last executing test programs: 9m18.62157447s ago: executing program 3 (id=248): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x10000000000) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000440)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r0}, @flat=@handle={0x73682a85, 0x14, 0x2}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0}) 9m17.300857952s ago: executing program 3 (id=251): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000000f195"], 0x0}, 0x94) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x80) 9m15.379617523s ago: executing program 3 (id=257): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="1a040500ecff03fc01004788031c09", 0x10025, 0x4000004, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x6, 0x6, @remote}, 0x14) 9m13.636610832s ago: executing program 3 (id=259): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x24, r2, 0x50b, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @loopback}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}]}, 0x24}, 0x1, 0x0, 0x0, 0x2405c000}, 0x4000000) 9m13.323473822s ago: executing program 3 (id=261): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x10000000000) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000440)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r0}, @flat=@handle={0x73682a85, 0x14, 0x2}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0}) 9m9.68798259s ago: executing program 3 (id=268): openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='smaps\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 8m54.29940443s ago: executing program 32 (id=268): openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='smaps\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 4m23.186565581s ago: executing program 0 (id=661): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x2c, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x0, {}, 0x1, 0xffffffffffffffff}}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000000)="363e0fc7ba9bd10000263e262e0fc798b241c0c066ba200066b8090066ef26dcf066baf80cb8fedd528fef66bafc0cb06deeb98a0b0000b8e5000000ba000000000f303e660f1a16d9f50f32f30fc77708", 0x51}], 0x1, 0x6a, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4m19.139482345s ago: executing program 0 (id=665): mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0) chdir(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) preadv(r0, 0x0, 0x0, 0xe12, 0x200000c) mount$bind(0x0, 0x0, 0x0, 0x21, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0881) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) unshare(0x600) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r5, 0x0}, 0x20) 4m17.320535344s ago: executing program 0 (id=669): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c) listen(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x16, 0x0, "a58fc096f80633b333145c32b45013f5547000229e90bfdd2cbb775085438751fa41b217c492169b0cb51256adc3e5baedfa65fd3c4429b247e9dc51c16f89c5a42145bb09f23ab88b0bd564fd44893a"}, 0xd8) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1) 4m16.224504282s ago: executing program 0 (id=672): mkdir(&(0x7f00000003c0)='./file0\x00', 0x136) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_INIT(r0, &(0x7f0000000000)={0x50, 0x0, 0x0, {0x7, 0x2d, 0x10, 0x10000000, 0x8001, 0x44, 0x18, 0x8, 0x0, 0x0, 0x40, 0x1}}, 0x50) syz_fuse_handle_req(r0, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000, 0x6, &(0x7f0000ffd000/0x3000)=nil) mount(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0) unshare(0x6020400) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020) 4m15.503739261s ago: executing program 0 (id=674): mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0xffffffff) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/mem_sleep', 0x2, 0xa5) write$FUSE_INIT(r0, &(0x7f00000006c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x0, 0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x40806685, &(0x7f0000000000)={0x0, 0x7fff}) 4m11.867468799s ago: executing program 0 (id=681): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="64000000140021052bbd7000fbdbdf250a4000fe", @ANYRES32=r1, @ANYBLOB="08000a00040000000800080086060000140006000200000008000000010000000800000014000200"], 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x44080) 4m9.656995477s ago: executing program 33 (id=681): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="64000000140021052bbd7000fbdbdf250a4000fe", @ANYRES32=r1, @ANYBLOB="08000a00040000000800080086060000140006000200000008000000010000000800000014000200"], 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x44080) 2m23.80553533s ago: executing program 5 (id=838): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(r3, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2m21.388247198s ago: executing program 5 (id=840): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x2005, 0x4) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x12, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019c80)=""/102400, 0x19000) semop(0x0, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000280)='net/snmp6\x00') preadv(r5, 0x0, 0x0, 0xfffffff9, 0xffffffff) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000140)=0xfffffdfb) syz_open_dev$loop(&(0x7f0000000240), 0x6, 0x85862) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0xffffffff00000000}], &(0x7f0000000100), 0x7}, 0x20) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=""/4096}) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0x80080000, 0x6, 0xe, "dce4f0020100000000001b347d5c00010200"}) 2m18.458450185s ago: executing program 5 (id=842): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x78, 0x0, &(0x7f0000000600)="8b2dd0aea674e2be296a41fb7abe28bb91d751588d1eb80175438b684a7017cab30fdfe69f5a3d49f9568aad95c20336455cbaeafb1d1bc7dbaeb72e4890580e3e09745873d37baf2586573880d798934f51509ec866cb78cbddb54a09910b69366b15db6b0fce1a5f6c369bf54e0c9e5746e32267d1340c"}) 2m9.171993752s ago: executing program 5 (id=856): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x10, 0x78}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x4, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) userfaultfd(0x80001) socket$inet_tcp(0x2, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000440), 0x6, 0x41) ioctl$BLKPG(r3, 0x1269, &(0x7f0000000540)={0x1, 0x0, 0x98, &(0x7f0000000480)={0x0, 0x800, 0x10}}) 2m5.267196507s ago: executing program 5 (id=861): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(r3, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2m2.444458011s ago: executing program 5 (id=863): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78b}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r5, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000880)={[0x1, 0x3, 0x100000008, 0x7f, 0x1, 0x0, 0x2, 0xfffffffffffff804, 0x0, 0x0, 0x0, 0x8, 0x7, 0x2, 0x1, 0x4], 0xeeef0000, 0x4fb40}) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e0"], 0x57) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1m47.697830307s ago: executing program 34 (id=863): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78b}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r5, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000880)={[0x1, 0x3, 0x100000008, 0x7f, 0x1, 0x0, 0x2, 0xfffffffffffff804, 0x0, 0x0, 0x0, 0x8, 0x7, 0x2, 0x1, 0x4], 0xeeef0000, 0x4fb40}) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e0"], 0x57) ioctl$KVM_RUN(r5, 0xae80, 0x0) 44.708369845s ago: executing program 6 (id=945): r0 = open(&(0x7f00000001c0)='./file0\x00', 0x108843, 0x55) add_key$keyring(0x0, &(0x7f00000010c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x8) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x400000000000001, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8) getxattr(0x0, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x2d, 0x20040040) recvfrom$unix(r1, 0x0, 0x0, 0x40010020, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) open(&(0x7f0000000000)='./file0\x00', 0x14a600, 0x78e22799f4a46f8f) ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, 0xfffffffffffffffc) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2000000000000) 41.869103053s ago: executing program 6 (id=948): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r1 = dup3(0xffffffffffffffff, r0, 0x0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(r2, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 37.020208902s ago: executing program 6 (id=955): syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ptrace(0x10, 0x0) ptrace$cont(0x1f, 0x0, 0x2, 0x120) sched_setscheduler(0x0, 0x5, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) fchdir(r4) setregid(0x0, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3) 35.488288735s ago: executing program 6 (id=957): r0 = open(&(0x7f00000001c0)='./file0\x00', 0x108843, 0x55) add_key$keyring(0x0, &(0x7f00000010c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x8) getpgrp(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x400000000000001, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8) getxattr(0x0, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x2d, 0x20040040) recvfrom$unix(r1, 0x0, 0x0, 0x40010020, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) open(&(0x7f0000000000)='./file0\x00', 0x14a600, 0x78e22799f4a46f8f) ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, 0xfffffffffffffffc) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2000000000000) 34.088514542s ago: executing program 6 (id=959): pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() r2 = socket$inet(0xa, 0x801, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x29, 0x1f, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) read(r5, 0x0, 0x0) sendmmsg$unix(r0, &(0x7f0000000140), 0x0, 0x8044) r6 = gettid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x8031, 0xffffffffffffffff, 0x4000) process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket(0x10, 0x2, 0x0) write(r7, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r7, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) 30.796406763s ago: executing program 4 (id=963): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000200)=[{0x6}]}, 0x10) 23.603608934s ago: executing program 1 (id=968): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getpgrp(0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r3 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r3, &(0x7f0000000880)={0x28, 0x0, 0x2711, @host}, 0x10) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000780), 0x0, &(0x7f00000008c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x842, 0x4) fcntl$setstatus(r4, 0x4, 0x42000) read$FUSE(r4, &(0x7f0000004080)={0x2020}, 0x2020) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x101001, 0x0) writev(r5, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x10113}], 0x1) 21.873577139s ago: executing program 6 (id=969): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x78, 0x0, &(0x7f0000000600)="8b2dd0aea674e2be296a41fb7abe28bb91d751588d1eb80175438b684a7017cab30fdfe69f5a3d49f9568aad95c20336455cbaeafb1d1bc7dbaeb72e4890580e3e09745873d37baf2586573880d798934f51509ec866cb78cbddb54a09910b69366b15db6b0fce1a5f6c369bf54e0c9e5746e32267d1340c"}) 21.524736755s ago: executing program 4 (id=971): socket$inet6(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYBLOB], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000340), 0x0}, 0x20) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@fallback, 0x2f, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000340)={0x1, 0x4}, 0x8) sendmmsg$inet6(r5, &(0x7f00000002c0)=[{{&(0x7f0000000000)={0xa, 0x4e25, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4004800) r6 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100)={0x2002}) 21.353502878s ago: executing program 1 (id=972): openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) poll(0x0, 0xfffffffffffffe3a, 0x72) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r5 = memfd_create(&(0x7f0000000700)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc3Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x06.3(QF?\f\x05\xa4uY\xee\xab\x8a\xeb~\xed\xcb0\xb7\xe7\xe6?8g\x8aN\xda\x8f\x9d\xde\x1eNaS\x8fLk\xf1\x965N\x18\x8c\xb9=5\x991\xae\x89N\x13\xd1\xf7\xf0\x13\xb2\xaeS\xa1\x97\x18j\xea\x9f\xde\xb6\xd4\xdc\xe6*\x9c\xfdV\x82\x05', 0x2) fcntl$addseals(r5, 0x409, 0x3) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x1, 0x0, 0x2000}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff0000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) io_uring_setup(0xc9e, &(0x7f0000000040)={0x0, 0x40dd, 0x1c080, 0xa, 0x20002f7}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'wlan1\x00', 0x0}) 17.777647201s ago: executing program 4 (id=974): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000080)=0xc) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents64(r3, &(0x7f0000002f40)=""/4091, 0xffb) 15.501201496s ago: executing program 1 (id=976): socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) openat$sysfs(0xffffffffffffff9c, 0x0, 0x5cd80, 0x54) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) 13.303637936s ago: executing program 1 (id=977): pipe2(&(0x7f0000000680), 0x80000) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6(0xa, 0x2, 0x0) syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080)) socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x2, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet(0xa, 0x1, 0x0) socket$inet(0x2, 0x3, 0x8d) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp(0xa, 0x2, 0x3a) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x10, 0x4, 0x4, 0x7}, 0x50) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x88002, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @remote}, {0x2, 0x4e23, @loopback}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8}) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x48885) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 10.951601263s ago: executing program 4 (id=978): pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, 0x0, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x24, 0x0) socket$unix(0x1, 0x2, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0xac9, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x10000008, 0x11b}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) 8.885113482s ago: executing program 2 (id=979): syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ptrace(0x10, 0x0) ptrace$cont(0x1f, 0x0, 0x2, 0x120) sched_setscheduler(0x0, 0x5, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) fchdir(r4) setregid(0x0, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3) 8.669695402s ago: executing program 4 (id=980): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000200)=[{0x6}]}, 0x10) 6.979236498s ago: executing program 35 (id=969): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x78, 0x0, &(0x7f0000000600)="8b2dd0aea674e2be296a41fb7abe28bb91d751588d1eb80175438b684a7017cab30fdfe69f5a3d49f9568aad95c20336455cbaeafb1d1bc7dbaeb72e4890580e3e09745873d37baf2586573880d798934f51509ec866cb78cbddb54a09910b69366b15db6b0fce1a5f6c369bf54e0c9e5746e32267d1340c"}) 6.936632653s ago: executing program 2 (id=982): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94) 6.505917131s ago: executing program 2 (id=983): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getrlimit(0xb, &(0x7f0000000040)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) read$msr(r1, &(0x7f0000000580)=""/245, 0xf5) socket(0x80000000000000a, 0x2, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) fcntl$dupfd(r2, 0x406, r2) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x24000094, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x121383, 0x0) ioctl$TIOCSETD(r4, 0x5423, 0x0) ioctl$TCFLSH(r4, 0x400455c8, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r5, 0x800448f0, &(0x7f0000000200)="004cb61b5b19c93eaacccf15bcb6a08e6151998a654f735423ff588c9eeaed8a86d56ee69f765de41a3968bba3a1a9095e47ec05d82715f7f730959096e903ada42803d3389c") close_range(r3, 0xffffffffffffffff, 0x0) syz_usb_connect(0x0, 0x36, 0x0, 0x0) shutdown(r2, 0x1) 4.859987756s ago: executing program 2 (id=984): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(r3, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 3.131778782s ago: executing program 1 (id=985): openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) poll(0x0, 0xfffffffffffffe3a, 0x72) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r5 = memfd_create(&(0x7f0000000700)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc3Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x06.3(QF?\f\x05\xa4uY\xee\xab\x8a\xeb~\xed\xcb0\xb7\xe7\xe6?8g\x8aN\xda\x8f\x9d\xde\x1eNaS\x8fLk\xf1\x965N\x18\x8c\xb9=5\x991\xae\x89N\x13\xd1\xf7\xf0\x13\xb2\xaeS\xa1\x97\x18j\xea\x9f\xde\xb6\xd4\xdc\xe6*\x9c\xfdV\x82\x05', 0x2) fcntl$addseals(r5, 0x409, 0x3) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x1, 0x0, 0x2000}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff0000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r6 = io_uring_setup(0xc9e, &(0x7f0000000040)={0x0, 0x40dd, 0x1c080, 0xa, 0x20002f7}) io_uring_enter(r6, 0x2219, 0x7721, 0x16, 0x0, 0x0) 2.898901652s ago: executing program 2 (id=986): mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) 1.256628065s ago: executing program 1 (id=987): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000080)=0xc) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents64(r3, &(0x7f0000002f40)=""/4091, 0xffb) 953.549574ms ago: executing program 2 (id=988): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(r0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 0s ago: executing program 4 (id=989): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000008e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x1, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2982, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x20000023896) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xf, 0x40, 0x6, 0x3, 0x4, "a0e1c6beeb439eff56c42676bae174bc012837"}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. [ 79.165374][ T5592] cgroup: Unknown subsys name 'net' [ 79.389065][ T5592] cgroup: Unknown subsys name 'cpuset' [ 79.462381][ T5592] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.145312][ T5592] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.956271][ T5616] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.980966][ T5616] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.982965][ T5625] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.005403][ T5625] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.025965][ T5625] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.053128][ T5627] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.054865][ T5625] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.060443][ T5616] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.060458][ T5625] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.064928][ T5625] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.064928][ T5627] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.065596][ T5627] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.073522][ T5625] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.074226][ T5616] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.079478][ T5616] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.080942][ T5616] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.082820][ T5625] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.083695][ T5625] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.089109][ T5627] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 85.089529][ T5627] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.095522][ T5627] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.107017][ T5615] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.109462][ T5615] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.139106][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.141763][ T5615] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.013794][ T31] cfg80211: failed to load regulatory.db [ 87.133469][ T5623] Bluetooth: hci2: command tx timeout [ 87.212896][ T5612] Bluetooth: hci0: command tx timeout [ 87.213612][ T59] Bluetooth: hci1: command tx timeout [ 87.215548][ T5623] Bluetooth: hci4: command tx timeout [ 87.292681][ T5623] Bluetooth: hci3: command tx timeout [ 87.657782][ T5608] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.658994][ T5608] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.659491][ T5608] bridge_slave_0: entered allmulticast mode [ 87.661048][ T5608] bridge_slave_0: entered promiscuous mode [ 87.673905][ T5609] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.674015][ T5609] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.674485][ T5609] bridge_slave_0: entered allmulticast mode [ 87.676912][ T5609] bridge_slave_0: entered promiscuous mode [ 87.681020][ T5607] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.681137][ T5607] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.685538][ T5607] bridge_slave_0: entered allmulticast mode [ 87.687947][ T5607] bridge_slave_0: entered promiscuous mode [ 87.743366][ T5608] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.743473][ T5608] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.743666][ T5608] bridge_slave_1: entered allmulticast mode [ 87.745101][ T5608] bridge_slave_1: entered promiscuous mode [ 87.746214][ T5609] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.746309][ T5609] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.746414][ T5609] bridge_slave_1: entered allmulticast mode [ 87.747727][ T5609] bridge_slave_1: entered promiscuous mode [ 87.748524][ T5607] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.748614][ T5607] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.748707][ T5607] bridge_slave_1: entered allmulticast mode [ 87.749989][ T5607] bridge_slave_1: entered promiscuous mode [ 87.750779][ T5606] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.750865][ T5606] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.751294][ T5606] bridge_slave_0: entered allmulticast mode [ 87.755549][ T5606] bridge_slave_0: entered promiscuous mode [ 87.758364][ T5605] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.758470][ T5605] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.758915][ T5605] bridge_slave_0: entered allmulticast mode [ 87.762316][ T5605] bridge_slave_0: entered promiscuous mode [ 87.832841][ T5606] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.832952][ T5606] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.835031][ T5606] bridge_slave_1: entered allmulticast mode [ 87.837424][ T5606] bridge_slave_1: entered promiscuous mode [ 87.840880][ T5605] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.840989][ T5605] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.841130][ T5605] bridge_slave_1: entered allmulticast mode [ 87.845099][ T5605] bridge_slave_1: entered promiscuous mode [ 87.946185][ T5608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.949444][ T5609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.952712][ T5607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.085585][ T5608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.087525][ T5609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.089369][ T5607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.092918][ T5606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.109019][ T5605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.160468][ T5606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.173716][ T5605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.238462][ T5608] team0: Port device team_slave_0 added [ 88.240361][ T5609] team0: Port device team_slave_0 added [ 88.243472][ T5607] team0: Port device team_slave_0 added [ 88.278871][ T5608] team0: Port device team_slave_1 added [ 88.280772][ T5609] team0: Port device team_slave_1 added [ 88.283653][ T5607] team0: Port device team_slave_1 added [ 88.286196][ T5606] team0: Port device team_slave_0 added [ 88.290507][ T5605] team0: Port device team_slave_0 added [ 88.336331][ T5606] team0: Port device team_slave_1 added [ 88.338374][ T5605] team0: Port device team_slave_1 added [ 88.399904][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.399915][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.399929][ T5608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.412014][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.412030][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.412054][ T5609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.414013][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.414027][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.414050][ T5607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.465388][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.465404][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.465427][ T5608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.467062][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.467074][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.467098][ T5609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.468218][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.468229][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.468251][ T5607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.469813][ T5606] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.469825][ T5606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.469848][ T5606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.476347][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.476361][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.476385][ T5605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.525698][ T5606] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.525732][ T5606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.525756][ T5606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.528933][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.528947][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.528979][ T5605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.765629][ T5607] hsr_slave_0: entered promiscuous mode [ 88.767177][ T5607] hsr_slave_1: entered promiscuous mode [ 88.803656][ T5609] hsr_slave_0: entered promiscuous mode [ 88.804991][ T5609] hsr_slave_1: entered promiscuous mode [ 88.805996][ T5609] debugfs: 'hsr0' already exists in 'hsr' [ 88.806130][ T5609] Cannot create hsr debugfs directory [ 88.838489][ T5608] hsr_slave_0: entered promiscuous mode [ 88.839719][ T5608] hsr_slave_1: entered promiscuous mode [ 88.840617][ T5608] debugfs: 'hsr0' already exists in 'hsr' [ 88.840639][ T5608] Cannot create hsr debugfs directory [ 88.852894][ T5606] hsr_slave_0: entered promiscuous mode [ 88.854175][ T5606] hsr_slave_1: entered promiscuous mode [ 88.855025][ T5606] debugfs: 'hsr0' already exists in 'hsr' [ 88.855047][ T5606] Cannot create hsr debugfs directory [ 88.870768][ T5605] hsr_slave_0: entered promiscuous mode [ 88.872755][ T5605] hsr_slave_1: entered promiscuous mode [ 88.873709][ T5605] debugfs: 'hsr0' already exists in 'hsr' [ 88.873730][ T5605] Cannot create hsr debugfs directory [ 89.213562][ T5623] Bluetooth: hci2: command tx timeout [ 89.291880][ T5623] Bluetooth: hci0: command tx timeout [ 89.291911][ T5623] Bluetooth: hci4: command tx timeout [ 89.291927][ T5612] Bluetooth: hci1: command tx timeout [ 89.371833][ T5623] Bluetooth: hci3: command tx timeout [ 90.070063][ T5607] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.114859][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 90.125266][ T5607] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.156964][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 90.160682][ T5607] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.186478][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 90.208866][ T5607] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.245859][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 90.343595][ T5609] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.378138][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 90.389844][ T5609] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.415678][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 90.428224][ T5609] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.467496][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 90.498462][ T5609] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.534868][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 90.646940][ T5608] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.677055][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 90.690192][ T5608] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.718683][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 90.720930][ T5608] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.755774][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 90.781568][ T5608] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.819059][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 90.956465][ T5605] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 90.996218][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.011396][ T5605] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.035370][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.047506][ T5605] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.077581][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.107634][ T5605] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.138455][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 91.214312][ T5607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.267212][ T5606] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.292172][ T5623] Bluetooth: hci2: command tx timeout [ 91.296304][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.301245][ T5606] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.324930][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.335104][ T5606] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.365821][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.371218][ T5606] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.373233][ T5623] Bluetooth: hci1: command tx timeout [ 91.373261][ T5623] Bluetooth: hci4: command tx timeout [ 91.373280][ T5623] Bluetooth: hci0: command tx timeout [ 91.425326][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 91.451851][ T59] Bluetooth: hci3: command tx timeout [ 91.458303][ T5607] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.511162][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.511301][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.554309][ T5609] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.558844][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.558970][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.676096][ T5609] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.698118][ T5608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.738117][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.738240][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.774663][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.774758][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.822721][ T5608] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.866071][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.866193][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.871424][ T5605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.937890][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.938041][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.100194][ T5605] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.167471][ T5606] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.189338][ T1529] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.189427][ T1529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.256189][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.256395][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.335269][ T5606] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.418534][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.428860][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.600218][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.606771][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.072972][ T5607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.371752][ T59] Bluetooth: hci2: command tx timeout [ 93.451740][ T59] Bluetooth: hci0: command tx timeout [ 93.451778][ T59] Bluetooth: hci1: command tx timeout [ 93.451803][ T5623] Bluetooth: hci4: command tx timeout [ 93.531708][ T5623] Bluetooth: hci3: command tx timeout [ 93.576996][ T5607] veth0_vlan: entered promiscuous mode [ 93.596568][ T5609] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.691420][ T5607] veth1_vlan: entered promiscuous mode [ 93.807008][ T5608] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.969846][ T5607] veth0_macvtap: entered promiscuous mode [ 94.018376][ T5605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.037701][ T5607] veth1_macvtap: entered promiscuous mode [ 94.061358][ T5609] veth0_vlan: entered promiscuous mode [ 94.085212][ T5606] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.140632][ T5609] veth1_vlan: entered promiscuous mode [ 94.175153][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.210596][ T5608] veth0_vlan: entered promiscuous mode [ 94.221472][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.305734][ T66] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.321902][ T66] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.324637][ T5608] veth1_vlan: entered promiscuous mode [ 94.336837][ T66] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.350312][ T66] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.586427][ T5609] veth0_macvtap: entered promiscuous mode [ 94.682520][ T5606] veth0_vlan: entered promiscuous mode [ 94.744340][ T5609] veth1_macvtap: entered promiscuous mode [ 94.804565][ T5606] veth1_vlan: entered promiscuous mode [ 94.871260][ T5608] veth0_macvtap: entered promiscuous mode [ 94.885143][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.921127][ T1521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.922040][ T1521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.944527][ T5608] veth1_macvtap: entered promiscuous mode [ 94.950272][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.034836][ T5605] veth0_vlan: entered promiscuous mode [ 95.037827][ T1521] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.054765][ T3385] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.054785][ T3385] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.056938][ T1521] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.095610][ T1529] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.124422][ T1529] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.148850][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.197523][ T5605] veth1_vlan: entered promiscuous mode [ 95.219229][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.288460][ T5606] veth0_macvtap: entered promiscuous mode [ 95.441322][ T3385] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.461509][ T3385] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.488182][ T5606] veth1_macvtap: entered promiscuous mode [ 95.517301][ T3425] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.580813][ T3425] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.794778][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.794799][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.906480][ T5606] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.974346][ T5605] veth0_macvtap: entered promiscuous mode [ 96.085321][ T5606] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.086732][ T5605] veth1_macvtap: entered promiscuous mode [ 96.181642][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 96.251449][ T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.266790][ T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.285655][ T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.296384][ T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.298715][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.298733][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.454107][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.562690][ T1521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.562711][ T1521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.562783][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.851426][ T3385] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.884935][ T3385] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.888524][ T3385] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.920714][ T3385] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.110869][ T5807] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.153691][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.153711][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.463052][ T1529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.463070][ T1529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.782273][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.782293][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.966792][ T1529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.966811][ T1529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.605881][ T3425] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.605902][ T3425] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.712359][ T5821] Zero length message leads to an empty skb [ 100.207317][ T5831] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11'. [ 101.970068][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 102.299860][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 102.332460][ T9] usb 4-1: config 0 has an invalid interface number: 85 but max is 0 [ 102.332488][ T9] usb 4-1: config 0 has no interface number 0 [ 102.332528][ T9] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 102.332552][ T9] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 102.332583][ T9] usb 4-1: config 0 interface 85 has no altsetting 0 [ 102.373294][ T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 102.373324][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.373343][ T9] usb 4-1: Product: syz [ 102.373356][ T9] usb 4-1: Manufacturer: syz [ 102.373370][ T9] usb 4-1: SerialNumber: syz [ 102.607530][ T9] usb 4-1: config 0 descriptor?? [ 102.950340][ T36] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 103.129569][ T9] appletouch 4-1:0.85: Failed to read mode from device. [ 103.129790][ T9] appletouch 4-1:0.85: probe with driver appletouch failed with error -5 [ 103.244400][ T36] usb 3-1: unable to get BOS descriptor or descriptor too short [ 103.258405][ T36] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 103.258460][ T36] usb 3-1: can't read configurations, error -71 [ 103.505769][ T5623] Bluetooth: hci4: unexpected event 0x09 length: 7 > 3 [ 103.516577][ T9] usb 4-1: USB disconnect, device number 2 [ 106.455501][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.474593][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.484124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.493427][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.503182][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.512690][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.522221][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.531746][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.541277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 112.327818][ T5915] 9p: Bad value for 'wfdno' [ 114.183508][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 114.355844][ T5930] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 116.446482][ T31] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 116.645015][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.645049][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.645071][ T31] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 116.645113][ T31] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 116.645136][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.719876][ T31] usb 4-1: config 0 descriptor?? [ 118.076643][ T31] plantronics 0003:047F:FFFF.0001: reserved main item tag 0xd [ 118.379692][ T31] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 118.428249][ T31] usb 4-1: USB disconnect, device number 3 [ 118.757178][ T5967] fido_id[5967]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 121.357430][ T5986] binder: BINDER_SET_CONTEXT_MGR already set [ 121.357443][ T5986] binder: 5985:5986 ioctl 4018620d 2000000003c0 returned -16 [ 125.944932][ T5623] Bluetooth: hci4: command 0x0406 tx timeout [ 127.892423][ T9] IPVS: starting estimator thread 0... [ 128.012819][ T6060] IPVS: using max 10 ests per chain, 24000 per kthread [ 131.476761][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 131.476861][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.116334][ T6095] netlink: 20 bytes leftover after parsing attributes in process `syz.3.82'. [ 136.275429][ T6117] loop7: detected capacity change from 0 to 4 [ 139.014060][ T6138] syz_tun: entered allmulticast mode [ 139.139717][ T6138] syz_tun: left allmulticast mode [ 139.288998][ T5617] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 139.438826][ T5617] usb 5-1: Using ep0 maxpacket: 16 [ 139.483082][ T5617] usb 5-1: unable to get BOS descriptor or descriptor too short [ 139.496303][ T5617] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 139.496341][ T5617] usb 5-1: can't read configurations, error -71 [ 140.487135][ T9] IPVS: starting estimator thread 0... [ 140.573564][ T6151] IPVS: using max 9 ests per chain, 21600 per kthread [ 143.512719][ T6170] Bluetooth: MGMT ver 1.23 [ 143.512750][ T6170] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 145.083198][ T6183] binder: BINDER_SET_CONTEXT_MGR already set [ 145.083213][ T6183] binder: 6182:6183 ioctl 4018620d 200000004a80 returned -16 [ 148.313644][ T6204] cgroup: Unknown subsys name 'cpuset' [ 148.359450][ T6206] netlink: 'syz.2.116': attribute type 7 has an invalid length. [ 148.359513][ T6206] netlink: 'syz.2.116': attribute type 8 has an invalid length. [ 148.373918][ T59] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 151.135971][ T6228] binder: BINDER_SET_CONTEXT_MGR already set [ 151.135987][ T6228] binder: 6227:6228 ioctl 4018620d 200000004a80 returned -16 [ 152.422566][ T6230] Invalid ELF header magic: != ELF [ 152.444882][ T6230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.123'. [ 154.541117][ T6243] netlink: 'syz.4.126': attribute type 10 has an invalid length. [ 154.587723][ T6243] syz_tun: entered promiscuous mode [ 154.611556][ T6243] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 157.568376][ T9] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 158.861227][ T6271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.137'. [ 159.316990][ T6271] hsr_slave_1 (unregistering): left promiscuous mode [ 159.516645][ T9] usb 3-1: device descriptor read/all, error -71 [ 159.685912][ T6279] binder: BINDER_SET_CONTEXT_MGR already set [ 159.685927][ T6279] binder: 6278:6279 ioctl 4018620d 200000004a80 returned -16 [ 162.758762][ T6294] Illegal XDP return value 4294967289 on prog (id 11) dev syz_tun, expect packet loss! [ 163.126446][ T5337] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 163.375928][ T5337] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 163.375957][ T5337] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 163.375977][ T5337] usb 3-1: config 220 has no interface number 2 [ 163.376041][ T5337] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 163.376068][ T5337] usb 3-1: config 220 interface 0 has no altsetting 0 [ 163.376085][ T5337] usb 3-1: config 220 interface 76 has no altsetting 0 [ 163.376102][ T5337] usb 3-1: config 220 interface 1 has no altsetting 0 [ 163.378893][ T5337] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 163.378927][ T5337] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.378945][ T5337] usb 3-1: Product: syz [ 163.378959][ T5337] usb 3-1: Manufacturer: syz [ 163.378972][ T5337] usb 3-1: SerialNumber: syz [ 164.350946][ T5337] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 164.350985][ T5337] uvcvideo 3-1:220.0: No valid video chain found. [ 164.351161][ T5337] usb 3-1: selecting invalid altsetting 0 [ 164.379019][ T5337] usb 3-1: selecting invalid altsetting 0 [ 164.379053][ T5337] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 164.501769][ T5337] usb 3-1: USB disconnect, device number 6 [ 168.952957][ T6384] input: syz0 as /devices/virtual/input/input9 [ 180.291474][ T6456] netlink: 124 bytes leftover after parsing attributes in process `syz.4.182'. [ 180.291498][ T6456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.182'. [ 182.227923][ T6464] netlink: 'syz.3.186': attribute type 4 has an invalid length. [ 190.411029][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 190.411095][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.529022][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.211'. [ 197.641229][ T59] Bluetooth: hci4: command 0x0406 tx timeout [ 198.835251][ T6560] Invalid ELF header magic: != ELF [ 203.716583][ T6591] capability: warning: `syz.4.215' uses deprecated v2 capabilities in a way that may be insecure [ 203.992594][ T59] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 205.311589][ T6598] Invalid ELF header magic: != ELF [ 205.714193][ T5627] Bluetooth: hci3: command 0x0406 tx timeout [ 207.304485][ T5627] Bluetooth: hci1: command 0x0406 tx timeout [ 207.304526][ T5627] Bluetooth: hci0: command 0x0406 tx timeout [ 210.301135][ T5620] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 210.653690][ T5620] usb 2-1: Using ep0 maxpacket: 32 [ 210.670002][ T5620] usb 2-1: config 0 has an invalid interface number: 166 but max is 0 [ 210.670030][ T5620] usb 2-1: config 0 has no interface number 0 [ 210.670062][ T5620] usb 2-1: too many endpoints for config 0 interface 166 altsetting 125: 231, using maximum allowed: 30 [ 210.670099][ T5620] usb 2-1: config 0 interface 166 altsetting 125 has 0 endpoint descriptors, different from the interface descriptor's value: 231 [ 210.670124][ T5620] usb 2-1: config 0 interface 166 has no altsetting 0 [ 211.334821][ T5620] usb 2-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice= 0.02 [ 211.334853][ T5620] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.334873][ T5620] usb 2-1: Product: syz [ 211.334887][ T5620] usb 2-1: Manufacturer: syz [ 211.334901][ T5620] usb 2-1: SerialNumber: syz [ 211.423995][ T5620] usb 2-1: config 0 descriptor?? [ 211.685641][ T5620] ftdi_sio 2-1:0.166: FTDI USB Serial Device converter detected [ 211.691263][ T59] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 211.714870][ T5620] usb 2-1: Detected SIO [ 211.729754][ T5620] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 211.755825][ T5620] usb 2-1: USB disconnect, device number 2 [ 211.841436][ T5620] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 211.842215][ T5620] ftdi_sio 2-1:0.166: device disconnected [ 213.397272][ T37] audit: type=1326 audit(1780064650.828:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.397321][ T37] audit: type=1326 audit(1780064650.849:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.401630][ T37] audit: type=1326 audit(1780064650.860:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.401680][ T37] audit: type=1326 audit(1780064650.860:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.401720][ T37] audit: type=1326 audit(1780064650.860:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.401757][ T37] audit: type=1326 audit(1780064650.860:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.554840][ T37] audit: type=1326 audit(1780064650.860:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.554885][ T37] audit: type=1326 audit(1780064650.860:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.554923][ T37] audit: type=1326 audit(1780064651.028:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 213.556442][ T37] audit: type=1326 audit(1780064651.028:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6642 comm="syz.4.233" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2cf6ce59 code=0x7ffc0000 [ 214.940874][ T6645] Invalid ELF header magic: != ELF [ 219.386312][ T6672] binder: binder_mmap: 6669 200000000000-200000003000 bad vm_flags failed -1 [ 220.212192][ T6684] binder: 6683:6684 ioctl 4018620d 0 returned -22 [ 222.817783][ T6698] Invalid ELF header magic: != ELF [ 222.872572][ T5612] Bluetooth: hci0: command 0x0406 tx timeout [ 223.793275][ T6718] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 223.805300][ T6718] ptrace attach of "ci-upstream-kasan-gce-smack-root/syz-executor exec"[5609] was attempted by "ci-upstream-kasan-gce-smack-root/syz-executor exec"[6718] [ 224.850182][ T5730] bond_slave_0: entered promiscuous mode [ 224.850230][ T5730] bond_slave_1: entered promiscuous mode [ 226.778257][ T6733] binder: 6731:6733 ioctl 4018620d 0 returned -22 [ 231.282412][ T5612] Bluetooth: hci2: command 0x0406 tx timeout [ 232.329861][ T6765] kvm_intel: kvm [6764]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x9 [ 232.533058][ T6772] ptrace attach of "ci-upstream-kasan-gce-smack-root/syz-executor exec"[5609] was attempted by "ci-upstream-kasan-gce-smack-root/syz-executor exec"[6772] [ 242.338869][ T6832] tmpfs: Bad value for 'size' [ 242.404411][ T6835] binder: 6834:6835 ioctl 4018620d 0 returned -22 [ 244.789278][ C1] wlan1: beacon TX faster than countdown (channel/color switch) completion [ 245.790651][ T5612] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 245.836705][ T5612] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 245.851588][ T5612] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 245.867320][ T5612] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 245.871105][ T5612] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 246.572144][ T6864] fuse: Unknown parameter 'group_i00000000000000000000' [ 247.923537][ T5612] Bluetooth: hci5: command tx timeout [ 248.174868][ T6883] tmpfs: Bad value for 'size' [ 248.890692][ T6888] Bluetooth: MGMT ver 1.23 [ 249.674993][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 249.675056][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 251.096150][ T59] Bluetooth: hci5: command tx timeout [ 251.580640][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 251.580966][ T5612] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 253.027509][ T6853] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.029498][ T5612] Bluetooth: hci5: command tx timeout [ 253.044119][ T6853] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.044367][ T6853] bridge_slave_0: entered allmulticast mode [ 253.047052][ T6853] bridge_slave_0: entered promiscuous mode [ 253.088427][ T6853] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.088640][ T6853] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.088852][ T6853] bridge_slave_1: entered allmulticast mode [ 253.091475][ T6853] bridge_slave_1: entered promiscuous mode [ 253.185035][ T6853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.190133][ T6853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.284262][ T6853] team0: Port device team_slave_0 added [ 253.300940][ T6853] team0: Port device team_slave_1 added [ 253.359717][ T6853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.359734][ T6853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 253.359759][ T6853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.409553][ T6853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.409569][ T6853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 253.409589][ T6853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.927847][ T6853] hsr_slave_0: entered promiscuous mode [ 253.949881][ T6853] hsr_slave_1: entered promiscuous mode [ 253.955282][ T6853] debugfs: 'hsr0' already exists in 'hsr' [ 253.955309][ T6853] Cannot create hsr debugfs directory [ 254.558694][ T6915] binder: 6914:6915 ioctl c0306201 0 returned -14 [ 255.009368][ T5612] Bluetooth: hci5: command tx timeout [ 255.660750][ T6922] fuse: Unknown parameter 'group_i00000000000000000000' [ 257.599898][ T6853] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 257.656585][ T6853] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 258.783844][ T6853] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 260.633248][ T6853] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 260.647076][ T6853] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 260.717532][ T6853] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 260.718514][ T6853] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 260.732116][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 260.732193][ T5612] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 260.780729][ T6853] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 261.307950][ T6853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.390366][ T6853] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.421729][ T1521] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.421853][ T1521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.498258][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.498386][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.638320][ T6959] binder: 6958:6959 ioctl c0306201 0 returned -14 [ 264.960344][ T6981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.321'. [ 265.174929][ T6853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.462119][ T6989] netlink: 'syz.1.323': attribute type 10 has an invalid length. [ 269.673264][ T6853] veth0_vlan: entered promiscuous mode [ 269.749025][ T6853] veth1_vlan: entered promiscuous mode [ 269.936153][ T6853] veth0_macvtap: entered promiscuous mode [ 269.958905][ T6853] veth1_macvtap: entered promiscuous mode [ 270.879784][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 270.905929][ T5612] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 272.789299][ T7023] binder: 7021:7023 ioctl c0306201 0 returned -14 [ 272.887527][ T6853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 272.909775][ T6853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 272.972737][ T6018] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.021188][ T6018] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.025852][ T6018] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.026460][ T6018] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.125889][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.125908][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.314253][ T1521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.314275][ T1521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.340352][ T7039] tmpfs: Too small a size for current use [ 284.409635][ T7081] tmpfs: Too small a size for current use [ 299.137265][ T5612] Bluetooth: hci3: command 0x0406 tx timeout [ 299.193988][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 301.635752][ T9] usb 2-1: unable to get BOS descriptor or descriptor too short [ 301.637016][ T9] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 301.637052][ T9] usb 2-1: can't read configurations, error -71 [ 307.493751][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 307.493830][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.558314][ T59] Bluetooth: hci5: command 0x0406 tx timeout [ 329.081620][ T7291] fuse: Bad value for 'user_id' [ 329.081641][ T7291] fuse: Bad value for 'user_id' [ 332.575561][ T7309] binder: BINDER_SET_CONTEXT_MGR already set [ 332.575576][ T7309] binder: 7308:7309 ioctl 4018620d 200000000100 returned -16 [ 332.578866][ T7309] binder: BINDER_SET_CONTEXT_MGR already set [ 332.578878][ T7309] binder: 7308:7309 ioctl 4018620d 2000000003c0 returned -16 [ 340.934650][ T7345] fuse: Bad value for 'user_id' [ 340.934670][ T7345] fuse: Bad value for 'user_id' [ 349.984394][ T7404] ptrace attach of "ci-upstream-kasan-gce-smack-root/syz-executor exec"[5607] was attempted by "ci-upstream-kasan-gce-smack-root/syz-executor exec"[7404] [ 356.035293][ T7422] binder: 7421:7422 ioctl c0306201 0 returned -14 [ 364.350402][ T5612] Bluetooth: hci5: command 0x0406 tx timeout [ 365.431444][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 365.431511][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 366.282401][ T7468] ptrace attach of "ci-upstream-kasan-gce-smack-root/syz-executor exec"[5606] was attempted by "ci-upstream-kasan-gce-smack-root/syz-executor exec"[7468] [ 375.433325][ T7524] 9p: Bad value for 'rfdno' [ 376.737455][ T7531] syzkaller0: entered promiscuous mode [ 376.737473][ T7531] syzkaller0: entered allmulticast mode [ 388.268333][ T7597] overlayfs: failed to resolve './file1': -2 [ 423.948357][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 423.948399][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 438.693118][ T5804] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 438.871965][ T5804] usb 2-1: Using ep0 maxpacket: 32 [ 438.898004][ T5804] usb 2-1: unable to get BOS descriptor or descriptor too short [ 438.909304][ T5804] usb 2-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 438.909323][ T5804] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.909333][ T5804] usb 2-1: Product: syz [ 438.909340][ T5804] usb 2-1: Manufacturer: syz [ 438.909348][ T5804] usb 2-1: SerialNumber: syz [ 439.285085][ T7847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 439.285675][ T7847] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 440.182813][ T5804] usb 2-1: unit 0 not found! [ 440.293322][ T7860] process 'syz.2.558' launched './file1' with NULL argv: empty string added [ 441.629420][ T5804] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 441.651512][ T5804] usb 2-1: unit 0 not found! [ 441.694253][ T5804] snd-usb-audio 2-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 442.783790][ T5804] usb 2-1: unit 0 not found! [ 443.777818][ T7880] binder_alloc: 7879: binder_alloc_buf, no vma [ 448.998551][ T5804] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 449.042784][ T5804] usb 2-1: USB disconnect, device number 5 [ 449.293757][ T5621] udevd[5621]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 451.178531][ T5730] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 452.633918][ T5730] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 452.633959][ T5730] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 452.633982][ T5730] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 452.634023][ T5730] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 452.634053][ T5730] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.707038][ T5730] usb 1-1: config 0 descriptor?? [ 453.721630][ T7930] binder_alloc: 7926: binder_alloc_buf, no vma [ 454.896219][ T5730] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 454.986023][ T5730] usb 1-1: USB disconnect, device number 2 [ 455.863513][ T7934] fido_id[7934]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 461.779497][ T7971] binder_alloc: 7969: binder_alloc_buf, no vma [ 475.523525][ T8035] binder_alloc: 8033: binder_alloc_buf, no vma [ 482.586276][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 482.586337][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 487.712669][ T8094] input: syz0 as /devices/virtual/input/input10 [ 491.127007][ T8121] syz_tun: entered allmulticast mode [ 500.102910][ T8161] fuse: Unknown parameter 'use00000000000000000000' [ 503.686903][ T5337] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 504.880094][ T5337] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 505.370987][ T5337] usb 1-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 505.371018][ T5337] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.371037][ T5337] usb 1-1: Product: syz [ 505.371051][ T5337] usb 1-1: Manufacturer: syz [ 505.371065][ T5337] usb 1-1: SerialNumber: syz [ 505.560302][ T5337] usb 1-1: can't set config #1, error -71 [ 505.591626][ T5337] usb 1-1: USB disconnect, device number 3 [ 505.731990][ T9] IPVS: starting estimator thread 0... [ 505.839817][ T8189] IPVS: using max 10 ests per chain, 24000 per kthread [ 513.691335][ T5804] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 513.840447][ T5804] usb 5-1: Using ep0 maxpacket: 32 [ 513.877364][ T5804] usb 5-1: device descriptor read/all, error -71 [ 519.345477][ T5617] IPVS: starting estimator thread 0... [ 519.431431][ T8257] IPVS: using max 8 ests per chain, 19200 per kthread [ 519.783488][ T5730] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 520.034037][ T5730] usb 6-1: config 0 interface 0 has no altsetting 0 [ 520.034080][ T5730] usb 6-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00 [ 520.034103][ T5730] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.107795][ T5730] usb 6-1: config 0 descriptor?? [ 521.151833][ T5730] pantherlord 0003:0F30:0111.0003: unknown main item tag 0x5 [ 521.151877][ T5730] pantherlord 0003:0F30:0111.0003: unknown main item tag 0x7 [ 521.214532][ T5730] pantherlord 0003:0F30:0111.0003: hidraw0: USB HID v0.81 Device [HID 0f30:0111] on usb-dummy_hcd.5-1/input0 [ 521.214567][ T5730] pantherlord 0003:0F30:0111.0003: no output reports found [ 521.888518][ T5730] usb 6-1: USB disconnect, device number 2 [ 523.107443][ T8287] binder: 8286:8287 ioctl c0306201 0 returned -14 [ 523.384164][ T821] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 523.559340][ T821] usb 2-1: unable to get BOS descriptor or descriptor too short [ 523.560589][ T821] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 523.560612][ T821] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 523.560653][ T821] usb 2-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30 [ 523.560694][ T821] usb 2-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188 [ 523.560731][ T821] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 523.560757][ T821] usb 2-1: config 1 interface 1 has no altsetting 0 [ 523.563819][ T821] usb 2-1: string descriptor 0 read error: -22 [ 523.563945][ T821] usb 2-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40 [ 523.563958][ T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.981001][ T1032] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 525.999872][ T821] usb 2-1: 2:0: failed to get current value for ch 1 (-71) [ 526.247274][ T821] usb 2-1: USB disconnect, device number 6 [ 527.026090][ T1032] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.342517][ T8319] deleting an unspecified loop device is not supported. [ 529.554843][ T5612] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 529.606074][ T1032] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.630532][ T5612] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 529.666080][ T5612] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 529.678236][ T5612] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 529.697682][ T5612] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 529.774457][ T8323] fuse: Unknown parameter 'user_i00000000000000000000' [ 532.199752][ T5612] Bluetooth: hci4: command tx timeout [ 533.507509][ T1032] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 533.572633][ T8345] binder: 8343:8345 ioctl c0306201 0 returned -14 [ 534.118114][ T5612] Bluetooth: hci4: command tx timeout [ 535.016533][ T8361] netlink: 'syz.2.695': attribute type 4 has an invalid length. [ 535.580606][ T8371] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 535.785486][ T1032] bridge_slave_1: left allmulticast mode [ 535.785713][ T1032] bridge_slave_1: left promiscuous mode [ 535.840742][ T1032] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.100751][ T5612] Bluetooth: hci4: command tx timeout [ 536.139846][ T5804] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 536.328615][ T5804] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 536.328650][ T5804] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 536.328672][ T5804] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 536.328715][ T5804] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 536.328737][ T5804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.460787][ T8390] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 536.484777][ T5804] usb 2-1: config 0 descriptor?? [ 536.520664][ T1032] bridge_slave_0: left allmulticast mode [ 536.520697][ T1032] bridge_slave_0: left promiscuous mode [ 536.569833][ T1032] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.007502][ T5804] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 537.276159][ T8398] fuse: Unknown parameter 'user_i00000000000000000000' [ 537.338464][ T5804] usb 2-1: USB disconnect, device number 7 [ 537.582156][ T1032] bond_slave_0: left promiscuous mode [ 537.600826][ T1032] bond_slave_1: left promiscuous mode [ 538.681556][ T5612] Bluetooth: hci4: command tx timeout [ 539.812164][ T8410] binder: 8409:8410 ioctl c0306201 0 returned -14 [ 541.155073][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 541.155137][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 541.494803][ T8421] ======================================================= [ 541.494803][ T8421] WARNING: The mand mount option has been deprecated and [ 541.494803][ T8421] and is ignored by this kernel. Remove the mand [ 541.494803][ T8421] option from the mount to silence this warning. [ 541.494803][ T8421] ======================================================= [ 541.714811][ T1032] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 541.749054][ T1032] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 541.770328][ T1032] bond0 (unregistering): Released all slaves [ 541.906846][ T5266] 8021q: adding VLAN 0 to HW filter on device eth1 [ 542.812000][ T8320] bridge0: port 1(bridge_slave_0) entered blocking state [ 542.812507][ T8320] bridge0: port 1(bridge_slave_0) entered disabled state [ 542.812745][ T8320] bridge_slave_0: entered allmulticast mode [ 542.820111][ T8320] bridge_slave_0: entered promiscuous mode [ 542.831590][ T8320] bridge0: port 2(bridge_slave_1) entered blocking state [ 542.833312][ T8320] bridge0: port 2(bridge_slave_1) entered disabled state [ 542.833535][ T8320] bridge_slave_1: entered allmulticast mode [ 542.839959][ T8320] bridge_slave_1: entered promiscuous mode [ 543.075962][ T8320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 543.083789][ T8320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 543.407366][ T8320] team0: Port device team_slave_0 added [ 543.410692][ T8320] team0: Port device team_slave_1 added [ 545.083729][ T5266] 8021q: adding VLAN 0 to HW filter on device eth2 [ 545.298175][ T8320] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 545.298189][ T8320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 545.298208][ T8320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 547.078793][ T8320] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 547.078809][ T8320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 547.078835][ T8320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 548.984439][ T8320] hsr_slave_0: entered promiscuous mode [ 548.985796][ T8320] hsr_slave_1: entered promiscuous mode [ 549.024916][ T8320] debugfs: 'hsr0' already exists in 'hsr' [ 549.025052][ T8320] Cannot create hsr debugfs directory [ 549.327933][ T8489] fuse: Bad value for 'fd' [ 551.919227][ T5266] 8021q: adding VLAN 0 to HW filter on device eth3 [ 552.349183][ T1032] hsr_slave_0: left promiscuous mode [ 552.387295][ T1032] hsr_slave_1: left promiscuous mode [ 552.388216][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 552.388300][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 552.449094][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 552.449120][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 552.544154][ T1032] veth1_macvtap: left promiscuous mode [ 552.544507][ T1032] veth0_macvtap: left promiscuous mode [ 552.545773][ T1032] veth1_vlan: left promiscuous mode [ 552.546155][ T1032] veth0_vlan: left promiscuous mode [ 557.949567][ T1032] team0 (unregistering): Port device team_slave_1 removed [ 557.996944][ T1032] team0 (unregistering): Port device team_slave_0 removed [ 558.425223][ T8520] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 558.425370][ T8520] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 558.545856][ T8520] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 558.546039][ T8520] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 558.609112][ T8520] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 558.609288][ T8520] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 558.609357][ T8520] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 558.817723][ T8520] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 559.138710][ T8320] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 559.268912][ T8320] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 559.280758][ T8320] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 559.376647][ T8320] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 559.388317][ T8320] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 559.472075][ T8320] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 559.482235][ T8320] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 559.603019][ T8320] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 560.072384][ T5266] 8021q: adding VLAN 0 to HW filter on device eth4 [ 560.165876][ T8320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.255528][ T8320] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.637141][ T8320] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 560.637167][ T8320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 560.977289][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.978016][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 561.047135][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 561.047265][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 561.608471][ T59] Bluetooth: hci1: command 0x0406 tx timeout [ 561.608703][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 561.608732][ T59] Bluetooth: hci3: command 0x0406 tx timeout [ 561.608816][ T59] Bluetooth: hci4: command 0x0c1a tx timeout [ 561.608908][ T59] Bluetooth: hci5: command 0x0406 tx timeout [ 564.606860][ T5612] Bluetooth: hci4: command 0x0c1a tx timeout [ 564.606895][ T5612] Bluetooth: hci1: command 0x0406 tx timeout [ 566.142045][ T8320] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.539901][ T8626] Invalid option length (1045252) for dns_resolver key [ 567.286876][ T59] Bluetooth: hci4: command 0x0c1a tx timeout [ 569.591340][ T8320] veth0_vlan: entered promiscuous mode [ 569.675577][ T8320] veth1_vlan: entered promiscuous mode [ 569.843993][ T8320] veth0_macvtap: entered promiscuous mode [ 569.872534][ T8320] veth1_macvtap: entered promiscuous mode [ 569.931931][ T8320] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 569.966541][ T8320] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 569.996734][ T1177] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.018201][ T1177] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.019711][ T1177] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.023942][ T1177] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.109345][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 571.109365][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 571.358646][ T1027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 571.358667][ T1027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 576.064668][ T6762] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 576.226817][ T6762] usb 3-1: Using ep0 maxpacket: 8 [ 576.234516][ T6762] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 576.234565][ T6762] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 55456, setting to 1024 [ 576.234590][ T6762] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024 [ 576.318712][ T6762] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 576.318736][ T6762] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 576.318755][ T6762] usb 3-1: Product: syz [ 576.318769][ T6762] usb 3-1: Manufacturer: syz [ 576.318783][ T6762] usb 3-1: SerialNumber: syz [ 576.607960][ T8682] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 577.493653][ T8682] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 578.824523][ T6762] cdc_ncm 3-1:1.0: failed to get mac address [ 578.941235][ T6762] cdc_ncm 3-1:1.0: bind() failure [ 578.989963][ T6762] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 578.993662][ T6762] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 579.012756][ T6762] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 579.112808][ T6762] usb 3-1: USB disconnect, device number 7 [ 581.514470][ T8708] kernel profiling enabled (shift: 5) [ 586.538721][ T821] kernel read not supported for file /19/task/20 (pid: 821 comm: kworker/1:2) [ 591.286321][ T5337] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 591.466056][ T5337] usb 2-1: Using ep0 maxpacket: 8 [ 591.473535][ T5337] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 591.473586][ T5337] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 591.473608][ T5337] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.428537][ T5337] usb 2-1: string descriptor 0 read error: -71 [ 592.428971][ T5337] hub 2-1:32.0: USB hub found [ 592.430767][ T5337] hub 2-1:32.0: config failed, can't read hub descriptor (err -22) [ 593.089939][ T5612] Bluetooth: hci5: unexpected event for opcode 0x1004 [ 593.580498][ T5337] usb 2-1: USB disconnect, device number 8 [ 594.019134][ T5804] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 594.161365][ T5804] usb 6-1: Using ep0 maxpacket: 8 [ 594.168761][ T5804] usb 6-1: unable to get BOS descriptor or descriptor too short [ 594.194956][ T5804] usb 6-1: New USB device found, idVendor=0499, idProduct=105c, bcdDevice= 0.40 [ 594.194976][ T5804] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 594.194986][ T5804] usb 6-1: Product: syz [ 594.194994][ T5804] usb 6-1: Manufacturer: syz [ 594.195001][ T5804] usb 6-1: SerialNumber: syz [ 595.665978][ T5804] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 596.058845][ T5804] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -2 [ 596.104776][ T5804] usb 6-1: USB disconnect, device number 3 [ 596.984582][ T5612] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 596.985114][ T5612] Bluetooth: hci5: Injecting HCI hardware error event [ 596.988715][ T5612] Bluetooth: hci5: hardware error 0x00 [ 597.131667][ T5611] udevd[5611]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 600.092903][ T5612] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 600.100698][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 600.100767][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 658.029099][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 658.029140][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 673.015024][ T9179] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 673.068686][ T9179] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 673.082485][ T9179] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 673.101388][ T9179] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 673.105446][ T9179] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 675.987708][ T5612] Bluetooth: hci6: command tx timeout [ 678.237430][ T5612] Bluetooth: hci6: command tx timeout [ 678.567117][ T9221] futex_wake_op: syz.4.887 tries to shift op by 144; fix this program [ 678.890870][ T164] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 680.188089][ T5612] Bluetooth: hci6: command tx timeout [ 682.169439][ T5612] Bluetooth: hci6: command tx timeout [ 682.620045][ T164] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.280539][ T164] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.410166][ T9178] bridge0: port 1(bridge_slave_0) entered blocking state [ 686.410376][ T9178] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.410557][ T9178] bridge_slave_0: entered allmulticast mode [ 686.413079][ T9178] bridge_slave_0: entered promiscuous mode [ 686.468857][ T9178] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.469077][ T9178] bridge0: port 2(bridge_slave_1) entered disabled state [ 686.469316][ T9178] bridge_slave_1: entered allmulticast mode [ 686.473986][ T9178] bridge_slave_1: entered promiscuous mode [ 686.587177][ T9178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 686.612092][ T9178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 687.771939][ T164] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.113047][ T9178] team0: Port device team_slave_0 added [ 688.119704][ T9178] team0: Port device team_slave_1 added [ 688.168481][ T9178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 688.168497][ T9178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 688.168521][ T9178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 688.174068][ T9178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 688.174090][ T9178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 688.174114][ T9178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 688.256970][ T9178] hsr_slave_0: entered promiscuous mode [ 688.260304][ T9178] hsr_slave_1: entered promiscuous mode [ 688.262481][ T9178] debugfs: 'hsr0' already exists in 'hsr' [ 688.262518][ T9178] Cannot create hsr debugfs directory [ 693.218206][ T8392] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 693.363308][ T8392] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 693.363337][ T8392] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 693.363356][ T8392] usb 2-1: config 220 has no interface number 2 [ 693.363418][ T8392] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 693.363444][ T8392] usb 2-1: config 220 interface 0 has no altsetting 0 [ 693.363462][ T8392] usb 2-1: config 220 interface 76 has no altsetting 0 [ 693.363480][ T8392] usb 2-1: config 220 interface 1 has no altsetting 0 [ 693.397806][ T8392] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 693.397836][ T8392] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 693.397855][ T8392] usb 2-1: Product: syz [ 693.397868][ T8392] usb 2-1: Manufacturer: syz [ 693.397882][ T8392] usb 2-1: SerialNumber: syz [ 693.526788][ T164] bridge_slave_1: left allmulticast mode [ 693.527353][ T164] bridge_slave_1: left promiscuous mode [ 694.568724][ T164] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.746494][ T8392] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 694.746600][ T8392] uvcvideo 2-1:220.0: No valid video chain found. [ 694.746726][ T8392] usb 2-1: selecting invalid altsetting 0 [ 694.822673][ T164] bridge_slave_0: left allmulticast mode [ 694.822715][ T164] bridge_slave_0: left promiscuous mode [ 694.823867][ T164] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.847003][ T8392] usb 2-1: selecting invalid altsetting 0 [ 694.847038][ T8392] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 694.897311][ T8392] usb 2-1: USB disconnect, device number 9 [ 698.180851][ T164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 698.219993][ T164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 698.239190][ T164] bond0 (unregistering): Released all slaves [ 700.928343][ T5266] 8021q: adding VLAN 0 to HW filter on device eth5 [ 706.748132][ T9178] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 707.788775][ T9178] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 707.796428][ T9178] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 708.330516][ T9178] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 708.516419][ T9178] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 708.608167][ T9178] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 709.762900][ T164] hsr_slave_0: left promiscuous mode [ 709.823629][ T164] hsr_slave_1: left promiscuous mode [ 709.824339][ T164] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 709.824356][ T164] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 709.872737][ T164] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 709.872764][ T164] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 709.947347][ T164] veth1_macvtap: left promiscuous mode [ 709.947448][ T164] veth0_macvtap: left promiscuous mode [ 709.947682][ T164] veth1_vlan: left promiscuous mode [ 709.947843][ T164] veth0_vlan: left promiscuous mode [ 712.012151][ T164] team0 (unregistering): Port device team_slave_1 removed [ 712.047496][ T164] team0 (unregistering): Port device team_slave_0 removed [ 713.764516][ T9178] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 714.037243][ T9178] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 714.049441][ T5266] 8021q: adding VLAN 0 to HW filter on device eth6 [ 716.350910][ T9178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 716.417450][ T9178] 8021q: adding VLAN 0 to HW filter on device team0 [ 716.441034][ T1281] bridge0: port 1(bridge_slave_0) entered blocking state [ 716.441244][ T1281] bridge0: port 1(bridge_slave_0) entered forwarding state [ 716.542563][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.542630][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.610071][ T9233] bridge0: port 2(bridge_slave_1) entered blocking state [ 716.610197][ T9233] bridge0: port 2(bridge_slave_1) entered forwarding state [ 717.843625][ T164] IPVS: stop unused estimator thread 0... [ 718.001734][ T5266] 8021q: adding VLAN 0 to HW filter on device eth7 [ 720.780642][ T9178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 724.205881][ T5266] 8021q: adding VLAN 0 to HW filter on device eth8 [ 724.219782][ T9178] veth0_vlan: entered promiscuous mode [ 724.406843][ T9178] veth1_vlan: entered promiscuous mode [ 724.732305][ T9178] veth0_macvtap: entered promiscuous mode [ 724.774241][ T9178] veth1_macvtap: entered promiscuous mode [ 724.845091][ T9178] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 724.901678][ T9178] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 724.935386][ T1281] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 724.935850][ T1281] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 725.040052][ T1281] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 725.046837][ T1281] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 728.904510][ T9179] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 728.997622][ T9179] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 729.000989][ T9179] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 729.025230][ T9179] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 729.047640][ T9179] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 731.147823][ T9179] Bluetooth: hci5: command tx timeout [ 733.082807][ T9179] Bluetooth: hci5: command tx timeout [ 734.103789][ T56] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.449323][ T9179] Bluetooth: hci5: command tx timeout [ 738.520886][ T9179] Bluetooth: hci5: command tx timeout [ 738.626624][ T56] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.938013][ T9559] binder_alloc: 9558: binder_alloc_buf, no vma [ 740.848808][ T56] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.190676][ T37] kauditd_printk_skb: 3 callbacks suppressed [ 741.190692][ T37] audit: type=1326 audit(1780065204.971:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.190726][ T37] audit: type=1326 audit(1780065204.992:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.190762][ T37] audit: type=1326 audit(1780065204.992:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.285366][ T37] audit: type=1326 audit(1780065205.066:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.285424][ T37] audit: type=1326 audit(1780065205.066:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.318862][ T37] audit: type=1326 audit(1780065205.118:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.332580][ T37] audit: type=1326 audit(1780065205.139:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.332630][ T37] audit: type=1326 audit(1780065205.139:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.332670][ T37] audit: type=1326 audit(1780065205.139:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e194ce59 code=0x7ffc0000 [ 741.467175][ T37] audit: type=1326 audit(1780065205.286:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.949" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe5e194cbc2 code=0x7ffc0000 [ 742.037703][ T56] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.827764][ T9584] Bluetooth: hci0: invalid length 0, exp 2 for type 16 [ 742.931359][ T9484] bridge0: port 1(bridge_slave_0) entered blocking state [ 742.931592][ T9484] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.931829][ T9484] bridge_slave_0: entered allmulticast mode [ 742.992446][ T9484] bridge_slave_0: entered promiscuous mode [ 743.021470][ T9484] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.037812][ T9484] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.037994][ T9484] bridge_slave_1: entered allmulticast mode [ 743.057377][ T9484] bridge_slave_1: entered promiscuous mode [ 744.172444][ T9484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.191549][ T9484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 744.422963][ T9484] team0: Port device team_slave_0 added [ 744.427650][ T9484] team0: Port device team_slave_1 added [ 744.594211][ T9484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 744.594241][ T9484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 744.594267][ T9484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 744.599136][ T9484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 744.599153][ T9484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 744.599177][ T9484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 748.886999][ T9618] binder_alloc: 9616: binder_alloc_buf, no vma [ 749.239496][ T9484] hsr_slave_0: entered promiscuous mode [ 749.246525][ T9484] hsr_slave_1: entered promiscuous mode [ 749.247486][ T9484] debugfs: 'hsr0' already exists in 'hsr' [ 749.247509][ T9484] Cannot create hsr debugfs directory [ 751.998074][ T56] bridge_slave_1: left allmulticast mode [ 751.998109][ T56] bridge_slave_1: left promiscuous mode [ 751.998385][ T56] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.258864][ T56] bridge_slave_0: left allmulticast mode [ 752.258887][ T56] bridge_slave_0: left promiscuous mode [ 752.259046][ T56] bridge0: port 1(bridge_slave_0) entered disabled state [ 753.902952][ T9643] io-wq is not configured for unbound workers [ 754.772243][ T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 754.955791][ T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 754.970941][ T56] bond0 (unregistering): Released all slaves [ 765.538253][ T56] hsr_slave_0: left promiscuous mode [ 765.573856][ T56] hsr_slave_1: left promiscuous mode [ 765.574573][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 765.574588][ T56] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 765.646454][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 765.646496][ T56] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 765.798703][ T56] veth1_macvtap: left promiscuous mode [ 765.798806][ T56] veth0_macvtap: left promiscuous mode [ 765.799097][ T56] veth1_vlan: left promiscuous mode [ 765.799268][ T56] veth0_vlan: left promiscuous mode [ 770.084486][ T56] team0 (unregistering): Port device team_slave_1 removed [ 770.112380][ T56] team0 (unregistering): Port device team_slave_0 removed [ 772.199199][ T5612] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 772.301669][ T5612] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 772.304620][ T5612] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 772.331527][ T5612] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 772.338578][ T5612] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 774.372823][ T5612] Bluetooth: hci6: command tx timeout [ 775.059399][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 775.059470][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 777.100610][ T5612] Bluetooth: hci6: command tx timeout [ 778.421413][ T9484] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 778.469023][ T9484] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 779.016257][ T5612] Bluetooth: hci6: command tx timeout [ 780.997269][ T5612] Bluetooth: hci6: command tx timeout [ 833.764663][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.764940][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 850.184722][ T5612] Bluetooth: hci5: command 0x0406 tx timeout [ 878.768208][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 878.768225][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P9689/1:b..l [ 878.768259][ C1] rcu: (detected by 1, t=10502 jiffies, g=45717, q=1358 ncpus=2) [ 878.768281][ C1] task:syz.1.972 state:R running task stack:22304 pid:9689 tgid:9689 ppid:5606 task_flags:0x40064c flags:0x00080001 [ 878.768334][ C1] Call Trace: [ 878.768340][ C1] [ 878.768351][ C1] __schedule+0x16ec/0x5620 [ 878.768525][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 878.768638][ C1] ? __pfx___schedule+0x10/0x10 [ 878.768663][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 878.768694][ C1] preempt_schedule_irq+0x4d/0xa0 [ 878.768717][ C1] irqentry_exit+0x14f/0x8b0 [ 878.768765][ C1] ? trace_irq_disable+0x3b/0x140 [ 878.768821][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 878.768892][ C1] RIP: 0010:lock_acquire+0x221/0x350 [ 878.768913][ C1] Code: ff ff ff e8 81 4e 7b 09 f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 68 c9 10 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 28 51 eb [ 878.768926][ C1] RSP: 0000:ffffc9000e5bed78 EFLAGS: 00000286 [ 878.768970][ C1] RAX: 722ae761d53f9000 RBX: 0000000000000000 RCX: 0000000000000046 [ 878.768982][ C1] RDX: 000000005f479b93 RSI: ffffffff8d85e9a4 RDI: ffffffff8ba759e0 [ 878.768994][ C1] RBP: ffffffff8176c226 R08: ffffffff8176c226 R09: ffffffff8dfc80c0 [ 878.769006][ C1] R10: ffffc9000e5beed8 R11: ffffffff81af87f0 R12: 0000000000000002 [ 878.769017][ C1] R13: ffffffff8dfc80c0 R14: 0000000000000000 R15: 0000000000000246 [ 878.769031][ C1] ? unwind_next_frame+0xa6/0x2550 [ 878.769053][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 878.769100][ C1] ? unwind_next_frame+0xa6/0x2550 [ 878.769128][ C1] ? free_unref_folios+0xd8d/0x1990 [ 878.769220][ C1] ? unwind_next_frame+0xa6/0x2550 [ 878.769240][ C1] unwind_next_frame+0xc3/0x2550 [ 878.769259][ C1] ? unwind_next_frame+0xa6/0x2550 [ 878.769285][ C1] ? unwind_next_frame+0xa6/0x2550 [ 878.769306][ C1] ? __reset_page_owner+0x71/0x1f0 [ 878.769383][ C1] ? free_unref_folios+0xd8d/0x1990 [ 878.769405][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 878.769432][ C1] arch_stack_walk+0x11b/0x150 [ 878.769458][ C1] ? free_unref_folios+0xd8d/0x1990 [ 878.769481][ C1] stack_trace_save+0xa9/0x100 [ 878.769500][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 878.769519][ C1] ? stack_depot_save_flags+0x33/0x810 [ 878.769629][ C1] save_stack+0x122/0x230 [ 878.769651][ C1] ? __pfx_save_stack+0x10/0x10 [ 878.769668][ C1] ? page_ext_get+0x22/0x2e0 [ 878.769710][ C1] ? free_unref_folios+0xd8d/0x1990 [ 878.769741][ C1] ? page_ext_put+0x97/0xc0 [ 878.769763][ C1] __reset_page_owner+0x71/0x1f0 [ 878.769786][ C1] free_unref_folios+0xd8d/0x1990 [ 878.769818][ C1] folios_put_refs+0x7cb/0x8d0 [ 878.769885][ C1] ? __pfx_folios_put_refs+0x10/0x10 [ 878.769896][ C1] ? filemap_remove_folio+0x315/0x3b0 [ 878.769951][ C1] ? folio_batch_remove_exceptionals+0x18c/0x1f0 [ 878.769965][ C1] shmem_undo_range+0x52c/0x1660 [ 878.770022][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 878.770035][ C1] ? __pfx_shmem_undo_range+0x10/0x10 [ 878.770071][ C1] ? do_raw_spin_lock+0x12b/0x2f0 [ 878.770082][ C1] ? percpu_counter_add_batch+0xea/0x1d0 [ 878.770118][ C1] shmem_evict_inode+0x289/0xae0 [ 878.770133][ C1] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 878.770176][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 878.770189][ C1] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 878.770200][ C1] ? rt_spin_unlock+0x14f/0x200 [ 878.770213][ C1] ? rt_spin_unlock+0x160/0x200 [ 878.770222][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 878.770234][ C1] evict+0x61e/0xb10 [ 878.770278][ C1] ? rt_spin_unlock+0x14f/0x200 [ 878.770288][ C1] ? __pfx_evict+0x10/0x10 [ 878.770299][ C1] ? rt_spin_unlock+0x160/0x200 [ 878.770311][ C1] ? iput+0xb25/0xe80 [ 878.770323][ C1] __dentry_kill+0x1a2/0x690 [ 878.770358][ C1] ? finish_dput+0xad/0x480 [ 878.770367][ C1] finish_dput+0xc9/0x480 [ 878.770377][ C1] __fput+0x6a3/0xa70 [ 878.770424][ C1] task_work_run+0x1d9/0x270 [ 878.770444][ C1] ? __pfx_task_work_run+0x10/0x10 [ 878.770457][ C1] ? rt_spin_unlock+0x160/0x200 [ 878.770470][ C1] do_exit+0x70f/0x22c0 [ 878.770492][ C1] ? __pfx_do_exit+0x10/0x10 [ 878.770510][ C1] do_group_exit+0x21b/0x2d0 [ 878.770523][ C1] ? rt_spin_unlock+0x160/0x200 [ 878.770534][ C1] get_signal+0x1284/0x1330