last executing test programs: 3m13.380676366s ago: executing program 4 (id=890): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000080)=[{0x6, 0x7, 0x5, 0x9}]}, 0x10) getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f0000000040)=0x2) 3m11.031230942s ago: executing program 4 (id=896): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) r1 = fsopen(0x0, 0x1) fsmount(r1, 0x0, 0x1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85) lseek(r2, 0x101, 0x1) getdents(r2, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001c40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad67060000020000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56601a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcba6ec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc6393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8668f076c659f56d6c7f97a96d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls}, 0x43) 3m9.419637218s ago: executing program 4 (id=902): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000084, &(0x7f0000000040)={0xa, 0x2, 0xffff, @loopback, 0x8}, 0x1c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000000)={0x1, 0x0, 0xe, 0x8000000000000003, 0xffffffffffffffff}) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3m8.812835969s ago: executing program 4 (id=904): pipe(&(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) syz_usbip_server_init(0x4) syz_usbip_server_init(0x1) r0 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x5eda, 0x10100, 0x6, 0x25d}, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0) socket$inet(0x2, 0x2, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2, 0x2004, @fd_index=0x9, 0xfff, 0x0, 0x0, 0xf, 0x0, {0x2}}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x49, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x7330, 0x0, 0x0, 0x0, 0x0) 3m6.582660163s ago: executing program 4 (id=913): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x1e, 0x4, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x89, 0x0, &(0x7f0000000140)) 3m4.767573063s ago: executing program 4 (id=916): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000000c0), 0x0) sendmsg$alg(0xffffffffffffffff, 0x0, 0x0) recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x40010022) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_emit_ethernet(0x11, &(0x7f00000003c0)={@empty, @multicast, @void, {@llc={0x4, {@llc={0x42, 0x0, "97"}}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[], 0x0) 2m48.911389652s ago: executing program 32 (id=916): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000000c0), 0x0) sendmsg$alg(0xffffffffffffffff, 0x0, 0x0) recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x40010022) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_emit_ethernet(0x11, &(0x7f00000003c0)={@empty, @multicast, @void, {@llc={0x4, {@llc={0x42, 0x0, "97"}}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[], 0x0) 59.996785054s ago: executing program 2 (id=1150): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r2, 0x5) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r4, 0x2) flock(r3, 0x2) 54.896037021s ago: executing program 2 (id=1158): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c00000001040300000000000000000005000003050001000200000008000340000000100a00020000000006020000000500010001000000060006400002000008000540000001000600064000020000080004"], 0x6c}, 0x1, 0x0, 0x0, 0x4004000}, 0xc044) 52.777238429s ago: executing program 2 (id=1160): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14"], 0x18}, 0xc800) recvmmsg(r5, &(0x7f0000001140), 0x700, 0x2, 0x0) 51.350173449s ago: executing program 2 (id=1162): socket$inet6(0xa, 0x80002, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$video4linux(&(0x7f0000000340), 0x0, 0x82080) ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0445624, &(0x7f00000000c0)={0x140980001, 0x1, "bf5dff0f251ed700f61765c214525a2572ce1ced49e8981e103268fadc1433ae", 0x200000000, 0x5, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, [0x0, 0x0, 0x6]}) 49.603884191s ago: executing program 2 (id=1165): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=0x0, &(0x7f0000000480)=0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, 0x0, 0x0) read$char_usb(0xffffffffffffffff, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x3498, 0x969, 0x0, 0x0, 0x0) dup3(r2, r0, 0x80000) 47.551861018s ago: executing program 2 (id=1168): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69577000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r3, 0x4000) close(r3) 32.454913454s ago: executing program 33 (id=1168): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69577000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r3, 0x4000) close(r3) 22.61187719s ago: executing program 0 (id=1204): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0) 21.377535006s ago: executing program 0 (id=1206): socket$inet6(0xa, 0x5, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80) 18.423941779s ago: executing program 0 (id=1210): r0 = socket$inet(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f00000004c0)=""/174, 0xae}], 0x1}, 0xffffffff}], 0x1, 0x102, 0x0) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) sendto$inet(r0, &(0x7f0000000380)="d7", 0x1, 0x800, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448cb, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_int(r2, 0x29, 0x1, 0x0, &(0x7f00000008c0)=0x2) add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) 17.301454432s ago: executing program 0 (id=1212): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28) shutdown(r0, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) mbind(&(0x7f0000000000/0x1000)=nil, 0xffffffffffffe000, 0x0, &(0x7f0000000000), 0x1b2, 0x0) sendfile(r0, r1, 0x0, 0xffffffff004) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000640)={[0x3, 0x6, 0x1, 0x7ff, 0x30000, 0x1, 0x2, 0x54, 0x0, 0x3000000, 0x0, 0x2, 0xffffffff, 0x0, 0x5, 0x200], 0x8080000, 0x200}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004041, 0x0, 0x0) r3 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, "000064640000001503fe00", "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "2fc7977386a7a0236a9cc1f0", "cf6cce2296b3f853e224c4e0"]}) 15.652473676s ago: executing program 0 (id=1215): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000ac0)="edc60165058e891023220e8372175765cc7e38aaf65e67c4efaa2fa7dfd4e39f9c53f18b9b6172fbdf391ad1856e03352285a3fa36c5311005c79fc774d945a8abcce76757d9d82694209bfc64d83dd401c6effad50adffa9cd02e92f75c95eccbc164c6681ce55cc2b86e1ce1b92270999b76f1530b21e5d9d484955326d900c42a722d4df2bc76ae7af0f83e452e4de579d2c0e2d65374d496a1bb70d34996e3f8940ca7f116378cc710c5e0e13437be265cb53c5ee48a3416ad875a834f9ed507071147301ff6522432eadaf32bd5a7b1fae5a902f895c9d9640580a6eaad304c0eae11d311b95e0b5626dd3cf4fb64b09d78834a2a643dc1bd23c83e3746ca33ec6a2cc67b0de30c96ecd3b3e2ece13240c29cb7f2f6dd9bf1a930356bd0c0cdc9a05c19c5245615636e9fa779aec079f93dabddcfb77cfa4e08e7906ebaf37ab02c3759b5426bda69061eca7e29766c58d2e7433188c24d0319c3011325083bb3ab6feb96dc3c2c49e336f551fe5e3c4d62b3725e2bb54946f66560ee15b348d35a4d68516553961e1947d3d30b170309b0372249a4f2c8590e105f3dc9ba7e9a554a70cb005d9dde57402974d67acfb993bf55515d26c5aa27ae22d94b1848051cdd818cee07bcc1d3ede909e0d1a594724bb50f39966567a9ede2c3044b0ba9ff37813ff34fa30deab14fc177f214237fb5dd74b5a15515f94fd2a933c1ac0189ae633eff1d409a200533bc2eb3d7a62d29fa5e9660ea9e88487e5949d5726484e19f84cf3ce5c3b32a3b8509779111d075c75b990a1340c67e69baac6c11c7bde1cfbd5ba04151b88ab960235d25aa9d7e15c86d593589ee8394206cef77d15e61705355aad1d176311b66e0a341e6a909d6af86876cd328b71a94ed524fc8e8c4256d3e65d01acb656995119a56430a207e79562cf25e92f28d7c7ed8ff6b61890f49dec48dc4bde64e333f90a9786f5f2a6a68d18c30d6b4d6163f97df9622b0a4b2141695e28be1d09273e68e3a5927fe6766c28c5115fac7eace0a43d2e265072bbeb3865da5ee1c30a87d1dcb8bd68af51489f05f7ebefbe5a56f8720ca71cc14017cb21af6da840967591e623ee892ed7316cac8f5a355d19135bae8ed5e48f1b1bb93d4787c735400fbcf570e86d9344da8a1eb445915e8b655853f23a38681baa5603a1e0273651e5d0a8a4a070b34fa1d5d641af6c2ff2b564990d763fa23ab79f0225ca16680019f303a6e15546730f09c7a02ab9dec27ae6ce243c3cffa069ceada73cf30c854674b8c73c694dde938b3d8015cd424898c4b837b63d5c1e43096f97d5c71b6f2ea30d152a4bb980c2bc8a788befa733c7b4354e85af607a7941a7067cb05d4747ce44249940fcf685d5d8c48ebd0e645bbbae887c27864bafde0a599e9cdd302d214f30904aeab1d860c946d042be6ea26177315fba18b53b268489fa832d16074291bdf20c3293bc726d9c918b4cf22af5f3a3fc07580f52fd89db6dead35a236ca2c33a26d818717223cc25b3f78a00ca4ce8e8fc6cd83f0b58b9d941b8ddbca7804f400183b220fbb5a89f1aca626cb5e9438ae460b513bb77e694db3f0b202fc77bad1c290839617786adbfbb0557403b41c0d9923a416b34fa53d30a663b8bf3c570b1e690519ddb159dc89dd35662e096d4383f07d2a8a6b63bbbcf781af36e801912b421a1aba857d117ddda66abc8e32c3f71042ddfd3ed9a425da167d62ed5ebf097d8e13684327825ff326c344cd076f014d34387729f1b281e1819cffc408063bcf91ad5b729727654cab013d757d194d8c70ab4bca7abc386b76939f87d340660a5cdfe33ffc76be72693f0a4bcc84d2d740d0aab2ba9aab27b6b0e9b9623e27dc428181ed987dc97c40e509ac923bce2c350d74c82adf8be8f5bed72fa41985da57744f3349997ac0fc62ea4376c0151ab7d52ab1350efb1300442d9d7cca9bb9211c03ad21bf1e44256debe9d602c3734b166b90f5de2ffbac25cc113bf642e6cb4502f8a9bb25e7fce8f7e2e0de8cd80e6554fbb3cc41a83b40f0791179777e0ddb8fa46225bae84dcb400d4bfcb4d7bc0b3d1626e3927f7cd7a52aa4872b2800df57ffe977904c88825fa5b02eba101978eedb12584ab45a7250b8939b4cea86e8117985c5d60b6ecc1f7a28dec820ff27a6d9ce08de5836dcd38f1a38b159b83853d388742f74e7bae888e1ca470d9e774f4a0a024b32ef4e8254dfdb533a359e5cf29e8b80f0e37198717bdaa3e1d923261bd76551cb4e54d912b141e6ebb242a2e2cd56c5760f0c31ec2b46a4d88dc0bcefdc7c6bda35267eca6439ea51e2deaef3c9e9de1dc3607e6d5df24b91e8fabab98ccff4c07af09a1f8c44844a8a6e522dec3556cf0850f45aa001c3c6d781d09f8cc54801b174edece3f919afe8c9c0deed6073677399d428275785c9bac559f9f115166deb4a42fadf0e8c376ed483a8f12194e7f3808cc1383eaacf3eb42efd3c1a1ef30448bfb7b0ce97bf2af72947b79c36801a897cbefb178bca151053753442bc58baa4b5210b5420e33ab9ad23ea4ce685c3f36b06531248f436b5762c78ad4f46f249a74647eb47d52006ba77cc6af572f6341b89c3e1288873adc74ea41f6d018de236a178b6aa348e3595be423cb1fdcc8cca562bfecd5797fd0c1c9e05c13c09af94052d915000b870ffb9659aefd41a3f724a4e36112b228c90698d751194cdad19e1ab84ce8e1269e85237554c34a6839c2c5a5a70ba58ff367d0d781d4c8ddf80997326dc1b3b26b51a38078545649cb863acf914d184127bf5ece87474aca13751f3c310a7e5be727bb8105a3bdad63419fda282d84ed9647987211d400dbf91c7b77b25751540add8b862011adcfc2ba0953ca7a5257ef3dd14f94571c10a038d37739698a5a4b4b69aef2a0a23fbb2011dbf2bddee78d0d4077ccb635c681e0f8d7e3a49d38eb560a408f9d8c952ee577401fb614e0ee2cdd0171f50e446ecaf2410cbae7084264c137b2bdbcdac5c5e7f40d6a95c350e64c62195e8d9a01ce48edd58868fead19491ce7aa9f6f23775cf749eef7708bb0abbb1cdde229c935126a27146c97e7f2ff50e65f506661f95bc4e66a8b13884bfb789209a887f964e6d414622fcfae103d3d2ee2d59bfccabdf18fe69dcf8169197a3e2ba6be2661c9d974af6b0330645dfca0637d52b0e94443f54f9a1a077fe4bacd1d52c75f6c05d82ec0c46a10751afddf02690011a32c87b41fcf6e6e03a9d0163b38fcae80f99afec906fe55ce03e8761b90b95332ae5bd3c505eff9da6ccb05d155566f5910faaf799b17220c2f59b64bee3e82a564d374e79fd028bf27bc2", 0x94d}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc) close(r0) 8.236401628s ago: executing program 1 (id=1225): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) fcntl$setsig(r2, 0xa, 0x12) ppoll(&(0x7f0000000100)=[{r3}], 0x200000000000000e, 0x0, &(0x7f00000001c0)={[0x8001a0ffffffff]}, 0x8) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x13) 7.863170086s ago: executing program 1 (id=1226): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000040000000c"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x3}, 0x4) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000780)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 6.000144488s ago: executing program 1 (id=1229): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000ac0)='/sys/power/sync_on_suspend', 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x14, r3, 0x1}, 0x14}}, 0x0) write$tun(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0x6a) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}]}, 0x5c}}, 0x0) syz_open_dev$audion(&(0x7f0000000040), 0x1, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x55, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc0}}, &(0x7f0000000000)='GPL\x00'}, 0x90) 5.858707179s ago: executing program 3 (id=1230): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000080), 0x0) splice(r1, 0x0, r2, 0x0, 0x408cd, 0x0) r3 = syz_open_procfs(0x0, 0x0) open_tree(r3, 0x0, 0x1) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24000840) add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) 4.604374727s ago: executing program 3 (id=1231): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000200)={0x1, [0x0]}, &(0x7f0000000080)=0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000540)={r1, 0x4, 0x1, 0x7, 0x9, 0xb, 0x9, 0x6, {0x0, @in6={{0xa, 0x4e23, 0xfffffffc, @remote, 0x2}}, 0x80000000, 0x2, 0x3, 0xfc5, 0x512}}, &(0x7f0000000380)=0xb0) 3.519008593s ago: executing program 1 (id=1232): bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94) 3.516515343s ago: executing program 3 (id=1233): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x2, 0x80805, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000140)={r5, 0x5}, 0x8) 2.361978002s ago: executing program 3 (id=1234): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) migrate_pages(0x0, 0x7, 0x0, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x80000001}, 0x8) 2.183557261s ago: executing program 0 (id=1235): socket$nl_route(0x10, 0x3, 0x0) socket$kcm(0x21, 0x2, 0x2) socket$kcm(0x11, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getpeername$qrtr(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000) sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c) 1.288130988s ago: executing program 1 (id=1236): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x5a93, 0x10100, 0xfffffffd, 0x307, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f0000000300)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r5) socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_timeval(r5, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10) setsockopt$inet6_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4) connect$inet6(r5, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c) sendmmsg(r5, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)='\v', 0x1}], 0x1}}], 0x1, 0x4010) 1.039991452s ago: executing program 3 (id=1237): syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x40000, 0x0) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f00000002c0)=[0x2a, 0xf0]) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) socket$l2tp6(0xa, 0x2, 0x73) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x44}}, 0x0) rename(0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, &(0x7f0000000100)) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) 181.261062ms ago: executing program 3 (id=1238): write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) accept4$bt_l2cap(r3, 0x0, 0x0, 0x800) 0s ago: executing program 1 (id=1239): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0x3a, [0x30]}}}}]}) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x420, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}]}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.238' (ED25519) to the list of known hosts. [ 82.032874][ T5831] cgroup: Unknown subsys name 'net' [ 82.258038][ T5831] cgroup: Unknown subsys name 'cpuset' [ 82.301542][ T5831] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.974113][ T5831] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.952282][ T992] cfg80211: failed to load regulatory.db [ 88.332364][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.336092][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.340343][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.341751][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.342224][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.342736][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.344455][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.345755][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.346219][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.355111][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.533127][ T5161] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.534473][ T5161] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.537577][ T5161] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.538980][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.540343][ T5853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.542103][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.552470][ T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.553490][ T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.554730][ T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.562626][ T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.703262][ T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.705635][ T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.706715][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.707879][ T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.708948][ T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.479914][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 89.495182][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 89.586147][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 89.664329][ T5855] chnl_net:caif_netlink_parms(): no params data found [ 90.313387][ T5860] chnl_net:caif_netlink_parms(): no params data found [ 90.392289][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.393659][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.394228][ T5847] bridge_slave_0: entered allmulticast mode [ 90.397284][ T5847] bridge_slave_0: entered promiscuous mode [ 90.432196][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.432341][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.432876][ T5845] bridge_slave_0: entered allmulticast mode [ 90.439544][ T5845] bridge_slave_0: entered promiscuous mode [ 90.525027][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.525107][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.525246][ T5847] bridge_slave_1: entered allmulticast mode [ 90.526729][ T5847] bridge_slave_1: entered promiscuous mode [ 90.547432][ T5852] Bluetooth: hci1: command tx timeout [ 90.547436][ T59] Bluetooth: hci0: command tx timeout [ 90.625699][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.625807][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.625944][ T5845] bridge_slave_1: entered allmulticast mode [ 90.627436][ T5845] bridge_slave_1: entered promiscuous mode [ 90.630984][ T59] Bluetooth: hci3: command tx timeout [ 90.631114][ T59] Bluetooth: hci2: command tx timeout [ 90.781742][ T5852] Bluetooth: hci4: command tx timeout [ 91.022548][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.022705][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.023130][ T5854] bridge_slave_0: entered allmulticast mode [ 91.026278][ T5854] bridge_slave_0: entered promiscuous mode [ 91.114857][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.115022][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.115233][ T5855] bridge_slave_0: entered allmulticast mode [ 91.118029][ T5855] bridge_slave_0: entered promiscuous mode [ 91.233808][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.233950][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.234149][ T5854] bridge_slave_1: entered allmulticast mode [ 91.236922][ T5854] bridge_slave_1: entered promiscuous mode [ 91.245127][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.245368][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.245517][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.245679][ T5855] bridge_slave_1: entered allmulticast mode [ 91.248279][ T5855] bridge_slave_1: entered promiscuous mode [ 91.279668][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.385751][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.461990][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.924505][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.992339][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.135711][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.137262][ T5847] team0: Port device team_slave_0 added [ 92.140044][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.140280][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.140374][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.140479][ T5860] bridge_slave_0: entered allmulticast mode [ 92.153150][ T5860] bridge_slave_0: entered promiscuous mode [ 92.157487][ T5845] team0: Port device team_slave_0 added [ 92.253297][ T5847] team0: Port device team_slave_1 added [ 92.322507][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.322645][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.322812][ T5860] bridge_slave_1: entered allmulticast mode [ 92.325896][ T5860] bridge_slave_1: entered promiscuous mode [ 92.328303][ T5845] team0: Port device team_slave_1 added [ 92.621493][ T5852] Bluetooth: hci0: command tx timeout [ 92.621524][ T5852] Bluetooth: hci1: command tx timeout [ 92.701711][ T59] Bluetooth: hci2: command tx timeout [ 92.701734][ T5852] Bluetooth: hci3: command tx timeout [ 92.704118][ T5854] team0: Port device team_slave_0 added [ 92.793905][ T5855] team0: Port device team_slave_0 added [ 92.861207][ T59] Bluetooth: hci4: command tx timeout [ 93.095414][ T5854] team0: Port device team_slave_1 added [ 93.097063][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.097078][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.097101][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.106429][ T5855] team0: Port device team_slave_1 added [ 93.113470][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.121849][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.121863][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.121887][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.237523][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.237535][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.237548][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.317627][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.317638][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.317652][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.320125][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.592317][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.592330][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.592344][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.595855][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.595868][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.595880][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.735242][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.735258][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.735279][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.737771][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.737783][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.737797][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.752250][ T5860] team0: Port device team_slave_0 added [ 93.957689][ T5860] team0: Port device team_slave_1 added [ 94.248878][ T5847] hsr_slave_0: entered promiscuous mode [ 94.249892][ T5847] hsr_slave_1: entered promiscuous mode [ 94.265588][ T5845] hsr_slave_0: entered promiscuous mode [ 94.266619][ T5845] hsr_slave_1: entered promiscuous mode [ 94.267624][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 94.267733][ T5845] Cannot create hsr debugfs directory [ 94.454031][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.454042][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.454055][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.636312][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.636328][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.636351][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.647329][ T5854] hsr_slave_0: entered promiscuous mode [ 94.648644][ T5854] hsr_slave_1: entered promiscuous mode [ 94.649550][ T5854] debugfs: 'hsr0' already exists in 'hsr' [ 94.649573][ T5854] Cannot create hsr debugfs directory [ 94.660392][ T5855] hsr_slave_0: entered promiscuous mode [ 94.662387][ T5855] hsr_slave_1: entered promiscuous mode [ 94.671228][ T5855] debugfs: 'hsr0' already exists in 'hsr' [ 94.671257][ T5855] Cannot create hsr debugfs directory [ 94.701261][ T59] Bluetooth: hci1: command tx timeout [ 94.701290][ T59] Bluetooth: hci0: command tx timeout [ 94.782251][ T5852] Bluetooth: hci2: command tx timeout [ 94.782291][ T5852] Bluetooth: hci3: command tx timeout [ 94.951184][ T59] Bluetooth: hci4: command tx timeout [ 95.709506][ T5860] hsr_slave_0: entered promiscuous mode [ 95.710345][ T5860] hsr_slave_1: entered promiscuous mode [ 95.711789][ T5860] debugfs: 'hsr0' already exists in 'hsr' [ 95.711813][ T5860] Cannot create hsr debugfs directory [ 96.778817][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 96.781322][ T59] Bluetooth: hci0: command tx timeout [ 96.781348][ T59] Bluetooth: hci1: command tx timeout [ 96.820929][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 96.861962][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 96.861962][ T5852] Bluetooth: hci3: command tx timeout [ 96.861996][ T5852] Bluetooth: hci2: command tx timeout [ 96.924254][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.021191][ T59] Bluetooth: hci4: command tx timeout [ 97.074914][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.129131][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.159048][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.217792][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.362337][ T5855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.417772][ T5855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.462317][ T5855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.519823][ T5855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.672970][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.721143][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.783213][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.835938][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.008447][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.029761][ T5860] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 98.059348][ T5860] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.097568][ T5860] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.146871][ T5860] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.238760][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.307605][ T1381] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.308122][ T1381] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.355148][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.377959][ T1381] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.378108][ T1381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.487358][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.493327][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.548210][ T1577] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.548504][ T1577] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.597094][ T1381] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.597315][ T1381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.663939][ T5855] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.705588][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.709674][ T1499] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.709798][ T1499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.781397][ T3662] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.781558][ T3662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.864797][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.895126][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.947710][ T1175] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.947859][ T1175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.034747][ T3662] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.035035][ T3662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.052240][ T5860] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.158942][ T3662] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.159226][ T3662] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.235478][ T1499] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.235625][ T1499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.355497][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.599723][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.817473][ T5847] veth0_vlan: entered promiscuous mode [ 99.898907][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.911578][ T5847] veth1_vlan: entered promiscuous mode [ 100.024510][ T5845] veth0_vlan: entered promiscuous mode [ 100.083846][ T5845] veth1_vlan: entered promiscuous mode [ 100.087353][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.172815][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.174212][ T5847] veth0_macvtap: entered promiscuous mode [ 100.273092][ T5847] veth1_macvtap: entered promiscuous mode [ 100.364057][ T5855] veth0_vlan: entered promiscuous mode [ 100.448542][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.460426][ T5845] veth0_macvtap: entered promiscuous mode [ 100.465361][ T5855] veth1_vlan: entered promiscuous mode [ 100.487709][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.512193][ T5845] veth1_macvtap: entered promiscuous mode [ 100.573496][ T1381] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.579357][ T1381] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.599212][ T1381] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.614205][ T1381] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.657239][ T5854] veth0_vlan: entered promiscuous mode [ 100.720613][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.793222][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.818063][ T5854] veth1_vlan: entered promiscuous mode [ 100.904846][ T1381] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.911506][ T5855] veth0_macvtap: entered promiscuous mode [ 100.939269][ T1381] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.964680][ T1381] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.007474][ T1381] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.010761][ T5855] veth1_macvtap: entered promiscuous mode [ 101.120037][ T1381] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.120061][ T1381] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.150409][ T5860] veth0_vlan: entered promiscuous mode [ 101.313590][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.352686][ T5860] veth1_vlan: entered promiscuous mode [ 101.380674][ T5854] veth0_macvtap: entered promiscuous mode [ 101.389231][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.422067][ T1406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.422087][ T1406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.470318][ T5854] veth1_macvtap: entered promiscuous mode [ 101.521647][ T1577] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.545921][ T1499] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.545941][ T1499] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.548151][ T1175] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.582996][ T1499] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.594447][ T1499] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.739906][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.762177][ T160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.762197][ T160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.874020][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.924613][ T5957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 101.994778][ T5860] veth0_macvtap: entered promiscuous mode [ 102.054569][ T5957] Zero length message leads to an empty skb [ 102.074062][ T1577] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 102.102451][ T1577] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 102.105234][ T1577] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 102.144679][ T5860] veth1_macvtap: entered promiscuous mode [ 102.149017][ T1577] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 102.216860][ T1577] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.275187][ T1577] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.333425][ T1577] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.338236][ T1406] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.338256][ T1406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.339726][ T1577] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.649856][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.688621][ T1499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.688641][ T1499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.832994][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.995312][ T1175] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.995331][ T1175] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.026474][ T1381] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.038190][ T1381] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.122309][ T1381] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.369822][ T1381] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.603108][ T1499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.603127][ T1499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.176597][ T1363] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.176612][ T1363] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.453027][ T1431] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.453042][ T1431] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.770879][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.800846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.970918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.010882][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.401327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.649981][ T5990] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5'. [ 106.680884][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.776338][ T5993] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5'. [ 107.211204][ T5989] syz.3.11 (5989) used greatest stack depth: 18776 bytes left [ 107.630842][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.700836][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.710878][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.720890][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 112.182673][ T5929] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 113.191758][ T5929] usb 1-1: Using ep0 maxpacket: 8 [ 113.206637][ T5929] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 113.206665][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.239102][ T5929] usb 1-1: config 0 descriptor?? [ 113.522295][ T37] audit: type=1800 audit(1759089366.337:2): pid=6036 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.23" name="bus" dev="overlay" ino=41 res=0 errno=0 [ 113.637658][ T6034] Illegal XDP return value 4291286224 on prog (id 8) dev N/A, expect packet loss! [ 115.322287][ T5929] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 115.382988][ T5929] asix 1-1:0.0: probe with driver asix failed with error -71 [ 115.464807][ T5929] usb 1-1: USB disconnect, device number 2 [ 116.930958][ T6027] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 117.080925][ T6027] usb 1-1: Using ep0 maxpacket: 8 [ 117.084180][ T6027] usb 1-1: unable to get BOS descriptor or descriptor too short [ 117.085284][ T6027] usb 1-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 113, changing to 10 [ 117.085303][ T6027] usb 1-1: config 1 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1040, setting to 1024 [ 117.085316][ T6027] usb 1-1: config 1 interface 0 has no altsetting 0 [ 117.087368][ T6027] usb 1-1: New USB device found, idVendor=05ac, idProduct=0237, bcdDevice= 0.40 [ 117.087384][ T6027] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.087394][ T6027] usb 1-1: Product: syz [ 117.087401][ T6027] usb 1-1: Manufacturer: syz [ 117.087408][ T6027] usb 1-1: SerialNumber: syz [ 117.200577][ T6059] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 117.584845][ T6027] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input5 [ 117.635758][ T5197] bcm5974 1-1:1.0: could not read from device [ 117.760899][ T6027] usb 1-1: USB disconnect, device number 3 [ 117.786717][ T5197] bcm5974 1-1:1.0: could not read from device [ 118.112897][ T6001] udevd[6001]: Error opening device "/dev/input/event4": No such device [ 118.113034][ T6001] udevd[6001]: Unable to EVIOCGABS device "/dev/input/event4" [ 118.113147][ T6001] udevd[6001]: Unable to EVIOCGABS device "/dev/input/event4" [ 118.113253][ T6001] udevd[6001]: Unable to EVIOCGABS device "/dev/input/event4" [ 118.113369][ T6001] udevd[6001]: Unable to EVIOCGABS device "/dev/input/event4" [ 119.147837][ T6085] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 122.621021][ T59] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 127.564227][ T6157] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 130.373873][ T6178] mmap: syz.2.61 (6178) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 132.296388][ T6201] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.69'. [ 132.402088][ T6019] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 132.420936][ T5929] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 132.469359][ T6203] netlink: 12 bytes leftover after parsing attributes in process `syz.4.70'. [ 132.561176][ T6019] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 132.561195][ T6019] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.561210][ T6019] usb 1-1: Product: syz [ 132.561217][ T6019] usb 1-1: Manufacturer: syz [ 132.561225][ T6019] usb 1-1: SerialNumber: syz [ 132.578623][ T5929] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 132.578651][ T5929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.645716][ T5929] usb 3-1: config 0 descriptor?? [ 132.673224][ T6203] vlan2: entered allmulticast mode [ 132.679604][ T6203] team_slave_1: entered allmulticast mode [ 133.029874][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.030037][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.415011][ T6019] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 135.218304][ T6019] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO [ 135.220313][ T6019] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 135.220346][ T6019] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 135.223366][ T6019] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 135.276092][ T5929] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71 [ 135.276373][ T5929] asix 3-1:0.0: probe with driver asix failed with error -71 [ 135.324492][ T6019] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 135.345958][ T5929] usb 3-1: USB disconnect, device number 2 [ 135.431363][ T6019] usb 1-1: USB disconnect, device number 4 [ 135.932038][ T6211] netlink: 'syz.3.73': attribute type 11 has an invalid length. [ 136.595401][ T6218] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 149.141151][ T6321] syz_tun: entered allmulticast mode [ 149.225775][ T6320] syz_tun: left allmulticast mode [ 150.426679][ T6335] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 152.360120][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.935886][ T6393] sctp: [Deprecated]: syz.4.134 (pid 6393) Use of int in max_burst socket option. [ 155.935886][ T6393] Use struct sctp_assoc_value instead [ 156.524873][ T6401] capability: warning: `syz.0.136' uses deprecated v2 capabilities in a way that may be insecure [ 156.900031][ T6408] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 156.903302][ T6408] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.904533][ T6408] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.907425][ T6408] bridge0: entered allmulticast mode [ 159.128643][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.151'. [ 159.128684][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.151'. [ 159.619751][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.037409][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.455682][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.620615][ T6450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.154'. [ 160.852077][ T37] audit: type=1326 audit(1759089413.647:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6457 comm="syz.2.158" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x0 [ 160.859061][ T6450] 8021q: adding VLAN 0 to HW filter on device bond1 [ 161.044313][ T6455] macvlan2: entered promiscuous mode [ 161.044354][ T6455] macvlan2: entered allmulticast mode [ 161.045926][ T6455] bond1: entered promiscuous mode [ 161.046915][ T6455] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 161.333277][ C0] vkms_vblank_simulate: vblank timer overrun [ 161.671068][ C0] vkms_vblank_simulate: vblank timer overrun [ 161.747673][ T6467] overlayfs: failed to clone upperpath [ 161.750370][ T6455] bond1: left promiscuous mode [ 162.333147][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.333892][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.713928][ C0] vkms_vblank_simulate: vblank timer overrun [ 165.530929][ T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 165.722670][ T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 165.722700][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.722718][ T9] usb 2-1: Product: syz [ 165.722731][ T9] usb 2-1: Manufacturer: syz [ 165.722744][ T9] usb 2-1: SerialNumber: syz [ 165.728941][ T9] usb 2-1: config 0 descriptor?? [ 165.987071][ T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 168.110505][ T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 168.163866][ T9] usb 2-1: USB disconnect, device number 2 [ 169.048536][ T6523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 170.158529][ T6529] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 170.253142][ T6523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 171.600019][ T6545] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.998503][ T6551] binder: BINDER_SET_CONTEXT_MGR already set [ 171.998517][ T6551] binder: 6550:6551 ioctl 4018620d 200000000040 returned -16 [ 173.461713][ C0] vcan0: j1939_tp_rxtimer: 0xffff888029bad000: rx timeout, send abort [ 173.961661][ C0] vcan0: j1939_tp_rxtimer: 0xffff888029bad400: rx timeout, send abort [ 173.963150][ C0] vcan0: j1939_tp_rxtimer: 0xffff888029bad000: abort rx timeout. Force session deactivation [ 174.461728][ C0] vcan0: j1939_tp_rxtimer: 0xffff888029bad400: abort rx timeout. Force session deactivation [ 185.489707][ T6729] process 'syz.1.236' launched '/dev/fd/5' with NULL argv: empty string added [ 189.596545][ T37] audit: type=1800 audit(1759089442.407:4): pid=6767 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.248" name="/" dev="9p" ino=2 res=0 errno=0 [ 189.923586][ T6772] sock: sock_set_timeout: `syz.2.251' (pid 6772) tries to set negative timeout [ 190.010120][ T37] audit: type=1326 audit(1759089442.827:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6761 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7fc00000 [ 191.895511][ T6798] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.973374][ T6800] overlayfs: failed to clone upperpath [ 191.976110][ T6798] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 192.064910][ T6798] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 193.681263][ T6822] overlayfs: failed to clone upperpath [ 194.912149][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.912225][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.425836][ T6857] block device autoloading is deprecated and will be removed. [ 206.891245][ T37] audit: type=1326 audit(1759089459.707:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.891294][ T37] audit: type=1326 audit(1759089459.707:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.948939][ T37] audit: type=1326 audit(1759089459.767:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.949618][ T37] audit: type=1326 audit(1759089459.767:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.949671][ T37] audit: type=1326 audit(1759089459.767:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.950111][ T37] audit: type=1326 audit(1759089459.767:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.962766][ T37] audit: type=1326 audit(1759089459.787:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.964447][ T37] audit: type=1326 audit(1759089459.787:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.964492][ T37] audit: type=1326 audit(1759089459.787:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 206.964530][ T37] audit: type=1326 audit(1759089459.787:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 207.285811][ T6912] ªªªªªªÿÿòÿÿÿòÿÿ: renamed from wg2 (while UP) [ 208.091912][ T6926] ieee802154 phy0 wpan0: encryption failed: -22 [ 211.908583][ T6939] Bluetooth: hci0: command 0x0406 tx timeout [ 211.908620][ T6939] Bluetooth: hci2: command 0x0406 tx timeout [ 212.041032][ T6956] Bluetooth: hci1: command 0x0406 tx timeout [ 212.041070][ T6956] Bluetooth: hci3: command 0x0406 tx timeout [ 215.389621][ T6980] tmpfs: Unsupported parameter 'huge' [ 218.959736][ T7020] capability: warning: `syz.0.327' uses 32-bit capabilities (legacy support in use) [ 223.651564][ T7040] ======================================================= [ 223.651564][ T7040] WARNING: The mand mount option has been deprecated and [ 223.651564][ T7040] and is ignored by this kernel. Remove the mand [ 223.651564][ T7040] option from the mount to silence this warning. [ 223.651564][ T7040] ======================================================= [ 227.332070][ T5852] Bluetooth: hci4: command 0x0406 tx timeout [ 228.287939][ T7073] binder: 7072:7073 ioctl c0306201 200000000980 returned -14 [ 233.138048][ T7124] o2cb: This node has not been configured. [ 233.138058][ T7124] o2cb: Cluster check failed. Fix errors before retrying. [ 233.138081][ T7124] (syz.3.361,7124,1):user_dlm_register:674 ERROR: status = -22 [ 233.138094][ T7124] (syz.3.361,7124,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus" [ 234.108646][ T7137] netlink: del zone limit has 4 unknown bytes [ 235.500555][ T7149] netlink: 116 bytes leftover after parsing attributes in process `syz.1.369'. [ 238.270113][ T7195] netlink: 32 bytes leftover after parsing attributes in process `syz.1.386'. [ 238.572308][ T7197] netlink: 32 bytes leftover after parsing attributes in process `syz.1.386'. [ 238.852901][ T7205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.390'. [ 245.158210][ T6019] IPVS: starting estimator thread 0... [ 245.273001][ T7250] IPVS: using max 7 ests per chain, 16800 per kthread [ 245.693509][ T6019] IPVS: starting estimator thread 0... [ 245.801043][ T7260] IPVS: using max 7 ests per chain, 16800 per kthread [ 250.072738][ T7287] netlink: zone id is out of range [ 250.162996][ T7291] netlink: del zone limit has 4 unknown bytes [ 250.179080][ T7287] netlink: zone id is out of range [ 250.179461][ T7287] netlink: zone id is out of range [ 250.188900][ T7287] netlink: zone id is out of range [ 250.189022][ T7287] netlink: zone id is out of range [ 250.189200][ T7287] netlink: zone id is out of range [ 250.189357][ T7287] netlink: zone id is out of range [ 250.189775][ T7287] netlink: zone id is out of range [ 250.202577][ T7287] netlink: zone id is out of range [ 251.123688][ T5161] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 251.123737][ T5161] CPU: 0 UID: 0 PID: 5161 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 251.123762][ T5161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 251.123776][ T5161] Workqueue: hci0 hci_rx_work [ 251.123822][ T5161] Call Trace: [ 251.123829][ T5161] [ 251.123838][ T5161] dump_stack_lvl+0x189/0x250 [ 251.123873][ T5161] ? __pfx_dump_stack_lvl+0x10/0x10 [ 251.123902][ T5161] ? __pfx__printk+0x10/0x10 [ 251.123929][ T5161] ? kernfs_path_from_node+0x2c/0x280 [ 251.123949][ T5161] ? kernfs_path_from_node+0x243/0x280 [ 251.123967][ T5161] ? kernfs_path_from_node+0x2c/0x280 [ 251.123991][ T5161] sysfs_create_dir_ns+0x259/0x280 [ 251.124011][ T5161] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 251.124038][ T5161] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 251.124058][ T5161] ? rt_spin_unlock+0x65/0x80 [ 251.124085][ T5161] kobject_add_internal+0x5a5/0xb50 [ 251.124117][ T5161] kobject_add+0x155/0x220 [ 251.124144][ T5161] ? __pfx_kobject_add+0x10/0x10 [ 251.124173][ T5161] ? get_device_parent+0x370/0x3a0 [ 251.124206][ T5161] device_add+0x408/0xb50 [ 251.124231][ T5161] hci_conn_add_sysfs+0xd5/0x1e0 [ 251.124258][ T5161] le_conn_complete_evt+0xf39/0x1500 [ 251.124303][ T5161] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 251.124333][ T5161] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 251.124363][ T5161] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.124398][ T5161] ? skb_pull_data+0xfb/0x200 [ 251.124427][ T5161] hci_le_conn_complete_evt+0x187/0x450 [ 251.124464][ T5161] hci_event_packet+0x78f/0x1200 [ 251.124492][ T5161] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 251.124522][ T5161] ? __pfx_hci_event_packet+0x10/0x10 [ 251.124549][ T5161] ? __pfx_migrate_enable+0x10/0x10 [ 251.124582][ T5161] ? hci_send_to_monitor+0xe2/0x570 [ 251.124615][ T5161] hci_rx_work+0x46a/0xe80 [ 251.124647][ T5161] ? process_scheduled_works+0x9ef/0x17b0 [ 251.124674][ T5161] process_scheduled_works+0xae1/0x17b0 [ 251.124732][ T5161] ? __pfx_process_scheduled_works+0x10/0x10 [ 251.124775][ T5161] worker_thread+0x8a0/0xda0 [ 251.124803][ T5161] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 251.124846][ T5161] ? __kthread_parkme+0x7b/0x200 [ 251.124884][ T5161] kthread+0x711/0x8a0 [ 251.124917][ T5161] ? __pfx_worker_thread+0x10/0x10 [ 251.124941][ T5161] ? __pfx_kthread+0x10/0x10 [ 251.124975][ T5161] ? __pfx_kthread+0x10/0x10 [ 251.125004][ T5161] ret_from_fork+0x436/0x7d0 [ 251.125032][ T5161] ? __pfx_ret_from_fork+0x10/0x10 [ 251.125065][ T5161] ? __switch_to_asm+0x39/0x70 [ 251.125083][ T5161] ? __switch_to_asm+0x33/0x70 [ 251.125100][ T5161] ? __pfx_kthread+0x10/0x10 [ 251.125129][ T5161] ret_from_fork_asm+0x1a/0x30 [ 251.125167][ T5161] [ 251.125205][ T5161] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 251.125253][ T5161] Bluetooth: hci0: failed to register connection device [ 253.171274][ T7328] pim6reg1: entered promiscuous mode [ 253.171305][ T7328] pim6reg1: entered allmulticast mode [ 255.920561][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.920637][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.136527][ T7379] netdevsim netdevsim0 : renamed from netdevsim0 (while UP) [ 261.355834][ T5922] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 263.387138][ T5922] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 263.387155][ T5922] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 263.387180][ T5922] usb 2-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da [ 263.387193][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.406810][ T5922] usb 2-1: config 0 descriptor?? [ 263.699711][ T5914] usb 2-1: USB disconnect, device number 3 [ 266.229390][ T7435] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22) [ 268.373171][ T7455] overlayfs: failed to clone upperpath [ 271.202472][ T7485] overlayfs: failed to clone upperpath [ 277.617525][ T7550] gfs2: gfs2 mount does not exist [ 286.091430][ T7621] netlink: 'syz.2.518': attribute type 12 has an invalid length. [ 296.673062][ T7698] overlayfs: failed to clone upperpath [ 301.001044][ T7720] netlink: 'syz.3.546': attribute type 4 has an invalid length. [ 306.559893][ T7772] netlink: 4 bytes leftover after parsing attributes in process `syz.4.563'. [ 306.706421][ T7776] netlink: 'syz.2.561': attribute type 23 has an invalid length. [ 308.916416][ T5914] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 309.060981][ T5914] usb 5-1: Using ep0 maxpacket: 32 [ 309.066412][ T5914] usb 5-1: New USB device found, idVendor=050d, idProduct=0121, bcdDevice= 6.59 [ 309.066440][ T5914] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.066460][ T5914] usb 5-1: Product: syz [ 309.066474][ T5914] usb 5-1: Manufacturer: syz [ 309.066488][ T5914] usb 5-1: SerialNumber: syz [ 309.133301][ T5914] usb 5-1: config 0 descriptor?? [ 309.654513][ T5914] pegasus 5-1:0.0: probe with driver pegasus failed with error -71 [ 309.675480][ T5914] usb 5-1: USB disconnect, device number 2 [ 311.823543][ T7816] binder_alloc: 7815: pid 7815 spamming oneway? 1 buffers allocated for a total size of 4096 [ 317.647025][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.650157][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.919340][ T7877] syz_tun: entered allmulticast mode [ 317.939129][ T7877] dvmrp8: entered allmulticast mode [ 317.996235][ T7877] syz_tun: left allmulticast mode [ 317.996394][ T7877] dvmrp8: left allmulticast mode [ 320.450429][ T7899] netlink: 'syz.0.600': attribute type 1 has an invalid length. [ 320.481064][ T7903] binder: BINDER_SET_CONTEXT_MGR already set [ 320.481074][ T7903] binder: 7900:7903 ioctl 4018620d 200000004a80 returned -16 [ 320.643430][ T7899] netlink: 28 bytes leftover after parsing attributes in process `syz.0.600'. [ 320.671584][ T7904] bond2: (slave geneve2): making interface the new active one [ 320.673523][ T7904] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 320.698212][ T7899] 8021q: adding VLAN 0 to HW filter on device bond2 [ 320.698679][ T1406] netdevsim netdevsim0 : set [1, 1] type 2 family 0 port 20000 - 0 [ 320.700522][ T1406] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 320.700586][ T1406] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 320.700620][ T1406] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 326.996873][ T7954] syz.1.614 uses obsolete (PF_INET,SOCK_PACKET) [ 328.724081][ T7967] bridge_slave_0: left allmulticast mode [ 328.724114][ T7967] bridge_slave_0: left promiscuous mode [ 328.727436][ T7967] bridge0: port 1(bridge_slave_0) entered disabled state [ 329.696770][ T7967] bridge_slave_1: left allmulticast mode [ 329.696807][ T7967] bridge_slave_1: left promiscuous mode [ 329.697064][ T7967] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.870971][ T37] kauditd_printk_skb: 12 callbacks suppressed [ 329.870996][ T37] audit: type=1804 audit(1759089582.497:28): pid=7977 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.623" name="/newroot/115/file1" dev="fuse" ino=1 res=1 errno=0 [ 329.871041][ T37] audit: type=1800 audit(1759089582.627:29): pid=7977 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.623" name="/" dev="fuse" ino=1 res=0 errno=0 [ 329.872723][ T37] audit: type=1800 audit(1759089582.697:30): pid=7977 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.623" name="/" dev="fuse" ino=1 res=0 errno=0 [ 330.314412][ T7967] bond0: (slave bond_slave_0): Releasing backup interface [ 331.823438][ T7967] bond0: (slave bond_slave_1): Releasing backup interface [ 333.062220][ T7967] team0: Port device team_slave_0 removed [ 333.880104][ T7967] team0: Port device team_slave_1 removed [ 334.615801][ T7967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.615835][ T7967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.662894][ T7967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.662926][ T7967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 338.191111][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 340.491246][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 340.629606][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 340.629632][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 340.629685][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 340.629719][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 340.629763][ T9] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 340.629785][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.707838][ T9] hub 1-1:1.0: bad descriptor, ignoring hub [ 340.707878][ T9] hub 1-1:1.0: probe with driver hub failed with error -5 [ 340.728015][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 340.728035][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 340.756798][ T9] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 340.756830][ T9] cdc_wdm 1-1:1.0: Unknown control protocol [ 342.181265][ T9] usb 1-1: USB disconnect, device number 5 [ 356.356776][ T8185] ref_ctr increment failed for inode: 0x2b0 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888019874380 [ 357.865941][ T8185] uprobe: syz.1.687:8185 failed to unregister, leaking uprobe [ 361.075290][ T5161] Bluetooth: hci3: unexpected event for opcode 0x2010 [ 361.946701][ T37] audit: type=1326 audit(1759089614.767:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8231 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 361.947378][ T37] audit: type=1326 audit(1759089614.767:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8231 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 361.947417][ T37] audit: type=1326 audit(1759089614.767:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8231 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 363.129310][ T8249] netlink: 36 bytes leftover after parsing attributes in process `syz.1.706'. [ 365.746908][ T8271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.709'. [ 369.284779][ T8290] uprobe: syz.4.717:8290 failed to unregister, leaking uprobe [ 371.173247][ T8314] trusted_key: encrypted_key: insufficient parameters specified [ 371.174510][ T8314] trusted_key: encrypted_key: insufficient parameters specified [ 378.157534][ T5161] Bluetooth: hci0: unexpected event for opcode 0x200a [ 379.421305][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.421375][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 394.409739][ T8510] netlink: 'syz.3.772': attribute type 4 has an invalid length. [ 394.409762][ T8510] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.772'. [ 395.167931][ T8516] overlayfs: failed to clone lowerpath [ 395.571762][ T8526] net_ratelimit: 5 callbacks suppressed [ 395.571814][ T8526] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 396.316393][ T5914] IPVS: starting estimator thread 0... [ 396.431063][ T8528] IPVS: using max 13 ests per chain, 31200 per kthread [ 401.871657][ T37] audit: type=1326 audit(1759089654.697:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8564 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 401.871708][ T37] audit: type=1326 audit(1759089654.697:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8564 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32482eec9 code=0x7ffc0000 [ 404.380673][ T8583] syz.4.793 (8583) used greatest stack depth: 17688 bytes left [ 406.488062][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.335023][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.593824][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.712376][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.935812][ T8627] syz.3.807 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 408.631696][ C1] vkms_vblank_simulate: vblank timer overrun [ 409.729991][ C1] vkms_vblank_simulate: vblank timer overrun [ 410.000282][ C1] vkms_vblank_simulate: vblank timer overrun [ 410.061395][ C1] vkms_vblank_simulate: vblank timer overrun [ 410.700916][ C1] vkms_vblank_simulate: vblank timer overrun [ 410.827338][ C1] vkms_vblank_simulate: vblank timer overrun [ 411.290360][ C1] vkms_vblank_simulate: vblank timer overrun [ 412.782638][ T8657] bridge1: entered allmulticast mode [ 413.996197][ T8672] netlink: 64 bytes leftover after parsing attributes in process `syz.4.820'. [ 415.407052][ T8681] nfs: Unknown parameter 'ntext' [ 421.020183][ T8720] IPv6: Can't replace route, no match found [ 430.712640][ T37] audit: type=1800 audit(1759089683.537:36): pid=8775 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.848" name="/" dev="9p" ino=2 res=0 errno=0 [ 432.080515][ T8782] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 435.723204][ T8819] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095 [ 440.378518][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.379041][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 447.486529][ T8894] Bluetooth: MGMT ver 1.23 [ 453.685204][ T8951] netlink: 'syz.1.897': attribute type 1 has an invalid length. [ 464.493560][ T9049] binder_alloc: 9039: binder_alloc_buf, no vma [ 464.515747][ T9040] binder: 9039:9040 ioctl c0306201 200000000380 returned -14 [ 465.226411][ T9062] tmpfs: Bad value for 'nr_inodes' [ 474.343009][ T9104] netlink: 8 bytes leftover after parsing attributes in process `syz.0.943'. [ 482.577328][ T9159] netlink: 'syz.3.957': attribute type 32 has an invalid length. [ 482.622773][ T5852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 482.637086][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 482.638792][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 482.639965][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 482.640701][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 485.206294][ T5852] Bluetooth: hci5: command tx timeout [ 486.721192][ T9188] binder: 9187:9188 ioctl c0306201 2000000003c0 returned -14 [ 487.261114][ T5852] Bluetooth: hci5: command tx timeout [ 489.342385][ T5852] Bluetooth: hci5: command tx timeout [ 489.758039][ T9188] syz.1.964 (9188): drop_caches: 2 [ 491.773943][ T5852] Bluetooth: hci5: command tx timeout [ 493.636794][ T9237] sctp: [Deprecated]: syz.2.975 (pid 9237) Use of struct sctp_assoc_value in delayed_ack socket option. [ 493.636794][ T9237] Use struct sctp_sack_info instead [ 495.702462][ T1526] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.295157][ T1526] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.532605][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.532680][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.599696][ T9157] chnl_net:caif_netlink_parms(): no params data found [ 502.612621][ T9306] binder: 9304:9306 ioctl c0306201 200000000240 returned -11 [ 505.032606][ T9326] overlayfs: failed to clone upperpath [ 507.898339][ T1526] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 512.528628][ T1526] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.520774][ T9157] bridge0: port 1(bridge_slave_0) entered blocking state [ 517.522532][ T9157] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.527255][ T9157] bridge_slave_0: entered allmulticast mode [ 518.284438][ T9157] bridge_slave_0: entered promiscuous mode [ 518.331147][ T9157] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.331290][ T9157] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.331533][ T9157] bridge_slave_1: entered allmulticast mode [ 518.382314][ T9157] bridge_slave_1: entered promiscuous mode [ 522.760166][ T9478] Set syz0 is full, maxelem 0 reached [ 523.433564][ T9157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 523.613613][ T9157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 524.159797][ T9157] team0: Port device team_slave_0 added [ 524.198716][ T9157] team0: Port device team_slave_1 added [ 527.474180][ T5852] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 527.474206][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 527.474229][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 527.474241][ T5852] Workqueue: hci3 hci_rx_work [ 527.474270][ T5852] Call Trace: [ 527.474278][ T5852] [ 527.474287][ T5852] dump_stack_lvl+0x189/0x250 [ 527.474322][ T5852] ? __pfx_dump_stack_lvl+0x10/0x10 [ 527.474348][ T5852] ? __pfx__printk+0x10/0x10 [ 527.474375][ T5852] ? kernfs_path_from_node+0x2c/0x280 [ 527.474395][ T5852] ? kernfs_path_from_node+0x243/0x280 [ 527.474413][ T5852] ? kernfs_path_from_node+0x2c/0x280 [ 527.474437][ T5852] sysfs_create_dir_ns+0x259/0x280 [ 527.474456][ T5852] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 527.474483][ T5852] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 527.474503][ T5852] ? rt_spin_unlock+0x65/0x80 [ 527.474546][ T5852] kobject_add_internal+0x5a5/0xb50 [ 527.474579][ T5852] kobject_add+0x155/0x220 [ 527.474606][ T5852] ? __pfx_kobject_add+0x10/0x10 [ 527.474635][ T5852] ? get_device_parent+0x370/0x3a0 [ 527.474660][ T5852] device_add+0x408/0xb50 [ 527.474682][ T5852] hci_conn_add_sysfs+0xd5/0x1e0 [ 527.474706][ T5852] le_conn_complete_evt+0xf39/0x1500 [ 527.474748][ T5852] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 527.474777][ T5852] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 527.474805][ T5852] ? lockdep_hardirqs_on+0x9c/0x150 [ 527.474842][ T5852] ? skb_pull_data+0xfb/0x200 [ 527.474870][ T5852] hci_le_conn_complete_evt+0x187/0x450 [ 527.474905][ T5852] hci_event_packet+0x78f/0x1200 [ 527.474933][ T5852] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 527.474962][ T5852] ? __pfx_hci_event_packet+0x10/0x10 [ 527.474984][ T5852] ? __pfx_migrate_enable+0x10/0x10 [ 527.475017][ T5852] ? hci_send_to_monitor+0xe2/0x570 [ 527.475049][ T5852] hci_rx_work+0x46a/0xe80 [ 527.475082][ T5852] ? process_scheduled_works+0x9ef/0x17b0 [ 527.475107][ T5852] process_scheduled_works+0xae1/0x17b0 [ 527.475160][ T5852] ? __pfx_process_scheduled_works+0x10/0x10 [ 527.475201][ T5852] worker_thread+0x8a0/0xda0 [ 527.475255][ T5852] kthread+0x711/0x8a0 [ 527.475287][ T5852] ? __pfx_worker_thread+0x10/0x10 [ 527.475311][ T5852] ? __pfx_kthread+0x10/0x10 [ 527.475345][ T5852] ? __pfx_kthread+0x10/0x10 [ 527.475374][ T5852] ret_from_fork+0x436/0x7d0 [ 527.475404][ T5852] ? __pfx_ret_from_fork+0x10/0x10 [ 527.475435][ T5852] ? __switch_to_asm+0x39/0x70 [ 527.475452][ T5852] ? __switch_to_asm+0x33/0x70 [ 527.475469][ T5852] ? __pfx_kthread+0x10/0x10 [ 527.475498][ T5852] ret_from_fork_asm+0x1a/0x30 [ 527.475543][ T5852] [ 527.475650][ T5852] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 527.475691][ T5852] Bluetooth: hci3: failed to register connection device [ 528.888956][ T37] audit: type=1326 audit(1759089781.707:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.900771][ T37] audit: type=1326 audit(1759089781.707:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.900850][ T37] audit: type=1326 audit(1759089781.717:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.900886][ T37] audit: type=1326 audit(1759089781.717:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.900920][ T37] audit: type=1326 audit(1759089781.717:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.901165][ T37] audit: type=1326 audit(1759089781.727:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.901663][ T37] audit: type=1326 audit(1759089781.727:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.902193][ T37] audit: type=1326 audit(1759089781.727:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.902649][ T37] audit: type=1326 audit(1759089781.727:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 528.903171][ T37] audit: type=1326 audit(1759089781.727:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9536 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 534.381472][ T37] kauditd_printk_skb: 11 callbacks suppressed [ 534.381490][ T37] audit: type=1326 audit(1759089786.247:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381535][ T37] audit: type=1326 audit(1759089786.257:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381575][ T37] audit: type=1326 audit(1759089786.257:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381614][ T37] audit: type=1326 audit(1759089786.257:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381652][ T37] audit: type=1326 audit(1759089786.257:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381689][ T37] audit: type=1326 audit(1759089786.257:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381727][ T37] audit: type=1326 audit(1759089786.267:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381764][ T37] audit: type=1326 audit(1759089786.267:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 534.381801][ T37] audit: type=1326 audit(1759089786.267:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd42762af79 code=0x7ffc0000 [ 534.381841][ T37] audit: type=1326 audit(1759089786.267:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9559 comm="syz.1.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42768eec9 code=0x7ffc0000 [ 535.839708][ T9526] Bluetooth: hci3: command 0x0406 tx timeout [ 537.416020][ T9595] devpts: Bad value for 'max' [ 539.593110][ T5852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 539.646835][ T5852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 539.649893][ T5852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 539.692550][ T5852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 539.694681][ T5852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 542.246368][ T9526] Bluetooth: hci4: command tx timeout [ 542.810616][ T9642] overlayfs: failed to clone lowerpath [ 544.891301][ T9651] nfs: Unknown parameter 'ntext' [ 545.071960][ T9526] Bluetooth: hci4: command tx timeout [ 548.322853][ T9679] ptrace attach of "./syz-executor exec"[5845] was attempted by " [ 549.834764][ T9526] Bluetooth: hci4: command tx timeout [ 552.074291][ T9526] Bluetooth: hci4: command tx timeout [ 554.464450][ T9709] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1092'. [ 557.087179][ T1526] bond0 (unregistering): Released all slaves [ 563.151790][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.153362][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.926136][ T37] kauditd_printk_skb: 174 callbacks suppressed [ 563.926154][ T37] audit: type=1326 audit(1759089816.747:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121118][ T37] audit: type=1326 audit(1759089816.787:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121177][ T37] audit: type=1326 audit(1759089816.797:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121216][ T37] audit: type=1326 audit(1759089816.797:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121256][ T37] audit: type=1326 audit(1759089816.797:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121294][ T37] audit: type=1326 audit(1759089816.797:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121332][ T37] audit: type=1326 audit(1759089816.797:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121371][ T37] audit: type=1326 audit(1759089816.797:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121410][ T37] audit: type=1326 audit(1759089816.797:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 564.121449][ T37] audit: type=1326 audit(1759089816.797:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9781 comm="syz.2.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d472deec9 code=0x7ffc0000 [ 570.830214][ T9526] Bluetooth: hci2: unexpected event for opcode 0x2012 [ 571.328212][ T9828] team0: Port device vxlan0 added [ 571.504663][ T3662] netdevsim netdevsim0 : set [0, 0] type 1 family 0 port 8472 - 0 [ 574.423041][ T1526] hsr_slave_0: left promiscuous mode [ 575.107956][ T37] kauditd_printk_skb: 19 callbacks suppressed [ 575.107973][ T37] audit: type=1326 audit(1759089827.927:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.108020][ T37] audit: type=1326 audit(1759089827.927:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.108060][ T37] audit: type=1326 audit(1759089827.927:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.108100][ T37] audit: type=1326 audit(1759089827.927:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.108139][ T37] audit: type=1326 audit(1759089827.927:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.108176][ T37] audit: type=1326 audit(1759089827.927:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.260287][ T37] audit: type=1326 audit(1759089827.927:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.260338][ T37] audit: type=1326 audit(1759089828.077:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.260377][ T37] audit: type=1326 audit(1759089828.077:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9864 comm="syz.0.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413465eec9 code=0x7ffc0000 [ 575.458356][ T1526] hsr_slave_1: left promiscuous mode [ 576.349276][ T1526] veth1_macvtap: left promiscuous mode [ 576.349540][ T1526] veth0_macvtap: left promiscuous mode [ 576.364538][ T1526] veth1_vlan: left promiscuous mode [ 576.365008][ T1526] veth0_vlan: left promiscuous mode [ 589.096945][ T9966] netlink: 384 bytes leftover after parsing attributes in process `syz.3.1156'. [ 589.097079][ T9966] netlink: 'syz.3.1156': attribute type 2 has an invalid length. [ 589.786434][ T9967] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1158'. [ 601.989835][ T5852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 602.184619][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 602.186511][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 602.187883][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 602.212967][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 604.631145][ T5852] Bluetooth: hci5: command tx timeout [ 607.042802][ T5852] Bluetooth: hci5: command tx timeout [ 609.039720][T10080] netlink: 'syz.3.1184': attribute type 1 has an invalid length. [ 609.039735][T10080] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1184'. [ 609.192680][ T5852] Bluetooth: hci5: command tx timeout [ 611.260949][ T9526] Bluetooth: hci5: command tx timeout [ 616.078309][ T5852] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 616.102631][ T5852] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 616.104769][ T5852] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 616.110531][ T5852] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 616.111894][ T5852] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 618.227284][ T5852] Bluetooth: hci6: command tx timeout [ 620.488238][ T5852] Bluetooth: hci6: command tx timeout [ 623.983653][ T5852] Bluetooth: hci6: command tx timeout [ 624.553794][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.553870][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.169830][ T5852] Bluetooth: hci6: command tx timeout [ 634.064604][T10242] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 634.064688][T10242] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 634.071267][T10242] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 634.071331][T10242] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 638.661759][ T3662] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 640.970865][ T3662] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 641.015666][ T3662] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 644.113382][ T13] ------------[ cut here ]------------ [ 644.113406][ T13] WARNING: CPU: 0 PID: 13 at io_uring/io_uring.c:2980 io_ring_exit_work+0x4e5/0x930 [ 644.113443][ T13] Modules linked in: [ 644.113462][ T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 644.113482][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 644.113494][ T13] Workqueue: iou_exit io_ring_exit_work [ 644.113515][ T13] RIP: 0010:io_ring_exit_work+0x4e5/0x930 [ 644.113533][ T13] Code: c6 05 19 39 dc 0d 01 48 c7 c7 a0 46 61 8b be 24 00 00 00 48 c7 c2 40 46 61 8b e8 d6 11 71 00 e9 7b fe ff ff e8 4c 52 93 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1 [ 644.113547][ T13] RSP: 0018:ffffc900001278e0 EFLAGS: 00010293 [ 644.113562][ T13] RAX: ffffffff812b1974 RBX: 00000001000085a5 RCX: ffff88801c290000 [ 644.113576][ T13] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 644.113586][ T13] RBP: ffffc90000127a70 R08: 0000000000000000 R09: 0000000000000000 [ 644.113597][ T13] R10: dffffc0000000000 R11: fffffbfff1e3ac47 R12: 0000000100008584 [ 644.113610][ T13] R13: ffff888031c76350 R14: ffff888031c76540 R15: dffffc0000000000 [ 644.113623][ T13] FS: 0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000 [ 644.113638][ T13] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 644.113650][ T13] CR2: 00007fe72f29a6b0 CR3: 0000000031268000 CR4: 00000000003526f0 [ 644.113663][ T13] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 644.113674][ T13] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 644.113685][ T13] Call Trace: [ 644.113693][ T13] [ 644.113716][ T13] ? __pfx_io_ring_exit_work+0x10/0x10 [ 644.113750][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 644.113774][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 644.113795][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 644.113818][ T13] process_scheduled_works+0xae1/0x17b0 [ 644.113868][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 644.113907][ T13] worker_thread+0x8a0/0xda0 [ 644.113956][ T13] kthread+0x711/0x8a0 [ 644.113984][ T13] ? __pfx_worker_thread+0x10/0x10 [ 644.114004][ T13] ? __pfx_kthread+0x10/0x10 [ 644.114032][ T13] ? __pfx_kthread+0x10/0x10 [ 644.114057][ T13] ret_from_fork+0x436/0x7d0 [ 644.114083][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 644.114111][ T13] ? __switch_to_asm+0x39/0x70 [ 644.114127][ T13] ? __switch_to_asm+0x33/0x70 [ 644.114142][ T13] ? __pfx_kthread+0x10/0x10 [ 644.114167][ T13] ret_from_fork_asm+0x1a/0x30 [ 644.114200][ T13] [ 644.114209][ T13] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 644.114221][ T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 644.114241][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 644.114251][ T13] Workqueue: iou_exit io_ring_exit_work [ 644.114267][ T13] Call Trace: [ 644.114274][ T13] [ 644.114281][ T13] dump_stack_lvl+0x99/0x250 [ 644.114305][ T13] ? __asan_memcpy+0x40/0x70 [ 644.114325][ T13] ? __pfx_dump_stack_lvl+0x10/0x10 [ 644.114355][ T13] ? __pfx__printk+0x10/0x10 [ 644.114388][ T13] vpanic+0x281/0x750 [ 644.114411][ T13] ? __pfx__printk+0x10/0x10 [ 644.114429][ T13] ? __pfx_vpanic+0x10/0x10 [ 644.114452][ T13] ? is_bpf_text_address+0x26/0x2b0 [ 644.114486][ T13] panic+0xb9/0xc0 [ 644.114508][ T13] ? __pfx_panic+0x10/0x10 [ 644.114546][ T13] __warn+0x31b/0x4b0 [ 644.114567][ T13] ? io_ring_exit_work+0x4e5/0x930 [ 644.114586][ T13] ? io_ring_exit_work+0x4e5/0x930 [ 644.114603][ T13] report_bug+0x2be/0x4f0 [ 644.114626][ T13] ? io_ring_exit_work+0x4e5/0x930 [ 644.114644][ T13] ? io_ring_exit_work+0x4e5/0x930 [ 644.114661][ T13] ? io_ring_exit_work+0x4e7/0x930 [ 644.114678][ T13] handle_bug+0x84/0x160 [ 644.114697][ T13] exc_invalid_op+0x1a/0x50 [ 644.114716][ T13] asm_exc_invalid_op+0x1a/0x20 [ 644.114732][ T13] RIP: 0010:io_ring_exit_work+0x4e5/0x930 [ 644.114749][ T13] Code: c6 05 19 39 dc 0d 01 48 c7 c7 a0 46 61 8b be 24 00 00 00 48 c7 c2 40 46 61 8b e8 d6 11 71 00 e9 7b fe ff ff e8 4c 52 93 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1 [ 644.114763][ T13] RSP: 0018:ffffc900001278e0 EFLAGS: 00010293 [ 644.114778][ T13] RAX: ffffffff812b1974 RBX: 00000001000085a5 RCX: ffff88801c290000 [ 644.114791][ T13] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 644.114801][ T13] RBP: ffffc90000127a70 R08: 0000000000000000 R09: 0000000000000000 [ 644.114812][ T13] R10: dffffc0000000000 R11: fffffbfff1e3ac47 R12: 0000000100008584 [ 644.114825][ T13] R13: ffff888031c76350 R14: ffff888031c76540 R15: dffffc0000000000 [ 644.114848][ T13] ? io_ring_exit_work+0x4e4/0x930 [ 644.114886][ T13] ? __pfx_io_ring_exit_work+0x10/0x10 [ 644.114920][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 644.114943][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 644.114963][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 644.114986][ T13] process_scheduled_works+0xae1/0x17b0 [ 644.115036][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 644.115076][ T13] worker_thread+0x8a0/0xda0 [ 644.115121][ T13] kthread+0x711/0x8a0 [ 644.115148][ T13] ? __pfx_worker_thread+0x10/0x10 [ 644.115169][ T13] ? __pfx_kthread+0x10/0x10 [ 644.115197][ T13] ? __pfx_kthread+0x10/0x10 [ 644.115222][ T13] ret_from_fork+0x436/0x7d0 [ 644.115245][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 644.115273][ T13] ? __switch_to_asm+0x39/0x70 [ 644.115289][ T13] ? __switch_to_asm+0x33/0x70 [ 644.115304][ T13] ? __pfx_kthread+0x10/0x10 [ 644.115329][ T13] ret_from_fork_asm+0x1a/0x30 [ 644.115368][ T13] [ 644.115680][ T13] Kernel Offset: disabled