmulticast mode [ 90.260062][ T5837] bridge_slave_0: entered promiscuous mode [ 90.289799][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.299257][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.307480][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.315403][ T5834] bridge_slave_1: entered allmulticast mode [ 90.323049][ T5834] bridge_slave_1: entered promiscuous mode [ 90.330436][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.338211][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.345633][ T5837] bridge_slave_1: entered allmulticast mode [ 90.352998][ T5837] bridge_slave_1: entered promiscuous mode [ 90.399526][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.434975][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.493276][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.506557][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.524925][ T5835] team0: Port device team_slave_0 added [ 90.534104][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.562508][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.580533][ T5835] team0: Port device team_slave_1 added [ 90.600191][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.662239][ T5845] team0: Port device team_slave_0 added [ 90.705000][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.712001][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.738483][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.757173][ T5845] team0: Port device team_slave_1 added [ 90.763711][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.770687][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.796923][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.810455][ T5834] team0: Port device team_slave_0 added [ 90.819149][ T5837] team0: Port device team_slave_0 added [ 90.871256][ T5834] team0: Port device team_slave_1 added [ 90.877928][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.884996][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.911673][ T5157] Bluetooth: hci1: command tx timeout [ 90.917218][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.930558][ T5837] team0: Port device team_slave_1 added [ 90.936881][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.944209][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.951432][ T5851] bridge_slave_0: entered allmulticast mode [ 90.959709][ T5851] bridge_slave_0: entered promiscuous mode [ 90.981761][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.989145][ T5157] Bluetooth: hci3: command tx timeout [ 90.989171][ T51] Bluetooth: hci0: command tx timeout [ 90.989653][ T51] Bluetooth: hci2: command tx timeout [ 90.997633][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.032542][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.062262][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.069627][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.074821][ T51] Bluetooth: hci4: command tx timeout [ 91.078310][ T5851] bridge_slave_1: entered allmulticast mode [ 91.090398][ T5851] bridge_slave_1: entered promiscuous mode [ 91.180143][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.187349][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.213801][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.225959][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.232930][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.259015][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.283121][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.290206][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.317317][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.343772][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.353871][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.361612][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.388585][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.435379][ T5835] hsr_slave_0: entered promiscuous mode [ 91.442060][ T5835] hsr_slave_1: entered promiscuous mode [ 91.451545][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.491910][ T5845] hsr_slave_0: entered promiscuous mode [ 91.499011][ T5845] hsr_slave_1: entered promiscuous mode [ 91.505310][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 91.511125][ T5845] Cannot create hsr debugfs directory [ 91.548594][ T5851] team0: Port device team_slave_0 added [ 91.581610][ T5837] hsr_slave_0: entered promiscuous mode [ 91.588192][ T5837] hsr_slave_1: entered promiscuous mode [ 91.594838][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 91.600587][ T5837] Cannot create hsr debugfs directory [ 91.620706][ T5851] team0: Port device team_slave_1 added [ 91.729261][ T5834] hsr_slave_0: entered promiscuous mode [ 91.735956][ T5834] hsr_slave_1: entered promiscuous mode [ 91.742272][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 91.748111][ T5834] Cannot create hsr debugfs directory [ 91.813098][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.820417][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.846877][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.880781][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.887970][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.913964][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.236421][ T5851] hsr_slave_0: entered promiscuous mode [ 92.243424][ T5851] hsr_slave_1: entered promiscuous mode [ 92.251530][ T5851] debugfs: 'hsr0' already exists in 'hsr' [ 92.257368][ T5851] Cannot create hsr debugfs directory [ 92.580265][ T5845] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.615424][ T5845] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.649284][ T5845] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.687208][ T5845] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.758364][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.771610][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.783864][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.799857][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.925122][ T5835] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.945258][ T5835] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.984420][ T51] Bluetooth: hci1: command tx timeout [ 92.997779][ T5835] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.030778][ T5835] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.063849][ T51] Bluetooth: hci2: command tx timeout [ 93.064567][ T5848] Bluetooth: hci0: command tx timeout [ 93.075692][ T5157] Bluetooth: hci3: command tx timeout [ 93.143620][ T5848] Bluetooth: hci4: command tx timeout [ 93.152213][ T5851] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.167319][ T5851] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.181331][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.202513][ T5851] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.240440][ T5851] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.255686][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.318183][ T3051] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.325526][ T3051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.348248][ T3051] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.355492][ T3051] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.436964][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.461111][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.486513][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.498061][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.521269][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.567426][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.615815][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.623003][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.647737][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.655006][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.671625][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.751134][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.790707][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.797984][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.810259][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.817500][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.900926][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.018341][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.091655][ T1884] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.099008][ T1884] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.139654][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.175881][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.183083][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.244401][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.359881][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.389081][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.439474][ T5837] veth0_vlan: entered promiscuous mode [ 94.460480][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.467755][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.509631][ T5837] veth1_vlan: entered promiscuous mode [ 94.537472][ T1884] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.544755][ T1884] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.580805][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.729117][ T5837] veth0_macvtap: entered promiscuous mode [ 94.761801][ T5837] veth1_macvtap: entered promiscuous mode [ 94.848254][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.907468][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.935184][ T5835] veth0_vlan: entered promiscuous mode [ 94.959657][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.970181][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.997607][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.007314][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.039038][ T5835] veth1_vlan: entered promiscuous mode [ 95.054276][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.064086][ T5848] Bluetooth: hci1: command tx timeout [ 95.145175][ T5848] Bluetooth: hci2: command tx timeout [ 95.150641][ T5848] Bluetooth: hci0: command tx timeout [ 95.157036][ T5157] Bluetooth: hci3: command tx timeout [ 95.191455][ T5845] veth0_vlan: entered promiscuous mode [ 95.224373][ T5848] Bluetooth: hci4: command tx timeout [ 95.272210][ T5845] veth1_vlan: entered promiscuous mode [ 95.292977][ T5835] veth0_macvtap: entered promiscuous mode [ 95.311435][ T5851] veth0_vlan: entered promiscuous mode [ 95.327875][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.342450][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.371818][ T5835] veth1_macvtap: entered promiscuous mode [ 95.402520][ T5851] veth1_vlan: entered promiscuous mode [ 95.433860][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.441883][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.459044][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.471948][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.506850][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.556236][ T5845] veth0_macvtap: entered promiscuous mode [ 95.561685][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.581331][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.594873][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.616838][ T5851] veth0_macvtap: entered promiscuous mode [ 95.625004][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.634795][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.660246][ T5845] veth1_macvtap: entered promiscuous mode [ 95.674714][ T5851] veth1_macvtap: entered promiscuous mode [ 95.790707][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.838029][ T5834] veth0_vlan: entered promiscuous mode [ 95.887269][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.901612][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.992869][ T35] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.007697][ T35] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.029412][ T5834] veth1_vlan: entered promiscuous mode [ 96.084946][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.092858][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.146279][ T35] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.158909][ T5961] loop0: detected capacity change from 0 to 1024 [ 96.168452][ T35] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.286097][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.365306][ T35] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.431527][ T35] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.461504][ T35] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.503007][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.515911][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.523402][ T35] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.612111][ T5834] veth0_macvtap: entered promiscuous mode [ 96.656465][ T1884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.679777][ T5834] veth1_macvtap: entered promiscuous mode [ 96.685232][ T1884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.839803][ T3018] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.866607][ T3018] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.872846][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.899844][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.022843][ T3051] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.060606][ T3051] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.075488][ T1226] cfg80211: failed to load regulatory.db [ 97.136920][ T3051] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.146338][ T5848] Bluetooth: hci1: command tx timeout [ 97.159991][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.170825][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.217761][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.225491][ T5848] Bluetooth: hci0: command tx timeout [ 97.231266][ T5157] Bluetooth: hci3: command tx timeout [ 97.232665][ T51] Bluetooth: hci2: command tx timeout [ 97.251580][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.263185][ T3051] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.305234][ T51] Bluetooth: hci4: command tx timeout [ 97.376267][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.403686][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.510217][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.539512][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.583908][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 99.685659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 100.256045][ T5996] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.680182][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 100.904206][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 100.914220][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 100.923592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 102.048707][ T6008] netlink: 'syz.2.14': attribute type 13 has an invalid length. [ 102.156963][ T6008] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.165166][ T6008] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.257133][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.276105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.327760][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.595167][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.604550][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.074729][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.882754][ T6020] Zero length message leads to an empty skb [ 105.074320][ T6024] loop1: detected capacity change from 0 to 1024 [ 105.461590][ T3018] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.582250][ T29] audit: type=1800 audit(1769604353.558:2): pid=6030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.19" name="file1" dev="loop1" ino=2 res=0 errno=0 [ 105.953743][ T3018] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.963447][ T3018] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.094163][ T3018] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.764148][ T5927] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 107.190242][ T5927] usb 5-1: config 0 has no interfaces? [ 107.263997][ T5927] usb 5-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b [ 107.313548][ T5927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.557980][ T5927] usb 5-1: config 0 descriptor?? [ 107.665274][ T6065] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 107.691738][ T6065] CIFS mount error: No usable UNC path provided in device string! [ 107.691738][ T6065] [ 107.702215][ T6065] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 108.367334][ T6025] syzkaller0: entered promiscuous mode [ 108.372938][ T6025] syzkaller0: entered allmulticast mode [ 108.375857][ T5927] usb 5-1: USB disconnect, device number 2 [ 109.748282][ T6072] loop2: detected capacity change from 0 to 256 [ 109.820731][ T6072] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 109.887106][ T6072] exFAT-fs (loop2): start_clu is invalid cluster(0xffffffff) [ 111.071833][ T6081] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.736221][ T6055] tipc: Enabling of bearer rejected, failed to enable media [ 116.422374][ T6115] netlink: 28 bytes leftover after parsing attributes in process `syz.4.41'. [ 116.926797][ T29] audit: type=1326 audit(1769604364.938:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 116.948893][ T6118] binder: 6117:6118 ioctl c0306201 200000000280 returned -14 [ 116.993894][ T6132] process 'syz.4.44' launched './file1' with NULL argv: empty string added [ 117.002673][ T29] audit: type=1326 audit(1769604364.938:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 117.062388][ T29] audit: type=1326 audit(1769604364.938:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 117.603697][ T29] audit: type=1326 audit(1769604364.938:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 117.650030][ T29] audit: type=1326 audit(1769604364.938:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 117.681605][ T29] audit: type=1326 audit(1769604364.938:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 118.604960][ T29] audit: type=1326 audit(1769604364.938:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 118.817105][ T29] audit: type=1326 audit(1769604364.938:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 118.889034][ T29] audit: type=1326 audit(1769604364.938:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 119.486194][ T29] audit: type=1326 audit(1769604364.938:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 120.034607][ T6157] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.953800][ T6166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.53'. [ 121.004445][ T6166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.53'. [ 121.030759][ T6166] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.175249][ T6166] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 123.519169][ T6192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.60'. [ 124.421501][ T6207] loop1: detected capacity change from 0 to 256 [ 124.581960][ T6207] FAT-fs (loop1): Directory bread(block 64) failed [ 124.825086][ T6207] FAT-fs (loop1): Directory bread(block 65) failed [ 124.842512][ T6207] FAT-fs (loop1): Directory bread(block 66) failed [ 125.749064][ T6207] FAT-fs (loop1): Directory bread(block 67) failed [ 125.791835][ T6207] FAT-fs (loop1): Directory bread(block 68) failed [ 125.829231][ T6207] FAT-fs (loop1): Directory bread(block 69) failed [ 125.867342][ T6207] FAT-fs (loop1): Directory bread(block 70) failed [ 125.894867][ T6207] FAT-fs (loop1): Directory bread(block 71) failed [ 125.915224][ T6207] FAT-fs (loop1): Directory bread(block 72) failed [ 126.083812][ T6207] FAT-fs (loop1): Directory bread(block 73) failed [ 128.530110][ T6234] loop1: detected capacity change from 0 to 512 [ 128.562793][ T6234] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 128.602998][ T6234] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 128.675870][ T6229] netlink: 4 bytes leftover after parsing attributes in process `syz.2.68'. [ 128.916350][ T6234] EXT4-fs (loop1): 1 truncate cleaned up [ 128.965100][ T6234] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.743859][ T5834] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.851296][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 129.851316][ T29] audit: type=1326 audit(1769604377.858:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 129.953637][ T29] audit: type=1326 audit(1769604377.858:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 130.156998][ T29] audit: type=1326 audit(1769604377.858:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 130.179568][ T29] audit: type=1326 audit(1769604377.858:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 130.201981][ T29] audit: type=1326 audit(1769604377.858:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 130.264318][ T29] audit: type=1326 audit(1769604377.868:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 131.113695][ T29] audit: type=1326 audit(1769604377.868:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 131.151443][ T29] audit: type=1326 audit(1769604377.868:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 131.181075][ T29] audit: type=1326 audit(1769604377.868:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 131.212666][ T29] audit: type=1326 audit(1769604377.908:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6246 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 132.653926][ T6272] netlink: 'syz.3.76': attribute type 1 has an invalid length. [ 133.795722][ T6283] netlink: 24 bytes leftover after parsing attributes in process `syz.2.81'. [ 133.835557][ T6272] veth3: entered promiscuous mode [ 133.937324][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.81'. [ 135.498070][ T29] kauditd_printk_skb: 62 callbacks suppressed [ 135.498158][ T29] audit: type=1326 audit(1769604383.478:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 135.604697][ T29] audit: type=1326 audit(1769604383.478:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 135.653735][ T29] audit: type=1326 audit(1769604383.478:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 135.742039][ T29] audit: type=1326 audit(1769604383.478:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 135.824203][ T29] audit: type=1326 audit(1769604383.478:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 135.922411][ T29] audit: type=1326 audit(1769604383.478:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6de935b78e code=0x7ffc0000 [ 135.954577][ T6305] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 136.241304][ T29] audit: type=1326 audit(1769604383.478:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 136.274430][ T6307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.89'. [ 136.281878][ T29] audit: type=1326 audit(1769604383.478:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 136.313071][ T29] audit: type=1326 audit(1769604383.478:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 136.893720][ T29] audit: type=1326 audit(1769604383.478:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6de939aeb9 code=0x7ffc0000 [ 137.100070][ T6315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.89'. [ 137.294952][ T6316] loop3: detected capacity change from 0 to 1024 [ 137.321263][ T6316] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 137.339954][ T6316] System zones: 0-1, 3-36 [ 137.521904][ T6316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.600657][ T6325] loop1: detected capacity change from 0 to 8 [ 137.702452][ T6325] SQUASHFS error: Failed to read block 0xe000000000001ea: -5 [ 137.710963][ T6325] unable to read xattr id index table [ 138.256806][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.264194][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.377560][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.505633][ T6334] netlink: 'syz.4.95': attribute type 1 has an invalid length. [ 139.962646][ T6338] netlink: 28 bytes leftover after parsing attributes in process `syz.4.95'. [ 140.670190][ T6338] veth1_macvtap: entered allmulticast mode [ 141.540611][ T6351] netlink: 'syz.1.98': attribute type 21 has an invalid length. [ 141.548846][ T6351] netlink: 128 bytes leftover after parsing attributes in process `syz.1.98'. [ 141.558221][ T6351] netlink: 'syz.1.98': attribute type 5 has an invalid length. [ 141.566101][ T6351] netlink: 'syz.1.98': attribute type 6 has an invalid length. [ 141.573926][ T6351] netlink: 3 bytes leftover after parsing attributes in process `syz.1.98'. [ 141.784413][ T42] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 142.391255][ T6353] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.100'. [ 143.370316][ T6369] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 143.380088][ T6369] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0/file1 [ 146.932860][ T6399] warning: `syz.0.111' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 147.126070][ T6399] netlink: 'syz.0.111': attribute type 10 has an invalid length. [ 148.110791][ T6399] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 253.323444][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 253.330592][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6397/1:b..l [ 253.338897][ C1] rcu: (detected by 1, t=10502 jiffies, g=15281, q=252 ncpus=2) [ 253.346654][ C1] task:syz.2.112 state:R running task stack:24256 pid:6397 tgid:6396 ppid:5851 task_flags:0x400140 flags:0x00080000 [ 253.360687][ C1] Call Trace: [ 253.363996][ C1] [ 253.366953][ C1] __schedule+0x1539/0x5080 [ 253.371543][ C1] ? __pfx___schedule+0x10/0x10 [ 253.376454][ C1] preempt_schedule_irq+0x4d/0xa0 [ 253.381501][ C1] irqentry_exit+0x599/0x620 [ 253.386124][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 253.392124][ C1] RIP: 0010:kallsyms_lookup_names+0x35e/0x1620 [ 253.398308][ C1] Code: 7f 0f b6 43 01 c1 e0 07 41 09 c6 48 83 c3 02 49 89 df 31 ff 44 89 f6 e8 70 85 0b 00 45 85 f6 0f 84 f1 02 00 00 b8 00 02 00 00 <48> 89 44 24 20 c7 44 24 30 00 00 00 00 48 8d 9c 24 a0 00 00 00 4c [ 253.417933][ C1] RSP: 0018:ffffc9000bc7eb80 EFLAGS: 00000202 [ 253.424024][ C1] RAX: 0000000000000200 RBX: ffffffff8d59b0bf RCX: 0000000000000002 [ 253.432062][ C1] RDX: ffff88807ffc5ac0 RSI: 000000000000000d RDI: 0000000000000000 [ 253.440047][ C1] RBP: ffffc9000bc7eea8 R08: ffffc9000bc7ee1f R09: 0000000000000000 [ 253.448038][ C1] R10: ffffc9000bc7ec20 R11: fffff5200178fdc4 R12: 0000000000000098 [ 253.456031][ C1] R13: 00000000000000b8 R14: 000000000000000d R15: ffffffff8d59b0c0 [ 253.464044][ C1] ? __pfx_kallsyms_lookup_names+0x10/0x10 [ 253.469929][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 253.474910][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.481022][ C1] ? __pfx_snprintf+0x10/0x10 [ 253.485742][ C1] kallsyms_lookup_name+0x6c/0x210 [ 253.490897][ C1] __find_trim+0x2d5/0x480 [ 253.495367][ C1] ? __pfx___find_trim+0x10/0x10 [ 253.500389][ C1] ? stack_trace_save+0xa9/0x100 [ 253.505348][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 253.510749][ C1] ? ksys_unshare+0x4f4/0x900 [ 253.515449][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.521545][ C1] trim_netdev_trace+0x358/0x3d0 [ 253.526499][ C1] save_netdev_trace_buffer+0x115/0x610 [ 253.532071][ C1] ? __pfx_save_netdev_trace_buffer+0x10/0x10 [ 253.538157][ C1] ? ipv4_blackhole_route+0x108/0x690 [ 253.543652][ C1] ? xfrm_lookup_route+0xd7/0x1c0 [ 253.548701][ C1] ? udp_sendmsg+0x154a/0x22f0 [ 253.553479][ C1] ? sock_sendmsg_nosec+0x128/0x1d0 [ 253.558710][ C1] ? ____sys_sendmsg+0x589/0x8c0 [ 253.563678][ C1] ? ___sys_sendmsg+0x2a5/0x360 [ 253.568549][ C1] ? __sys_sendmmsg+0x27c/0x4e0 [ 253.573425][ C1] ? __x64_sys_sendmmsg+0xa0/0xc0 [ 253.578470][ C1] ? do_syscall_64+0xe2/0xf80 [ 253.583172][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.589271][ C1] ? dst_alloc+0x12a/0x170 [ 253.593727][ C1] ipv4_blackhole_route+0x108/0x690 [ 253.598951][ C1] xfrm_lookup_route+0xd7/0x1c0 [ 253.603820][ C1] udp_sendmsg+0x154a/0x22f0 [ 253.608458][ C1] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 253.614031][ C1] ? __pfx_udp_sendmsg+0x10/0x10 [ 253.619006][ C1] ? aa_sk_perm+0x82d/0x960 [ 253.623538][ C1] ? __pfx_aa_sk_perm+0x10/0x10 [ 253.628406][ C1] ? sock_rps_record_flow+0x19/0x400 [ 253.633712][ C1] ? inet_sendmsg+0x29c/0x370 [ 253.638404][ C1] ? count_memcg_event_mm+0x21/0x260 [ 253.643716][ C1] sock_sendmsg_nosec+0x128/0x1d0 [ 253.648763][ C1] ____sys_sendmsg+0x589/0x8c0 [ 253.653553][ C1] ? __might_fault+0xaf/0x130 [ 253.658259][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 253.663583][ C1] ? import_iovec+0x73/0xa0 [ 253.668115][ C1] ___sys_sendmsg+0x2a5/0x360 [ 253.672839][ C1] ? __pfx____sys_sendmsg+0x10/0x10 [ 253.678057][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 253.683048][ C1] __sys_sendmmsg+0x27c/0x4e0 [ 253.687753][ C1] ? __pfx___sys_sendmmsg+0x10/0x10 [ 253.692971][ C1] ? do_futex+0x333/0x420 [ 253.697330][ C1] ? __sys_connect+0x39c/0x450 [ 253.702153][ C1] ? rcu_is_watching+0x15/0xb0 [ 253.706955][ C1] __x64_sys_sendmmsg+0xa0/0xc0 [ 253.711832][ C1] do_syscall_64+0xe2/0xf80 [ 253.716363][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.722443][ C1] ? trace_irq_disable+0x37/0x100 [ 253.727509][ C1] ? clear_bhb_loop+0x40/0x90 [ 253.732234][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.738166][ C1] RIP: 0033:0x7f6de939aeb9 [ 253.742626][ C1] RSP: 002b:00007f6dea276028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 253.751151][ C1] RAX: ffffffffffffffda RBX: 00007f6de9615fa0 RCX: 00007f6de939aeb9 [ 253.759142][ C1] RDX: 0000000000000300 RSI: 0000200000004d00 RDI: 0000000000000003 [ 253.767144][ C1] RBP: 00007f6de9408c1f R08: 0000000000000000 R09: 0000000000000000 [ 253.775134][ C1] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000000 [ 253.783118][ C1] R13: 00007f6de9616038 R14: 00007f6de9615fa0 R15: 00007fff9cf76a78 [ 253.791118][ C1] [ 253.794162][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g15281 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 253.806515][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=6665 [ 253.814334][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g15281 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 253.826150][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 253.836158][ C1] rcu: RCU grace-period kthread stack dump: [ 253.842067][ C1] task:rcu_preempt state:I stack:28088 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 253.854007][ C1] Call Trace: [ 253.857299][ C1] [ 253.860345][ C1] __schedule+0x1539/0x5080 [ 253.864899][ C1] ? __pfx___schedule+0x10/0x10 [ 253.869826][ C1] ? schedule+0x90/0x360 [ 253.874110][ C1] schedule+0x164/0x360 [ 253.878402][ C1] schedule_timeout+0x158/0x2c0 [ 253.883287][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 253.888686][ C1] ? __pfx_process_timeout+0x10/0x10 [ 253.894009][ C1] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 253.899842][ C1] ? prepare_to_swait_event+0x340/0x370 [ 253.905510][ C1] rcu_gp_fqs_loop+0x312/0x11d0 [ 253.910382][ C1] ? lockdep_hardirqs_on+0x7a/0x110 [ 253.915607][ C1] ? rcu_gp_init+0x1315/0x15b0 [ 253.920410][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 253.925821][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 253.931073][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 253.936915][ C1] rcu_gp_kthread+0x9e/0x2b0 [ 253.941532][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 253.946749][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 253.952579][ C1] ? __kthread_parkme+0x7a/0x1f0 [ 253.957537][ C1] ? __kthread_parkme+0x19c/0x1f0 [ 253.962585][ C1] kthread+0x388/0x470 [ 253.966684][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 253.971896][ C1] ? __pfx_kthread+0x10/0x10 [ 253.976516][ C1] ret_from_fork+0x51b/0xa40 [ 253.981126][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 253.986266][ C1] ? __switch_to+0xc7d/0x1400 [ 253.990963][ C1] ? __pfx_kthread+0x10/0x10 [ 253.995581][ C1] ret_from_fork_asm+0x1a/0x30 [ 254.000389][ C1] [ 254.003422][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 254.009771][ C1] Sending NMI from CPU 1 to CPUs 0: [ 254.015013][ C0] NMI backtrace for cpu 0 [ 254.015117][ C0] CPU: 0 UID: 0 PID: 6401 Comm: syz.4.113 Not tainted syzkaller #0 PREEMPT(full) [ 254.015141][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 254.015152][ C0] RIP: 0010:sched_mm_cid_fork+0x2f6/0xc20 [ 254.015182][ C0] Code: 01 00 00 85 ed 0f 84 0b 01 00 00 31 ed 31 db e9 c1 01 00 00 49 c7 c5 98 7e 19 8e 49 c1 ed 03 eb 07 44 89 e0 f7 d8 71 8d f3 90 <48> b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 75 50 44 8b [ 254.015196][ C0] RSP: 0000:ffffc9000bbafc78 EFLAGS: 00000887 [ 254.015211][ C0] RAX: 0000000080000000 RBX: 0000000000000002 RCX: dffffc0000000000 [ 254.015224][ C0] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff88802b4579d0 [ 254.015235][ C0] RBP: ffff88802b4579d0 R08: 1ffff1100568ade9 R09: ffff88802b457094 [ 254.015247][ C0] R10: ffff88802b456f50 R11: fffff52001775f80 R12: 0000000080000000 [ 254.015260][ C0] R13: 1ffffffff1c32fd3 R14: 0000000000000002 R15: ffff88802b456e40 [ 254.015271][ C0] FS: 00007f4d33ce96c0(0000) GS:ffff8881252af000(0000) knlGS:0000000000000000 [ 254.015285][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 254.015296][ C0] CR2: 0000200000197030 CR3: 000000007a9b6000 CR4: 00000000003526f0 [ 254.015311][ C0] Call Trace: [ 254.015319][ C0] [ 254.015331][ C0] bprm_execve+0xda1/0x1410 [ 254.015378][ C0] ? __pfx_bprm_execve+0x10/0x10 [ 254.015412][ C0] ? alloc_bprm+0x508/0x5c0 [ 254.015435][ C0] ? count+0x1cb/0x230 [ 254.015460][ C0] do_execveat_common+0x50d/0x690 [ 254.015490][ C0] __x64_sys_execveat+0xc7/0xf0 [ 254.015516][ C0] do_syscall_64+0xe2/0xf80 [ 254.015540][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.015557][ C0] ? trace_irq_disable+0x37/0x100 [ 254.015580][ C0] ? clear_bhb_loop+0x40/0x90 [ 254.015600][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.015617][ C0] RIP: 0033:0x7f4d32d9aeb9 [ 254.015649][ C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.015673][ C0] RSP: 002b:00007f4d33ce9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 254.015690][ C0] RAX: ffffffffffffffda RBX: 00007f4d33015fa0 RCX: 00007f4d32d9aeb9 [ 254.015702][ C0] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004 [ 254.015712][ C0] RBP: 00007f4d32e08c1f R08: 0000000000001000 R09: 0000000000000000 [ 254.015723][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.015732][ C0] R13: 00007f4d33016038 R14: 00007f4d33015fa0 R15: 00007fff5c1ebfc8 [ 254.015754][ C0]