last executing test programs: 2.631918631s ago: executing program 0 (id=1): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x770d3000) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800, 0x0, 0x1}, 0x20) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) 1.987607868s ago: executing program 0 (id=5): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = open(&(0x7f0000000000)='./file1\x00', 0x103102, 0x80) ftruncate(r0, 0x2007ffb) sendfile(r0, r0, 0x0, 0x1000000201005) 1.334582544s ago: executing program 0 (id=6): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2d5, &(0x7f0000025dc0)="$eJzs3c9OE10Yx/HfmSlteeHFUTAmxoVBia4M4Ma4aWKI1+BGI9KaEBqIiImysXFtvAD3bLwAL8KVMXGNK1deALsxZ3pKz7QzbYHQAfl+ktrO9Px5zsy0c56RZgTgwnq0sr93/7d9GClUKOmhFNi3bqok6aquVd9s7qzvNBv1QQ2FUlXJw0hJTdNXZm2zkVXV1ktqOJFdKmnaX4fTEcdx/KvoIFCkqnsOs94MpIr7dIZ+4bOs0rM80bPcCqXWGOM5i8yBDvRWM0XHAQAolmmf3wN3np928/cgkBbcad8////8v+B4T+aODooOoWDe+T/JsmJj9++l5K1uvmc06cp3ssSj9mPnYmW1j6zUBNOks8r+ZDGJJZh8ud5s3FvbatYDfVAtYfy8cE5STXWXs2ZF29/0fMa6tLK/sD+sdK6pZAwTdgzL3fhrNa/IbFanx93aozDfzHfzzET6rPrh/K8UG3/Mbk89nujGv5jX3Narp/Y5apfKGeVluxtK19MbduAow7yMRG5LxaHSFwiidJzlzFpl9dRqj24pryfXzmxmreUhteZsrS9ere7RnF/ztJlP5omZ1x991Yo3/w/s1l5Q/yczu5GkpDsyBo6nlJSM/FWtG5klg6OPBUfU3cYf9UIPNPP63e7GarPZ2B73CxvD2Du9mC8i9a7pHARnJcLjvbDfsf4aRY3t0nh6L59401XdTrGTmf4yld2N1YpfuD3Szgmxt8HOx3qE3jsX8IZGOMZvJRSmu9Pzy7wX/xPzD7NfHqad/3n5ymKS9Nh/ogHz9HjYtM1rcSkjN+heqv/Pa8m46/P5GdBUZgbX0mg5V1L31l3ptrdyf68yKOeKdEWH2fD5Z1b0Q8+5/g8AAAAAAAAAAAAAAAAAAHDejOPXGl53/B05AAAAAAAAAAAAAAAAAAAAAADHkH//36pO8f6/qd8BjHz/394bewI4kb8BAAD//+jIZ98=") openat$autofs(0xffffffffffffff9c, 0x0, 0x40002, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000c300)=ANY=[@ANYBLOB="14000000100001000000000000000000baaf09db2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000020000000080a05000000000000000000020000000900010073797a300000000014000000110001000000000000"], 0x74}}, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) rename(0x0, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') close(r0) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000022c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000002240)=ANY=[@ANYBLOB="4c0000000b0601030000040000000000001073797a30000000000900020073797a32000000000500010007000000080009400000000108000940800000010500010007000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000800}, 0x48800) 1.087409791s ago: executing program 2 (id=3): socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x7) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c) r4 = socket$netlink(0x10, 0x3, 0x4) write(r4, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) socket(0x400000000010, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$SNDRV_PCM_IOCTL_RESET(r5, 0x4141, 0x0) 1.02588646s ago: executing program 1 (id=2): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x30, 0x10, 0x1, 0x0, 0x10000018, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4044080}, 0x400000000000000) cachestat(r0, &(0x7f0000000040)={0x6, 0x57c}, &(0x7f0000000340), 0x0) 801.155371ms ago: executing program 3 (id=4): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x101940, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") open(&(0x7f0000000000)='./file1\x00', 0x103102, 0x80) 748.820521ms ago: executing program 1 (id=7): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 632.768021ms ago: executing program 1 (id=8): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB="500000000102030000000000000000000a0000093c0002"], 0x50}, 0x1, 0x0, 0x0, 0x40040c0}, 0x0) 1.46661ms ago: executing program 0 (id=9): openat$full(0xffffffffffffff9c, 0x0, 0x800, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10) r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000004600)=""/102400, 0x19000) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xa, 0x2, 0x56d, 0x2}, 0x50) r3 = socket(0x1e, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r2}, 0x38) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r4 = socket$rds(0x15, 0x5, 0x0) bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$inet(r4, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="91cfdfefdb", 0x1a000}], 0x1}, 0x0) 0s ago: executing program 2 (id=10): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x770d3000) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800, 0x0, 0x1}, 0x20) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.62' (ED25519) to the list of known hosts. [ 73.600411][ T5756] cgroup: Unknown subsys name 'net' [ 73.764342][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.283873][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.235470][ T5773] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.243537][ T5773] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.253122][ T5773] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.261089][ T5773] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.269305][ T5773] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.277403][ T5773] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.284727][ T5773] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.293458][ T5773] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.300981][ T5773] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.308832][ T5773] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.317323][ T5773] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.324827][ T5773] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.338363][ T5783] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.347215][ T5783] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.355514][ T5783] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.364836][ T5783] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.372620][ T5783] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.380170][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.396184][ T5783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.398378][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.412035][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.424214][ T5773] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.447080][ T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.457016][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.842975][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 77.885179][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 77.985853][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 78.063887][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.076103][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.083405][ T5767] bridge_slave_0: entered allmulticast mode [ 78.090876][ T5767] bridge_slave_0: entered promiscuous mode [ 78.100788][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.108037][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.115449][ T5767] bridge_slave_1: entered allmulticast mode [ 78.122960][ T5767] bridge_slave_1: entered promiscuous mode [ 78.145464][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.152677][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.159943][ T5768] bridge_slave_0: entered allmulticast mode [ 78.167229][ T5768] bridge_slave_0: entered promiscuous mode [ 78.179544][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.186758][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.193956][ T5768] bridge_slave_1: entered allmulticast mode [ 78.200985][ T5768] bridge_slave_1: entered promiscuous mode [ 78.238989][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 78.261740][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.273611][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.307533][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.319586][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.363500][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.371549][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.378803][ T5769] bridge_slave_0: entered allmulticast mode [ 78.385790][ T5769] bridge_slave_0: entered promiscuous mode [ 78.405776][ T5767] team0: Port device team_slave_0 added [ 78.423982][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.431732][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.438968][ T5769] bridge_slave_1: entered allmulticast mode [ 78.445791][ T5769] bridge_slave_1: entered promiscuous mode [ 78.472650][ T5767] team0: Port device team_slave_1 added [ 78.512963][ T5768] team0: Port device team_slave_0 added [ 78.530675][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.537787][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.564137][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.583227][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.603165][ T5768] team0: Port device team_slave_1 added [ 78.619783][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.627146][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.653738][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.667279][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.713670][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.720930][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.728142][ T5770] bridge_slave_0: entered allmulticast mode [ 78.735245][ T5770] bridge_slave_0: entered promiscuous mode [ 78.748884][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.756342][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.763470][ T5770] bridge_slave_1: entered allmulticast mode [ 78.771868][ T5770] bridge_slave_1: entered promiscuous mode [ 78.781009][ T5769] team0: Port device team_slave_0 added [ 78.792544][ T5769] team0: Port device team_slave_1 added [ 78.799115][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.806317][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.832349][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.885260][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.892473][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.918763][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.972942][ T5767] hsr_slave_0: entered promiscuous mode [ 78.979915][ T5767] hsr_slave_1: entered promiscuous mode [ 79.002818][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.013105][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.020457][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.046438][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.058925][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.065954][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.091933][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.114723][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.144168][ T5768] hsr_slave_0: entered promiscuous mode [ 79.151077][ T5768] hsr_slave_1: entered promiscuous mode [ 79.157818][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.165639][ T5768] Cannot create hsr debugfs directory [ 79.260786][ T5770] team0: Port device team_slave_0 added [ 79.269379][ T5770] team0: Port device team_slave_1 added [ 79.313369][ T5769] hsr_slave_0: entered promiscuous mode [ 79.320600][ T5769] hsr_slave_1: entered promiscuous mode [ 79.326821][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.334375][ T5769] Cannot create hsr debugfs directory [ 79.398107][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.405072][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.431908][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.443140][ T51] Bluetooth: hci2: command tx timeout [ 79.449191][ T5779] Bluetooth: hci1: command tx timeout [ 79.479055][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.486301][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.512814][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.523491][ T51] Bluetooth: hci3: command tx timeout [ 79.523513][ T5779] Bluetooth: hci0: command tx timeout [ 79.650795][ T5770] hsr_slave_0: entered promiscuous mode [ 79.660528][ T5770] hsr_slave_1: entered promiscuous mode [ 79.668713][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.680479][ T5770] Cannot create hsr debugfs directory [ 79.832879][ T5768] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.863896][ T5768] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.874394][ T5768] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.904512][ T5768] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.967128][ T5767] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.977882][ T5767] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.988651][ T5767] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 79.999643][ T5767] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.094220][ T5769] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.105557][ T5769] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.132412][ T5769] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.145279][ T5769] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.220127][ T5770] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.231153][ T5770] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.242503][ T5770] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.267644][ T5770] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.323564][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.395265][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.420796][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.445586][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.452915][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.465558][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.472735][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.500175][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.538408][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.554882][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.572815][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.589159][ T4167] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.596623][ T4167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.630650][ T4167] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.637836][ T4167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.656774][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.675497][ T4167] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.682752][ T4167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.692603][ T4167] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.699784][ T4167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.723834][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.731008][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.759981][ T4167] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.767153][ T4167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.142153][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.253160][ T5768] veth0_vlan: entered promiscuous mode [ 81.288900][ T5768] veth1_vlan: entered promiscuous mode [ 81.363093][ T5768] veth0_macvtap: entered promiscuous mode [ 81.376101][ T5768] veth1_macvtap: entered promiscuous mode [ 81.411343][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.440295][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.478528][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.491688][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.509330][ T5768] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.519668][ T5768] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.526525][ T51] Bluetooth: hci1: command tx timeout [ 81.531161][ T5768] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.536832][ T51] Bluetooth: hci2: command tx timeout [ 81.548688][ T5768] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.596324][ T51] Bluetooth: hci0: command tx timeout [ 81.607088][ T51] Bluetooth: hci3: command tx timeout [ 81.636912][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.722370][ T5767] veth0_vlan: entered promiscuous mode [ 81.779628][ T5769] veth0_vlan: entered promiscuous mode [ 81.788046][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.802909][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.822905][ T5770] veth0_vlan: entered promiscuous mode [ 81.833047][ T5767] veth1_vlan: entered promiscuous mode [ 81.869802][ T5769] veth1_vlan: entered promiscuous mode [ 81.901007][ T5770] veth1_vlan: entered promiscuous mode [ 81.928417][ T4366] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.946077][ T4366] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.991873][ T5767] veth0_macvtap: entered promiscuous mode [ 82.024306][ T5769] veth0_macvtap: entered promiscuous mode [ 82.042214][ T5769] veth1_macvtap: entered promiscuous mode [ 82.113645][ T5770] veth0_macvtap: entered promiscuous mode [ 82.125189][ T5767] veth1_macvtap: entered promiscuous mode [ 82.140429][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.158317][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.181878][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.211944][ T5770] veth1_macvtap: entered promiscuous mode [ 82.232141][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.250578][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.276024][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.303668][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.328237][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.348149][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.363597][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.375718][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.402756][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.418054][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.430636][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.445043][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.464598][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.480699][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.496871][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.528886][ T5769] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.542515][ T5769] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.553941][ T5769] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.576343][ T5769] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.596183][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.611654][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.622881][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.641074][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.655086][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.667435][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.697154][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.713239][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.735181][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.745792][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.761880][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.773787][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.905631][ T5770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.946702][ T5770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.955444][ T5770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.981638][ T5770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.043196][ T5835] syz.0.5[5835]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 83.080535][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.089439][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.099868][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.108941][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.115835][ T5835] loop0: detected capacity change from 0 to 2048 [ 83.127926][ T5835] ======================================================= [ 83.127926][ T5835] WARNING: The mand mount option has been deprecated and [ 83.127926][ T5835] and is ignored by this kernel. Remove the mand [ 83.127926][ T5835] option from the mount to silence this warning. [ 83.127926][ T5835] ======================================================= [ 83.240159][ T5835] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 83.323150][ T4167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.361284][ T4167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.429284][ T351] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.437784][ T351] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.498462][ T351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.506580][ T351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.553771][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.589411][ T351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.603657][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.605471][ T51] Bluetooth: hci2: command tx timeout [ 83.617107][ T5779] Bluetooth: hci1: command tx timeout [ 83.621322][ T351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.677968][ T51] Bluetooth: hci3: command tx timeout [ 83.683947][ T51] Bluetooth: hci0: command tx timeout [ 83.740699][ T5840] loop0: detected capacity change from 0 to 64 [ 83.821102][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.870348][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.050937][ T5855] loop3: detected capacity change from 0 to 2048 [ 85.096767][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.113228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.124487][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.154227][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.190499][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.201616][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.212340][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.227192][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 85.266308][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.274650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.324449][ T5855] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 85.687560][ T5779] Bluetooth: hci1: command tx timeout [ 85.693194][ T51] Bluetooth: hci2: command tx timeout [ 85.756034][ C1] ------------[ cut here ]------------ [ 85.761939][ C1] WARNING: CPU: 1 PID: 5770 at kernel/workqueue.c:1745 __queue_work+0xd49/0x1020 [ 85.771102][ C1] Modules linked in: [ 85.775054][ C1] CPU: 1 PID: 5770 Comm: syz-executor Not tainted syzkaller #0 [ 85.782632][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 85.792743][ C1] RIP: 0010:__queue_work+0xd49/0x1020 [ 85.798152][ C1] Code: 4c 89 f7 48 89 de 89 e9 e8 c4 e6 00 00 48 8b 5c 24 10 e9 10 ff ff ff e8 a5 ab 2f 00 eb 0c e8 9e ab 2f 00 eb 05 e8 97 ab 2f 00 <0f> 0b 48 83 c4 78 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 81 ab 2f 00 [ 85.817798][ C1] RSP: 0018:ffffc900001f0b10 EFLAGS: 00010046 [ 85.823894][ C1] RAX: ffffffff815770bb RBX: 0000000000000100 RCX: ffff888018bd8000 [ 85.831891][ C1] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 85.839909][ C1] RBP: ffff8880311215c0 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd [ 85.847914][ C1] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: 0000000000000008 [ 85.855917][ C1] R13: dffffc0000000000 R14: ffff88802fc8c9c0 R15: ffff888031121400 [ 85.863914][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 85.872868][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.879482][ C1] CR2: 00007f2cff0aa000 CR3: 0000000077b74000 CR4: 00000000003506e0 [ 85.887506][ C1] Call Trace: [ 85.890833][ C1] [ 85.893725][ C1] call_timer_fn+0x189/0x540 [ 85.898360][ C1] ? queue_work_node+0x3d0/0x3d0 [ 85.903327][ C1] ? call_timer_fn+0xd2/0x540 [ 85.908031][ C1] ? __run_timers+0x800/0x800 [ 85.912752][ C1] ? do_raw_spin_unlock+0x121/0x230 [ 85.918008][ C1] ? queue_work_node+0x3d0/0x3d0 [ 85.922982][ C1] __run_timers+0x56d/0x800 [ 85.927522][ C1] ? detach_timer+0x2b0/0x2b0 [ 85.932233][ C1] ? lock_chain_count+0x20/0x20 [ 85.937126][ C1] run_timer_softirq+0x67/0xf0 [ 85.941916][ C1] handle_softirqs+0x280/0x820 [ 85.946716][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 85.951519][ C1] ? do_softirq+0x1a0/0x1a0 [ 85.956058][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 85.961293][ C1] __irq_exit_rcu+0xd3/0x190 [ 85.965918][ C1] ? irq_exit_rcu+0x20/0x20 [ 85.970464][ C1] irq_exit_rcu+0x9/0x20 [ 85.974739][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 85.980410][ C1] [ 85.983363][ C1] [ 85.986329][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 85.992338][ C1] RIP: 0010:finish_task_switch+0x26a/0x8f0 [ 85.998183][ C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 00 54 31 09 e8 9b 23 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 86.017820][ C1] RSP: 0018:ffffc9000458f438 EFLAGS: 00000282 [ 86.023913][ C1] RAX: 661ab61198244d00 RBX: 0000000000000000 RCX: 661ab61198244d00 [ 86.031912][ C1] RDX: dffffc0000000000 RSI: ffffffff8acac960 RDI: ffffffff8b1c85a0 [ 86.039923][ C1] RBP: ffffc9000458f490 R08: ffffffff911c150f R09: 1ffffffff22382a1 [ 86.047949][ C1] R10: dffffc0000000000 R11: fffffbfff22382a2 R12: ffff888018bd8000 [ 86.055952][ C1] R13: dffffc0000000000 R14: ffff8880238dda00 R15: ffff8880b8f3cac8 [ 86.063965][ C1] ? finish_task_switch+0x265/0x8f0 [ 86.069300][ C1] __schedule+0x155b/0x45a0 [ 86.073881][ C1] ? asan.module_dtor+0x20/0x20 [ 86.078879][ C1] ? mark_lock+0x94/0x320 [ 86.083251][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.089266][ C1] ? preempt_schedule+0xc0/0xd0 [ 86.094176][ C1] preempt_schedule_common+0x82/0xc0 [ 86.099517][ C1] preempt_schedule+0xc0/0xd0 [ 86.104242][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 86.109919][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 86.115177][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 86.120849][ C1] preempt_schedule_thunk+0x1a/0x30 [ 86.126089][ C1] _raw_spin_unlock_irq+0x40/0x50 [ 86.131147][ C1] flush_workqueue_prep_pwqs+0x298/0x480 [ 86.136820][ C1] __flush_workqueue+0x492/0x13d0 [ 86.141879][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 86.146935][ C1] ? __mutex_lock+0x333/0xcc0 [ 86.151656][ C1] ? __flush_work+0x118/0xaa0 [ 86.156368][ C1] ? rcu_work_rcufn+0x120/0x120 [ 86.161247][ C1] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 86.166930][ C1] ? led_trigger_event+0x4b/0x210 [ 86.171990][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 86.177070][ C1] drain_workqueue+0xd3/0x380 [ 86.181792][ C1] hci_dev_close_sync+0x4b9/0xfa0 [ 86.186875][ C1] ? hci_unregister_dev+0x212/0x500 [ 86.192124][ C1] ? hci_dev_open_sync+0x2ad0/0x2ad0 [ 86.197475][ C1] ? up_write+0x1c3/0x410 [ 86.201872][ C1] hci_unregister_dev+0x21a/0x500 [ 86.206953][ C1] vhci_release+0x155/0x1a0 [ 86.211498][ C1] ? vhci_open+0x360/0x360 [ 86.215975][ C1] __fput+0x234/0x970 [ 86.220011][ C1] task_work_run+0x1d4/0x260 [ 86.224661][ C1] ? task_work_cancel+0x220/0x220 [ 86.229735][ C1] ? do_exit+0x955/0x2460 [ 86.234155][ C1] ? kmem_cache_free+0xf8/0x270 [ 86.239068][ C1] do_exit+0x95a/0x2460 [ 86.243298][ C1] ? put_task_struct+0xc0/0xc0 [ 86.248122][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.254156][ C1] ? lock_chain_count+0x20/0x20 [ 86.259052][ C1] ? _raw_spin_lock_irq+0xbb/0xf0 [ 86.264119][ C1] ? _raw_spin_lock_irqsave+0x100/0x100 [ 86.269700][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.275773][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 86.281014][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 86.286254][ C1] do_group_exit+0x21b/0x2d0 [ 86.290905][ C1] __x64_sys_exit_group+0x3f/0x40 [ 86.295972][ C1] do_syscall_64+0x55/0xa0 [ 86.300508][ C1] ? clear_bhb_loop+0x40/0x90 [ 86.305217][ C1] ? clear_bhb_loop+0x40/0x90 [ 86.309944][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 86.315875][ C1] RIP: 0033:0x7ff59e59c799 [ 86.320332][ C1] Code: Unable to access opcode bytes at 0x7ff59e59c76f. [ 86.327373][ C1] RSP: 002b:00007ffd2d472d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.335828][ C1] RAX: ffffffffffffffda RBX: 00007ff59e632002 RCX: 00007ff59e59c799 [ 86.343828][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 86.351869][ C1] RBP: 0000000000000016 R08: 0000000000000000 R09: 00007ff59e631f90 [ 86.359887][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2d474010 [ 86.367893][ C1] R13: 00007ff59e631f90 R14: 0000555585d024e8 R15: 00007ffd2d4761d0 [ 86.375921][ C1] [ 86.378973][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 86.386272][ C1] CPU: 1 PID: 5770 Comm: syz-executor Not tainted syzkaller #0 [ 86.393842][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 86.403928][ C1] Call Trace: [ 86.407247][ C1] [ 86.410115][ C1] dump_stack_lvl+0x18c/0x250 [ 86.414842][ C1] ? show_regs_print_info+0x20/0x20 [ 86.420101][ C1] ? load_image+0x400/0x400 [ 86.424647][ C1] panic+0x2dc/0x730 [ 86.428581][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 86.433162][ C1] __warn+0x2e0/0x470 [ 86.437173][ C1] ? __queue_work+0xd49/0x1020 [ 86.441968][ C1] ? __queue_work+0xd49/0x1020 [ 86.446761][ C1] report_bug+0x2be/0x4f0 [ 86.451117][ C1] ? __queue_work+0xd49/0x1020 [ 86.455905][ C1] ? __queue_work+0xd49/0x1020 [ 86.460690][ C1] ? __queue_work+0xd4b/0x1020 [ 86.465526][ C1] handle_bug+0xcf/0x120 [ 86.469936][ C1] exc_invalid_op+0x1a/0x50 [ 86.474496][ C1] asm_exc_invalid_op+0x1a/0x20 [ 86.479415][ C1] RIP: 0010:__queue_work+0xd49/0x1020 [ 86.484827][ C1] Code: 4c 89 f7 48 89 de 89 e9 e8 c4 e6 00 00 48 8b 5c 24 10 e9 10 ff ff ff e8 a5 ab 2f 00 eb 0c e8 9e ab 2f 00 eb 05 e8 97 ab 2f 00 <0f> 0b 48 83 c4 78 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 81 ab 2f 00 [ 86.504463][ C1] RSP: 0018:ffffc900001f0b10 EFLAGS: 00010046 [ 86.510566][ C1] RAX: ffffffff815770bb RBX: 0000000000000100 RCX: ffff888018bd8000 [ 86.518577][ C1] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 86.526589][ C1] RBP: ffff8880311215c0 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd [ 86.534594][ C1] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: 0000000000000008 [ 86.542607][ C1] R13: dffffc0000000000 R14: ffff88802fc8c9c0 R15: ffff888031121400 [ 86.550645][ C1] ? __queue_work+0xd3b/0x1020 [ 86.555480][ C1] call_timer_fn+0x189/0x540 [ 86.560109][ C1] ? queue_work_node+0x3d0/0x3d0 [ 86.565080][ C1] ? call_timer_fn+0xd2/0x540 [ 86.569804][ C1] ? __run_timers+0x800/0x800 [ 86.574794][ C1] ? do_raw_spin_unlock+0x121/0x230 [ 86.580027][ C1] ? queue_work_node+0x3d0/0x3d0 [ 86.584989][ C1] __run_timers+0x56d/0x800 [ 86.589538][ C1] ? detach_timer+0x2b0/0x2b0 [ 86.594271][ C1] ? lock_chain_count+0x20/0x20 [ 86.599180][ C1] run_timer_softirq+0x67/0xf0 [ 86.603986][ C1] handle_softirqs+0x280/0x820 [ 86.608794][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 86.613609][ C1] ? do_softirq+0x1a0/0x1a0 [ 86.618151][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 86.623384][ C1] __irq_exit_rcu+0xd3/0x190 [ 86.628033][ C1] ? irq_exit_rcu+0x20/0x20 [ 86.632580][ C1] irq_exit_rcu+0x9/0x20 [ 86.636876][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 86.642545][ C1] [ 86.645498][ C1] [ 86.648470][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 86.654492][ C1] RIP: 0010:finish_task_switch+0x26a/0x8f0 [ 86.660369][ C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 00 54 31 09 e8 9b 23 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 86.680003][ C1] RSP: 0018:ffffc9000458f438 EFLAGS: 00000282 [ 86.686103][ C1] RAX: 661ab61198244d00 RBX: 0000000000000000 RCX: 661ab61198244d00 [ 86.694112][ C1] RDX: dffffc0000000000 RSI: ffffffff8acac960 RDI: ffffffff8b1c85a0 [ 86.702114][ C1] RBP: ffffc9000458f490 R08: ffffffff911c150f R09: 1ffffffff22382a1 [ 86.710136][ C1] R10: dffffc0000000000 R11: fffffbfff22382a2 R12: ffff888018bd8000 [ 86.718169][ C1] R13: dffffc0000000000 R14: ffff8880238dda00 R15: ffff8880b8f3cac8 [ 86.726209][ C1] ? finish_task_switch+0x265/0x8f0 [ 86.731450][ C1] __schedule+0x155b/0x45a0 [ 86.736034][ C1] ? asan.module_dtor+0x20/0x20 [ 86.740932][ C1] ? mark_lock+0x94/0x320 [ 86.745306][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.751468][ C1] ? preempt_schedule+0xc0/0xd0 [ 86.756363][ C1] preempt_schedule_common+0x82/0xc0 [ 86.761693][ C1] preempt_schedule+0xc0/0xd0 [ 86.766415][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 86.772113][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 86.773854][ T51] Bluetooth: hci0: command tx timeout [ 86.782899][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 86.788580][ C1] preempt_schedule_thunk+0x1a/0x30 [ 86.793856][ C1] _raw_spin_unlock_irq+0x40/0x50 [ 86.798923][ C1] flush_workqueue_prep_pwqs+0x298/0x480 [ 86.804597][ C1] __flush_workqueue+0x492/0x13d0 [ 86.809662][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 86.814751][ C1] ? __mutex_lock+0x333/0xcc0 [ 86.819477][ C1] ? __flush_work+0x118/0xaa0 [ 86.824196][ C1] ? rcu_work_rcufn+0x120/0x120 [ 86.829087][ C1] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 86.834790][ C1] ? led_trigger_event+0x4b/0x210 [ 86.839860][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 86.844927][ C1] drain_workqueue+0xd3/0x380 [ 86.849648][ C1] hci_dev_close_sync+0x4b9/0xfa0 [ 86.854717][ C1] ? hci_unregister_dev+0x212/0x500 [ 86.859957][ C1] ? hci_dev_open_sync+0x2ad0/0x2ad0 [ 86.865299][ C1] ? up_write+0x1c3/0x410 [ 86.869672][ C1] hci_unregister_dev+0x21a/0x500 [ 86.874761][ C1] vhci_release+0x155/0x1a0 [ 86.879309][ C1] ? vhci_open+0x360/0x360 [ 86.883760][ C1] __fput+0x234/0x970 [ 86.887794][ C1] task_work_run+0x1d4/0x260 [ 86.892419][ C1] ? task_work_cancel+0x220/0x220 [ 86.897478][ C1] ? do_exit+0x955/0x2460 [ 86.901850][ C1] ? kmem_cache_free+0xf8/0x270 [ 86.906740][ C1] do_exit+0x95a/0x2460 [ 86.910950][ C1] ? put_task_struct+0xc0/0xc0 [ 86.915748][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.921756][ C1] ? lock_chain_count+0x20/0x20 [ 86.926662][ C1] ? _raw_spin_lock_irq+0xbb/0xf0 [ 86.931720][ C1] ? _raw_spin_lock_irqsave+0x100/0x100 [ 86.937309][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 86.943325][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 86.948560][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 86.953790][ C1] do_group_exit+0x21b/0x2d0 [ 86.958444][ C1] __x64_sys_exit_group+0x3f/0x40 [ 86.963520][ C1] do_syscall_64+0x55/0xa0 [ 86.967970][ C1] ? clear_bhb_loop+0x40/0x90 [ 86.972677][ C1] ? clear_bhb_loop+0x40/0x90 [ 86.977409][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 86.983335][ C1] RIP: 0033:0x7ff59e59c799 [ 86.987768][ C1] Code: Unable to access opcode bytes at 0x7ff59e59c76f. [ 86.994818][ C1] RSP: 002b:00007ffd2d472d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.003257][ C1] RAX: ffffffffffffffda RBX: 00007ff59e632002 RCX: 00007ff59e59c799 [ 87.011249][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 87.019244][ C1] RBP: 0000000000000016 R08: 0000000000000000 R09: 00007ff59e631f90 [ 87.027240][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2d474010 [ 87.033273][ T5853] sched: RT throttling activated [ 87.040172][ C1] R13: 00007ff59e631f90 R14: 0000555585d024e8 R15: 00007ffd2d4761d0 [ 87.048183][ C1] [ 87.051792][ C1] Kernel Offset: disabled [ 87.056178][ C1] Rebooting in 86400 seconds..