last executing test programs: 8m5.054034191s ago: executing program 0 (id=184): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00'}, 0x48) r1 = socket$kcm(0x2, 0x1, 0x0) sendmsg$inet(r1, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b2844869"], &(0x7f0000000140)='GPL\x00'}, 0x48) r4 = socket$kcm(0x2, 0x1, 0x0) sendmsg$inet(r4, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r4, r3}) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r1, r0}) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000680)={r1}) 8m4.482293055s ago: executing program 0 (id=185): syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902"], 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000200)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff, 0x1}) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$can_bcm(0x1d, 0x2, 0x2) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000062102000100000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES16=r2], 0x54}}, 0x20000000) 8m1.313669819s ago: executing program 0 (id=195): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9caf13ed9a2924ed053d2b4b24aedb4035d4212c8a5f7df3b67916187c245f81035efe9b53a8d79988d4b00a8aa5926f8b9103fd0e543cebd14ca5d0825146c7ff12ef0b8fe612538542d6f5c9fdc7894374795b8ccb6bdb303b42aa86746d3370ad7a31c090504104000050209072501830200040725018101070009045b060c317135060905051008000600d30725018002000009050610200080ff0407250101060200090500100004090401090504104000ab0005090505022000060d0d48007672bf7524ef90e0a086de3562bf356642bc0201de8fa807c3b757b1c182c0f4c59af7c59293e1bc41956912be0eafd96bdf03aa6117bc3e50fbee59a6e5dfc7206516e091fce94c0c778a134b5368d1af31d240535b0725018002010009050b08000401a9050725010332f60b0725010206ac15090502140000c7070e0905010400020805800905051000020802ae07250103fbff0009050010400008000309050c040002030d07410f8c1ea652c620acd24cbf2bfeb921dfc3f2c147f7c05a53e4f7db6742a64c76fe8d2f319387c80165b1ad6b9054e93ae7385d785e1c040f2c4e5c2388ef8791090509002000010802"], 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a510800020010"], 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfff0) 7m58.226270368s ago: executing program 0 (id=208): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) modify_ldt$write(0x1, &(0x7f0000000040), 0x10) 7m56.157222479s ago: executing program 0 (id=211): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b3a090, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x1010408, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) 7m55.698555209s ago: executing program 0 (id=214): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000004000000e27f000002"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000006c0)={r1, &(0x7f0000000500), 0x0}, 0x20) 7m40.346943083s ago: executing program 32 (id=214): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000004000000e27f000002"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000006c0)={r1, &(0x7f0000000500), 0x0}, 0x20) 3m49.635108789s ago: executing program 3 (id=898): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB], 0x48) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x17) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000100bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f01726a067818b990b13bfddb7e78270010720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/187], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0xa002a0, 0x10, 0x18, &(0x7f0000000000)="5ae02efc441a80536af0d1d905c723fa", &(0x7f0000000040)=""/24, 0x6414}, 0x28) 3m47.366489819s ago: executing program 3 (id=901): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_usb_connect(0x0, 0x36, 0x0, 0x0) write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f0000c0c000/0x1000)=nil, 0x1000, 0x4) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) 3m41.092610204s ago: executing program 3 (id=913): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) 3m39.292333s ago: executing program 3 (id=922): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0xffffc000, 0x8000}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) dup3(r2, r0, 0x0) r3 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 3m37.71684892s ago: executing program 3 (id=927): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) 3m34.922977528s ago: executing program 3 (id=932): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x4) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x8}, 0x8) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000580)=[@in={0x2, 0x4e24, @loopback}], 0x10) sendmmsg$inet6(r1, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000580)=ANY=[], 0x1000f) 3m19.833353611s ago: executing program 33 (id=932): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x4) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x8}, 0x8) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000580)=[@in={0x2, 0x4e24, @loopback}], 0x10) sendmmsg$inet6(r1, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000580)=ANY=[], 0x1000f) 2m56.460179348s ago: executing program 1 (id=1026): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_int(r3, 0x0, 0x32, &(0x7f0000000000), 0x4) 2m54.883576339s ago: executing program 1 (id=1032): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a40)=@newsa={0x138, 0x10, 0x1, 0x70bd25, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@empty, 0x2, 0x0, 0x4e20, 0x0, 0x0, 0x20, 0x0, 0x62}, {@in=@broadcast, 0x0, 0x33}, @in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, {0x0, 0x4, 0x0, 0x8000000000000000, 0x0, 0xffffffffffffffff, 0x3, 0xffffffffffffffff}, {0x5680000000, 0x0, 0x0, 0x8000}, {0x10, 0x9}, 0x0, 0x0, 0xa, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x60020855}, 0x24000058) 2m53.460594679s ago: executing program 1 (id=1034): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x44, 0x0) r3 = syz_io_uring_setup(0xac9, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r0, 0x0, 0x0, 0x0, 0x10002, 0x1}) io_uring_enter(r3, 0x6efc, 0x3900, 0xb, 0x0, 0x0) 2m44.488007819s ago: executing program 1 (id=1047): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x2, {{0x42}}}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000481a}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x1000) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000200)) 2m43.738474062s ago: executing program 1 (id=1049): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000002880)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2m43.491045012s ago: executing program 1 (id=1050): socket$kcm(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000c00000000000000008500000007000000040000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x80002, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r1 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r2], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2m35.190161487s ago: executing program 4 (id=1066): socket$inet_tcp(0x2, 0x1, 0x0) r0 = timerfd_create(0x8, 0x80000) timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_io_uring_setup(0x5ef7, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x17}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 2m33.767686976s ago: executing program 5 (id=1067): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x33) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000dc0)={{r1, 0xffffffffffffffff}, &(0x7f0000000500), &(0x7f00000000c0)='%ps \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x1c, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf0000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x18) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x800) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 2m33.616385201s ago: executing program 5 (id=1068): socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8001}, 0x18) socket$inet6_sctp(0xa, 0x801, 0x84) socket(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f00000001c0), &(0x7f0000000300)=r3}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r2, &(0x7f0000000500)='\a0', &(0x7f0000000480)=@tcp=r3}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) 2m33.320055265s ago: executing program 4 (id=1071): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = getpgrp(0xffffffffffffffff) r4 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp(r3, r4, 0xdb6972e93d360997, 0xffffffffffffffff, 0xffffffffffffffff) 2m33.217715853s ago: executing program 5 (id=1072): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10) splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa) sendto$inet(r2, &(0x7f0000000080)="93", 0x1, 0x4004, 0x0, 0x0) 2m31.447391569s ago: executing program 4 (id=1074): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) creat(&(0x7f0000000300)='./bus\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file8\x00', 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file6\x00', 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f00000008c0)='./file4\x00', 0xffffffffffffff9c, &(0x7f0000000900)='./file7\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000340)='./file6\x00', 0xffffffffffffff9c, &(0x7f0000000bc0)='./file1\x00', 0x2) 2m31.201756303s ago: executing program 4 (id=1075): syz_open_dev$ndb(0x0, 0x0, 0x10001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8) socket$nl_generic(0x10, 0x3, 0x10) timer_settime(0x0, 0x0, 0x0, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0) write$binfmt_elf64(r1, &(0x7f00000005c0)={{0x7f, 0x45, 0x4c, 0x46, 0xe, 0x2, 0xf9, 0xb7, 0x7fff, 0x2, 0x3, 0xfffffeff, 0x2df, 0x40, 0x303, 0x0, 0x8, 0x38, 0x1, 0x4, 0x4, 0xd}, [{0x3, 0x8000, 0x0, 0x7, 0x8, 0x5, 0x402, 0xca5}]}, 0x78) ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101) 2m31.151337227s ago: executing program 5 (id=1076): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) tkill(0x0, 0x16) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4a) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000000c0)=0x9, 0x4) sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0) close(r2) 2m30.322806528s ago: executing program 5 (id=1077): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x100}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000c07000/0x1000)=nil, 0x1000}, 0x1}) setitimer(0x2, &(0x7f0000000000)={{0x0, 0xea60}, {0x77359400}}, &(0x7f0000000040)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{0x0}], 0x1) r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000380)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x200}) io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0) 2m30.109815928s ago: executing program 4 (id=1078): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18) write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) read$FUSE(r3, &(0x7f0000000680)={0x2020}, 0x2020) 2m29.809915749s ago: executing program 5 (id=1079): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000001e67d8c62934a24ad8b8d006cc5ac0918fd1194bba4488056bbb81175d2960b95ba2b573bdae7c7f26ed5ccf3207010b56fc5c3e6e580a3a82c75146a3c8fd8f354ddd4445a9581ec3cf178a2f2ae16f7882cd24dcd68647f87b5b912f4e9259bbaad2d5e50d5b095c8b744318e9c2fec308985bdc7cc93afb4e9d40faa7baa5e85fa4773469fe829a92fe0149f144d4530c93724e330dfd6aba01baf73cd45edb948bc05ebe84e9901eb635cc447f"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) 2m29.656507083s ago: executing program 4 (id=1080): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$SEM_INFO(0x0, 0x4, 0x13, 0x0) 2m27.987291637s ago: executing program 34 (id=1050): socket$kcm(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000c00000000000000008500000007000000040000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x80002, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r1 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r2], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2m13.771294185s ago: executing program 35 (id=1079): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000001e67d8c62934a24ad8b8d006cc5ac0918fd1194bba4488056bbb81175d2960b95ba2b573bdae7c7f26ed5ccf3207010b56fc5c3e6e580a3a82c75146a3c8fd8f354ddd4445a9581ec3cf178a2f2ae16f7882cd24dcd68647f87b5b912f4e9259bbaad2d5e50d5b095c8b744318e9c2fec308985bdc7cc93afb4e9d40faa7baa5e85fa4773469fe829a92fe0149f144d4530c93724e330dfd6aba01baf73cd45edb948bc05ebe84e9901eb635cc447f"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) 2m13.624906487s ago: executing program 36 (id=1080): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$SEM_INFO(0x0, 0x4, 0x13, 0x0) 1m29.855468112s ago: executing program 2 (id=1125): pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r1, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10) sendto$inet(r1, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0xfea8, 0xa) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x2, 0x0, 0x0, 0x0) 1m29.556239808s ago: executing program 2 (id=1126): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2040}, 0xc, &(0x7f0000000180)={&(0x7f0000001b00)={0x14, 0x0, 0x200, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20004005}, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r3, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) 1m29.027548257s ago: executing program 2 (id=1127): r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x5) close(r0) r1 = inotify_init1(0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680)) fcntl$setstatus(r0, 0x4, 0x2c00) r2 = gettid() fcntl$setown(r0, 0x8, r2) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960) rmdir(&(0x7f0000000100)='./control\x00') 1m28.121150779s ago: executing program 2 (id=1128): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000000100001000c0808004149004001040800", 0x58}], 0x1) 1m26.239285948s ago: executing program 2 (id=1129): r0 = socket$inet(0x2, 0xa, 0x0) fanotify_init(0x200, 0x0) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) syz_usb_connect$uac1(0x5, 0x71, &(0x7f0000000280)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x3, 0xc0, 0xe5, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x53, 0xff, 0x7f, {0x7, 0x25, 0x1, 0x82, 0x10, 0x3}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x4, 0x7, 0x5, {0x7, 0x25, 0x1, 0x41, 0xae, 0x3}}}}}}}]}}, 0x0) syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) dup(r0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010025bd7000fadbdf2500000000", @ANYRES32=r2, @ANYBLOB="138000002b9201002400128009000100626f6e6400000000140002800800", @ANYRES64=r1], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000) 1m25.46395168s ago: executing program 6 (id=978): write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) r3 = accept$alg(r2, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) recvmmsg(r3, &(0x7f0000006100), 0x49f, 0x0, 0x0) 1m25.108318995s ago: executing program 2 (id=1131): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x45833af92e4b39ff, 0x0) syz_open_procfs(0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0x1}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}, 0x0, 0x24040092}) io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) 1m7.96705313s ago: executing program 37 (id=1131): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x45833af92e4b39ff, 0x0) syz_open_procfs(0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0x1}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}, 0x0, 0x24040092}) io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) 1m7.798098913s ago: executing program 38 (id=978): write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) r3 = accept$alg(r2, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) recvmmsg(r3, &(0x7f0000006100), 0x49f, 0x0, 0x0) 13.477951411s ago: executing program 9 (id=1226): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x3c, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}, [@nested={0x4, 0xd}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) 10.743942083s ago: executing program 9 (id=1232): ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, 0x0) listen(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) socket$xdp(0x2c, 0x3, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x838, &(0x7f00000000c0)={0x0, 0x1998, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x1, 0x6, 0x0, 0xffff, 0x5, 0x1}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0) 10.741666247s ago: executing program 7 (id=1233): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_create1(0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) close(0x3) socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet_sctp(0x2, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0], 0x20) 10.402800688s ago: executing program 7 (id=1234): ioctl$TIOCMSET(0xffffffffffffffff, 0x5418, 0x0) unshare(0x26020480) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x28c, 0x1}, {0x7}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x2000000, 0x33}, 0x0, @in6=@loopback, 0x0, 0x3, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x12}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2f}, {0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x400000000}, 0x3, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@local, 0x1, 0x6c}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x3d}, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) 9.125294763s ago: executing program 8 (id=1235): socket$kcm(0x10, 0x2, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x54, r3, 0x1, 0x0, 0x0, {0x22}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc}, {0xc}}]}, 0x54}}, 0x0) 7.798122921s ago: executing program 8 (id=1236): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x20400) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x7}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38}) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6}) r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800}) dup(0xffffffffffffffff) close_range(r0, 0xffffffffffffffff, 0x0) 7.193647462s ago: executing program 8 (id=1237): epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0xa0002011}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[], 0x10}, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x94) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x1, 0x1}]}]}, {0x0, [0x5f, 0x3]}}, &(0x7f0000002cc0)=""/4104, 0x30, 0x1008, 0x1}, 0x28) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x48000, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x36, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.683601139s ago: executing program 7 (id=1238): unshare(0x22020600) socket$can_j1939(0x1d, 0x2, 0x7) r0 = socket$inet6(0xa, 0x3, 0x7) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r3}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4.959017872s ago: executing program 8 (id=1239): sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4.508241884s ago: executing program 9 (id=1240): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0xffffff6a) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x80}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) 4.359176893s ago: executing program 8 (id=1241): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0xa3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000003424203"], 0x0) socket$tipc(0x1e, 0x5, 0x0) 3.865883932s ago: executing program 7 (id=1242): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f00000000c0), 0x4) cachestat(r3, &(0x7f0000000040), &(0x7f0000000080), 0x0) 2.9522515s ago: executing program 8 (id=1243): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) close(0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, &(0x7f0000000100)) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c000240"], 0xdc}}, 0x0) fsopen(0x0, 0x0) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 2.951028772s ago: executing program 9 (id=1244): mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='affs\x00', 0x800000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000080)={0x0, 0x7f, 0x700}) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)) r1 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43) rmdir(&(0x7f0000000180)='./file1\x00') mknodat$loop(r1, 0x0, 0x4, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.695810036s ago: executing program 9 (id=1245): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = timerfd_create(0x8, 0x0) timerfd_settime(r3, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, &(0x7f0000000240)=""/199, 0x3a, 0xc7, 0x1}, 0x28) 991.474483ms ago: executing program 7 (id=1246): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x803, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x7f, @dev={0xfe, 0x80, '\x00', 0x41}, 0xca}, 0x1c) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) r2 = socket(0x40000000015, 0x5, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) 509.585978ms ago: executing program 7 (id=1247): bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0xc28, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x50, 0x2, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x7}, [@CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @empty}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x80) 0s ago: executing program 9 (id=1248): syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/snmp6\x00') preadv(r3, &(0x7f00000005c0)=[{&(0x7f00000024c0)=""/4092, 0xffc}], 0x1, 0xffffffff, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.178' (ED25519) to the list of known hosts. [ 82.827517][ T5825] cgroup: Unknown subsys name 'net' [ 83.057732][ T5825] cgroup: Unknown subsys name 'cpuset' [ 83.123163][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.084944][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.126047][ T1234] cfg80211: failed to load regulatory.db [ 88.065176][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.080694][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.091051][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.091955][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.101631][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.104073][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.105135][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.106793][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.135170][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.137891][ T59] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.139417][ T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.142038][ T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.151587][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.153675][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.156206][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.157057][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.199244][ T5155] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.200390][ T5155] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.201639][ T5155] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.203467][ T5155] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.375788][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.377326][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.378674][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.405739][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.406659][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.137227][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 89.270881][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 89.379727][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 89.429328][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 89.994389][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 90.017453][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.017624][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.018163][ T5836] bridge_slave_0: entered allmulticast mode [ 90.021544][ T5836] bridge_slave_0: entered promiscuous mode [ 90.156163][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.156367][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.156659][ T5836] bridge_slave_1: entered allmulticast mode [ 90.160027][ T5836] bridge_slave_1: entered promiscuous mode [ 90.234378][ T5155] Bluetooth: hci1: command tx timeout [ 90.234821][ T5846] Bluetooth: hci0: command tx timeout [ 90.234921][ T5838] Bluetooth: hci3: command tx timeout [ 90.234948][ T5844] Bluetooth: hci2: command tx timeout [ 90.472742][ T5844] Bluetooth: hci4: command tx timeout [ 90.626616][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.626778][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.627002][ T5837] bridge_slave_0: entered allmulticast mode [ 90.630282][ T5837] bridge_slave_0: entered promiscuous mode [ 90.773461][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.773629][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.773828][ T5842] bridge_slave_0: entered allmulticast mode [ 90.775998][ T5842] bridge_slave_0: entered promiscuous mode [ 90.802844][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.802988][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.803525][ T5837] bridge_slave_1: entered allmulticast mode [ 90.806288][ T5837] bridge_slave_1: entered promiscuous mode [ 90.818210][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.822334][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.823191][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.823387][ T5847] bridge_slave_0: entered allmulticast mode [ 90.826188][ T5847] bridge_slave_0: entered promiscuous mode [ 90.837151][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.837299][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.837472][ T5842] bridge_slave_1: entered allmulticast mode [ 90.840209][ T5842] bridge_slave_1: entered promiscuous mode [ 90.989709][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.989994][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.990190][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.990375][ T5847] bridge_slave_1: entered allmulticast mode [ 90.999150][ T5847] bridge_slave_1: entered promiscuous mode [ 91.488225][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.647037][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.718476][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.720302][ T5836] team0: Port device team_slave_0 added [ 91.725917][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.729191][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.730811][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.730948][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.731117][ T5850] bridge_slave_0: entered allmulticast mode [ 91.734726][ T5850] bridge_slave_0: entered promiscuous mode [ 91.818287][ T5836] team0: Port device team_slave_1 added [ 91.822345][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.921340][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.922273][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.922411][ T5850] bridge_slave_1: entered allmulticast mode [ 91.926149][ T5850] bridge_slave_1: entered promiscuous mode [ 92.268195][ T5837] team0: Port device team_slave_0 added [ 92.312689][ T5844] Bluetooth: hci2: command tx timeout [ 92.312703][ T5838] Bluetooth: hci0: command tx timeout [ 92.322792][ T5844] Bluetooth: hci3: command tx timeout [ 92.322830][ T5844] Bluetooth: hci1: command tx timeout [ 92.427120][ T5842] team0: Port device team_slave_0 added [ 92.510931][ T5837] team0: Port device team_slave_1 added [ 92.512148][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.512159][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.512174][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.518068][ T5847] team0: Port device team_slave_0 added [ 92.521824][ T5842] team0: Port device team_slave_1 added [ 92.562792][ T5838] Bluetooth: hci4: command tx timeout [ 92.730118][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.823929][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.823943][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.823958][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.916232][ T5847] team0: Port device team_slave_1 added [ 92.921941][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.273950][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.273963][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.273977][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.374275][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.374294][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.374321][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.476698][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.476717][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.476745][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.480099][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.480113][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.480139][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.481657][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.481669][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.481694][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.491180][ T5850] team0: Port device team_slave_0 added [ 93.624318][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.624335][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.624362][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.627835][ T5850] team0: Port device team_slave_1 added [ 93.901805][ T5836] hsr_slave_0: entered promiscuous mode [ 93.906124][ T5836] hsr_slave_1: entered promiscuous mode [ 94.080170][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.080200][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.080223][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.356957][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.356974][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.357001][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.372033][ T5837] hsr_slave_0: entered promiscuous mode [ 94.374085][ T5837] hsr_slave_1: entered promiscuous mode [ 94.375544][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 94.375639][ T5837] Cannot create hsr debugfs directory [ 94.392852][ T5838] Bluetooth: hci1: command tx timeout [ 94.392881][ T5838] Bluetooth: hci3: command tx timeout [ 94.392901][ T5838] Bluetooth: hci0: command tx timeout [ 94.392920][ T5838] Bluetooth: hci2: command tx timeout [ 94.643091][ T5844] Bluetooth: hci4: command tx timeout [ 94.718512][ T5842] hsr_slave_0: entered promiscuous mode [ 94.719985][ T5842] hsr_slave_1: entered promiscuous mode [ 94.721640][ T5842] debugfs: 'hsr0' already exists in 'hsr' [ 94.721666][ T5842] Cannot create hsr debugfs directory [ 94.756192][ T5847] hsr_slave_0: entered promiscuous mode [ 94.757688][ T5847] hsr_slave_1: entered promiscuous mode [ 94.758676][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 94.758703][ T5847] Cannot create hsr debugfs directory [ 95.511890][ T5850] hsr_slave_0: entered promiscuous mode [ 95.513441][ T5850] hsr_slave_1: entered promiscuous mode [ 95.514364][ T5850] debugfs: 'hsr0' already exists in 'hsr' [ 95.514387][ T5850] Cannot create hsr debugfs directory [ 96.472682][ T5844] Bluetooth: hci2: command tx timeout [ 96.472727][ T5838] Bluetooth: hci0: command tx timeout [ 96.472757][ T5846] Bluetooth: hci1: command tx timeout [ 96.472799][ T5844] Bluetooth: hci3: command tx timeout [ 96.712800][ T5838] Bluetooth: hci4: command tx timeout [ 96.978228][ T5836] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.027954][ T5836] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.060804][ T5836] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.127330][ T5836] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.271894][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.320256][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.352320][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.419679][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.593385][ T5847] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.640133][ T5847] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.691800][ T5847] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.747315][ T5847] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.926048][ T5842] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.994552][ T5842] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.042888][ T5842] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.100114][ T5842] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.265822][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.297840][ T5850] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.355750][ T5850] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.397855][ T5850] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.431076][ T5850] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.533570][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.573601][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.597179][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.597613][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.665678][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.665821][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.750622][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.808233][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.808475][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.820350][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.887777][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.888033][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.995327][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.031581][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.069509][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.069779][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.186316][ T3735] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.188354][ T3735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.296296][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.341453][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.349366][ T1184] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.350627][ T1184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.433313][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.433482][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.548824][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.637434][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.642720][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.701733][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.701978][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.791807][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.036836][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.242972][ T5836] veth0_vlan: entered promiscuous mode [ 100.329321][ T5836] veth1_vlan: entered promiscuous mode [ 100.450360][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.486820][ T5837] veth0_vlan: entered promiscuous mode [ 100.576532][ T5837] veth1_vlan: entered promiscuous mode [ 100.619037][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.668771][ T5836] veth0_macvtap: entered promiscuous mode [ 100.699179][ T5836] veth1_macvtap: entered promiscuous mode [ 100.869840][ T5837] veth0_macvtap: entered promiscuous mode [ 100.885217][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.926953][ T5847] veth0_vlan: entered promiscuous mode [ 100.944285][ T5837] veth1_macvtap: entered promiscuous mode [ 100.960933][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.030133][ T5847] veth1_vlan: entered promiscuous mode [ 101.032063][ T3735] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.077236][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.083318][ T3735] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.094333][ T3735] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.124893][ T3735] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.128015][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.230493][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.339769][ T1094] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.391572][ T1094] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.436252][ T3735] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.461026][ T3735] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.599151][ T5847] veth0_macvtap: entered promiscuous mode [ 101.632344][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.632367][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.724069][ T5847] veth1_macvtap: entered promiscuous mode [ 101.815401][ T5850] veth0_vlan: entered promiscuous mode [ 101.892094][ T5842] veth0_vlan: entered promiscuous mode [ 101.892949][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.892966][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.950579][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.003272][ T5850] veth1_vlan: entered promiscuous mode [ 102.046406][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.046428][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.077856][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.113379][ T5842] veth1_vlan: entered promiscuous mode [ 102.198738][ T1177] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.224316][ T1177] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.251914][ T1177] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.292673][ T1177] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.298015][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.298037][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.657756][ T5850] veth0_macvtap: entered promiscuous mode [ 102.698535][ T5842] veth0_macvtap: entered promiscuous mode [ 102.726151][ T5850] veth1_macvtap: entered promiscuous mode [ 102.784935][ T5842] veth1_macvtap: entered promiscuous mode [ 102.811547][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.811569][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.973247][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.145093][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.151694][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.160438][ T1177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.160457][ T1177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.180485][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.254976][ T1094] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.269057][ T1094] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.304195][ T1094] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.309012][ T1094] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.309966][ T1094] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.311243][ T1094] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.323794][ T1094] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.328406][ T1094] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.966810][ T5969] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 103.966952][ T5969] block device autoloading is deprecated and will be removed. [ 104.122768][ T5922] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 104.218896][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.218918][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.296288][ T5922] usb 2-1: Using ep0 maxpacket: 32 [ 104.333741][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 104.333776][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.333820][ T5922] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 104.333843][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.408962][ T5922] usb 2-1: config 0 descriptor?? [ 104.463664][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.463688][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.502344][ T5922] hub 2-1:0.0: USB hub found [ 104.664400][ T5922] hub 2-1:0.0: 1 port detected [ 104.857620][ T1177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.857643][ T1177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.897891][ T5982] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12'. [ 105.282587][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.300949][ T5922] hub 2-1:0.0: activate --> -90 [ 105.473746][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.473771][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.692610][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.696101][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.773704][ T5909] usb 2-1: USB disconnect, device number 2 [ 106.032803][ T5922] usb 2-1-port1: config error [ 107.032523][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.332478][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.333198][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.334408][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.336459][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.337131][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.338179][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 111.794653][ T6060] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.867202][ T5222] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 118.065393][ T5222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.065451][ T5222] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 118.065476][ T5222] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.159235][ T5222] usb 2-1: config 0 descriptor?? [ 118.386462][ T5222] usbhid 2-1:0.0: can't add hid device: -71 [ 118.386607][ T5222] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 118.456459][ T5222] usb 2-1: USB disconnect, device number 3 [ 119.002718][ T5938] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 119.157884][ T5938] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 119.157940][ T5938] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 119.157964][ T5938] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.253234][ T5938] usb 2-1: config 0 descriptor?? [ 119.367303][ T5938] hub 2-1:0.0: USB hub found [ 119.526221][ T5938] hub 2-1:0.0: 1 port detected [ 122.037014][ T5938] usb 2-1: USB disconnect, device number 4 [ 123.013701][ T6119] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 123.479231][ T6127] fuse: Bad value for 'fd' [ 125.143555][ T5938] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 125.364743][ T5938] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.364807][ T5938] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 125.364830][ T5938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.381554][ T5938] usb 1-1: config 0 descriptor?? [ 125.728741][ T5938] usbhid 1-1:0.0: can't add hid device: -71 [ 125.728892][ T5938] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 125.754637][ T5938] usb 1-1: USB disconnect, device number 2 [ 126.149316][ T6161] process 'syz.4.56' launched './file0' with NULL argv: empty string added [ 126.363507][ T31] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 126.535757][ T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 126.535810][ T31] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 126.535832][ T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.548085][ T31] usb 1-1: config 0 descriptor?? [ 126.617831][ T31] hub 1-1:0.0: USB hub found [ 126.812930][ T31] hub 1-1:0.0: 1 port detected [ 128.499556][ T5222] usb 1-1: USB disconnect, device number 3 [ 130.373646][ T6193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.64'. [ 133.201788][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.201854][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.053095][ T5838] Bluetooth: hci4: link tx timeout [ 135.053322][ T5838] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 135.177951][ T5155] Bluetooth: hci4: link tx timeout [ 135.177973][ T5155] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 135.322664][ T5938] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 135.482832][ T5938] usb 2-1: Using ep0 maxpacket: 32 [ 135.515656][ T5938] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.515692][ T5938] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.523516][ T5938] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 135.523548][ T5938] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 135.523569][ T5938] usb 2-1: Product: syz [ 135.523597][ T5938] usb 2-1: Manufacturer: syz [ 135.621681][ T5938] hub 2-1:4.0: USB hub found [ 135.651597][ T6244] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 135.655007][ T6244] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.657503][ T6244] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.665120][ T6244] bridge0: entered allmulticast mode [ 135.874477][ T5938] hub 2-1:4.0: 2 ports detected [ 137.112678][ T5155] Bluetooth: hci4: command 0x0406 tx timeout [ 137.182313][ T5909] hub 2-1:4.0: activate --> -90 [ 137.598801][ T5909] usb 2-1-port2: cannot warm reset (err = -71) [ 137.599340][ T5909] usb 2-1-port2: cannot warm reset (err = -71) [ 137.599359][ T5909] usb 2-1-port2: Cannot enable. Maybe the USB cable is bad? [ 137.599908][ T5909] usb 2-1-port2: cannot disable (err = -71) [ 137.639633][ T5909] usb 2-1: Failed to suspend device, error -71 [ 137.803649][ T5222] usb 2-1: USB disconnect, device number 5 [ 142.001590][ T6274] netlink: 'syz.2.88': attribute type 1 has an invalid length. [ 142.709664][ T6276] bond1: (slave bridge1): Enslaving as an active interface with a down link [ 143.142137][ T6278] bond1: (slave bridge2): Enslaving as an active interface with a down link [ 146.240791][ T6310] futex_wake_op: syz.1.99 tries to shift op by -1; fix this program [ 146.688040][ T6314] ======================================================= [ 146.688040][ T6314] WARNING: The mand mount option has been deprecated and [ 146.688040][ T6314] and is ignored by this kernel. Remove the mand [ 146.688040][ T6314] option from the mount to silence this warning. [ 146.688040][ T6314] ======================================================= [ 147.211751][ T6284] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.345553][ T6284] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.192214][ T6329] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 149.775749][ T57] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.777384][ T6350] netlink: 558 bytes leftover after parsing attributes in process `syz.3.115'. [ 149.777633][ T6037] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.778733][ T6037] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.778775][ T6037] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.661208][ T6375] evm: overlay not supported [ 151.838064][ T37] audit: type=1800 audit(1758071859.400:2): pid=6369 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.123" name="/" dev="fuse" ino=3 res=0 errno=0 [ 152.979223][ T6383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.129'. [ 153.510176][ T6388] capability: warning: `syz.4.130' uses deprecated v2 capabilities in a way that may be insecure [ 156.625552][ T5922] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 157.362564][ T5922] usb 4-1: Using ep0 maxpacket: 16 [ 157.366939][ T5922] usb 4-1: config 0 interface 0 has no altsetting 0 [ 157.366981][ T5922] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 157.367005][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.488694][ T5922] usb 4-1: config 0 descriptor?? [ 158.051088][ T5922] hid (null): global environment stack underflow [ 158.051120][ T5922] hid (null): global environment stack underflow [ 158.051144][ T5922] hid (null): report_id 0 is invalid [ 158.051273][ T5922] hid (null): global environment stack underflow [ 158.051296][ T5922] hid (null): report_id 0 is invalid [ 158.051314][ T5922] hid (null): report_id 0 is invalid [ 158.051337][ T5922] hid (null): global environment stack underflow [ 158.108907][ T5922] hid (null): global environment stack underflow [ 158.108935][ T5922] hid (null): report_id 0 is invalid [ 158.109752][ T5922] hid (null): global environment stack underflow [ 158.109812][ T5922] hid (null): unknown global tag 0xc [ 158.109820][ T5922] hid (null): report_id 25068 is invalid [ 158.109856][ T5922] hid (null): report_id 0 is invalid [ 158.109863][ T5922] hid (null): global environment stack overflow [ 158.110640][ T5922] hid (null): unknown global tag 0xc [ 158.110648][ T5922] hid (null): unknown global tag 0x58 [ 158.274209][ T5922] usb 4-1: USB disconnect, device number 2 [ 158.642569][ T5222] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 158.798758][ T5222] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 158.798781][ T5222] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 158.798805][ T5222] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 158.798817][ T5222] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.869687][ T6422] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 158.908974][ T5222] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 161.231942][ T5222] usb 1-1: USB disconnect, device number 4 [ 164.105910][ T6467] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 172.042618][ T989] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 172.202889][ T989] usb 1-1: Using ep0 maxpacket: 16 [ 172.207861][ T989] usb 1-1: config 0 has no interfaces? [ 172.212904][ T989] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 172.212941][ T989] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.212961][ T989] usb 1-1: Product: syz [ 172.212975][ T989] usb 1-1: Manufacturer: syz [ 172.212990][ T989] usb 1-1: SerialNumber: syz [ 172.278906][ T989] usb 1-1: config 0 descriptor?? [ 172.511299][ T6545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.185'. [ 172.588712][ T6545] syz_tun: entered promiscuous mode [ 172.625509][ T6545] syz_tun: left promiscuous mode [ 173.191407][ T6556] overlayfs: failed to clone upperpath [ 173.353099][ T10] usb 1-1: USB disconnect, device number 5 [ 173.776503][ T6561] netlink: 8 bytes leftover after parsing attributes in process `syz.2.191'. [ 174.292828][ C1] vkms_vblank_simulate: vblank timer overrun [ 174.508636][ C1] vkms_vblank_simulate: vblank timer overrun [ 174.702080][ T37] audit: type=1326 audit(1758071882.250:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6565 comm="syz.2.193" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24d6dbeba9 code=0x0 [ 174.935541][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.300687][ C1] vkms_vblank_simulate: vblank timer overrun [ 176.496338][ T6580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.198'. [ 177.032309][ T6572] Zero length message leads to an empty skb [ 177.170713][ T6583] vlan2: entered allmulticast mode [ 177.170737][ T6583] bridge0: entered allmulticast mode [ 177.171216][ T6583] bridge1: port 1(vlan2) entered blocking state [ 177.171501][ T6583] bridge1: port 1(vlan2) entered disabled state [ 177.187155][ T6583] vlan2: entered promiscuous mode [ 177.187176][ T6583] bridge0: entered promiscuous mode [ 182.656973][ T37] audit: type=1326 audit(1758071890.230:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.657029][ T37] audit: type=1326 audit(1758071890.230:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.727695][ T37] audit: type=1326 audit(1758071890.230:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.729691][ T37] audit: type=1326 audit(1758071890.300:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.729745][ T37] audit: type=1326 audit(1758071890.300:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.729793][ T37] audit: type=1326 audit(1758071890.300:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.729840][ T37] audit: type=1326 audit(1758071890.300:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.729894][ T37] audit: type=1326 audit(1758071890.300:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.732235][ T37] audit: type=1326 audit(1758071890.300:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 182.732286][ T37] audit: type=1326 audit(1758071890.300:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6633 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 183.178943][ T6641] netlink: 12 bytes leftover after parsing attributes in process `syz.3.223'. [ 183.419117][ T6643] bridge1: port 1(veth3) entered blocking state [ 183.419399][ T6643] bridge1: port 1(veth3) entered disabled state [ 183.419535][ T6643] veth3: entered allmulticast mode [ 183.499706][ T6643] veth3: entered promiscuous mode [ 183.505470][ T6643] bridge1: port 1(veth3) entered blocking state [ 183.505992][ T6643] bridge1: port 1(veth3) entered forwarding state [ 183.553565][ T57] bridge1: port 1(veth3) entered disabled state [ 184.440197][ T6656] netlink: 'syz.4.228': attribute type 1 has an invalid length. [ 185.233415][ T6661] bond1: (slave bridge1): making interface the new active one [ 185.234847][ T6661] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 185.464526][ T6662] bond1: (slave bridge2): Enslaving as an active interface with a down link [ 187.997080][ T6706] binder: 6705:6706 ioctl c0306201 200000000080 returned -14 [ 191.029068][ T6760] ref_ctr_offset mismatch. inode: 0x163 offset: 0x0 ref_ctr_offset(old): 0x200000000100 ref_ctr_offset(new): 0x0 [ 191.502640][ T5909] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 191.652773][ T5909] usb 4-1: Using ep0 maxpacket: 16 [ 191.680689][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.680712][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.680736][ T5909] usb 4-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00 [ 191.680749][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.745426][ T5909] usb 4-1: config 0 descriptor?? [ 192.746433][ T5909] usbhid 4-1:0.0: can't add hid device: -71 [ 192.746578][ T5909] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 192.784359][ T5909] usb 4-1: USB disconnect, device number 3 [ 194.077541][ T6791] netlink: 56 bytes leftover after parsing attributes in process `syz.3.270'. [ 194.644223][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 196.067151][ T6802] netlink: 'syz.1.274': attribute type 6 has an invalid length. [ 196.644231][ T6803] bridge2: entered promiscuous mode [ 196.644270][ T6803] bridge2: entered allmulticast mode [ 197.906291][ T5155] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 197.915692][ T5155] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 197.916946][ T5155] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 197.918163][ T5155] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 197.918956][ T5155] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 200.072671][ T5838] Bluetooth: hci5: command tx timeout [ 200.678426][ T6036] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.237398][ T6036] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.775031][ T6843] syz.4.286 (6843) used greatest stack depth: 16168 bytes left [ 202.152735][ T5838] Bluetooth: hci5: command tx timeout [ 202.245085][ T6036] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.257137][ T5838] Bluetooth: hci5: command tx timeout [ 204.536223][ T6036] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.709002][ T6823] chnl_net:caif_netlink_parms(): no params data found [ 204.729191][ T6877] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 206.499447][ T5155] Bluetooth: hci5: command tx timeout [ 207.754816][ T6823] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.754906][ T6823] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.755071][ T6823] bridge_slave_0: entered allmulticast mode [ 207.764629][ T6823] bridge_slave_0: entered promiscuous mode [ 207.947385][ T6823] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.947546][ T6823] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.947809][ T6823] bridge_slave_1: entered allmulticast mode [ 208.018237][ T6823] bridge_slave_1: entered promiscuous mode [ 208.890679][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 208.890699][ T37] audit: type=1800 audit(1758071916.460:19): pid=6910 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.308" name="bus" dev="overlay" ino=386 res=0 errno=0 [ 209.076760][ T6823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.227120][ T6823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.390793][ T6036] bridge_slave_1: left allmulticast mode [ 209.391313][ T6036] bridge_slave_1: left promiscuous mode [ 209.394778][ T6036] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.654649][ T6036] bridge_slave_0: left allmulticast mode [ 209.654683][ T6036] bridge_slave_0: left promiscuous mode [ 209.654996][ T6036] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.080391][ T6925] trusted_key: syz.2.315 sent an empty control message without MSG_MORE. [ 212.076213][ T5846] Bluetooth: hci0: command 0x0406 tx timeout [ 212.078131][ T5846] Bluetooth: hci2: command 0x0406 tx timeout [ 212.086798][ T5846] Bluetooth: hci3: command 0x0406 tx timeout [ 218.023519][ T6036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 218.175679][ T6036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.225636][ T6036] bond0 (unregistering): Released all slaves [ 219.479102][ T6823] team0: Port device team_slave_0 added [ 219.496628][ T6998] overlayfs: failed to clone upperpath [ 219.515387][ T6823] team0: Port device team_slave_1 added [ 220.063474][ T7006] netlink: 24 bytes leftover after parsing attributes in process `syz.4.338'. [ 221.771058][ T7012] bridge: RTM_NEWNEIGH with invalid ether address [ 222.002163][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.002181][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.002209][ T6823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 222.083019][ T7018] syz.4.341 uses obsolete (PF_INET,SOCK_PACKET) [ 222.113637][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 222.113650][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.113666][ T6823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 224.385713][ T6823] hsr_slave_0: entered promiscuous mode [ 224.406034][ T6823] hsr_slave_1: entered promiscuous mode [ 224.421674][ T6823] debugfs: 'hsr0' already exists in 'hsr' [ 224.421709][ T6823] Cannot create hsr debugfs directory [ 224.862542][ T6036] hsr_slave_0: left promiscuous mode [ 225.005278][ T6036] hsr_slave_1: left promiscuous mode [ 225.006405][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.006493][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 225.204804][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.204839][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.585971][ T6036] veth1_macvtap: left promiscuous mode [ 225.586302][ T6036] veth0_macvtap: left promiscuous mode [ 225.586701][ T6036] veth1_vlan: left promiscuous mode [ 225.588451][ T6036] veth0_vlan: left promiscuous mode [ 226.090002][ T7052] mmap: syz.2.352 (7052) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 235.073278][ T7116] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 235.871184][ T7123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.373'. [ 237.473803][ T37] audit: type=1326 audit(1758071944.990:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7131 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7fc00000 [ 237.473995][ T37] audit: type=1326 audit(1758071945.000:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7131 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7fc00000 [ 237.777523][ T37] audit: type=1326 audit(1758071945.350:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7131 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7fc00000 [ 237.816730][ T37] audit: type=1326 audit(1758071945.390:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7131 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7fc00000 [ 237.848909][ T37] audit: type=1804 audit(1758071945.390:24): pid=7137 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.377" name="bus" dev="ramfs" ino=12247 res=1 errno=0 [ 237.866873][ T7137] Invalid ELF header magic: != ELF [ 237.899749][ T37] audit: type=1326 audit(1758071945.470:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7131 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7fc00000 [ 238.098748][ T6036] team0 (unregistering): Port device team_slave_1 removed [ 238.516955][ T6036] team0 (unregistering): Port device team_slave_0 removed [ 240.028151][ T7158] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 244.844177][ T7143] syz_tun: entered allmulticast mode [ 244.846490][ T7168] warning: `syz.1.386' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 245.145977][ T7150] syz_tun: left allmulticast mode [ 249.040002][ T6823] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 249.147907][ T6823] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 249.229610][ T6823] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 249.295786][ T6823] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 250.567026][ T6823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.987092][ T6823] 8021q: adding VLAN 0 to HW filter on device team0 [ 251.157272][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.158040][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.260424][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.260658][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.045897][ T6823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.610658][ T7311] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 254.610693][ T7311] overlayfs: failed to set xattr on upper [ 254.610702][ T7311] overlayfs: ...falling back to redirect_dir=nofollow. [ 254.610710][ T7311] overlayfs: ...falling back to index=off. [ 254.610717][ T7311] overlayfs: ...falling back to uuid=null. [ 254.702282][ T7311] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 254.702311][ T7311] overlayfs: failed to set xattr on upper [ 254.702318][ T7311] overlayfs: ...falling back to redirect_dir=nofollow. [ 254.702326][ T7311] overlayfs: ...falling back to index=off. [ 254.702333][ T7311] overlayfs: ...falling back to uuid=null. [ 254.754727][ T7311] overlayfs: conflicting lowerdir path [ 255.607268][ T6823] veth0_vlan: entered promiscuous mode [ 255.687589][ T6823] veth1_vlan: entered promiscuous mode [ 256.140452][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 257.375419][ T7359] netlink: 24 bytes leftover after parsing attributes in process `syz.1.431'. [ 258.104904][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 258.138473][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 258.152676][ T5155] Bluetooth: hci4: command 0x0406 tx timeout [ 258.182842][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 258.217234][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 258.217815][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 260.712720][ T5838] Bluetooth: hci1: command tx timeout [ 262.794263][ T5838] Bluetooth: hci1: command tx timeout [ 264.872721][ T5838] Bluetooth: hci1: command tx timeout [ 265.813174][ T7364] chnl_net:caif_netlink_parms(): no params data found [ 265.840572][ T7432] overlayfs: failed to clone upperpath [ 266.641979][ T37] audit: type=1804 audit(1758071974.190:26): pid=7450 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.454" name="/newroot/88/file0" dev="tmpfs" ino=526 res=1 errno=0 [ 266.954474][ T5838] Bluetooth: hci1: command tx timeout [ 267.788540][ T7364] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.788774][ T7364] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.788951][ T7364] bridge_slave_0: entered allmulticast mode [ 267.795252][ T7364] bridge_slave_0: entered promiscuous mode [ 267.855224][ T7364] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.855394][ T7364] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.855659][ T7364] bridge_slave_1: entered allmulticast mode [ 267.983378][ T7364] bridge_slave_1: entered promiscuous mode [ 268.180095][ T1094] bridge_slave_1: left allmulticast mode [ 268.180137][ T1094] bridge_slave_1: left promiscuous mode [ 268.182811][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.629004][ T1094] bridge_slave_0: left allmulticast mode [ 268.629029][ T1094] bridge_slave_0: left promiscuous mode [ 268.629264][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.697095][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 274.850282][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.023867][ T7518] netlink: 28 bytes leftover after parsing attributes in process `syz.1.475'. [ 275.023906][ T7518] netlink: 28 bytes leftover after parsing attributes in process `syz.1.475'. [ 275.024786][ T1094] bond0 (unregistering): Released all slaves [ 275.703302][ T7518] syz_tun: entered promiscuous mode [ 275.732936][ T7518] erspan0: entered promiscuous mode [ 276.035059][ T7364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 276.057534][ T7364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 276.351742][ T1094] hsr_slave_0: left promiscuous mode [ 276.392677][ T1094] hsr_slave_1: left promiscuous mode [ 276.393759][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 276.465992][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 276.685152][ T1094] veth1_vlan: left promiscuous mode [ 276.685429][ T1094] veth0_vlan: left promiscuous mode [ 278.515700][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 278.927649][ T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 278.927715][ T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 278.927731][ T10] usb 4-1: too many endpoints for config 1 interface 1 altsetting 145: 217, using maximum allowed: 30 [ 278.927754][ T10] usb 4-1: config 1 interface 1 altsetting 145 has 0 endpoint descriptors, different from the interface descriptor's value: 217 [ 278.927769][ T10] usb 4-1: config 1 interface 1 has no altsetting 0 [ 278.929917][ T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 278.929934][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.929945][ T10] usb 4-1: Product: syz [ 278.929953][ T10] usb 4-1: Manufacturer: syz [ 278.929960][ T10] usb 4-1: SerialNumber: syz [ 279.201121][ T10] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22 [ 279.478303][ T10] usb 4-1: USB disconnect, device number 4 [ 281.426350][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 281.713485][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 286.675887][ T7545] syz_tun: entered allmulticast mode [ 286.700400][ T7570] netlink: 'syz.4.489': attribute type 12 has an invalid length. [ 286.700423][ T7570] netlink: 'syz.4.489': attribute type 29 has an invalid length. [ 286.700437][ T7570] netlink: 148 bytes leftover after parsing attributes in process `syz.4.489'. [ 286.750630][ T7599] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 287.228808][ T7364] team0: Port device team_slave_0 added [ 287.252140][ T7364] team0: Port device team_slave_1 added [ 287.881574][ T37] audit: type=1326 audit(1758071995.450:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7615 comm="syz.3.505" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x0 [ 288.183683][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.183702][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.183728][ T7364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.213167][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.213184][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.213207][ T7364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.192502][ T5844] Bluetooth: hci1: command 0x0405 tx timeout [ 289.225003][ T7641] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 289.228771][ T7364] hsr_slave_0: entered promiscuous mode [ 289.230266][ T7364] hsr_slave_1: entered promiscuous mode [ 289.231277][ T7364] debugfs: 'hsr0' already exists in 'hsr' [ 289.231303][ T7364] Cannot create hsr debugfs directory [ 289.279247][ T7641] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 289.353319][ T7646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 289.821438][ T37] audit: type=1326 audit(1758071997.390:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.4.518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c2435eba9 code=0x0 [ 290.082898][ T5844] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 290.798470][ T7680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.521'. [ 290.935519][ T37] audit: type=1800 audit(1758071998.510:29): pid=7685 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.523" name="/" dev="9p" ino=2 res=0 errno=0 [ 293.531920][ T7712] netlink: 24 bytes leftover after parsing attributes in process `syz.3.532'. [ 293.872540][ T5222] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 294.051373][ T5222] usb 4-1: Using ep0 maxpacket: 32 [ 294.132465][ T7712] netlink: 24 bytes leftover after parsing attributes in process `syz.3.532'. [ 294.253640][ T7715] Bluetooth: MGMT ver 1.23 [ 294.304489][ T7712] Bluetooth: hci0: Opcode 0x0401 failed: -112 [ 294.451477][ T5222] usb 4-1: unable to get BOS descriptor or descriptor too short [ 294.452933][ T5222] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 294.452985][ T5222] usb 4-1: can't read configurations, error -71 [ 294.792283][ T7364] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 294.807746][ T7729] overlayfs: failed to clone upperpath [ 294.850542][ T7730] netlink: 24 bytes leftover after parsing attributes in process `syz.4.536'. [ 295.033681][ T7364] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 295.249554][ T7364] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 295.438331][ T7364] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 296.232763][ T5838] Bluetooth: hci0: command 0x0406 tx timeout [ 296.246266][ T5844] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 297.256735][ T7364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.429034][ T7364] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.485745][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.486019][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.601263][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.602685][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.942599][ T5923] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 298.103829][ T5923] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 298.103847][ T5923] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 298.104965][ T5923] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 298.104982][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 298.104993][ T5923] usb 4-1: SerialNumber: syz [ 298.326846][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 298.724886][ T5923] usb 4-1: 0:2 : does not exist [ 298.979366][ T5923] usb 4-1: USB disconnect, device number 7 [ 299.261605][ T7604] udevd[7604]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 299.366722][ T7364] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.197519][ T7808] netlink: 'syz.3.553': attribute type 1 has an invalid length. [ 300.883989][ T7813] macvlan2: entered promiscuous mode [ 300.884022][ T7813] macvlan2: entered allmulticast mode [ 300.931071][ T7813] bond1: entered promiscuous mode [ 300.947466][ T7813] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 301.156866][ T7813] bond1: left promiscuous mode [ 302.877459][ T7364] veth0_vlan: entered promiscuous mode [ 302.954148][ T7364] veth1_vlan: entered promiscuous mode [ 302.967104][ T7838] netlink: 'syz.2.560': attribute type 4 has an invalid length. [ 303.025906][ T7838] netlink: 'syz.2.560': attribute type 4 has an invalid length. [ 303.184948][ T7364] veth0_macvtap: entered promiscuous mode [ 303.240415][ T7364] veth1_macvtap: entered promiscuous mode [ 303.318645][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 303.426941][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 303.549216][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.550012][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.254151][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.255764][ T6037] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.001954][ T6036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.001978][ T6036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.456727][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.456744][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 307.537361][ T7905] overlayfs: failed to clone upperpath [ 309.292320][ T7925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.591'. [ 309.737514][ T7925] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 313.771471][ T7962] ALSA: mixer_oss: invalid OSS volume '' [ 317.526933][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 319.771650][ T8013] overlayfs: failed to clone upperpath [ 320.022527][ T5938] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 320.267139][ T5938] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 320.267178][ T5938] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 320.267191][ T5938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.315236][ T5938] usb 5-1: config 0 descriptor?? [ 320.350139][ T5938] pwc: Askey VC010 type 2 USB webcam detected. [ 320.780711][ T5938] pwc: recv_control_msg error -32 req 02 val 2b00 [ 320.795707][ T5938] pwc: recv_control_msg error -32 req 02 val 2700 [ 320.798128][ T5938] pwc: recv_control_msg error -32 req 02 val 2c00 [ 320.798859][ T5938] pwc: recv_control_msg error -32 req 04 val 1000 [ 320.799632][ T5938] pwc: recv_control_msg error -32 req 04 val 1300 [ 320.801946][ T5938] pwc: recv_control_msg error -32 req 04 val 1400 [ 320.802764][ T5938] pwc: recv_control_msg error -32 req 02 val 2000 [ 321.083474][ T5938] pwc: recv_control_msg error -71 req 04 val 1500 [ 321.090689][ T5938] pwc: recv_control_msg error -71 req 02 val 2500 [ 321.172566][ T5938] pwc: recv_control_msg error -71 req 02 val 2400 [ 321.454789][ T5938] pwc: recv_control_msg error -71 req 02 val 2600 [ 321.489238][ T5938] pwc: recv_control_msg error -71 req 02 val 2900 [ 321.491850][ T5938] pwc: recv_control_msg error -71 req 02 val 2800 [ 321.499063][ T5938] pwc: recv_control_msg error -71 req 04 val 1100 [ 321.499630][ T5938] pwc: recv_control_msg error -71 req 04 val 1200 [ 321.545832][ T5938] pwc: Registered as video103. [ 321.563297][ T5938] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5 [ 321.595007][ T5938] usb 5-1: USB disconnect, device number 2 [ 322.630894][ T8038] binder: 8034:8038 unknown command 0 [ 322.630910][ T8038] binder: 8034:8038 ioctl c0306201 200000004a40 returned -22 [ 328.012722][ T8070] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 330.087918][ T8084] o2cb: This node has not been configured. [ 330.087934][ T8084] o2cb: Cluster check failed. Fix errors before retrying. [ 330.087993][ T8084] (syz.3.640,8084,0):user_dlm_register:674 ERROR: status = -22 [ 330.088016][ T8084] (syz.3.640,8084,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus" [ 341.461035][ T8184] binder: BINDER_SET_CONTEXT_MGR already set [ 341.461051][ T8184] binder: 8182:8184 ioctl 4018620d 200000004a80 returned -16 [ 343.314285][ T37] audit: type=1326 audit(1758072050.890:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.314345][ T37] audit: type=1326 audit(1758072050.890:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.314639][ T37] audit: type=1326 audit(1758072050.890:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.314938][ T37] audit: type=1326 audit(1758072050.890:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.315242][ T37] audit: type=1326 audit(1758072050.890:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.321913][ T37] audit: type=1326 audit(1758072050.890:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.321963][ T37] audit: type=1326 audit(1758072050.890:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.322006][ T37] audit: type=1326 audit(1758072050.890:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.534285][ T37] audit: type=1326 audit(1758072051.090:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 343.534344][ T37] audit: type=1326 audit(1758072051.090:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8195 comm="syz.1.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a9829eba9 code=0x7ffc0000 [ 344.476427][ T8205] netlink: 4 bytes leftover after parsing attributes in process `syz.4.680'. [ 344.952593][ T6028] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 345.240164][ T6028] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 345.240446][ T6028] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 345.240472][ T6028] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.056875][ T6028] usb 4-1: config 0 descriptor?? [ 346.083418][ T6028] pwc: Askey VC010 type 2 USB webcam detected. [ 346.564413][ T6028] pwc: recv_control_msg error -32 req 02 val 2b00 [ 346.584889][ T6028] pwc: recv_control_msg error -32 req 02 val 2700 [ 346.608636][ T6028] pwc: recv_control_msg error -32 req 02 val 2c00 [ 346.610109][ T6028] pwc: recv_control_msg error -32 req 04 val 1000 [ 346.636569][ T6028] pwc: recv_control_msg error -32 req 04 val 1300 [ 346.639965][ T6028] pwc: recv_control_msg error -32 req 04 val 1400 [ 346.654766][ T6028] pwc: recv_control_msg error -32 req 02 val 2000 [ 346.655483][ T6028] pwc: recv_control_msg error -32 req 02 val 2100 [ 346.857887][ T6028] pwc: recv_control_msg error -71 req 02 val 2500 [ 346.858370][ T6028] pwc: recv_control_msg error -71 req 02 val 2400 [ 346.858765][ T6028] pwc: recv_control_msg error -71 req 02 val 2600 [ 346.859133][ T6028] pwc: recv_control_msg error -71 req 02 val 2900 [ 346.859526][ T6028] pwc: recv_control_msg error -71 req 02 val 2800 [ 346.860001][ T6028] pwc: recv_control_msg error -71 req 04 val 1100 [ 346.860343][ T6028] pwc: recv_control_msg error -71 req 04 val 1200 [ 347.165342][ T6028] pwc: Registered as video103. [ 347.184360][ T6028] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6 [ 347.343139][ T6028] usb 4-1: USB disconnect, device number 8 [ 348.612277][ T5838] Bluetooth: hci1: link tx timeout [ 348.618145][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.692825][ T5838] Bluetooth: hci1: link tx timeout [ 348.692849][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.693296][ T5838] Bluetooth: hci1: link tx timeout [ 348.693310][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.693475][ T5838] Bluetooth: hci1: link tx timeout [ 348.693488][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.693658][ T5838] Bluetooth: hci1: link tx timeout [ 348.693670][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.694321][ T5838] Bluetooth: hci1: link tx timeout [ 348.694334][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.694868][ T5838] Bluetooth: hci1: link tx timeout [ 348.694881][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.699283][ T5838] Bluetooth: hci1: link tx timeout [ 348.699303][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.700302][ T5838] Bluetooth: hci1: link tx timeout [ 348.700317][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.820865][ T5838] Bluetooth: hci1: link tx timeout [ 348.820887][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.829230][ T5838] Bluetooth: hci1: link tx timeout [ 348.829242][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.854464][ T5838] Bluetooth: hci1: link tx timeout [ 348.854486][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.855093][ T5838] Bluetooth: hci1: link tx timeout [ 348.855107][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.908299][ T5838] Bluetooth: hci1: link tx timeout [ 348.908536][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.908609][ T5838] Bluetooth: hci1: link tx timeout [ 348.908616][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.908697][ T5838] Bluetooth: hci1: link tx timeout [ 348.908704][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.908780][ T5838] Bluetooth: hci1: link tx timeout [ 348.908787][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.911172][ T5838] Bluetooth: hci1: link tx timeout [ 348.911189][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 348.934783][ T5838] Bluetooth: hci1: link tx timeout [ 348.934803][ T5838] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 349.579435][ T8250] binder_alloc: 8249: binder_alloc_buf, no vma [ 350.872471][ T5838] Bluetooth: hci1: command 0x0405 tx timeout [ 351.409997][ C0] vkms_vblank_simulate: vblank timer overrun [ 351.671384][ C0] vkms_vblank_simulate: vblank timer overrun [ 351.774646][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.082706][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.242235][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.286976][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.522222][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.972974][ C0] vkms_vblank_simulate: vblank timer overrun [ 353.745786][ C0] vkms_vblank_simulate: vblank timer overrun [ 353.953687][ C0] vkms_vblank_simulate: vblank timer overrun [ 354.219876][ T8276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.702'. [ 354.219916][ T8276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.702'. [ 354.272539][ T8276] ip6gretap0: entered promiscuous mode [ 354.273857][ T8276] syz_tun: entered promiscuous mode [ 354.274647][ T8276] debugfs: 'hsr1' already exists in 'hsr' [ 354.274665][ T8276] Cannot create hsr debugfs directory [ 360.872512][ T31] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 361.027737][ T31] usb 6-1: Using ep0 maxpacket: 32 [ 361.101174][ T31] usb 6-1: config 0 has an invalid interface number: 247 but max is 0 [ 361.101204][ T31] usb 6-1: config 0 has no interface number 0 [ 361.128541][ T31] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 361.128573][ T31] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 361.128593][ T31] usb 6-1: Product: syz [ 361.128607][ T31] usb 6-1: Manufacturer: syz [ 361.232524][ T31] usb 6-1: config 0 descriptor?? [ 361.784885][ T8345] QAT: Stopping all acceleration devices. [ 361.844572][ T6028] usb 6-1: USB disconnect, device number 2 [ 364.869363][ T8394] hfs: can't find a HFS filesystem on dev nullb0 [ 365.844599][ C1] vkms_vblank_simulate: vblank timer overrun [ 366.168072][ C1] vkms_vblank_simulate: vblank timer overrun [ 366.263650][ C1] vkms_vblank_simulate: vblank timer overrun [ 366.762256][ C1] vkms_vblank_simulate: vblank timer overrun [ 368.583421][ T8423] block nbd3: NBD_DISCONNECT [ 369.556329][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.696681][ C1] vkms_vblank_simulate: vblank timer overrun [ 370.026671][ C1] vkms_vblank_simulate: vblank timer overrun [ 370.344901][ C1] vkms_vblank_simulate: vblank timer overrun [ 370.885695][ C1] vkms_vblank_simulate: vblank timer overrun [ 371.195270][ C1] vkms_vblank_simulate: vblank timer overrun [ 371.257069][ C1] vkms_vblank_simulate: vblank timer overrun [ 371.656484][ C1] vkms_vblank_simulate: vblank timer overrun [ 372.033110][ C1] vkms_vblank_simulate: vblank timer overrun [ 372.931455][ C1] vkms_vblank_simulate: vblank timer overrun [ 373.212778][ C1] vkms_vblank_simulate: vblank timer overrun [ 373.411592][ C1] vkms_vblank_simulate: vblank timer overrun [ 373.742259][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.769'. [ 378.985224][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.529286][ T8519] input: syz1 as /devices/virtual/input/input7 [ 384.319974][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.792'. [ 384.320002][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.792'. [ 385.906911][ T37] kauditd_printk_skb: 12 callbacks suppressed [ 385.906927][ T37] audit: type=1800 audit(1758072093.370:52): pid=8565 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.795" name="bus" dev="ramfs" ino=19551 res=0 errno=0 [ 386.388089][ T8576] fuse: Bad value for 'fd' [ 386.495410][ T8572] fuse: root generation should be zero [ 388.830105][ T31] libceph: connect (1)[c::]:6789 error -101 [ 388.830818][ T31] libceph: mon0 (1)[c::]:6789 connect error [ 388.838840][ T31] libceph: connect (1)[c::]:6789 error -101 [ 388.839062][ T31] libceph: mon0 (1)[c::]:6789 connect error [ 388.840378][ T8593] ceph: No mds server is up or the cluster is laggy [ 400.081844][ T8674] netlink: 40 bytes leftover after parsing attributes in process `syz.2.828'. [ 400.082228][ T8674] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 400.082242][ T8674] IPv6: NLM_F_CREATE should be set when creating new route [ 400.085293][ T8674] IPv6: NLM_F_CREATE should be set when creating new route [ 400.384875][ T8658] comedi comedi0: reset error (fatal) [ 401.847833][ T8686] wg2: entered promiscuous mode [ 401.847864][ T8686] wg2: entered allmulticast mode [ 404.068320][ T8711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.839'. [ 404.134694][ T8715] netlink: 4 bytes leftover after parsing attributes in process `syz.4.839'. [ 409.127231][ T37] audit: type=1326 audit(2000000009.670:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.127709][ T37] audit: type=1326 audit(2000000009.670:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.129013][ T37] audit: type=1326 audit(2000000009.670:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141406][ T37] audit: type=1326 audit(2000000009.670:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141469][ T37] audit: type=1326 audit(2000000009.670:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141510][ T37] audit: type=1326 audit(2000000009.680:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141549][ T37] audit: type=1326 audit(2000000009.680:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141591][ T37] audit: type=1326 audit(2000000009.680:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141634][ T37] audit: type=1326 audit(2000000009.680:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 409.141676][ T37] audit: type=1326 audit(2000000009.680:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8754 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fd56eeba9 code=0x7ffc0000 [ 412.462552][ T5222] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 412.623322][ T5222] usb 5-1: Using ep0 maxpacket: 32 [ 412.626455][ T5222] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 412.626483][ T5222] usb 5-1: config 0 has no interface number 0 [ 412.626537][ T5222] usb 5-1: config 0 interface 12 has no altsetting 0 [ 412.643269][ T5222] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 412.643296][ T5222] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.643314][ T5222] usb 5-1: Product: syz [ 412.643326][ T5222] usb 5-1: Manufacturer: syz [ 412.643338][ T5222] usb 5-1: SerialNumber: syz [ 412.842165][ T5222] usb 5-1: config 0 descriptor?? [ 415.720860][ T5222] f81534 5-1:0.12: f81534_set_register: reg: 1003 data: 78 failed: -71 [ 415.720901][ T5222] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71 [ 415.720910][ T5222] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 415.720970][ T5222] f81534 5-1:0.12: probe with driver f81534 failed with error -71 [ 415.744737][ T5222] usb 5-1: USB disconnect, device number 3 [ 420.974971][ T8839] overlayfs: failed to clone upperpath [ 424.253155][ T6028] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 424.618844][ T6028] usb 6-1: config 0 has no interfaces? [ 424.671155][ T6028] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 424.671176][ T6028] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.671187][ T6028] usb 6-1: Product: syz [ 424.671195][ T6028] usb 6-1: Manufacturer: syz [ 424.671203][ T6028] usb 6-1: SerialNumber: syz [ 424.675808][ T6028] usb 6-1: config 0 descriptor?? [ 424.970658][ T8867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 424.971175][ T8867] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 428.552811][ T6028] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 428.721558][ T6028] usb 5-1: Using ep0 maxpacket: 8 [ 428.729486][ T6028] usb 5-1: config 0 has no interfaces? [ 428.729528][ T6028] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 428.729551][ T6028] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.776117][ T6028] usb 5-1: config 0 descriptor?? [ 429.000328][ T6028] usb 5-1: USB disconnect, device number 4 [ 429.793440][ T6028] usb 6-1: USB disconnect, device number 3 [ 430.568878][ T8916] fuse: Unknown parameter 'fd0x0000000000000003' [ 430.660162][ T6028] Process accounting resumed [ 439.992422][ T8996] JFS: charset not found [ 440.916197][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.405785][ T9036] overlayfs: failed to clone upperpath [ 446.828225][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 446.828397][ T37] audit: type=1326 audit(2000000047.360:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 446.865680][ T37] audit: type=1326 audit(2000000047.370:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 446.870159][ T37] audit: type=1326 audit(2000000047.410:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 446.956686][ T37] audit: type=1326 audit(2000000047.410:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 446.956723][ T37] audit: type=1326 audit(2000000047.410:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 447.009223][ T37] audit: type=1326 audit(2000000047.410:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 447.010402][ T37] audit: type=1326 audit(2000000047.550:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 447.010436][ T37] audit: type=1326 audit(2000000047.550:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz.5.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f734e78eba9 code=0x7ffc0000 [ 447.839361][ T9054] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 447.864145][ T9054] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 453.115777][ T9129] netlink: 12 bytes leftover after parsing attributes in process `syz.4.972'. [ 454.719778][ T9140] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 458.297902][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 458.308870][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 458.329398][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 458.330804][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 458.331511][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 458.498721][ T5850] syz_tun (unregistering): left promiscuous mode [ 460.764086][ T5844] Bluetooth: hci4: command tx timeout [ 460.926063][ T37] audit: type=1800 audit(2000000061.470:76): pid=9190 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.991" name="bus" dev="ramfs" ino=20424 res=0 errno=0 [ 462.792589][ T5844] Bluetooth: hci4: command tx timeout [ 462.898389][ T7099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.042814][ T9202] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 463.042864][ T9202] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 465.013642][ T5844] Bluetooth: hci4: command tx timeout [ 465.864545][ T9217] Invalid ELF header magic: != ELF [ 467.034047][ T5844] Bluetooth: hci4: command tx timeout [ 468.068638][ T7099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.280301][ T37] audit: type=1107 audit(2000000069.760:77): pid=9234 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 472.662667][ T5909] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 472.833690][ T5909] usb 6-1: New USB device found, idVendor=045b, idProduct=0212, bcdDevice=28.97 [ 472.833724][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.833753][ T5909] usb 6-1: Product: syz [ 472.833768][ T5909] usb 6-1: Manufacturer: syz [ 472.833782][ T5909] usb 6-1: SerialNumber: syz [ 472.879647][ T7099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.974390][ T5909] usb 6-1: config 0 descriptor?? [ 472.986535][ T5909] upd78f0730 6-1:0.0: upd78f0730 converter detected [ 473.076268][ T5909] usb 6-1: upd78f0730 converter now attached to ttyUSB0 [ 473.314681][ T5923] usb 6-1: USB disconnect, device number 4 [ 473.367820][ T5923] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0 [ 473.368911][ T5923] upd78f0730 6-1:0.0: device disconnected [ 474.615493][ T5838] Bluetooth: hci1: command 0x0405 tx timeout [ 474.778554][ T9274] overlayfs: failed to clone upperpath [ 474.909135][ T7099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.636214][ T9175] chnl_net:caif_netlink_parms(): no params data found [ 478.074914][ T7099] bridge_slave_1: left allmulticast mode [ 478.074950][ T7099] bridge_slave_1: left promiscuous mode [ 478.075255][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.360686][ T7099] bridge_slave_0: left allmulticast mode [ 479.360724][ T7099] bridge_slave_0: left promiscuous mode [ 479.361047][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.697608][ T7099] veth3: left allmulticast mode [ 479.697645][ T7099] veth3: left promiscuous mode [ 479.697932][ T7099] bridge1: port 1(veth3) entered disabled state [ 480.127153][ T5909] IPVS: starting estimator thread 0... [ 480.256047][ T9318] IPVS: using max 6 ests per chain, 14400 per kthread [ 484.423360][ T7099] ip6gretap0 (unregistering): left promiscuous mode [ 485.130342][ C1] vkms_vblank_simulate: vblank timer overrun [ 485.813017][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.318979][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.839618][ C1] vkms_vblank_simulate: vblank timer overrun [ 487.033120][ C1] vkms_vblank_simulate: vblank timer overrun [ 488.320683][ C1] vkms_vblank_simulate: vblank timer overrun [ 489.813910][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.454323][ T9397] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1050'. [ 493.672983][ T37] audit: type=1326 audit(2000000094.200:78): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=9396 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6dbeba9 code=0x7ffc0000 [ 493.674111][ T37] audit: type=1326 audit(2000000094.220:79): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=9396 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f24d6dbeba9 code=0x7ffc0000 [ 493.674164][ T37] audit: type=1326 audit(2000000094.220:80): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=9396 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d6dbeba9 code=0x7ffc0000 [ 502.092814][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 505.823501][ T7099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 505.972940][ T7099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 506.057956][ T9485] netfs: Couldn't get user pages (rc=-14) [ 506.057976][ T9485] netfs: Zero-sized read [R=7] [ 506.108497][ T7099] bond0 (unregistering): Released all slaves [ 506.317267][ T7099] bond1 (unregistering): Released all slaves [ 507.657801][ T9175] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.657986][ T9175] bridge0: port 1(bridge_slave_0) entered disabled state [ 507.658253][ T9175] bridge_slave_0: entered allmulticast mode [ 507.690635][ T9175] bridge_slave_0: entered promiscuous mode [ 507.758675][ T9175] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.770659][ T9175] bridge0: port 2(bridge_slave_1) entered disabled state [ 507.770926][ T9175] bridge_slave_1: entered allmulticast mode [ 507.791030][ T9175] bridge_slave_1: entered promiscuous mode [ 508.888687][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 508.930836][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 508.942769][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 508.980889][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 508.986754][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 508.991920][ T9175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 509.274496][ T5847] syz_tun (unregistering): left promiscuous mode [ 509.423025][ T9175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 511.118600][ T5844] Bluetooth: hci5: command tx timeout [ 511.822482][ T7099] hsr_slave_0: left promiscuous mode [ 511.862777][ T7099] hsr_slave_1: left promiscuous mode [ 511.863977][ T7099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 511.864010][ T7099] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 513.153617][ T7099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 513.153652][ T7099] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 513.192612][ T5844] Bluetooth: hci5: command tx timeout [ 513.347828][ T7099] veth1_macvtap: left promiscuous mode [ 513.347990][ T7099] veth0_macvtap: left promiscuous mode [ 513.348341][ T7099] veth1_vlan: left promiscuous mode [ 513.348587][ T7099] veth0_vlan: left promiscuous mode [ 515.273051][ T5844] Bluetooth: hci5: command tx timeout [ 517.053124][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 517.059012][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 517.078209][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 517.080503][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 517.081455][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 517.354679][ T5838] Bluetooth: hci5: command tx timeout [ 518.378759][ T37] audit: type=1326 audit(2000000118.920:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9542 comm="syz.2.1097" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f24d6dbeba9 code=0x0 [ 519.202855][ T5838] Bluetooth: hci3: command tx timeout [ 519.417328][ T9548] IPVS: length: 24 != 600 [ 519.444604][ T7099] team0 (unregistering): Port device team_slave_1 removed [ 520.897108][ T7099] team0 (unregistering): Port device team_slave_0 removed [ 521.908271][ T5838] Bluetooth: hci3: command tx timeout [ 523.775932][ T5844] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 523.830073][ T5844] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 523.849807][ T5844] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 523.851410][ T5844] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 523.856950][ T5844] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 523.952590][ T5838] Bluetooth: hci3: command tx timeout [ 524.177210][ T5844] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 524.191348][ T5844] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 524.232677][ T5844] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 524.252976][ T5844] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 524.259495][ T5844] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 526.003371][ T5838] Bluetooth: hci6: command tx timeout [ 526.003925][ T5838] Bluetooth: hci3: command tx timeout [ 526.322655][ T5844] Bluetooth: hci7: command tx timeout [ 528.073776][ T5844] Bluetooth: hci6: command tx timeout [ 528.127476][ T9175] team0: Port device team_slave_0 added [ 528.404532][ T5844] Bluetooth: hci7: command tx timeout [ 530.152400][ T5844] Bluetooth: hci6: command tx timeout [ 530.759336][ T5844] Bluetooth: hci7: command tx timeout [ 532.652136][ T5844] Bluetooth: hci6: command tx timeout [ 532.792912][ T5844] Bluetooth: hci7: command tx timeout [ 533.180062][ T5844] Bluetooth: hci0: unexpected event for opcode 0x2010 [ 534.170738][ T9499] chnl_net:caif_netlink_parms(): no params data found [ 534.391937][ T9567] chnl_net:caif_netlink_parms(): no params data found [ 536.094326][ T9538] chnl_net:caif_netlink_parms(): no params data found [ 536.115209][ T9563] chnl_net:caif_netlink_parms(): no params data found [ 536.472113][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 537.348385][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.108666][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.269179][ T9499] bridge0: port 1(bridge_slave_0) entered blocking state [ 538.269355][ T9499] bridge0: port 1(bridge_slave_0) entered disabled state [ 538.269493][ T9499] bridge_slave_0: entered allmulticast mode [ 538.271256][ T9499] bridge_slave_0: entered promiscuous mode [ 538.387948][ T9499] bridge0: port 2(bridge_slave_1) entered blocking state [ 538.388141][ T9499] bridge0: port 2(bridge_slave_1) entered disabled state [ 538.388366][ T9499] bridge_slave_1: entered allmulticast mode [ 538.391758][ T9499] bridge_slave_1: entered promiscuous mode [ 538.729140][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.798387][ T9567] bridge0: port 1(bridge_slave_0) entered blocking state [ 538.798557][ T9567] bridge0: port 1(bridge_slave_0) entered disabled state [ 538.798866][ T9567] bridge_slave_0: entered allmulticast mode [ 538.830300][ T9567] bridge_slave_0: entered promiscuous mode [ 539.106437][ T9567] bridge0: port 2(bridge_slave_1) entered blocking state [ 539.106824][ T9567] bridge0: port 2(bridge_slave_1) entered disabled state [ 539.107734][ T9567] bridge_slave_1: entered allmulticast mode [ 539.111292][ T9567] bridge_slave_1: entered promiscuous mode [ 539.245623][ T9538] bridge0: port 1(bridge_slave_0) entered blocking state [ 539.245909][ T9538] bridge0: port 1(bridge_slave_0) entered disabled state [ 539.246177][ T9538] bridge_slave_0: entered allmulticast mode [ 539.249693][ T9538] bridge_slave_0: entered promiscuous mode [ 539.282103][ T9563] bridge0: port 1(bridge_slave_0) entered blocking state [ 539.290897][ T9563] bridge0: port 1(bridge_slave_0) entered disabled state [ 539.291200][ T9563] bridge_slave_0: entered allmulticast mode [ 539.310629][ T9563] bridge_slave_0: entered promiscuous mode [ 539.408727][ T9499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 539.412897][ T9538] bridge0: port 2(bridge_slave_1) entered blocking state [ 539.413066][ T9538] bridge0: port 2(bridge_slave_1) entered disabled state [ 539.413309][ T9538] bridge_slave_1: entered allmulticast mode [ 539.416197][ T9538] bridge_slave_1: entered promiscuous mode [ 539.433688][ T9563] bridge0: port 2(bridge_slave_1) entered blocking state [ 539.433862][ T9563] bridge0: port 2(bridge_slave_1) entered disabled state [ 539.434114][ T9563] bridge_slave_1: entered allmulticast mode [ 539.450563][ T9563] bridge_slave_1: entered promiscuous mode [ 539.569361][ T9499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 539.768496][ T9567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 540.049209][ T9567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 540.178159][ T9538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 540.188335][ T9563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 540.427308][ T9499] team0: Port device team_slave_0 added [ 540.440983][ T9538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 540.450873][ T9563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 540.547028][ T9499] team0: Port device team_slave_1 added [ 540.765685][ T9567] team0: Port device team_slave_0 added [ 541.034085][ T9567] team0: Port device team_slave_1 added [ 541.127780][ T9538] team0: Port device team_slave_0 added [ 541.134931][ T9563] team0: Port device team_slave_0 added [ 541.255442][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 541.255460][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 541.255495][ T9499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 541.260899][ T9538] team0: Port device team_slave_1 added [ 541.266557][ T9563] team0: Port device team_slave_1 added [ 541.386715][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 541.386735][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 541.386761][ T9499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 541.741397][ T9567] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 541.741480][ T9567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 541.741502][ T9567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 541.946387][ T9567] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 541.946406][ T9567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 541.946434][ T9567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 541.951353][ T9538] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 541.951371][ T9538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 541.951398][ T9538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 541.953926][ T12] bridge_slave_1: left allmulticast mode [ 541.953960][ T12] bridge_slave_1: left promiscuous mode [ 541.954346][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 542.048026][ T12] bridge_slave_0: left allmulticast mode [ 542.048062][ T12] bridge_slave_0: left promiscuous mode [ 542.048373][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 542.108391][ T12] bridge_slave_1: left allmulticast mode [ 542.108419][ T12] bridge_slave_1: left promiscuous mode [ 542.108616][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 542.185295][ T12] bridge_slave_0: left allmulticast mode [ 542.185334][ T12] bridge_slave_0: left promiscuous mode [ 542.185751][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 542.265421][ T12] vlan2: left promiscuous mode [ 542.265446][ T12] bridge0: left promiscuous mode [ 542.266111][ T12] bridge1: port 1(vlan2) entered disabled state [ 542.933824][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 543.019454][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 543.077433][ T12] bond0 (unregistering): Released all slaves [ 543.732575][ T12] erspan0 (unregistering): left promiscuous mode [ 545.713729][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 545.779008][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 545.798078][ T12] bond0 (unregistering): Released all slaves [ 545.854346][ T9563] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 545.854365][ T9563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 545.854394][ T9563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 545.886760][ T9538] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 545.886776][ T9538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 545.886800][ T9538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 546.055010][ T9563] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 546.055027][ T9563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.055054][ T9563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 546.333967][ T9499] hsr_slave_0: entered promiscuous mode [ 546.336974][ T9499] hsr_slave_1: entered promiscuous mode [ 546.338342][ T9499] debugfs: 'hsr0' already exists in 'hsr' [ 546.338386][ T9499] Cannot create hsr debugfs directory [ 547.165149][ T9567] hsr_slave_0: entered promiscuous mode [ 547.167064][ T9567] hsr_slave_1: entered promiscuous mode [ 547.168318][ T9567] debugfs: 'hsr0' already exists in 'hsr' [ 547.168346][ T9567] Cannot create hsr debugfs directory [ 547.361392][ T9538] hsr_slave_0: entered promiscuous mode [ 547.396096][ T9538] hsr_slave_1: entered promiscuous mode [ 547.397351][ T9538] debugfs: 'hsr0' already exists in 'hsr' [ 547.397379][ T9538] Cannot create hsr debugfs directory [ 547.460168][ T9563] hsr_slave_0: entered promiscuous mode [ 547.462098][ T9563] hsr_slave_1: entered promiscuous mode [ 547.476168][ T9563] debugfs: 'hsr0' already exists in 'hsr' [ 547.476201][ T9563] Cannot create hsr debugfs directory [ 548.862575][ T12] hsr_slave_0: left promiscuous mode [ 548.884854][ T12] hsr_slave_1: left promiscuous mode [ 548.886095][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.886127][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 548.941485][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 548.941509][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 549.072195][ T12] veth1_macvtap: left promiscuous mode [ 549.074195][ T12] veth0_macvtap: left promiscuous mode [ 549.076210][ T12] veth1_vlan: left promiscuous mode [ 549.076548][ T12] veth0_vlan: left promiscuous mode [ 549.693643][ T12] team0 (unregistering): Port device team_slave_0 removed [ 552.703706][ T12] team0 (unregistering): Port device team_slave_1 removed [ 552.968539][ T12] team0 (unregistering): Port device team_slave_0 removed [ 557.435962][ T9499] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 557.514201][ T9499] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 557.615005][ T9499] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 557.750595][ T9499] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 558.037554][ T9538] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 558.156723][ T9538] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 558.339138][ T9538] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 558.400868][ T9538] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 558.743070][ T9563] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 558.830170][ T9563] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 558.885128][ T9563] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 559.026234][ T9563] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 559.326182][ T9499] 8021q: adding VLAN 0 to HW filter on device bond0 [ 559.354468][ T9567] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 559.425807][ T9567] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 559.466425][ T9567] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 559.504805][ T9567] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 559.636886][ T9499] 8021q: adding VLAN 0 to HW filter on device team0 [ 559.729202][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state [ 559.729382][ T7099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 559.813128][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state [ 559.813396][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 559.905833][ T9538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.073123][ T9538] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.129957][ T1184] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.130366][ T1184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.171542][ T9563] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.194969][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.195154][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 560.342027][ T9563] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.421141][ T9567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.446975][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.447238][ T7099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.488212][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.489188][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 560.614482][ T9567] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.685004][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.685197][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.765825][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.766020][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 561.005509][ T9499] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 561.605655][ T9538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 562.086431][ T9563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 562.121235][ T9567] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 562.501249][ T9499] veth0_vlan: entered promiscuous mode [ 562.613220][ T9499] veth1_vlan: entered promiscuous mode [ 562.935179][ T9499] veth0_macvtap: entered promiscuous mode [ 562.980257][ T9499] veth1_macvtap: entered promiscuous mode [ 563.220534][ T9499] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 563.279519][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.289658][ T9499] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 563.368314][ T1129] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 563.374142][ T1129] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 563.383457][ T1129] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 563.394056][ T1129] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 563.452906][ T9538] veth0_vlan: entered promiscuous mode [ 563.746678][ T9538] veth1_vlan: entered promiscuous mode [ 563.890443][ T9563] veth0_vlan: entered promiscuous mode [ 563.955151][ T9563] veth1_vlan: entered promiscuous mode [ 563.990696][ T9567] veth0_vlan: entered promiscuous mode [ 564.062556][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 564.062579][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 564.076832][ T9567] veth1_vlan: entered promiscuous mode [ 564.182909][ T9538] veth0_macvtap: entered promiscuous mode [ 564.210232][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 564.210255][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 564.255650][ T9538] veth1_macvtap: entered promiscuous mode [ 564.375390][ T9563] veth0_macvtap: entered promiscuous mode [ 564.404056][ T9563] veth1_macvtap: entered promiscuous mode [ 564.451450][ T9538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 564.486688][ T9567] veth0_macvtap: entered promiscuous mode [ 564.537390][ T9538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 564.597222][ T9567] veth1_macvtap: entered promiscuous mode [ 564.658707][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.677864][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.729203][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.775603][ T9563] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 565.125290][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.169813][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.198502][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.273015][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.358455][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.659465][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.932135][ T9563] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 566.003474][ T9567] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 566.197127][ T1177] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.207589][ T9567] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 566.238182][ T1177] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.288487][ T1177] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.444643][ T1177] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.568396][ T7099] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.622978][ T7099] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.713695][ T7099] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.814126][ T7099] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.150350][ T6036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.150367][ T6036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.977675][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.977699][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.262374][ C0] vkms_vblank_simulate: vblank timer overrun [ 568.418417][ C0] vkms_vblank_simulate: vblank timer overrun [ 568.452349][ C0] vkms_vblank_simulate: vblank timer overrun [ 569.555879][ C0] vkms_vblank_simulate: vblank timer overrun [ 569.652956][ C0] vkms_vblank_simulate: vblank timer overrun [ 569.966102][ T9735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1129'. [ 570.025224][ T9735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 570.063790][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.063814][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.361804][ T7099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.361828][ T7099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.584957][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.584979][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.812514][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.812539][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 590.499656][ T9826] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma? [ 592.343389][ T9839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 592.364619][ T9839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 592.386761][ T9839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 592.408031][ T9839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 592.410675][ T9839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 593.223936][ T9848] netlink: 168 bytes leftover after parsing attributes in process `syz.9.1157'. [ 593.786224][ T5844] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 593.796316][ T5844] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 593.797614][ T5844] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 593.798357][ T5844] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 593.799182][ T5844] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 594.642558][ T9839] Bluetooth: hci4: command tx timeout [ 594.962806][ T5836] syz_tun (unregistering): left allmulticast mode [ 596.712571][ T9839] Bluetooth: hci4: command tx timeout [ 596.792462][ T9839] Bluetooth: hci8: command tx timeout [ 598.793314][ T9839] Bluetooth: hci4: command tx timeout [ 598.873393][ T9839] Bluetooth: hci8: command tx timeout [ 599.476181][ T1115] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.771616][ T9839] Bluetooth: hci4: command tx timeout [ 601.771657][ T9839] Bluetooth: hci8: command tx timeout [ 604.255226][ T5844] Bluetooth: hci8: command tx timeout [ 605.988674][ T1115] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.361156][ T9921] netlink: 5120 bytes leftover after parsing attributes in process `syz.8.1176'. [ 610.924170][ T1115] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.598750][ T9837] chnl_net:caif_netlink_parms(): no params data found [ 614.381688][ T1115] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 616.351456][ T9841] chnl_net:caif_netlink_parms(): no params data found [ 623.571893][ T9837] bridge0: port 1(bridge_slave_0) entered blocking state [ 623.572043][ T9837] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.572555][ T9837] bridge_slave_0: entered allmulticast mode [ 623.597861][ T9837] bridge_slave_0: entered promiscuous mode [ 623.844198][ T9837] bridge0: port 2(bridge_slave_1) entered blocking state [ 623.844402][ T9837] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.844690][ T9837] bridge_slave_1: entered allmulticast mode [ 623.857126][ T9837] bridge_slave_1: entered promiscuous mode [ 623.862073][ T9841] bridge0: port 1(bridge_slave_0) entered blocking state [ 623.862303][ T9841] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.862660][ T9841] bridge_slave_0: entered allmulticast mode [ 623.869447][ T9841] bridge_slave_0: entered promiscuous mode [ 624.172596][ T9841] bridge0: port 2(bridge_slave_1) entered blocking state [ 624.172768][ T9841] bridge0: port 2(bridge_slave_1) entered disabled state [ 624.173052][ T9841] bridge_slave_1: entered allmulticast mode [ 624.217554][ T9841] bridge_slave_1: entered promiscuous mode [ 624.634523][ T9837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 624.686515][T10034] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1204'. [ 624.724349][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.597351][ T9837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 625.677797][T10034] bridge0: entered promiscuous mode [ 625.720238][T10034] bridge0: left promiscuous mode [ 626.408822][ T9841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 628.120575][ T9841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.942395][ T9839] Bluetooth: hci5: command 0x0406 tx timeout [ 633.293990][ T9837] team0: Port device team_slave_0 added [ 633.623582][ T1115] bridge_slave_1: left allmulticast mode [ 633.623621][ T1115] bridge_slave_1: left promiscuous mode [ 633.623927][ T1115] bridge0: port 2(bridge_slave_1) entered disabled state [ 634.483021][ T1115] bridge_slave_0: left allmulticast mode [ 634.483089][ T1115] bridge_slave_0: left promiscuous mode [ 634.483401][ T1115] bridge0: port 1(bridge_slave_0) entered disabled state [ 640.119042][ T1115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 640.232174][ T1115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 640.272415][ T1115] bond0 (unregistering): Released all slaves [ 640.433384][T10109] netlink: 'syz.9.1222': attribute type 23 has an invalid length. [ 640.643294][ T9837] team0: Port device team_slave_1 added [ 640.656779][ T9841] team0: Port device team_slave_0 added [ 642.636721][ T9841] team0: Port device team_slave_1 added [ 646.979317][ T9837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 646.979336][ T9837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.979363][ T9837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 648.123415][T10155] Bluetooth: hci6: command 0x0406 tx timeout [ 648.123464][T10155] Bluetooth: hci7: command 0x0406 tx timeout [ 648.848884][ T9837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 648.848904][ T9837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 648.848934][ T9837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 650.667144][ T9839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 650.680988][ T9839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 650.691699][ T9839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 650.725108][ T9839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 650.731044][ T9839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 650.817941][ C1] vkms_vblank_simulate: vblank timer overrun [ 651.112656][ T1115] hsr_slave_0: left promiscuous mode [ 651.165183][ T1115] hsr_slave_1: left promiscuous mode [ 651.171641][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 651.171667][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 651.259650][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 651.259679][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 651.471610][ C1] vkms_vblank_simulate: vblank timer overrun [ 651.568347][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 651.685632][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 651.746300][ T1115] veth1_macvtap: left promiscuous mode [ 651.746483][ T1115] veth0_macvtap: left promiscuous mode [ 651.746875][ T1115] veth1_vlan: left promiscuous mode [ 651.747143][ T1115] veth0_vlan: left promiscuous mode [ 651.782540][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 651.784996][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 651.786830][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 651.894451][ C1] vkms_vblank_simulate: vblank timer overrun [ 652.230155][ C1] vkms_vblank_simulate: vblank timer overrun [ 652.920733][ T9839] Bluetooth: hci0: command tx timeout [ 652.930998][ C1] vkms_vblank_simulate: vblank timer overrun [ 653.641684][T10230] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1243'. [ 654.735901][ T9839] Bluetooth: hci3: command tx timeout [ 655.000127][ T9839] Bluetooth: hci0: command tx timeout [ 656.843545][ T38] INFO: task syz-executor:5842 blocked for more than 143 seconds. [ 656.843575][ T38] Not tainted syzkaller #0 [ 656.843586][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 656.843596][ T38] task:syz-executor state:D stack:21032 pid:5842 tgid:5842 ppid:1 task_flags:0x400140 flags:0x00004004 [ 656.843658][ T38] Call Trace: [ 656.843666][ T38] [ 656.843681][ T38] __schedule+0x16f3/0x4c20 [ 656.843743][ T38] ? __lock_acquire+0xab9/0xd20 [ 656.843773][ T38] ? __pfx___schedule+0x10/0x10 [ 656.843823][ T38] ? schedule+0x91/0x360 [ 656.843856][ T38] schedule+0x165/0x360 [ 656.843887][ T38] v9fs_evict_inode+0x170/0x320 [ 656.843923][ T38] ? __pfx_v9fs_evict_inode+0x10/0x10 [ 656.843962][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 656.843997][ T38] ? __pfx_var_wake_function+0x10/0x10 [ 656.844042][ T38] ? __pfx_v9fs_evict_inode+0x10/0x10 [ 656.844070][ T38] evict+0x504/0x9c0 [ 656.844105][ T38] ? __pfx_evict+0x10/0x10 [ 656.844134][ T38] ? iput+0x6d8/0x9d0 [ 656.844173][ T38] __dentry_kill+0x209/0x660 [ 656.844204][ T38] ? dput+0x37/0x2b0 [ 656.844234][ T38] dput+0x19f/0x2b0 [ 656.844264][ T38] shrink_dcache_for_umount+0xa0/0x170 [ 656.844291][ T38] generic_shutdown_super+0x67/0x2c0 [ 656.844319][ T38] kill_anon_super+0x3b/0x70 [ 656.844344][ T38] v9fs_kill_super+0x4c/0x90 [ 656.844375][ T38] deactivate_locked_super+0xbc/0x130 [ 656.844401][ T38] cleanup_mnt+0x425/0x4c0 [ 656.844424][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.844457][ T38] task_work_run+0x1d4/0x260 [ 656.844483][ T38] ? __pfx_task_work_run+0x10/0x10 [ 656.844502][ T38] ? __x64_sys_umount+0x122/0x160 [ 656.844534][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 656.844567][ T38] exit_to_user_mode_loop+0xec/0x110 [ 656.844596][ T38] do_syscall_64+0x2bd/0x3b0 [ 656.844614][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.844667][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.844687][ T38] ? clear_bhb_loop+0x60/0xb0 [ 656.844712][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.844732][ T38] RIP: 0033:0x7f9c2435fed7 [ 656.844751][ T38] RSP: 002b:00007ffee02e2dd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 656.844772][ T38] RAX: 0000000000000000 RBX: 00007f9c243e1c05 RCX: 00007f9c2435fed7 [ 656.844789][ T38] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee02e2e90 [ 656.844802][ T38] RBP: 00007ffee02e2e90 R08: 0000000000000000 R09: 0000000000000000 [ 656.844816][ T38] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffee02e3f20 [ 656.844830][ T38] R13: 00007f9c243e1c05 R14: 000000000007b71e R15: 00007ffee02e3f60 [ 656.844867][ T38] [ 656.844894][ T38] INFO: task syz.5.1079:9491 blocked for more than 143 seconds. [ 656.844910][ T38] Not tainted syzkaller #0 [ 656.844920][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 656.844929][ T38] task:syz.5.1079 state:D stack:26040 pid:9491 tgid:9486 ppid:7364 task_flags:0x400040 flags:0x00004004 [ 656.845001][ T38] Call Trace: [ 656.845008][ T38] [ 656.845022][ T38] __schedule+0x16f3/0x4c20 [ 656.845084][ T38] ? __pfx___schedule+0x10/0x10 [ 656.845144][ T38] rt_mutex_schedule+0x77/0xf0 [ 656.845163][ T38] ? __rt_mutex_slowlock_locked+0x1a7/0x25e0 [ 656.845187][ T38] __rt_mutex_slowlock_locked+0x1e04/0x25e0 [ 656.845227][ T38] ? __rt_mutex_slowlock_locked+0x1a7/0x25e0 [ 656.845262][ T38] ? __pfx___rt_mutex_slowlock_locked+0x10/0x10 [ 656.845301][ T38] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 656.845337][ T38] ? rcu_is_watching+0x15/0xb0 [ 656.845374][ T38] __rwbase_read_lock+0xbc/0x180 [ 656.845396][ T38] ? __pfx___rwbase_read_lock+0x10/0x10 [ 656.845433][ T38] down_read+0x127/0x1f0 [ 656.845453][ T38] ? __pfx_down_read+0x10/0x10 [ 656.845497][ T38] super_lock+0x2a9/0x3b0 [ 656.845525][ T38] ? __pfx_super_lock+0x10/0x10 [ 656.845556][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 656.845590][ T38] ? rt_spin_unlock+0x65/0x80 [ 656.845623][ T38] __iterate_supers+0x126/0x290 [ 656.845647][ T38] ? __pfx_quota_sync_one+0x10/0x10 [ 656.845680][ T38] __se_sys_quotactl+0x353/0x950 [ 656.845709][ T38] ? irqentry_exit+0x74/0x90 [ 656.845739][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.845771][ T38] ? __pfx___se_sys_quotactl+0x10/0x10 [ 656.845817][ T38] do_syscall_64+0xfa/0x3b0 [ 656.845840][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.845859][ T38] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 656.845880][ T38] ? clear_bhb_loop+0x60/0xb0 [ 656.845907][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.845927][ T38] RIP: 0033:0x7f734e78eba9 [ 656.845945][ T38] RSP: 002b:00007f734c9ac038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 656.845974][ T38] RAX: ffffffffffffffda RBX: 00007f734e9d6180 RCX: 00007f734e78eba9 [ 656.845989][ T38] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102 [ 656.846002][ T38] RBP: 00007f734e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 656.846016][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 656.846029][ T38] R13: 00007f734e9d6218 R14: 00007f734e9d6180 R15: 00007ffd2200db58 [ 656.846065][ T38] [ 656.846104][ T38] [ 656.846104][ T38] Showing all locks held in the system: [ 656.846116][ T38] 1 lock held by khungtaskd/38: [ 656.846128][ T38] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 656.846181][ T38] 2 locks held by kworker/u8:2/40: [ 656.846202][ T38] 3 locks held by kworker/u8:5/1010: [ 656.846214][ T38] #0: ffff88802ffb8138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 656.846269][ T38] #1: ffffc90004567bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 656.846324][ T38] #2: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 656.846380][ T38] 5 locks held by kworker/u8:7/1115: [ 656.846405][ T38] 2 locks held by getty/5595: [ 656.846417][ T38] #0: ffff88823bf620a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 656.846476][ T38] #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 656.846529][ T38] 1 lock held by syz-executor/5842: [ 656.846541][ T38] #0: ffff8880330a40d0 (&type->s_umount_key#57){++++}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 656.846602][ T38] 1 lock held by syz.5.1079/9491: [ 656.846613][ T38] #0: ffff8880330a40d0 (&type->s_umount_key#57){++++}-{4:4}, at: super_lock+0x2a9/0x3b0 [ 656.846672][ T38] 1 lock held by syz-executor/9837: [ 656.846684][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 656.846740][ T38] 1 lock held by syz-executor/9841: [ 656.846751][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 656.846807][ T38] 3 locks held by kworker/u8:11/9986: [ 656.846820][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 656.846872][ T38] #1: ffffc90004367bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 656.846926][ T38] #2: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 656.846985][ T38] 1 lock held by syz-executor/10206: [ 656.846997][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 656.847048][ T38] 1 lock held by syz-executor/10212: [ 656.847060][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 656.847109][ T38] 5 locks held by syz.8.1243/10227: [ 656.847121][ T38] 1 lock held by syz.9.1248/10243: [ 656.847133][ T38] #0: ffff88802f775c50 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff+0x214/0x4d0 [ 656.847188][ T38] 3 locks held by syz.9.1248/10244: [ 656.847201][ T38] [ 656.847206][ T38] ============================================= [ 656.847206][ T38] [ 656.847216][ T38] NMI backtrace for cpu 0 [ 656.847230][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 656.847252][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.847264][ T38] Call Trace: [ 656.847272][ T38] [ 656.847280][ T38] dump_stack_lvl+0x189/0x250 [ 656.847314][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 656.847344][ T38] ? __pfx__printk+0x10/0x10 [ 656.847382][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 656.847411][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 656.847441][ T38] ? __pfx__printk+0x10/0x10 [ 656.847469][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 656.847498][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 656.847527][ T38] watchdog+0xf93/0xfe0 [ 656.847560][ T38] ? watchdog+0x1de/0xfe0 [ 656.847592][ T38] kthread+0x70e/0x8a0 [ 656.847626][ T38] ? __pfx_watchdog+0x10/0x10 [ 656.847652][ T38] ? __pfx_kthread+0x10/0x10 [ 656.847688][ T38] ? __pfx_kthread+0x10/0x10 [ 656.847717][ T38] ret_from_fork+0x439/0x7d0 [ 656.847748][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 656.847781][ T38] ? __switch_to_asm+0x39/0x70 [ 656.847799][ T38] ? __switch_to_asm+0x33/0x70 [ 656.847817][ T38] ? __pfx_kthread+0x10/0x10 [ 656.847848][ T38] ret_from_fork_asm+0x1a/0x30 [ 656.847886][ T38] [ 656.847894][ T38] Sending NMI from CPU 0 to CPUs 1: [ 656.847924][ C1] NMI backtrace for cpu 1 [ 656.847941][ C1] CPU: 1 UID: 0 PID: 10244 Comm: syz.9.1248 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 656.847962][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.847971][ C1] RIP: 0010:__read_once_word_nocheck+0x3/0x10 [ 656.847998][ C1] Code: aa 00 48 ba 00 00 00 00 00 fc ff df e9 88 fc ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 07 18 b0 87 09 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 656.848012][ C1] RSP: 0018:ffffc90004f16ed0 EFLAGS: 00000202 [ 656.848028][ C1] RAX: ffffffff81000130 RBX: ffffc90004f17f50 RCX: 1ffff920009e2d01 [ 656.848040][ C1] RDX: ffffffff90465b8c RSI: 0000000000000002 RDI: ffffc90004f17f50 [ 656.848052][ C1] RBP: 1ffff920009e2df6 R08: 0000000000000001 R09: ffffffff8172c165 [ 656.848064][ C1] R10: ffffc90004f16ff8 R11: ffffffff81aaf310 R12: ffffc90004f18000 [ 656.848075][ C1] R13: 1ffff920009e2df7 R14: ffffc90004f16fa8 R15: ffffc90004f10000 [ 656.848087][ C1] FS: 00007f88b054e6c0(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000 [ 656.848102][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 656.848114][ C1] CR2: 0000001b32622ff8 CR3: 0000000023ec2000 CR4: 00000000003526f0 [ 656.848130][ C1] Call Trace: [ 656.848137][ C1] [ 656.848142][ C1] unwind_next_frame+0xc3c/0x2390 [ 656.848168][ C1] ? unwind_next_frame+0xa5/0x2390 [ 656.848189][ C1] ? do_syscall_64+0xfa/0x3b0 [ 656.848206][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 656.848224][ C1] arch_stack_walk+0x11c/0x150 [ 656.848248][ C1] ? do_syscall_64+0xfa/0x3b0 [ 656.848265][ C1] stack_trace_save+0x9c/0xe0 [ 656.848281][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 656.848302][ C1] save_stack+0xf7/0x1f0 [ 656.848322][ C1] ? __pfx_save_stack+0x10/0x10 [ 656.848339][ C1] ? post_alloc_hook+0x240/0x2a0 [ 656.848360][ C1] ? get_page_from_freelist+0x2119/0x21b0 [ 656.848375][ C1] ? __alloc_frozen_pages_noprof+0x181/0x370 [ 656.848390][ C1] ? alloc_pages_mpol+0xd1/0x380 [ 656.848409][ C1] ? folio_alloc_mpol_noprof+0x39/0xe0 [ 656.848428][ C1] ? shmem_get_folio_gfp+0x633/0x1a70 [ 656.848449][ C1] ? shmem_fault+0x170/0x380 [ 656.848462][ C1] ? __do_fault+0x135/0x390 [ 656.848476][ C1] ? handle_mm_fault+0x23c6/0x3400 [ 656.848496][ C1] ? __get_user_pages+0x16e4/0x2b60 [ 656.848515][ C1] ? populate_vma_page_range+0x29f/0x3a0 [ 656.848534][ C1] ? __mm_populate+0x24c/0x380 [ 656.848551][ C1] ? vm_mmap_pgoff+0x38a/0x4d0 [ 656.848569][ C1] ? do_syscall_64+0xfa/0x3b0 [ 656.848585][ C1] ? seqcount_lockdep_reader_access+0x102/0x180 [ 656.848609][ C1] __set_page_owner+0x8d/0x490 [ 656.848628][ C1] ? __pfx___set_page_owner+0x10/0x10 [ 656.848645][ C1] ? rt_spin_trylock+0xfa/0x180 [ 656.848664][ C1] ? __pfx_migrate_enable+0x10/0x10 [ 656.848686][ C1] post_alloc_hook+0x240/0x2a0 [ 656.848718][ C1] get_page_from_freelist+0x2119/0x21b0 [ 656.848755][ C1] __alloc_frozen_pages_noprof+0x181/0x370 [ 656.848774][ C1] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 656.848792][ C1] ? filemap_get_entry+0xad/0x2f0 [ 656.848813][ C1] ? filemap_get_entry+0xad/0x2f0 [ 656.848836][ C1] ? policy_nodemask+0x27c/0x720 [ 656.848855][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 656.848880][ C1] alloc_pages_mpol+0xd1/0x380 [ 656.848901][ C1] folio_alloc_mpol_noprof+0x39/0xe0 [ 656.848923][ C1] shmem_get_folio_gfp+0x633/0x1a70 [ 656.848957][ C1] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 656.848983][ C1] shmem_fault+0x170/0x380 [ 656.849001][ C1] __do_fault+0x135/0x390 [ 656.849017][ C1] handle_mm_fault+0x23c6/0x3400 [ 656.849043][ C1] ? handle_mm_fault+0xdb/0x3400 [ 656.849067][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 656.849089][ C1] ? follow_page_pte+0xc0d/0x1360 [ 656.849114][ C1] ? __pfx_follow_page_pte+0x10/0x10 [ 656.849136][ C1] ? vma_is_secretmem+0xd/0x50 [ 656.849159][ C1] __get_user_pages+0x16e4/0x2b60 [ 656.849195][ C1] populate_vma_page_range+0x29f/0x3a0 [ 656.849217][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 656.849236][ C1] ? userfaultfd_unmap_complete+0x278/0x2d0 [ 656.849258][ C1] ? rt_mutex_slowunlock+0x493/0x8a0 [ 656.849276][ C1] __mm_populate+0x24c/0x380 [ 656.849297][ C1] ? __pfx___mm_populate+0x10/0x10 [ 656.849317][ C1] ? vm_mmap_pgoff+0x353/0x4d0 [ 656.849340][ C1] vm_mmap_pgoff+0x38a/0x4d0 [ 656.849359][ C1] ? __se_sys_futex+0x36f/0x400 [ 656.849378][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 656.849400][ C1] ? rcu_is_watching+0x15/0xb0 [ 656.849425][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 656.849447][ C1] do_syscall_64+0xfa/0x3b0 [ 656.849461][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.849482][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.849498][ C1] ? clear_bhb_loop+0x60/0xb0 [ 656.849516][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.849531][ C1] RIP: 0033:0x7f88b22eeba9 [ 656.849545][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.849559][ C1] RSP: 002b:00007f88b054e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 656.849575][ C1] RAX: ffffffffffffffda RBX: 00007f88b2535fa0 RCX: 00007f88b22eeba9 [ 656.849586][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 656.849598][ C1] RBP: 00007f88b2371e19 R08: ffffffffffffffff R09: 0000000000000000 [ 656.849609][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 656.849620][ C1] R13: 00007f88b2536038 R14: 00007f88b2535fa0 R15: 00007fff1eda4488 [ 656.849639][ C1] [ 656.849920][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 656.849936][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 656.849967][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.849978][ T38] Call Trace: [ 656.849986][ T38] [ 656.849995][ T38] dump_stack_lvl+0x99/0x250 [ 656.850025][ T38] ? __asan_memcpy+0x40/0x70 [ 656.850049][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 656.850079][ T38] ? __pfx__printk+0x10/0x10 [ 656.850115][ T38] vpanic+0x281/0x750 [ 656.850149][ T38] ? __pfx_vpanic+0x10/0x10 [ 656.850176][ T38] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 656.850198][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.850239][ T38] panic+0xb9/0xc0 [ 656.850268][ T38] ? __pfx_panic+0x10/0x10 [ 656.850301][ T38] ? irq_work_queue+0xc3/0x140 [ 656.850331][ T38] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 656.850360][ T38] watchdog+0xfd2/0xfe0 [ 656.850392][ T38] ? watchdog+0x1de/0xfe0 [ 656.850426][ T38] kthread+0x70e/0x8a0 [ 656.850458][ T38] ? __pfx_watchdog+0x10/0x10 [ 656.850482][ T38] ? __pfx_kthread+0x10/0x10 [ 656.850518][ T38] ? __pfx_kthread+0x10/0x10 [ 656.850549][ T38] ret_from_fork+0x439/0x7d0 [ 656.850579][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 656.850612][ T38] ? __switch_to_asm+0x39/0x70 [ 656.850631][ T38] ? __switch_to_asm+0x33/0x70 [ 656.850649][ T38] ? __pfx_kthread+0x10/0x10 [ 656.850681][ T38] ret_from_fork_asm+0x1a/0x30 [ 656.850717][ T38] [ 656.851090][ T38] Kernel Offset: disabled