last executing test programs: 10m49.275650561s ago: executing program 4 (id=439): pipe(&(0x7f0000000040)={0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) close(0x3) socket(0x1d, 0x2, 0x6) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 10m48.764596951s ago: executing program 4 (id=443): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000000)={@private1, r2}, 0x14) 10m48.646120473s ago: executing program 4 (id=445): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x4b564d07}]}) 10m48.164962803s ago: executing program 4 (id=452): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x20) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) renameat2(r0, &(0x7f0000000100)='./file0\x00', r0, &(0x7f00000001c0)='./file2\x00', 0x0) 10m48.009150638s ago: executing program 4 (id=453): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x400c4808, 0x0) 10m46.601687203s ago: executing program 4 (id=469): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0x100000, 0x21d000}) 10m45.947482106s ago: executing program 32 (id=469): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0x100000, 0x21d000}) 8m55.55993958s ago: executing program 5 (id=1620): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x8e, &(0x7f0000000680)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x58, 0x6, 0x1, @local, @local, {[], {{0x4e21, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, {[@mptcp=@syn={0x1e, 0xc, 0x9, 0x1, 0x9, 0xec9d, 0x40}, @timestamp={0x8, 0xa, 0xffffffff, 0x6}, @exp_fastopen={0xfe, 0xb, 0xf989, "c2625bd749fa80"}, @md5sig={0x13, 0x12, "8c04ed7f1e29da89aac229cfa56f3c15"}, @mss={0x2, 0x4, 0x200}, @timestamp={0x8, 0xa, 0x1000, 0x206}]}}}}}}}}, 0x0) 8m55.480290726s ago: executing program 3 (id=1622): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001e01000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) r1 = syz_clone(0x20202100, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = getpid() kcmp(r1, r2, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) 8m55.456541922s ago: executing program 5 (id=1623): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa30", 0x7}], 0x1}, 0x0) close(0x3) 8m55.295918691s ago: executing program 5 (id=1625): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 8m55.204340183s ago: executing program 3 (id=1626): sched_setaffinity(0x0, 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, 0x0, 0x0) rt_sigqueueinfo(0x0, 0x15, &(0x7f00000004c0)={0x7, 0x81c, 0x22}) 8m55.005782475s ago: executing program 5 (id=1629): r0 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0xeef, 0x72c4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x60, 0x2, [{{0x9, 0x4, 0x0, 0x0, 0x7, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x36, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xc, 0x2, 0xe}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x81, 0x8, 0x80}}]}}}]}}]}}, 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x5, {0x5, 0x0, "d29dc0"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_disconnect(r0) 8m53.768233536s ago: executing program 3 (id=1640): write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000500)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x3, 0xfffffffffffffffb, 0x432c, 0x7, 0x8, {0xffffffffffffffdf, 0x8, 0x20ff, 0x2, 0xf7c, 0x800000000000d615, 0x80003fa, 0x7fffffff, 0x9, 0x1000, 0x8, 0x0, 0x0, 0x2, 0x1c}}, {0x0, 0x1f}}}, 0xa0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) 8m52.79924524s ago: executing program 3 (id=1650): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000098c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000240)=""/28, 0x1c}, {&(0x7f0000000700)=""/216, 0xd8}], 0x2}, 0x80000003}], 0x1, 0x40000121, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40)=@newqdisc={0x24, 0x24, 0x0, 0x3}, 0x24}}, 0x0) 8m52.789363519s ago: executing program 1 (id=1651): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x66020000) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262) 8m52.566909202s ago: executing program 1 (id=1653): sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@zcopy_cookie={0x18, 0x114, 0xc, 0x5}, @mask_fadd={0x58, 0x114, 0x8, {{0x7, 0x9}, 0x0, 0x0, 0x80000007fff, 0x9, 0x401, 0x6, 0x4c, 0x5}}], 0x70}, 0x24044094) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000327bd7000fedbdf251300000008000100706369303a30303a31302e3000000000080003000000000008000b00d0090000060011000700000008000100706369001100020030082e303a30303a31302e3000000000080003"], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x48050) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4) 8m52.465795466s ago: executing program 1 (id=1655): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x14) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000480)={{0x24, 0x0, 0xfffc, 0x805}, 'syz0\x00', 0x40}) ioctl$UI_DEV_CREATE(r0, 0x5501) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x54, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x4}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x3ff, @local, 0x3}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x20008094) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) 8m52.357560807s ago: executing program 1 (id=1656): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x4) ioprio_set$pid(0x1, 0x0, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 8m52.165709924s ago: executing program 1 (id=1658): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) setitimer(0x1, 0x0, 0x0) 8m51.819729265s ago: executing program 3 (id=1659): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, 0x0}) ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r2, r1, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, 0x0) ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, r3, 0x0}) 8m51.780700059s ago: executing program 5 (id=1660): r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf10xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x39000, 0x0) r4 = memfd_create(&(0x7f0000000080), 0x0) splice(r2, 0x0, r4, 0x0, 0x408cd, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 8m51.320113381s ago: executing program 33 (id=1661): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x39000, 0x0) r4 = memfd_create(&(0x7f0000000080), 0x0) splice(r2, 0x0, r4, 0x0, 0x408cd, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 8m50.835879861s ago: executing program 3 (id=1668): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4}) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='*'], 0x50) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 8m50.263614498s ago: executing program 34 (id=1668): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4}) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='*'], 0x50) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 8m49.834244884s ago: executing program 5 (id=1671): r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) r2 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) r3 = gettid() kcmp$KCMP_EPOLL_TFD(r0, r3, 0x7, r1, &(0x7f0000000040)={r2, r1}) 8m49.174253742s ago: executing program 35 (id=1671): r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) r2 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) r3 = gettid() kcmp$KCMP_EPOLL_TFD(r0, r3, 0x7, r1, &(0x7f0000000040)={r2, r1}) 7m23.530290555s ago: executing program 6 (id=2159): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f0000000040)=0x8) 7m23.274612236s ago: executing program 6 (id=2161): r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x2, 0x9, 0x0, 0x9, 0x2}, 0x10}}, 0x0) 7m22.649048182s ago: executing program 6 (id=2165): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) listen(r0, 0x3) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000280)={r0, r2}) 7m22.414479185s ago: executing program 6 (id=2169): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) open$dir(&(0x7f0000000200)='./file0/file0\x00', 0x100, 0x184) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2925099, 0x0) umount2(&(0x7f0000000000)='./file0/file0\x00', 0x8) 7m22.11724181s ago: executing program 6 (id=2172): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11) shutdown(r0, 0x1) syz_emit_ethernet(0x46, &(0x7f0000000380)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5, 0xe}, @val={@val={0x88a8, 0x5, 0x1, 0x2}, {0x8100, 0x4, 0x0, 0x2}}, {@ipv6={0x86dd, @udp={0x8, 0x6, "e2182a", 0x8, 0x11, 0xff, @remote, @dev={0xfe, 0x80, '\x00', 0x3f}, {[], {0x4e21, 0x4e20, 0x8}}}}}}, 0x0) close(0x3) 7m20.153526189s ago: executing program 6 (id=2188): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x3) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) dup2(r1, r0) syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ca9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 7m19.754410772s ago: executing program 36 (id=2188): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x3) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) dup2(r1, r0) syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ca9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 6m22.913353806s ago: executing program 8 (id=2514): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) symlinkat(&(0x7f0000000040)='./bus\x00', r0, &(0x7f0000000180)='./file1\x00') chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00') 6m22.484690195s ago: executing program 8 (id=2518): r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}], 0x1, 0x2000c006) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x6000, @fd=r4, 0xffffffffffffffff, &(0x7f00000006c0)=""/210, 0xd2, 0x2, 0x1}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x30) 6m17.579950142s ago: executing program 8 (id=2538): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f00000002c0)) 6m16.138688056s ago: executing program 8 (id=2542): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) 6m15.69611216s ago: executing program 8 (id=2544): socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x3}], 0x1c) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc) sendmsg$inet(r2, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080) 6m14.400036238s ago: executing program 8 (id=2550): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) bind$xdp(r0, &(0x7f0000000240)={0x2c, 0xa, 0x0, 0x9, r0}, 0x10) 6m13.950480899s ago: executing program 37 (id=2550): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) bind$xdp(r0, &(0x7f0000000240)={0x2c, 0xa, 0x0, 0x9, r0}, 0x10) 6m5.052170628s ago: executing program 9 (id=2598): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e22, 0xc, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000380)=0x10, 0x1c) sendmsg$AUDIT_DEL_RULE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[], 0x420}, 0x1, 0x0, 0x0, 0x4810}, 0x400c890) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x2004c0d1}, 0x800e805) read$FUSE(r1, &(0x7f00000036c0)={0x2020}, 0x2020) shutdown(r1, 0x1) 6m4.741367974s ago: executing program 9 (id=2600): msgsnd(0x0, &(0x7f0000000280)=ANY=[], 0x39, 0x0) msgrcv(0x0, 0x0, 0x0, 0x84b339ef0844dc2f, 0x800) r0 = socket(0x10, 0x803, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000002, 0x2010, r0, 0xb9fe8000) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp384\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) mlockall(0x7) 6m4.409203463s ago: executing program 9 (id=2602): pipe(&(0x7f00000045c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, 0x0) vmsplice(r1, &(0x7f0000000480)=[{&(0x7f0000000180)="be6a10e089eb174de7f64846e23901f798ded00c43fc47dc923c23b6a9a2e5733bedd66a130ffe34dd5237fadaaac29052557829803f594af3", 0x39}], 0x1, 0x2) r2 = socket$inet(0x2, 0x3, 0x7f) bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x9, 0xffffffff90acedc6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x8000, 0x0) 6m4.193953649s ago: executing program 9 (id=2603): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x9, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x6, 0x9, 0x8000000000000000, 0xf4a, 0x0, 0xbdb], 0xffff1001, 0x4000}) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6m2.841504351s ago: executing program 9 (id=2607): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c39cc, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, r0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x280c40, 0x0) 6m2.553031909s ago: executing program 9 (id=2609): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000340)={{}, {0x1, 0x2}, [], {}, [{0x8, 0x3}], {0x10, 0x5}, {0x20, 0x5}}, 0x2c, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x240, 0x40}, 0x18) 5m47.380776257s ago: executing program 38 (id=2609): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000340)={{}, {0x1, 0x2}, [], {}, [{0x8, 0x3}], {0x10, 0x5}, {0x20, 0x5}}, 0x2c, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x240, 0x40}, 0x18) 1m47.871516786s ago: executing program 0 (id=3202): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x1, 0x100010, r1, 0x883df000) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78) 1m45.789145514s ago: executing program 0 (id=3205): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) socket$netlink(0x10, 0x3, 0x8000000004) epoll_create1(0x0) socket$can_raw(0x1d, 0x3, 0x1) socket$inet_sctp(0x2, 0x5, 0x84) prlimit64(0x0, 0xa, &(0x7f0000000140)={0x8, 0x3}, 0x0) r0 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1m39.759363166s ago: executing program 0 (id=3211): msgget$private(0x0, 0x3ac) socket(0x2, 0x80805, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) msgctl$MSG_STAT_ANY(0x0, 0xd, 0x0) epoll_create1(0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x4e20, 0x3, 'wlc\x00', 0x1, 0x2, 0x6a}, 0x2c) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe8) r2 = syz_usb_connect$lan78xx(0x2, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) syz_usb_control_io(r2, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002840)=@newlink={0x3c, 0x10, 0x409, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x0, 0x10000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x5, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000580)={{0x84, @broadcast, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7b}, {@private=0xa010102, 0x4e22, 0x2, 0xc8, 0x80012d58, 0x12d5c}}, 0x44) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) 1m35.811086867s ago: executing program 0 (id=3216): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x2, 0x0, 0x1, 0x0, {0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r5) sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000cbd70100400000005000000080009000200000008000c00a80a000008000b0002000000060001"], 0x44}, 0x1, 0x0, 0x0, 0x40811}, 0x20) 1m33.848334184s ago: executing program 0 (id=3219): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffe) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) msgctl$IPC_RMID(0x0, 0x0) 1m32.421983356s ago: executing program 0 (id=3220): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r1) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000000c0)) socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000500)={'syzkaller0\x00', @link_local}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 1m17.251030798s ago: executing program 39 (id=3220): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r1) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000000c0)) socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000500)={'syzkaller0\x00', @link_local}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 31.869761259s ago: executing program 2 (id=3291): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x1, 0x0) fchdir(r4) socket(0x840000000002, 0x3, 0xff) r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r5, 0x8800000) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) sendfile(r6, r5, 0x0, 0x558410e9) 28.626441741s ago: executing program 2 (id=3293): open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_open_procfs(0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x84, @local, 0x4}, {0xa, 0x0, 0x3, @mcast1}, 0x0, {[0x2, 0x8, 0xa, 0x0, 0x0, 0x0, 0x7ff, 0x4]}}, 0x5c) 22.62311945s ago: executing program 7 (id=3298): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000780)="ba862aa6c8bdf692bdad404de8fab32e1660ab06c76c17e9ac979ab9cd5c777c28135f3ce81d3196c757c65f09300c0772f7c4eb020499281c123e74bb2b364b0989dd5b640be7d8f253737b65a30dbd62d94e74088ae0da5f7a5b2b728bd9b433c40eb266b9bd8b84ac2e5edc5bd1027cb693182c22a7cba6ca7e5c9fb4a6db2bfde03662125bb0429063fade41fbcd0e2884510c3d26b4922cef8e86a4a7eec9bfa3c57c8d15d110c4a1572a049a235642da50419e965d66a2742f07c19ae0b64be8dbfa54b30d4e9b366e8352d3b3e2cba04509f6e4fff2eb67c09f4868454e2f3129bfcb85452ced6b37e6233e9280b6908067ac9676192e747200f14eb4a4a33ba1bf6a522e258e14377a61f4575583de7045965dde125a42e904f7e82d797ae728d629b39a65c3e4d453cd1c416c45b19b3abc7f24a2a714be3e9e0f48e952584015d47926d8034321815b6b5676873fda08c8d9f6ec02f973cbb708614b87092ef8587d5be220ce4a0e410d7cdbd77b8c69be8b36116d089e67b94748fd1444459d6653ef4218fc4e79261f8fc163eddfac46e4d83e16065ce5287d0493a374d3a08023ba7b40bf343dab810efee1a05446f3c037fd0e9cab885cfdcc195ec894f14d4cb05336175a13dc7a3f216a7b92b47f9c835a867b5dec2b9ce89ed849506aadda6684c8de8a4122561532d5b627211ca9329dbaacf507c56d6cf74da22f1f806f7bbb4f27509067bb66422600935cf81f5a58a5659826920cc7b505f45e4035ae33ae3f2b328e71f304e17f8875a4133a0bc8a2cab4782d895d2438f975669d00acdbe36eb526d6aef02b0e6cb1405507b9ecd4c08df8750626dda02d0798ff5a96a32c50e26e7ee51fc1f68ed09b0f4129f37dda9ca785bd35903b1364aa9a55528ed7cd11cf74c0ba3fc200474a368e6f02808db879af7129199ebe51ea931fd62bb2916cfff3e5dfdee2177c5d815a8235d66b31bf165fb4d20c94060d037f45e42c6c79075a5f7a82ac76f4b79918f37bd193b60fb9b8a53d01a1dda50f30de14be805a9ee8f9aa10232a558e91616c937356642ee81120d4d59a33b436edb9f63f12d6f9a2e9c4afd29ee4cdb6ddd61e2f7e2e122b4872b12a02fae810066df68e14e9eaf945ee92554bfe552535a01f15ffcb7af7b6423313a947412a5967f834dab0d7b6c00a14b5b86122fd141adb4f556ea6748b529466af2b1c93842c48000c3befeccc5caabc11739ef5dd6df0e51654da56ab5e99a91f64f94fa9a7edd8522d69c4c6297b41d74e212abff7faa2950bb0debcaa0c9702151bc35d677345a20e13e506e7b05878c71ac3890bd925255c2308543067e7110fd5dadd3da304207972cd933a8b4e99fdc5983990b3edcbd4324fa25d8fc7f2135a0a895b0c77200cdc2f4979092be14d2489e86ff41a1a66821bed8d4d85f6cbd5b14bdcad53a7930faff60f02742ae027756eebc893eb9a33f76f0222786790311966300d358a920b8c6b69dd2cbdb67a849361f471eb001586e1e4c7dba6b6ab2f8cb968fd9f40edd10ce817e93acb64ea5df622a529e1764423b858b7e4d8e19178cf6903a0e6d662dbcd7894fa0c243beedcd1ae9932cdfbb482629f1a51a94c298bac1c18a4c5ce5b8dde221ec478345a714ab78cca5bf321eb6174b63deb22d69ada6858bce15ecfe8b97949426b237d493c34d39a84190ce488de6010c675592c382a0893da08271627f6b8ac1e1604d0bb7da0c7ff300223769fb243981aebc86880fe9a48f309e21f8f0f3d4ae9798bdb992f99bc4e596318c77dcbe04360142186861a5a67fbcb706402534c303481b2188466aa6f64c91b967b37e4a6ba5318340cf2f59371f2af996c1e294a0de102a0ec9a4cc432a86b7e0a62c6ab62a71f74cb8ae90e31f207f23134470c9b202cbe62cd28fff1e1beb21dee0252a35336347c23846009d38af69bb28ebf6896fee832b2111ed48cf87a8fe21c2aa8e46be597842b13ea46d8ae9d6f76deed48a0abe8929c7c108ea088695fefd19b53a6246863811bfd36a11ad5d83a003cb2ea30d7fe316db0634f68a465d5ef4fc54a486fc2875176b7a09951fe06a4e24a124e7ee2ea8667c1bf475bb1fbc8bef1a80dab098bc65a7e654dedd46d5712e56afe8baf78059d167a22a52b00a850edd07da8427fc23509bb908f978f694f3a3947e2a922ae9863b28174d72e296ed885d392f7343daaf017b59341d01e376d40e3093f4197f001baa2adc728b2a5195923acc8c9963d3bd34dcb2fecae1a57c239db4da6d69c7f78fdbd06e692e84973d452727d1f0ef356e8934464703d6be721cfb01af3632b4bf186ccccf5f075cc897a3d3f7c88b1b9b5310a66b08b9d5656e6ad0b0df8b2227e64489e0297554640ecd663a8652878da53cd494cc8bdf9cf06dfa8a5d355ed86f2b76ab3cfa6b58a16ae600c3b29f74975c9a0c3cc2173e47a3dbd3bd3d856baeafa4b2f308f672af344b0451446e3de0bd3e6563908a935d706fdadb2bcf21c8bd9f644f2ed4ec3ba6d0d47ee568fc364104e7df18c21a4182c5c8ba7bde81ca1560de996876441dbbdb24ac5c0596a2e92ee33fa2955259a922837612090c9f82c5cbbe69fee3f7d52324a7a1090c9dff7b1a23d80b288bd691623f955035018ab734dc23cdd485435b5a2a20ce47a510a371b149b62f73bfce1e2e82989d22078ea1fc355a0f413c4438ce513c4b810b016d9d6f316b823c6027124f42fc318f7b5c858ab1121e0d0bc3d00ffa453b3ab553a22c414a80e15d5558a23db95c9561feda0fff275f28b3fb1795e4c88388077d249ce8ee73d27cd359833a4872b92f349a837070b68a651a782ab86f42a61d93878d13b4fbd8fc1c1d4b4cf4d3dfaa582aadf2d12995921fae353d6c8f5c5d933f7dc1d25c1ebdbbeaa3dbf34283a009d433cd49066a07ed34247563a1aa8faf034a9d5e324c544190b8507b41c2a5aac25a237002f265883b5c76d7d9e66836ea1519e7aeef557d061f53236f4e09f028f0efe5acb3c2c4c2cb5e692e8a815c288fb83c0f276e34e05558e58517f33a5f3996ef4ef6f3a8bd300de1d13f196218c0439a933555c338d9fb572803862bbf33016c381ed5d3fadf841fbf304a6d0201ae5ec6f87a658bc78fd625a993e3e839698671a8b34e348e00c6ed92dc75d598721c1250c7ea2ddc550d35505756748165709257da356e751e9d59291427fe6fe8dedb873b44959a42aeb3dc864708ebe112726203826e94c8f221b86476e40a3af34f142fef550d0dac9805f79a9d9ac6733d422f716e7a28635fdc9feccbeb6204fce24dc52ab9902413566d82b7f9bd4c827d40b5860ee631388038094b5ced80e062cd40b3fa7e3f95794ab755bef1459e7fc3d4627f0b89747425e918fb0b2178727c8d30a14d188e8f692ac49ed3d5e7ea4c1a90e5fc0bceb40b32dcf48be098718a69bab63c9d7496fad7dc17b43b6fb66a0d6431e68956a32dba03ca5b8d32c98105695b0485aa66651680cfe62392125294965a1f34e6c91b552d9e58ed363fb6e1d0dd2b22ce7c34c8ab3f97c3486699864b5a27e60836bdf4c5a5ece7bd027eec84a171502cd475a9a2af8206ebd74b0b449fef7dd9692038734a3671f3cfb76c24ac4e158793b74e76e3219a2bf31f377539d59134af732c3776894a55ba1588f4a8c2ab1c7f012a704c5c189f51fcc5efe328d2ca20e9f50fcbbeb9158e895e00d2f3ca10e2e852b74e2e171682827b75e1670d9bf31c7a2527915d644c2bae883e625e1d247e0a1ce634119b706fa0b1a604eec30e3e6c6551fd06124c3becc2f1614dce646ecd8d00649ed2fe09b5b6319e0683ecddd4ecf5ff531ac533701cb76545d7609346aae3b00830f58e43d0b7c433103bc29da648fbf54b005732e9ef3f945cea037a8eb47da7d439e87411decefc61d7de5d98feca3b08ae29c26036b14fe99e627d27c712150692d679cc08c12080673187ab40fe490f564cc6d2d46605277d4d0871dcc0a82ab71dfbea35633ba864098cd6f8ff43faf3dd4d13ca371ae18c05e7bd9cf71ba22fff73fe13462bc430970f9a592b379fda9682603281ecbf4077e2d0f0de212b2900f7f2c9c525728559cc5cf2416d3b3661d788839dff03838daa14fb9ade9f93cd9a28b091c22aad0149f57efb30f3d9458a6a41ca28352080e666229e7f836301c1ebb922a9de067dba1a6a915501a03ebda03471238fcea43393de3b8dc2de99a5ef1840d9ba0d49bc31b605288abd82bee52dd042b27956872c7a1ed3df971af828e5eb0e58581cd07f1aa506195ea3932a4e7c43935cbfba655d2a39f162ab9e0446c017e317486647835444ee87983fc4c09e6b96f58dc2479174806b51ead320e2094cde32d27aa6daba06e7e1a8eed9055831a7ed3cb4cc7ebc37aa848a28a73ba04f51af70cb9d9a84a41e211c74256f6362f049ea49af1c60171eeae5eb224fb06b45df88eb2d1772d1e0d285359430ef5cb929c3d0bf8e8c6d504a7de7016e14c29e86bfb510ae45e088a51cc232eb5bbe313bd7819651978a82f09f256d932494592f2590a214ebb40e0cc10294ef73338cb65925084881a7d7842bb4af17420d169c48c95b352bafd9fe8d11d451666dfe380766a275c7a0a8ea6e3464fa1ca350e0e5bbe9297031101b73dde99a23b962c72599e0d3a98804230459d4c854f03071319ca054a044ff34d2b845798c9788865df359f79b954a6cdb68f788f3ae975993240b4386cf90c294d4c250866626d1bd513f24729e40c055bacd9801ba19863ad5a396b9b4e5c456ea5f688b99ddb42ca892bfbf8b36f49ad88ce68ff3ca31c1859aad656f6d6bb1b8bf8854d7e892e7fab7fdbf9d88fede6f6b076c97c0b2b6aac9aec287513d8781a14879065ea47e6d4217b9e80088291ad579172ffec83b61dab199375529830f57ff7fd3e4c101f681803606dd1f04b3cc6a04e5c8e682b62749a5bcee395ba4483d06459094366dc4f603cb439788b5c26613911b0f81fce59da6cb79ee64c8863f2251d3e1c74bee8798f3a411dd6f971c33f1bfe07130047238ab2842d0b49e45ebe4ced4a4d57aebe2732388dac1d0964346a4d2428fa95f101642cd2bc096d7dbb627fdd0cf9e2a175656abbabdcaad5eeebe33b22c7bd43a9bfce463800939dba516c930a022cdc0ab2781526b212f707ea1162a642bf6f49e12df346fa91b4216f957f419271f2dd0c1584ed2aac8c5231abb0d9ec57204a77f21eda774c3390474fd67831985e66d0bdb563ecd5187caa5df700c07d6cbd8091d0c4e7a48ec0769d911ea8e4ac8a8123b04a54f185ac5b36dac3f1df45226e9524498f4abb6ce1f8cb73234b3b705f75c106d025d0fa4cc4059570c0ad69c705069cb911e2444cce281185e7d1839bc1903d26baac37b70f9727960ca3ba7006524724f0a5fc0b819157988862a003f44077fcbd043027117ae000aa69bbc61a09aaf133704417eac38e505710fc8f0a10190caa37b2c970db9c9e91e6b3771ca89a447ee66c1a5d3cd9300156c3ebf014e38486e3a0c164865e104d312bfe00a39a7d4adc708f50f09746bb78c4f0afe482bf89cc9e9708c7bff5caddece93563d0133212efc04c81c4cb348004567d4ecab3f868d528abfd31b19c34acc3162c5b59748fb658ec27802cbb75202dca3f589250a3cb6393b6eac87e3ba3603c3f3b42da3e04358ab58642ccd91eb25b7c1bfa061337780d62780d0f73b08338eedc1b58b635e593abd9b6ec5e2e714997b3f44a83e131cf8546bc9e7a47d533f186bc1db8ea83c72f003f9a6c108b60528e0dc53f018a73acf3cc32e3308498af84fbcd225e3a6b77562f60e61df53fa666d1526d81f50f0a91e72ac3c79a7657987cfecf54f1e6e59984182020f594f3a10b07be026a22713d21538c084818fb5ec8e344308e0cb2dd0cce7463638cacc0a4e27f46bdb479eb2d38bdddf1c36bedf03c452e1d7414c1a296404257a5e13f7be821fdd3fb6f48810edd3fd29cb54e5e51b3b941bcb6005e8da7e624d83cde6d517b79c8bb936a3f9b05574d201039ea47711260e3d4485bbb5b47b9e52969e7cf2d6fb0e663a2dd62175010d036f4672e965b874f8594106b76446e399bdbb234d46092dc946b5723aadfc0410e7e57820bfa7fc2ed2e2b6928fc6a857d467742c914205e8a20e085bcdaa6afaae2d9c93120f956e7d03e07a342a6469f80a9cbc86f233f01e817ddc9ad23fcdb5f78b497b9501e208f79b9ad5e892ab37e5329368663880d7ba627d2912747dc1791b004c983fb7a09c583f38ffd8890f81ccd136c4108ecb287758a3b7e6d379ef4142796318043c9423d344de801dd789727ef0f9ff811b252884ab75fff4025be62553b5b0fd59f4ad7d2c92fe78039d541f2741ec71ac64d8fb9a6e7c873b92949c10bc9b952d925b860f60632a3d0c3b7e6081a28a2c91239a7457d1cb53d9cfabeedbc32aa2fd65e676dcd5f9ae9eccf03bf078580373144183a5a9b94f54f41ea2d4db95cc027cc43d7a9ff99a1cefb4d6f8d35adb6ac660c8939a9c1c020b646ff9fd6e5cdedb9a36e3623cba4e8ed00a92e5ccff4e0b1b8267b9522bad85f00ad03ce19b8d4760c3bf7baafd0aafc96c889d664dd2ef40083927bb1709b0b14ba4d92894d1512385df179d6e9dcd1b18e3d30ee463ca8b47828ad0c8bc63f2b4dd7b95f1c136e93807a24d409f161951ca53c122bf40505cec33f995a77667ce0f5849295ca73a8404c53a14b2d7d64c05dcd4df7f3d7e01be22b45481d1a728081d0a52695c2f31d329388179ba8907fc042a48011e39551ba721f930c08e6037d2ee94460527cfeeb5e5c3125bdf791e92b7a2c3eb49d3a0a83aef93b9f89457cbd85dec4d92b3c1396790246cbbbb2e8e1239c5c2d2490f7b93984e8400dad52617d097108aec56e6312a98f4e26f7e50279c230040ab43f6c1732d27e4888f8b4f0e06057f527601770d5eeadc09289983a70db7e55cc7c05380752b6f6158b77048f4656f06b0810c129b265203519d8b36ad3d2eddf0d9c5bb0b20ef2abe524002d4edfeb5abec82db6568fae4e8dd8a276f9dd1cb67c56844cbd881be53ac6cb8be4a1648ef977beec83adede06903ff38bd9c04cf88286a33fc3147e8bbd8d7127ae667dea4732461153086b4896d832d9c20fd718b6a327d2cc23ec100030ce6bd45307d5297eab7bbfc1785fc8fe13cccaa09dcfe2b841b937bf953a1becbc504107ecd218bbc833b2e14a70d9683d36d7e7f1204864fa34c08d7846c3bba4955bd242ac39a89fc3bcf4928d6f52a9043184e2ce224a0afa34e3be229903250209772d813da560402d63e500e79eb212578914fc2f40cc016d9da0e4ce659623d1e55fecc15a707039f26844a392db1f652e02914c9d0e2dff965bf0bfea6a02476412402d841439db3b82007b419e1de070666efe1820516573db21da69076ec061813702c262f485451a4bb9fa3fa80e424f60aaae75af897673b73f351154bf6faf6495e124704aec08418aa1e13ba2f5e908cb0feeaa0417e5e6de88a979b2fa078965f7323dfc1dfe4fd122e00ecc314f3bdebf2621e37dd0d098f24abb075eb562f9f76b298f73b5620eeb5be9de52c60f967d3d99eadae9578b2bd1995609bb2a68d9eeb4bdc8798c710bbcc2cea0edf9de22d960421d2c757c03a8ae2bf16398a3e56c56c9be0240ea4bd7004bed27c5bc2d392a48b1bba0d9357b0fb50b4a4e53cf6528bd18cc3ef7083b69061af4db8059a8f48114d78e5c8439eb9a4184f8c27735f3106f04bc285c0d6a42f2b80911a0b14c2e53cb1d4f8947938d42f667d5fb671b2d7eac64a58166cf542d29419a93479e63f69dd1cc02fe951704f2d07ccd499bf18cc8013265d24e839d50792a40ec556f659a5a919d76df3a5891d58b967557a4f900b37105f8474b7e61dcf1bab31acfaa71aaac99e13a250510d6b7bd8750f0b17471009c8e248b444737e99d373e4dfdff62ff70130a504c4d0d31ec8e90a24613703fcdf5a3993d2261cd90acaad8a9e879bd4f779125c6861768799e9931ba6cf5638fc0635ec9b15640f5ae94165ee81e3d96ac181838cf30718450ec0b93228519167c52e7a63b92a35df425b6356f8ffa9b9d873b48b72e74201d55e9239236e105886b707d0fa742dd616ae6ce819dcf4d5e16e16073e5ae71e0dea01364a2ac01ab9f2c923f25b8a20cc4b8de536ada4ba538a4b409faac0b137180cc3b4174971263c319a64f7d7afb49325d8d87fb9c6829a295dd7dfd4e8ac780e17615ac2fab675fa0c79fedbbf7eadb701aeb1c8874c8a8dca5649f64af485fe9f63ba4ec31ef8c6475cb852d6d00d77468b3b611e13d842ab8ed290e1d721a464f8a14d0bbb5f04955081d209692b8883cf208e937a89d90c698590fce98c8d6f9c9acad4e33c2650264c68eab8217129b05f7be4ac7c2042cbb4dbc1f2e17cbc0f70989807a7ade3865bdbf2e3bb6e4fabda0eaafd26c92d0946c9202b1fe2fb1e09ba76e6c38193285515d906f6315a90e3a89b3b46ce415b39caf343b28e91f7be9964daa0409363012e79c39805bc43de8170150aa76d092e51ddab9ed750d4a6305a4bb53a98f9a44450fa496685a97c5ae82bcb5481278c6a37e0ba83709a5e3f906bb1c6aaeef2eae8ab92b5bfeb59ef3b328aa4608ad9b54d7156977e4c06c8347c8e5d22e4007e6f3034eedbbb23e937158f48f44e288cec96e8daf85ab19886064cad493e33e15537ce7a4a0d1178bbff61e921ee0ae92883b8bb94bbdf8012083270f7db8431c1a9e433a71a6638dd76348e33bca225def9c339b839b9275d2c61c194c165874ea5d2c173eb0671c93d0c6b7db7a423c5fd081da653a7ba68e390f9ef4ae35193ceb6bd6a97f2003488432ce20ab0effe6c229d01b1c9e0aed028e2e3a56b93b434a9a01074d1285be55d2d349b7c463c397ccb2e0dd545479e906d60983f0e94380ff4d04f7e6009cdff40ac803ba61aaf8c8289f3bad5e19f329c4ef5546381e54ca39d4c8e3321ff82b90504d610f8d2adc8ffeaab73a92dfbae96bc14f98198fe3bce2bf0c11cbfc8cefccca4b1b6883df8a2f205951073462aaceb26d7407fbbc1b37714781b2130aa8529121b8dce46e5dba4cf0c2e30f96e6220c9c967d53aba69468366cc9c95fdc641d1cf2646a7849761682a57d63d7bebeb0e78f5ec7009c4f39bd83a356f0c4f6652465f704a36ba1439122d2842a1bcff8aae8df1858cecc7e13a35f2bd9c6275dbdf3b205b265a0462c7e471af93522f739aa720de4b4d612cad8d2bf16bad98812d8696b065af800d692f029241b48f776e2af8a8cb76091c7f436d68bd77a7615f3ab31a0b13d90af547cc4f9369019515ad11e1e7136d9b5511276d74f887c047a63373de9a5be5f30ec240161c063250d491d8690bde6c1c88b3d469b7c50df1a520704f10745c4b0cd1f961c8a111f4abffeec2a11f4deec0dbc7c85239565db7fb032b5b11b7a4e4cce7da997714fac71f8405d135940b3eb9d55af83cd5173abd6db806700eb8e35afab7e1c6bf41005a35833fbb4b9f3fe71e32ca1378fb0edec66963758c21df87e3b94a8248a87e2dea9444cb8df5118f11638fc6e8b23145ac1a47cc47f3426762b478e6a69c8920530240c03d403d1800e350f55452946a59968507888adaeeec862c121fd0d258572351b6f2d6a73c6e10f859b33d6b33154f1e1ec38563d36657085af9f52df17185a305d93f7d8af9329d1af09482cfaee298dc4d4a2639095019631a747b4fd483526b8341d86cf074b1994d6f89505c0677e124b3ba18213501f7d4a229b515409f8fd565180c12a6e103482ba4388278b55bf52e8df37716bda79cd743039ea078ea45d9a36785ecdf6f880dcc74e784f07da83d393a676c160d3657af39f93be3f7322a78ab29f684867876ca3d52d87645505b138612cb1df0eab87bc99f79e077eea7420f3268e35c9ed676c413c63913d8bc260afd7484598f4f886b001660cb321390d86429f64ab6cde331a4eb64a9ea95167b94ebcf5e6e4a3e05741d8a20dfc3c04afb3ced7e587f401d8f11388ac920ffe9dd2a0f8207402ef1bf02160059f9782170c8cde33a35158918cb8906ccbdb02d1e4c6211b597b4601bfc44c589da7518a4b6e89b90a00a2cb5840460d5b3446bada50429077867321bd30f9361672022d699dd63560f5544c02819a9841d32679f7ba77719f53c851f95e650b10656fb676f9d7eee430bb6e238fc5edd539ce37da2f212bf5c9ea4ddf3625c9931f10da31f3224fedb7720890ab040423efc720cf198957a2475b800f3f8c3331037db4e6404744ea1b37ff5fa8b971cd3742ae9cbe0f85766f6fbcae5fbcd1f1675fb64f6b15970ca0df52406876f84166d8a9046f0b58bb62719b4e4a6af482a7c34ad5efe475a7c28046ed7931642be4ba30346bf3526d6ad2bb2d4ddc57fdaaf114d6df0f7353986db0c07cf5ef49c61dbd6e8af747fc455698b588cc7460ad6b1106e41b76349020df7a003cc4f64c9629ed1c8086b63f96250063bf7377cefb27ba6ffb86673ab7d823af2d319c43b877adef4d6598401c7c9642df3e902a82b9a3d96980b9bc5eb68b771339ad7405f4b81d3b8f26a93df3a34a4809fb5bf8c582f3b3f8149acfaaa55d4870f544a1243a41606c628908c60289985a55b4b0e18edf5e0c11f5cf731b54fedf2c003aef10c0ba04b91a552206ee4d070c03afa16c93a680523dade7fba62a40b5850dc687b04e7b12004073008feb99afcc1978114cc692c55f479f12a29f60b5cb08fffcb4fe900d646c77e4f4f81be85ce7d0be6a35d0b9d9bc0f1ece7b681a6e5ad86d2c78047bda586f26cd202718474c605cc32664163f5f954ef01765c5c856a9ddfcdaf01a14f762b81c1e3900faec49e8b4f2187ab808874889104173666cddd8b2906f994656b80983a4bcc92e6ab5047c22f0b6e0d1993536afab19a2fc677fc4e4b30c0fbe0e7ac7cfb0e10efe516341c6358fd9748633f957934e3206d325d5843b7e97cc8cebae935ee307720ac20086d161c6d51b47ad21ea3d7c3ea8ac0650ed6fda47b8d170600f448bb6b1e8e8afae35748878a1cccc1240ca4b89c09dbfac5a3c8b8d1e216fcd5fc66f4fb9a9f02c328408d11e04841f8966ece8819a9478da20ef46deaee5d074237fef3033f9e8bb4553cc20ae66b5532afb848ecdefac4029865a5edb907ccf7a14aa4372b384a55b3c98d79db5718df0f040cf582be1c687caaddfa9f4aa0d89133c99c27282c29a6bd4ebe9803a2dbb3b20a5dc076f835d6335c524d11dec748b43bce835e40807071724ff72ee72d6dbc94ffbc42f360d899721f1ab004874b4035b9b3b29533cef281eb78cc5fd7728db7df3d87c7525fe74f9e36ccf623969c133116bfb76367fe03c08d02fa2ab7f2ffa1f661f217e337b6e26ebb214b025d28205970a99be90c33fe4ba1d835a807ecf1467d65773683bc2f9d", 0x2000, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680)) r1 = eventfd2(0x1, 0x1) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001ac0)=""/191, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1}) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x0, &(0x7f0000001840)=""/242, 0xeeef0000}) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0) 22.525889186s ago: executing program 7 (id=3299): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x3}) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) 22.315301639s ago: executing program 2 (id=3300): bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x1ce) utimensat(r3, 0x0, &(0x7f0000000040)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0xd06d000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @remote}, 0x10) 21.375612873s ago: executing program 7 (id=3301): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000220000000400000002"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r5}, &(0x7f0000000200), &(0x7f0000000140)=r4}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r5, &(0x7f0000000040)}, 0x20) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0) 21.113001161s ago: executing program 2 (id=3302): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$l2tp(0x2, 0x2, 0x73) socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x1) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x1, 0x2}) syz_io_uring_setup(0x10d2, &(0x7f0000000340)={0x0, 0x664c, 0x80, 0x0, 0x3c3}, 0x0, &(0x7f0000000080)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_usbip_server_init(0x4) syz_usbip_server_init(0x1) syz_usbip_server_init(0x2) syz_usbip_server_init(0x4) syz_usbip_server_init(0x0) 20.300910473s ago: executing program 7 (id=3303): syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty}, 0x1c) r4 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r4, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0) 18.962156931s ago: executing program 7 (id=3304): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7816, 0x2, 0x0, 0x81, 0x801ff, 0x1, 0x1}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x26, 0x9200000000000000) recvfrom$unix(r1, &(0x7f0000000340)=""/244, 0xf4, 0x40, 0x0, 0x0) connect$inet(r0, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) 16.683831795s ago: executing program 2 (id=3305): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]}) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r4) socket$inet6(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 15.582302422s ago: executing program 2 (id=3306): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) r2 = openat$cgroup_ro(r1, &(0x7f00000002c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x220401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x3, 0x8000000003c) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0) socket$inet6(0x10, 0x3, 0x0) clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x1000000000000, 0x512, 0x7, 0x0, 0xfffffffffffffffd, 0xe00, 0x0, 0x80, 0xffc99a3b, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10007f, 0x0, 0x0, 0x0, 0x60d2, 0x0, 0x5, 0x1, 0x2}) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRES8=r0, @ANYRES8, @ANYRES16=r2, @ANYRES16=r4], 0x0) 15.465586691s ago: executing program 7 (id=3307): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440), 0xfd}, 0x2062) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x3}, 0x50) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x1c, 0x21, 0x9, 0x2, 0x25dfdbff, {0x2}, [@typed={0x8, 0x8, 0x0, 0x0, @fd=r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 130.833547ms ago: executing program 40 (id=3306): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) r2 = openat$cgroup_ro(r1, &(0x7f00000002c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x220401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x3, 0x8000000003c) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0) socket$inet6(0x10, 0x3, 0x0) clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x1000000000000, 0x512, 0x7, 0x0, 0xfffffffffffffffd, 0xe00, 0x0, 0x80, 0xffc99a3b, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10007f, 0x0, 0x0, 0x0, 0x60d2, 0x0, 0x5, 0x1, 0x2}) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRES8=r0, @ANYRES8, @ANYRES16=r2, @ANYRES16=r4], 0x0) 0s ago: executing program 41 (id=3307): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440), 0xfd}, 0x2062) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x3}, 0x50) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x1c, 0x21, 0x9, 0x2, 0x25dfdbff, {0x2}, [@typed={0x8, 0x8, 0x0, 0x0, @fd=r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) kernel console output (not intermixed with test programs): .0/0003:0D8C:0022.0010/input/input18 [ 327.517408][ T44] cm6533_jd 0003:0D8C:0022.0010: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.8-1/input0 [ 327.552241][ T44] usb 9-1: USB disconnect, device number 2 [ 327.818290][ T5169] udevd[5169]: worker [10685] terminated by signal 33 (Unknown signal 33) [ 327.818356][ T5169] udevd[5169]: worker [10685] failed while handling '/devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0D8C:0022.0010/hidraw/hidraw0' [ 329.035866][ T37] audit: type=1326 audit(1764320524.141:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10992 comm="syz.6.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969630f749 code=0x7ffc0000 [ 329.036009][ T37] audit: type=1326 audit(1764320524.141:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10992 comm="syz.6.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969630f749 code=0x7ffc0000 [ 329.051467][ T37] audit: type=1326 audit(1764320524.151:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10992 comm="syz.6.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f969630f749 code=0x7ffc0000 [ 329.133326][ T37] audit: type=1326 audit(1764320524.241:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10992 comm="syz.6.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969630f749 code=0x7ffc0000 [ 329.133452][ T37] audit: type=1326 audit(1764320524.241:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10992 comm="syz.6.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f969630f749 code=0x7ffc0000 [ 329.502856][T11000] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 329.504160][ T44] IPVS: starting estimator thread 0... [ 329.586537][T11006] IPVS: using max 8 ests per chain, 19200 per kthread [ 329.917359][T11019] syzkaller1: entered promiscuous mode [ 329.917385][T11019] syzkaller1: entered allmulticast mode [ 330.423113][T11029] fuse: root generation should be zero [ 330.872310][T11047] netlink: 'syz.0.1907': attribute type 30 has an invalid length. [ 331.188029][ T5809] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11 [ 331.950959][T11073] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1918'. [ 331.988771][T11073] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1918'. [ 331.988810][T11073] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1918'. [ 332.345432][T11079] netlink: 'syz.7.1921': attribute type 1 has an invalid length. [ 333.546821][T11099] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1930'. [ 336.506332][ T37] audit: type=1326 audit(1764320531.611:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.506386][ T37] audit: type=1326 audit(1764320531.611:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.525812][ T37] audit: type=1326 audit(1764320531.631:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.525863][ T37] audit: type=1326 audit(1764320531.631:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.525903][ T37] audit: type=1326 audit(1764320531.631:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.529792][ T37] audit: type=1326 audit(1764320531.641:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.605004][ T37] audit: type=1326 audit(1764320531.711:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.605064][ T37] audit: type=1326 audit(1764320531.711:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.611701][ T37] audit: type=1326 audit(1764320531.721:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.660522][ T37] audit: type=1326 audit(1764320531.741:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11164 comm="syz.2.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 336.679948][T11159] kvm: Disabled LAPIC found during irq injection [ 337.181991][T11178] loop2: detected capacity change from 0 to 7 [ 337.203785][T11178] Dev loop2: unable to read RDB block 7 [ 337.203821][T11178] loop2: unable to read partition table [ 337.204019][T11178] loop2: partition table beyond EOD, truncated [ 337.204040][T11178] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 341.217236][ T44] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 341.365773][ T44] usb 3-1: Using ep0 maxpacket: 8 [ 341.372398][ T44] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2 [ 341.372425][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.372444][ T44] usb 3-1: Product: syz [ 341.372458][ T44] usb 3-1: Manufacturer: syz [ 341.372471][ T44] usb 3-1: SerialNumber: syz [ 341.423884][ T44] usb 3-1: config 0 descriptor?? [ 341.502675][T11262] netlink: 'syz.7.1987': attribute type 12 has an invalid length. [ 341.675967][ T44] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 342.816214][ T5867] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 342.888377][T11285] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1997'. [ 342.894606][T11285] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1997'. [ 342.911906][ T44] gspca_sunplus: reg_w_riv err -71 [ 342.912009][ T44] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 342.949222][ T44] usb 3-1: USB disconnect, device number 15 [ 343.029053][ T5867] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 343.029079][ T5867] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 343.030580][ T5867] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 343.030606][ T5867] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 343.030625][ T5867] usb 9-1: SerialNumber: syz [ 343.347160][ T5867] usb 9-1: 0:2 : does not exist [ 343.421004][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2001'. [ 343.466665][ T5867] usb 9-1: USB disconnect, device number 3 [ 343.659917][T10585] udevd[10585]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 344.543913][T11328] netlink: 'syz.0.2015': attribute type 1 has an invalid length. [ 344.638701][T11328] bond0: (slave bridge2): making interface the new active one [ 344.639998][T11328] bond0: (slave bridge2): Enslaving as an active interface with an up link [ 345.675151][T11360] netlink: 27 bytes leftover after parsing attributes in process `syz.2.2028'. [ 347.702117][T11394] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2042'. [ 348.402071][T11417] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 348.432911][T11417] batman_adv: batadv0: Adding interface: ip6gretap1 [ 348.432930][T11417] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 348.432965][T11417] batman_adv: batadv0: Interface activated: ip6gretap1 [ 348.591555][T11421] netlink: 27 bytes leftover after parsing attributes in process `syz.0.2055'. [ 349.010308][T11431] netlink: 'syz.2.2058': attribute type 10 has an invalid length. [ 349.011068][T11431] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.015057][T11431] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.104886][T11431] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.105074][T11431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.123220][T11431] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.123405][T11431] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.163452][T11431] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 349.540885][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 349.540902][ T37] audit: type=1326 audit(1764320544.651:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11439 comm="syz.8.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7fc00000 [ 349.541614][ T37] audit: type=1326 audit(1764320544.651:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11439 comm="syz.8.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f7891f8f749 code=0x7fc00000 [ 349.565837][ T37] audit: type=1326 audit(1764320544.651:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11439 comm="syz.8.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7fc00000 [ 351.536791][T10771] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 351.699746][T10771] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 351.699773][T10771] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 351.701707][T10771] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 351.701734][T10771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 351.701753][T10771] usb 3-1: SerialNumber: syz [ 351.738865][T10771] usb 3-1: 0:2 : does not exist [ 351.923412][ T9] usb 3-1: USB disconnect, device number 16 [ 352.653867][T11514] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2085'. [ 354.252978][ C1] vkms_vblank_simulate: vblank timer overrun [ 354.722135][T11559] syz.6.2104 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 354.776399][T11563] syzkaller1: entered promiscuous mode [ 354.776425][T11563] syzkaller1: entered allmulticast mode [ 358.026300][T10771] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 358.289837][T10771] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 358.289865][T10771] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 358.289881][T10771] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 358.289927][T10771] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 358.447904][T10771] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 358.447933][T10771] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 358.447953][T10771] usb 7-1: Product: syz [ 358.447967][T10771] usb 7-1: Manufacturer: syz [ 358.627175][T10771] cdc_wdm 7-1:1.0: skipping garbage [ 358.627196][T10771] cdc_wdm 7-1:1.0: skipping garbage [ 358.641976][T10771] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 358.644002][T10771] cdc_wdm 7-1:1.0: Unknown control protocol [ 358.889418][ T5852] usb 7-1: USB disconnect, device number 3 [ 359.435894][ T5852] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 359.651469][ T5852] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 359.651499][ T5852] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 359.651518][ T5852] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 359.651569][ T5852] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 359.653980][ T5852] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 359.654022][ T5852] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 359.654042][ T5852] usb 7-1: Product: syz [ 359.654056][ T5852] usb 7-1: Manufacturer: syz [ 359.727791][ T5852] cdc_wdm 7-1:1.0: skipping garbage [ 359.727810][ T5852] cdc_wdm 7-1:1.0: skipping garbage [ 359.745599][ T5852] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 359.745619][ T5852] cdc_wdm 7-1:1.0: Unknown control protocol [ 359.896096][ T37] audit: type=1804 audit(1764320555.001:158): pid=11644 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.2141" name="/newroot/60/file0" dev="tmpfs" ino=337 res=1 errno=0 [ 361.635917][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.636141][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.636386][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.636404][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.636691][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.636709][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.636994][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.637012][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.637352][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.637366][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.637705][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.637723][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.638016][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.638034][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.638279][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.638298][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.638534][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.638551][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.638786][ C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71 [ 361.638805][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes [ 361.676330][T10771] usb 7-1: USB disconnect, device number 4 [ 361.676342][ C1] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 362.765020][ T37] audit: type=1326 audit(1764320557.871:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.765518][ T37] audit: type=1326 audit(1764320557.871:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.765654][ T37] audit: type=1326 audit(1764320557.871:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768718][ T37] audit: type=1326 audit(1764320557.881:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768761][ T37] audit: type=1326 audit(1764320557.881:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768798][ T37] audit: type=1326 audit(1764320557.881:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768837][ T37] audit: type=1326 audit(1764320557.881:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768877][ T37] audit: type=1326 audit(1764320557.881:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 362.768917][ T37] audit: type=1326 audit(1764320557.881:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.8.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7891f8f749 code=0x7ffc0000 [ 364.708145][ C1] vkms_vblank_simulate: vblank timer overrun [ 364.790709][T11730] loop6: detected capacity change from 0 to 7 [ 364.827626][T11730] Dev loop6: unable to read RDB block 7 [ 364.827665][T11730] loop6: AHDI p3 p4 [ 364.827692][T11730] loop6: partition table partially beyond EOD, truncated [ 364.827939][T11730] loop6: p3 start 1869967360 is beyond EOD, truncated [ 364.830714][T11734] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2178'. [ 365.400289][ C1] vkms_vblank_simulate: vblank timer overrun [ 366.981467][ T5118] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 367.015523][ T5118] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 367.031486][ T5118] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 367.035068][ T5118] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 367.048385][ T5118] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 367.534551][ T37] kauditd_printk_skb: 17 callbacks suppressed [ 367.534569][ T37] audit: type=1326 audit(1764320562.641:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.535207][ T37] audit: type=1326 audit(1764320562.641:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628073][ T37] audit: type=1326 audit(1764320562.731:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628124][ T37] audit: type=1326 audit(1764320562.731:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628163][ T37] audit: type=1326 audit(1764320562.731:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628200][ T37] audit: type=1326 audit(1764320562.741:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628239][ T37] audit: type=1326 audit(1764320562.741:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628276][ T37] audit: type=1326 audit(1764320562.741:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628315][ T37] audit: type=1326 audit(1764320562.741:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 367.628351][ T37] audit: type=1326 audit(1764320562.741:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11779 comm="syz.2.2198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 368.572589][T11772] chnl_net:caif_netlink_parms(): no params data found [ 368.790965][T11805] binder: 11803:11805 ioctl c0306201 0 returned -14 [ 369.136045][ T5809] Bluetooth: hci0: command tx timeout [ 369.229580][T11772] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.229828][T11772] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.230065][T11772] bridge_slave_0: entered allmulticast mode [ 369.241015][T11772] bridge_slave_0: entered promiscuous mode [ 369.263487][T11772] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.270186][T11772] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.270587][T11772] bridge_slave_1: entered allmulticast mode [ 369.294756][T11772] bridge_slave_1: entered promiscuous mode [ 369.570246][T11814] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2209'. [ 370.123669][T11772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.158433][T11772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 370.832227][T11830] Bluetooth: MGMT ver 1.23 [ 370.952723][T11772] team0: Port device team_slave_0 added [ 371.026689][T11772] team0: Port device team_slave_1 added [ 371.216072][ T5809] Bluetooth: hci0: command tx timeout [ 371.344092][T11838] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2219'. [ 371.474964][T11838] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2219'. [ 371.479125][T11772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 371.479141][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 371.479166][T11772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 371.480870][ T6708] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.492083][T11772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 371.492099][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 371.492124][T11772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 371.492714][ T6709] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.492756][ T6709] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.492789][ T6709] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 372.040260][T11851] netlink: 'syz.0.2224': attribute type 1 has an invalid length. [ 372.040282][T11851] netlink: 'syz.0.2224': attribute type 3 has an invalid length. [ 372.040295][T11851] netlink: 'syz.0.2224': attribute type 2 has an invalid length. [ 372.040307][T11851] netlink: 'syz.0.2224': attribute type 3 has an invalid length. [ 372.040319][T11851] netlink: 184 bytes leftover after parsing attributes in process `syz.0.2224'. [ 372.559210][T11772] hsr_slave_0: entered promiscuous mode [ 372.560477][T11772] hsr_slave_1: entered promiscuous mode [ 372.561290][T11772] debugfs: 'hsr0' already exists in 'hsr' [ 372.561312][T11772] Cannot create hsr debugfs directory [ 372.963567][T11863] block nbd1: server does not support multiple connections per device. [ 373.271665][T11863] block nbd1: shutting down sockets [ 373.306103][ T5809] Bluetooth: hci0: command tx timeout [ 375.387458][ T5809] Bluetooth: hci0: command tx timeout [ 375.427066][T11772] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 375.460546][T11772] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 375.514765][T11772] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 375.609327][T11772] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 376.052565][T11772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 376.154874][T11772] 8021q: adding VLAN 0 to HW filter on device team0 [ 376.207870][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.208019][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.209328][T11911] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2244'. [ 376.627781][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.627927][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 377.029362][T11926] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2250'. [ 377.029465][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2250'. [ 377.029481][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2250'. [ 377.079635][T11926] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2250'. [ 377.079660][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2250'. [ 377.571703][T11772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.147221][T10771] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 378.298087][T10771] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.313488][T10771] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 378.313519][T10771] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.313540][T10771] usb 9-1: Product: syz [ 378.313554][T10771] usb 9-1: Manufacturer: syz [ 378.313568][T10771] usb 9-1: SerialNumber: syz [ 378.836687][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.115192][T11772] veth0_vlan: entered promiscuous mode [ 379.182294][T11772] veth1_vlan: entered promiscuous mode [ 379.599061][T10771] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 379.599080][T10771] cdc_ncm 9-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 379.599090][T10771] cdc_ncm 9-1:1.0: setting rx_max = 2048 [ 379.606086][T11772] veth0_macvtap: entered promiscuous mode [ 379.926475][T11772] veth1_macvtap: entered promiscuous mode [ 380.004705][T10771] cdc_ncm 9-1:1.0: setting tx_max = 88 [ 380.073069][T10771] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 380.103894][T10771] usb 9-1: USB disconnect, device number 4 [ 380.116698][T10771] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM (NO ZLP) [ 380.371934][T11772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.412070][T11772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.484102][ T6708] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.516008][ T3858] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.524484][ T3858] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.524543][ T3858] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.154522][ T3537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.154545][ T3537] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.579801][ T6708] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.579821][ T6708] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.357511][ T5867] Dead loop on virtual device wlan0, fix it urgently! [ 384.819625][T12017] netlink: 11562 bytes leftover after parsing attributes in process `syz.7.2279'. [ 391.356918][T12115] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 391.356954][T12115] overlayfs: failed to set xattr on upper [ 391.356963][T12115] overlayfs: ...falling back to redirect_dir=nofollow. [ 391.356971][T12115] overlayfs: ...falling back to index=off. [ 391.356978][T12115] overlayfs: ...falling back to xino=off. [ 391.383434][T12115] overlayfs: conflicting lowerdir path [ 393.642600][T12149] netlink: 'syz.8.2331': attribute type 10 has an invalid length. [ 393.919416][T12151] sctp: [Deprecated]: syz.7.2332 (pid 12151) Use of struct sctp_assoc_value in delayed_ack socket option. [ 393.919416][T12151] Use struct sctp_sack_info instead [ 393.939188][T12149] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 395.195770][ T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 395.355871][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 395.358544][ T9] usb 3-1: config 0 has no interfaces? [ 395.364371][ T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 395.364393][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.364403][ T9] usb 3-1: Product: syz [ 395.364411][ T9] usb 3-1: Manufacturer: syz [ 395.364419][ T9] usb 3-1: SerialNumber: syz [ 395.427485][ T9] usb 3-1: config 0 descriptor?? [ 395.665934][ T9] usb 3-1: USB disconnect, device number 17 [ 397.676521][ T5809] Bluetooth: hci4: unexpected event for opcode 0x0c1c [ 399.684784][T12257] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 401.383733][T12251] Bluetooth: hci1: command 0x0406 tx timeout [ 401.383773][T12251] Bluetooth: hci3: command 0x0406 tx timeout [ 401.794254][T12283] binder: 12280:12283 ioctl c0306201 200000000040 returned -14 [ 404.176075][ T5867] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 404.199260][T12335] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 404.330183][ T5867] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 404.330210][ T5867] usb 9-1: config 0 has no interfaces? [ 404.330240][ T5867] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 404.330263][ T5867] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.375963][ T5867] usb 9-1: config 0 descriptor?? [ 404.510701][T12339] loop5: detected capacity change from 0 to 7 [ 404.514541][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.514726][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.514795][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.514869][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.514943][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515010][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515070][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515111][T12339] ldm_validate_partition_table(): Disk read failed. [ 404.515137][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515197][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515256][T12339] Buffer I/O error on dev loop5, logical block 0, async page read [ 404.515397][T12339] Dev loop5: unable to read RDB block 0 [ 404.516080][T12339] loop5: unable to read partition table [ 404.516316][T12339] loop5: partition table beyond EOD, truncated [ 404.516344][T12339] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 404.516344][T12339] ) failed (rc=-5) [ 405.194877][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 405.194894][ T37] audit: type=1326 audit(1764320600.301:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.195033][ T37] audit: type=1326 audit(1764320600.301:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216446][ T37] audit: type=1326 audit(1764320600.311:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216499][ T37] audit: type=1326 audit(1764320600.311:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216542][ T37] audit: type=1326 audit(1764320600.311:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216582][ T37] audit: type=1326 audit(1764320600.311:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216623][ T37] audit: type=1326 audit(1764320600.311:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216669][ T37] audit: type=1326 audit(1764320600.311:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216710][ T37] audit: type=1326 audit(1764320600.311:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.216750][ T37] audit: type=1326 audit(1764320600.311:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12355 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 405.342047][T12359] netlink: 'syz.0.2411': attribute type 8 has an invalid length. [ 405.342066][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2411'. [ 405.373769][T12359] bond0: entered promiscuous mode [ 405.373791][T12359] bridge2: entered promiscuous mode [ 405.398297][T12360] netlink: 'syz.0.2411': attribute type 8 has an invalid length. [ 405.398320][T12360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2411'. [ 405.485927][T12359] bond0: left promiscuous mode [ 405.485949][T12359] bridge2: left promiscuous mode [ 405.573805][T12360] bond0: entered promiscuous mode [ 405.573821][T12360] bridge2: entered promiscuous mode [ 405.596282][T12360] bond0: left promiscuous mode [ 405.596307][T12360] bridge2: left promiscuous mode [ 407.182293][ T5867] usb 9-1: USB disconnect, device number 5 [ 408.151469][T12399] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 408.151497][T12399] overlayfs: failed to set xattr on upper [ 408.151506][T12399] overlayfs: ...falling back to redirect_dir=nofollow. [ 408.151515][T12399] overlayfs: ...falling back to metacopy=off. [ 408.151523][T12399] overlayfs: ...falling back to index=off. [ 408.151530][T12399] overlayfs: ...falling back to uuid=null. [ 408.379017][T12409] loop2: detected capacity change from 0 to 7 [ 408.384647][T12409] Dev loop2: unable to read RDB block 7 [ 408.384694][T12409] loop2: unable to read partition table [ 408.384923][T12409] loop2: partition table beyond EOD, truncated [ 408.384940][T12409] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 408.671168][T12413] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2433'. [ 408.779112][T12417] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2433'. [ 409.703700][T12414] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 410.049002][T12428] syz.9.2441 (12428) used greatest stack depth: 16784 bytes left [ 410.472537][T12437] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2444'. [ 411.358346][T12450] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 411.358377][T12450] overlayfs: failed to set xattr on upper [ 411.358386][T12450] overlayfs: ...falling back to redirect_dir=nofollow. [ 411.358394][T12450] overlayfs: ...falling back to index=off. [ 411.358400][T12450] overlayfs: ...falling back to uuid=null. [ 411.358407][T12450] overlayfs: ...falling back to xino=off. [ 411.358459][T12450] overlayfs: conflicting lowerdir path [ 413.154072][T12475] GUP no longer grows the stack in syz.2.2455 (12475): 200000004000-20000000a000 (200000002000) [ 413.154108][T12475] CPU: 1 UID: 0 PID: 12475 Comm: syz.2.2455 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 413.154140][T12475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 413.154165][T12475] Call Trace: [ 413.154174][T12475] [ 413.154182][T12475] dump_stack_lvl+0x189/0x250 [ 413.154221][T12475] ? __pfx_dump_stack_lvl+0x10/0x10 [ 413.154249][T12475] ? __pfx__printk+0x10/0x10 [ 413.154269][T12475] ? find_vma+0xe7/0x160 [ 413.154310][T12475] __get_user_pages+0x22f0/0x2860 [ 413.154371][T12475] get_user_pages_remote+0x2f1/0xac0 [ 413.154396][T12475] ? __pfx_mtree_load+0x10/0x10 [ 413.154432][T12475] ? __pfx_get_user_pages_remote+0x10/0x10 [ 413.154458][T12475] ? __access_remote_vm+0x367/0x7d0 [ 413.154490][T12475] __access_remote_vm+0x211/0x7d0 [ 413.154528][T12475] ? __pfx___access_remote_vm+0x10/0x10 [ 413.154555][T12475] ? set_page_refcounted+0xa0/0x1e0 [ 413.154584][T12475] ? alloc_pages_noprof+0xe4/0x1e0 [ 413.154618][T12475] proc_pid_cmdline_read+0x433/0x810 [ 413.154637][T12475] ? __asan_memset+0x22/0x50 [ 413.154668][T12475] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 413.154692][T12475] ? rw_verify_area+0x2ac/0x4e0 [ 413.154720][T12475] vfs_readv+0x5b3/0x850 [ 413.154749][T12475] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 413.154772][T12475] ? __pfx_vfs_readv+0x10/0x10 [ 413.154819][T12475] ? __fget_files+0x2a/0x420 [ 413.154851][T12475] ? __fget_files+0x3a6/0x420 [ 413.154874][T12475] ? __fget_files+0x2a/0x420 [ 413.154912][T12475] __x64_sys_preadv+0x19a/0x2a0 [ 413.154942][T12475] ? __pfx___x64_sys_preadv+0x10/0x10 [ 413.154971][T12475] ? do_syscall_64+0xbe/0xfa0 [ 413.155003][T12475] do_syscall_64+0xfa/0xfa0 [ 413.155028][T12475] ? lockdep_hardirqs_on+0x9c/0x150 [ 413.155056][T12475] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.155076][T12475] ? clear_bhb_loop+0x60/0xb0 [ 413.155099][T12475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.155124][T12475] RIP: 0033:0x7f80861ef749 [ 413.155142][T12475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.155160][T12475] RSP: 002b:00007f8084456038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 413.155182][T12475] RAX: ffffffffffffffda RBX: 00007f8086445fa0 RCX: 00007f80861ef749 [ 413.155197][T12475] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006 [ 413.155209][T12475] RBP: 00007f8086273f91 R08: 0000000000000000 R09: 0000000000000000 [ 413.155222][T12475] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 413.155234][T12475] R13: 00007f8086446038 R14: 00007f8086445fa0 R15: 00007fff27d3e8e8 [ 413.155266][T12475] [ 413.714650][T12482] overlayfs: failed to clone lowerpath [ 414.394809][T12491] dummy0: entered promiscuous mode [ 414.739694][T10771] libceph: connect (1)[c::]:6789 error -101 [ 414.740596][T10771] libceph: mon0 (1)[c::]:6789 connect error [ 414.839934][T10771] libceph: connect (1)[c::]:6789 error -101 [ 414.840144][T10771] libceph: mon0 (1)[c::]:6789 connect error [ 414.873778][T12489] ceph: No mds server is up or the cluster is laggy [ 415.097378][ T6028] libceph: connect (1)[c::]:6789 error -101 [ 415.097572][ T6028] libceph: mon0 (1)[c::]:6789 connect error [ 415.254760][T12511] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2467'. [ 415.254785][T12511] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2467'. [ 415.254800][T12511] netlink: 'syz.0.2467': attribute type 6 has an invalid length. [ 415.254813][T12511] netlink: 'syz.0.2467': attribute type 5 has an invalid length. [ 415.254825][T12511] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2467'. [ 415.833813][T12523] evm: overlay not supported [ 420.071810][T12597] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2498'. [ 420.331626][T12599] macvlan2: entered promiscuous mode [ 420.331643][T12599] macvlan2: entered allmulticast mode [ 420.340888][T12599] bond1: entered promiscuous mode [ 420.354596][T12599] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 421.686776][ C0] vkms_vblank_simulate: vblank timer overrun [ 421.741700][T12599] bond1: left promiscuous mode [ 421.864568][T12612] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2501'. [ 421.865032][T12612] unsupported nlmsg_type 40 [ 421.940027][ C0] vkms_vblank_simulate: vblank timer overrun [ 422.199989][T12619] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2504'. [ 422.294189][ C0] vkms_vblank_simulate: vblank timer overrun [ 422.905102][T12636] kvm: faulting far call emulation tainted memory [ 423.094812][ T5118] Bluetooth: hci4: unexpected event for opcode 0x1001 [ 423.785845][T10771] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 423.938448][T10771] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 423.938485][T10771] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 423.938523][T10771] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 423.938545][T10771] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.970917][T12650] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 424.068420][T10771] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 425.160095][T10771] usb 10-1: USB disconnect, device number 2 [ 425.433744][ T37] kauditd_printk_skb: 10 callbacks suppressed [ 425.433763][ T37] audit: type=1326 audit(1764320620.541:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471759][ T37] audit: type=1326 audit(1764320620.571:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471812][ T37] audit: type=1326 audit(1764320620.571:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471854][ T37] audit: type=1326 audit(1764320620.571:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471895][ T37] audit: type=1326 audit(1764320620.571:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471935][ T37] audit: type=1326 audit(1764320620.571:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.471976][ T37] audit: type=1326 audit(1764320620.581:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.472017][ T37] audit: type=1326 audit(1764320620.581:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.472056][ T37] audit: type=1326 audit(1764320620.581:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.472097][ T37] audit: type=1326 audit(1764320620.581:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12667 comm="syz.2.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 425.716262][T12670] ceph: No mds server is up or the cluster is laggy [ 427.216967][T12691] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2531'. [ 427.911731][T12701] pim6reg1: entered promiscuous mode [ 427.911765][T12701] pim6reg1: entered allmulticast mode [ 429.062115][T12710] overlayfs: missing 'lowerdir' [ 430.756544][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 430.756560][ T37] audit: type=1326 audit(1764320625.871:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12730 comm="syz.7.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7fc00000 [ 430.828620][ T6023] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.282548][ T37] audit: type=1326 audit(1764320626.391:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12730 comm="syz.7.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7328ef749 code=0x7fc00000 [ 431.832642][ T6023] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.956636][T12747] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2554'. [ 432.304484][ T6023] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.343347][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 432.379573][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 432.381230][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 432.383188][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 432.391565][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 432.782488][ T6023] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.396052][ T6023] bridge_slave_1: left allmulticast mode [ 434.396081][ T6023] bridge_slave_1: left promiscuous mode [ 434.396337][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 434.425843][ T5118] Bluetooth: hci3: command tx timeout [ 434.541240][ T6023] bridge_slave_0: left allmulticast mode [ 434.541269][ T6023] bridge_slave_0: left promiscuous mode [ 434.541574][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 434.595410][ T37] audit: type=1800 audit(1764320885.691:237): pid=12794 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.2569" name="bus" dev="overlay" ino=2815 res=0 errno=0 [ 436.374176][T12841] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2582'. [ 436.497321][ T5118] Bluetooth: hci3: command tx timeout [ 438.586649][ T5118] Bluetooth: hci3: command tx timeout [ 439.995811][ T6028] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 440.154257][ T6028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 440.154293][ T6028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 440.154337][ T6028] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 440.154360][ T6028] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.210559][ T6028] usb 1-1: config 0 descriptor?? [ 440.251908][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 440.264502][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.369351][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 440.409676][ T6023] bond0 (unregistering): Released all slaves [ 440.684927][ T5118] Bluetooth: hci3: command tx timeout [ 440.708877][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.708914][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.708940][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.708967][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.708992][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.709017][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.709042][ T6028] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 440.800050][ T6028] cp2112 0003:10C4:EA90.0011: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 440.887926][ T6028] cp2112 0003:10C4:EA90.0011: Part Number: 0x82 Device Version: 0xFE [ 441.500575][T12873] cp2112 0003:10C4:EA90.0011: Unsupported transaction 0 [ 441.556893][T12873] cp2112 0003:10C4:EA90.0011: Error starting transaction: -38 [ 441.582446][ T6028] cp2112 0003:10C4:EA90.0011: error reading lock byte: -71 [ 441.630902][ T6028] usb 1-1: USB disconnect, device number 17 [ 441.677390][T12753] chnl_net:caif_netlink_parms(): no params data found [ 442.724158][T12910] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2606'. [ 443.427577][T12753] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.427778][T12753] bridge0: port 1(bridge_slave_0) entered disabled state [ 443.428016][T12753] bridge_slave_0: entered allmulticast mode [ 443.430891][T12753] bridge_slave_0: entered promiscuous mode [ 443.555906][ T6023] hsr_slave_0: left promiscuous mode [ 443.599815][ T6023] hsr_slave_1: left promiscuous mode [ 443.602483][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 443.602502][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 443.657364][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 443.657387][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 443.734573][ T6023] veth1_macvtap: left promiscuous mode [ 443.734641][ T6023] veth0_macvtap: left promiscuous mode [ 443.734785][ T6023] veth1_vlan: left promiscuous mode [ 443.734887][ T6023] veth0_vlan: left promiscuous mode [ 446.436653][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 446.729707][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 447.082125][T12940] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2618'. [ 449.801116][ T37] audit: type=1326 audit(1764320900.911:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.801379][ T37] audit: type=1326 audit(1764320900.911:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.803194][ T37] audit: type=1326 audit(1764320900.911:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.803363][ T37] audit: type=1326 audit(1764320900.911:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.803598][ T37] audit: type=1326 audit(1764320900.911:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.803870][ T37] audit: type=1326 audit(1764320900.911:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.804035][ T37] audit: type=1326 audit(1764320900.911:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.804964][ T37] audit: type=1326 audit(1764320900.911:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.809204][ T37] audit: type=1326 audit(1764320900.921:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 449.809254][ T37] audit: type=1326 audit(1764320900.921:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12968 comm="syz.0.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 450.876643][T12753] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.876734][T12753] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.876922][T12753] bridge_slave_1: entered allmulticast mode [ 450.878583][T12753] bridge_slave_1: entered promiscuous mode [ 450.883840][T12929] netlink: 55631 bytes leftover after parsing attributes in process `syz.7.2614'. [ 451.429324][T12753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 451.482108][T12753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 451.976189][T12753] team0: Port device team_slave_0 added [ 452.114941][T12753] team0: Port device team_slave_1 added [ 452.726776][T12753] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.726792][T12753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 452.726814][T12753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.757727][T12753] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.757743][T12753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 452.757768][T12753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.838532][ T6023] IPVS: stop unused estimator thread 0... [ 453.195064][T12753] hsr_slave_0: entered promiscuous mode [ 453.205415][T12753] hsr_slave_1: entered promiscuous mode [ 453.212471][T12753] debugfs: 'hsr0' already exists in 'hsr' [ 453.212499][T12753] Cannot create hsr debugfs directory [ 454.903270][ T6023] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.400511][ T6023] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.385284][ T6023] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.970031][ T6023] bond0: (slave netdevsim0): Releasing backup interface [ 457.210009][ T6023] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.659787][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 459.680504][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 459.683349][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 459.759446][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 459.773111][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 460.503810][ T6023] bridge_slave_1: left allmulticast mode [ 460.503839][ T6023] bridge_slave_1: left promiscuous mode [ 460.504098][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.567550][ T6023] bridge_slave_0: left allmulticast mode [ 460.567580][ T6023] bridge_slave_0: left promiscuous mode [ 460.567829][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 461.935849][ T5118] Bluetooth: hci5: command tx timeout [ 463.786545][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 463.867791][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 463.913660][ T6023] bond0 (unregistering): Released all slaves [ 463.946180][ T6023] bond1 (unregistering): Released all slaves [ 464.016294][ T5118] Bluetooth: hci5: command tx timeout [ 466.095957][ T5118] Bluetooth: hci5: command tx timeout [ 466.288399][T13166] overlayfs: failed to resolve './file0/file0:/': -2 [ 466.675103][T13079] chnl_net:caif_netlink_parms(): no params data found [ 467.974201][T13175] netlink: 'syz.7.2700': attribute type 1 has an invalid length. [ 468.040227][T12753] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 468.185884][ T5118] Bluetooth: hci5: command tx timeout [ 468.201008][T13184] kvm: requested 134933 ns i8254 timer period limited to 200000 ns [ 468.262665][T13184] kvm: requested 63695 ns i8254 timer period limited to 200000 ns [ 468.262959][T13184] kvm: requested 176000 ns i8254 timer period limited to 200000 ns [ 468.278390][T13184] kvm: requested 135771 ns i8254 timer period limited to 200000 ns [ 468.278537][T13184] kvm: requested 86323 ns i8254 timer period limited to 200000 ns [ 468.284541][T13184] kvm: requested 137447 ns i8254 timer period limited to 200000 ns [ 468.286074][T13175] 8021q: adding VLAN 0 to HW filter on device bond1 [ 468.331489][T13180] ip6gretap2: entered allmulticast mode [ 468.356224][T13180] bond1: (slave ip6gretap2): making interface the new active one [ 468.358872][T13180] bond1: (slave ip6gretap2): Enslaving as an active interface with an up link [ 468.419644][T12753] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 468.492931][T12753] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 468.685923][ T6023] hsr_slave_0: left promiscuous mode [ 468.729310][ T6023] hsr_slave_1: left promiscuous mode [ 468.729973][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 468.729989][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 468.990358][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 468.990385][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 469.279244][ T6023] veth1_macvtap: left promiscuous mode [ 469.279353][ T6023] veth0_macvtap: left promiscuous mode [ 469.279669][ T6023] veth1_vlan: left promiscuous mode [ 469.279855][ T6023] veth0_vlan: left promiscuous mode [ 469.463973][ T37] kauditd_printk_skb: 10 callbacks suppressed [ 469.463991][ T37] audit: type=1804 audit(1764320920.571:258): pid=13199 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.2706" name="/newroot/647/file0" dev="tmpfs" ino=3428 res=1 errno=0 [ 470.779964][ C0] vkms_vblank_simulate: vblank timer overrun [ 470.894857][ C0] vkms_vblank_simulate: vblank timer overrun [ 471.423880][ C0] vkms_vblank_simulate: vblank timer overrun [ 471.864960][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.089900][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.264722][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.410685][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.784916][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.879885][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.012690][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.079544][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.168879][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.279467][T13240] netlink: 'syz.7.2719': attribute type 4 has an invalid length. [ 473.331008][T13241] netlink: 'syz.7.2719': attribute type 4 has an invalid length. [ 473.389978][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.672755][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.725960][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.726076][ T6028] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 473.786424][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.846254][ C0] vkms_vblank_simulate: vblank timer overrun [ 473.885797][ T6028] usb 1-1: Using ep0 maxpacket: 32 [ 473.912544][ T6028] usb 1-1: config 0 has an invalid interface number: 136 but max is 0 [ 473.912571][ T6028] usb 1-1: config 0 has no interface number 0 [ 473.912646][ T6028] usb 1-1: config 0 interface 136 altsetting 0 bulk endpoint 0xA has invalid maxpacket 32 [ 473.942307][ T6028] usb 1-1: New USB device found, idVendor=10cf, idProduct=8063, bcdDevice=d1.d2 [ 473.942334][ T6028] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.942345][ T6028] usb 1-1: Product: syz [ 473.942353][ T6028] usb 1-1: Manufacturer: syz [ 473.942360][ T6028] usb 1-1: SerialNumber: syz [ 473.964536][ T6028] usb 1-1: config 0 descriptor?? [ 473.965543][T13244] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 474.043328][ T6028] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'. [ 474.141738][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.201525][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.219878][T13244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 474.220413][T13244] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 474.272487][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.387802][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.472622][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.587097][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 474.626089][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.686509][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.743148][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.817456][ C0] vkms_vblank_simulate: vblank timer overrun [ 474.876277][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 474.913111][ C0] vkms_vblank_simulate: vblank timer overrun [ 477.843987][T12753] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 478.460359][T13079] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.460587][T13079] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.460843][T13079] bridge_slave_0: entered allmulticast mode [ 478.463623][T13079] bridge_slave_0: entered promiscuous mode [ 478.473254][T13079] bridge0: port 2(bridge_slave_1) entered blocking state [ 478.473399][T13079] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.473603][T13079] bridge_slave_1: entered allmulticast mode [ 478.494149][T13079] bridge_slave_1: entered promiscuous mode [ 478.640257][T13266] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2725'. [ 478.895161][T13079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 478.915993][T13079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 479.020055][ T37] audit: type=1800 audit(1764320930.131:259): pid=13273 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.2726" name="bus" dev="overlay" ino=3469 res=0 errno=0 [ 479.393512][T13079] team0: Port device team_slave_0 added [ 479.403923][T13079] team0: Port device team_slave_1 added [ 479.495939][ T5886] usb 1-1: USB disconnect, device number 18 [ 480.379824][T13285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2731'. [ 480.387320][T13286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2730'. [ 480.453220][T13288] overlayfs: failed to clone upperpath [ 480.729576][T13079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 480.729594][T13079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 480.729619][T13079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 480.736819][T13079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 480.736835][T13079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 480.736860][T13079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 480.955424][T13299] fuse: Unknown parameter '0x0000000000000005' [ 481.070485][T13079] hsr_slave_0: entered promiscuous mode [ 481.075336][T13079] hsr_slave_1: entered promiscuous mode [ 481.083747][T13079] debugfs: 'hsr0' already exists in 'hsr' [ 481.083775][T13079] Cannot create hsr debugfs directory [ 481.290668][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806755cc00: rx timeout, send abort [ 481.790793][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806755cc00: abort rx timeout. Force session deactivation [ 481.794560][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806755c800: rx timeout, send abort [ 481.960573][ T6023] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.260833][ T6023] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.294618][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806755c800: abort rx timeout. Force session deactivation [ 482.552392][T13331] netlink: 'syz.7.2749': attribute type 6 has an invalid length. [ 482.619361][ T6023] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.783369][T12753] 8021q: adding VLAN 0 to HW filter on device bond0 [ 483.014796][ T6023] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.379267][T12753] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.384093][ T6021] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.384174][ T6021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.631428][ T3858] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.631514][ T3858] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.167277][ T37] audit: type=1804 audit(1764320936.281:260): pid=13358 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.2757" name="/newroot/667/file0" dev="tmpfs" ino=3541 res=1 errno=0 [ 485.586472][ T6023] bridge_slave_1: left allmulticast mode [ 485.586501][ T6023] bridge_slave_1: left promiscuous mode [ 485.586763][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.687679][ T6023] bridge_slave_0: left allmulticast mode [ 485.687709][ T6023] bridge_slave_0: left promiscuous mode [ 485.687950][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.293425][T13383] netlink: 'syz.0.2766': attribute type 83 has an invalid length. [ 488.646493][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 488.707166][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.728286][ T6023] bond0 (unregistering): Released all slaves [ 488.825997][T13391] syzkaller0: entered promiscuous mode [ 488.826025][T13391] syzkaller0: entered allmulticast mode [ 489.949595][T13415] netlink: 'syz.0.2777': attribute type 4 has an invalid length. [ 490.399863][ T37] audit: type=1800 audit(1764320941.511:261): pid=13420 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.2778" name="bus" dev="ramfs" ino=43559 res=0 errno=0 [ 492.227715][ T6023] hsr_slave_0: left promiscuous mode [ 492.280516][T13450] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2787'. [ 492.305709][ T6023] hsr_slave_1: left promiscuous mode [ 492.307061][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 492.307085][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 492.358104][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 492.358139][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 492.604907][ T6023] veth1_macvtap: left promiscuous mode [ 492.605028][ T6023] veth0_macvtap: left promiscuous mode [ 492.605337][ T6023] veth1_vlan: left promiscuous mode [ 492.605518][ T6023] veth0_vlan: left promiscuous mode [ 492.966606][ T5809] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 492.974720][ T5809] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 492.995083][ T5809] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 493.015316][ T5809] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 493.021686][ T5809] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 495.158461][ T5809] Bluetooth: hci0: command tx timeout [ 495.506669][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 495.766756][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 497.240034][ T5809] Bluetooth: hci0: command tx timeout [ 498.979085][T13465] binder: 13464:13465 ioctl c0306201 200000000640 returned -22 [ 499.303558][ T5809] Bluetooth: hci0: command tx timeout [ 500.439797][T13489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 500.492155][T13489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 500.621231][T13491] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 500.635783][ T5867] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 500.710463][T13079] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 500.746556][T13079] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 500.785730][ T5867] usb 3-1: Using ep0 maxpacket: 32 [ 500.789188][ T5867] usb 3-1: config 0 has an invalid interface number: 240 but max is 0 [ 500.789215][ T5867] usb 3-1: config 0 has no interface number 0 [ 500.789249][ T5867] usb 3-1: config 0 interface 240 has no altsetting 0 [ 500.792435][ T5867] usb 3-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=19.6f [ 500.792462][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.792576][ T5867] usb 3-1: Product: syz [ 500.792590][ T5867] usb 3-1: Manufacturer: syz [ 500.792603][ T5867] usb 3-1: SerialNumber: syz [ 500.793646][T13079] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 500.863300][ T5867] usb 3-1: config 0 descriptor?? [ 500.944911][T13079] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 501.167797][ T5867] usb 3-1: Invalid firmware size=18. [ 501.209438][ T5867] usb 3-1: USB disconnect, device number 18 [ 501.375782][ T5809] Bluetooth: hci0: command tx timeout [ 501.705183][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.580783][T13456] chnl_net:caif_netlink_parms(): no params data found [ 504.529883][T13552] netlink: 'syz.7.2816': attribute type 10 has an invalid length. [ 504.529907][T13552] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2816'. [ 506.136499][T13552] team0: Port device geneve0 added [ 506.721782][T13574] netlink: 'syz.7.2822': attribute type 4 has an invalid length. [ 508.093877][T13456] bridge0: port 1(bridge_slave_0) entered blocking state [ 508.133181][T13456] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.266446][T13456] bridge_slave_0: entered allmulticast mode [ 508.288313][T13456] bridge_slave_0: entered promiscuous mode [ 508.391443][T13456] bridge0: port 2(bridge_slave_1) entered blocking state [ 508.391521][T13456] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.391697][T13456] bridge_slave_1: entered allmulticast mode [ 508.393411][T13456] bridge_slave_1: entered promiscuous mode [ 508.404251][T13079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 508.621949][T13583] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2824'. [ 509.555335][T13583] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 509.965906][T13583] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 511.466240][T13456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 511.792802][T13456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 512.227268][T13079] 8021q: adding VLAN 0 to HW filter on device team0 [ 512.228273][ T6023] bridge_slave_1: left allmulticast mode [ 512.228291][ T6023] bridge_slave_1: left promiscuous mode [ 512.228441][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 512.553899][ T6023] bridge_slave_0: left allmulticast mode [ 512.553917][ T6023] bridge_slave_0: left promiscuous mode [ 512.554086][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.263546][T13645] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2842'. [ 517.979901][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 518.056634][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 518.078631][ T6023] bond0 (unregistering): Released all slaves [ 518.317709][T13456] team0: Port device team_slave_0 added [ 518.322538][T13456] team0: Port device team_slave_1 added [ 518.620241][ T6702] bridge0: port 1(bridge_slave_0) entered blocking state [ 518.620450][ T6702] bridge0: port 1(bridge_slave_0) entered forwarding state [ 518.641713][T13667] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2849'. [ 518.688085][T13669] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2849'. [ 518.848439][ T6023] hsr_slave_0: left promiscuous mode [ 518.885896][ T6023] hsr_slave_1: left promiscuous mode [ 518.887010][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 518.946729][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 519.030497][ T5118] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 519.050226][ T5118] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 519.053049][ T5118] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 519.072665][ T5118] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 519.075992][ T5118] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 520.277527][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 520.527011][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 521.153219][ T5809] Bluetooth: hci3: command tx timeout [ 522.770839][T13684] binder_alloc: 13683: pid 13683 spamming oneway? 1 buffers allocated for a total size of 4096 [ 522.864974][T13686] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input20 [ 522.931744][ T5886] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 523.149449][ T5886] usb 3-1: config 0 has no interfaces? [ 523.150987][ T5886] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 523.151013][ T5886] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 523.151034][ T5886] usb 3-1: Manufacturer: syz [ 523.157590][ T5886] usb 3-1: config 0 descriptor?? [ 523.225934][ T5809] Bluetooth: hci3: command tx timeout [ 525.077579][T13456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 525.077591][T13456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 525.077605][T13456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 525.295793][ T5809] Bluetooth: hci3: command tx timeout [ 525.665017][ C1] vkms_vblank_simulate: vblank timer overrun [ 525.702037][T10771] usb 3-1: USB disconnect, device number 19 [ 526.700337][T13456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 526.700353][T13456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 526.700379][T13456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 527.773056][ T5809] Bluetooth: hci3: command tx timeout [ 527.778762][ C1] vkms_vblank_simulate: vblank timer overrun [ 527.835813][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.019718][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.111418][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.142131][ T37] audit: type=1326 audit(1764320979.251:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.142262][ T37] audit: type=1326 audit(1764320979.251:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.142838][ T37] audit: type=1326 audit(1764320979.251:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.143011][ T37] audit: type=1326 audit(1764320979.251:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.143238][ T37] audit: type=1326 audit(1764320979.251:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.144226][ T37] audit: type=1326 audit(1764320979.251:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.144655][ T37] audit: type=1326 audit(1764320979.251:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.145027][ T37] audit: type=1326 audit(1764320979.251:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.145351][ T37] audit: type=1326 audit(1764320979.251:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.145514][ T37] audit: type=1326 audit(527.927:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13721 comm="syz.2.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 528.194456][T13456] hsr_slave_0: entered promiscuous mode [ 528.199649][T13456] hsr_slave_1: entered promiscuous mode [ 528.200825][T13456] debugfs: 'hsr0' already exists in 'hsr' [ 528.200850][T13456] Cannot create hsr debugfs directory [ 528.643216][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.768149][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.819028][ T44] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 60 sec [ 528.961534][T13729] netlink: 'syz.7.2867': attribute type 1 has an invalid length. [ 529.154018][T13729] 8021q: adding VLAN 0 to HW filter on device bond2 [ 529.298020][ C1] vkms_vblank_simulate: vblank timer overrun [ 529.406827][ C1] vkms_vblank_simulate: vblank timer overrun [ 529.416622][T13730] bond2: (slave geneve2): making interface the new active one [ 529.442083][T13730] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 529.796235][ C1] vkms_vblank_simulate: vblank timer overrun [ 533.045744][ T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 533.985775][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 534.106276][ T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 534.106302][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 534.112872][ T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 534.112901][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 534.112920][ T9] usb 3-1: Product: syz [ 534.112934][ T9] usb 3-1: Manufacturer: syz [ 534.112948][ T9] usb 3-1: SerialNumber: syz [ 534.397394][ T9] usb 3-1: 0:2 : does not exist [ 534.404477][ T9] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 534.493210][ T9] usb 3-1: USB disconnect, device number 20 [ 534.632914][T13460] udevd[13460]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 537.718772][T13808] overlayfs: failed to clone upperpath [ 537.738351][T13676] chnl_net:caif_netlink_parms(): no params data found [ 538.559504][T13676] bridge0: port 1(bridge_slave_0) entered blocking state [ 538.559705][T13676] bridge0: port 1(bridge_slave_0) entered disabled state [ 538.559972][T13676] bridge_slave_0: entered allmulticast mode [ 538.587670][T13676] bridge_slave_0: entered promiscuous mode [ 538.853779][T13676] bridge0: port 2(bridge_slave_1) entered blocking state [ 538.861679][T13676] bridge0: port 2(bridge_slave_1) entered disabled state [ 538.861956][T13676] bridge_slave_1: entered allmulticast mode [ 538.870297][T13676] bridge_slave_1: entered promiscuous mode [ 541.023310][T13676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 541.090110][T13844] binder_alloc: 13843: binder_alloc_buf size 69632 failed, no address space [ 541.090231][T13844] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288) [ 541.135386][T13676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 541.551041][ T6023] bridge_slave_1: left allmulticast mode [ 541.551068][ T6023] bridge_slave_1: left promiscuous mode [ 541.551247][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 541.650278][ T6023] bridge_slave_0: left allmulticast mode [ 541.650307][ T6023] bridge_slave_0: left promiscuous mode [ 541.650574][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.204075][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 548.276396][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 548.343844][ T6023] bond0 (unregistering): Released all slaves [ 548.387866][T13676] team0: Port device team_slave_0 added [ 548.544056][T13915] pim6reg1: entered promiscuous mode [ 548.544082][T13915] pim6reg1: entered allmulticast mode [ 548.562592][T13676] team0: Port device team_slave_1 added [ 548.563338][T13456] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 549.179706][T13456] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 550.421029][T13456] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 550.496963][T13676] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 550.496975][T13676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 550.496989][T13676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 550.705840][ T6023] hsr_slave_0: left promiscuous mode [ 550.745961][ T6023] hsr_slave_1: left promiscuous mode [ 550.746909][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 550.769448][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 553.080844][ T5118] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 553.108852][ T5118] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 553.110585][ T5118] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 553.112465][ T5118] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 553.113256][ T5118] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 553.166459][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 553.576288][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 555.227391][ T5118] Bluetooth: hci5: command tx timeout [ 555.889562][T13456] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 555.931298][T13676] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 555.931314][T13676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.931339][T13676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 556.052308][T13965] Bluetooth: MGMT ver 1.23 [ 556.052362][T13965] Bluetooth: hci0: invalid length 0, exp 2 for type 8 [ 556.211968][T13963] kthread_run failed with err -4 [ 557.295927][ T5118] Bluetooth: hci5: command tx timeout [ 559.065480][T13676] hsr_slave_0: entered promiscuous mode [ 559.074110][T13676] hsr_slave_1: entered promiscuous mode [ 559.075255][T13676] debugfs: 'hsr0' already exists in 'hsr' [ 559.075279][T13676] Cannot create hsr debugfs directory [ 559.375760][ T5118] Bluetooth: hci5: command tx timeout [ 560.540062][T14007] netlink: 'syz.7.2951': attribute type 12 has an invalid length. [ 561.455858][ T5118] Bluetooth: hci5: command tx timeout [ 563.145035][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.213041][T14031] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2955'. [ 565.835755][T10771] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 566.002636][T10771] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 566.002681][T10771] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 566.002706][T10771] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 566.002718][T10771] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.159474][T10771] usb 1-1: config 0 descriptor?? [ 566.185838][T10771] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 566.254750][T13951] chnl_net:caif_netlink_parms(): no params data found [ 566.651147][ T44] usb 1-1: USB disconnect, device number 19 [ 570.899131][ C1] vkms_vblank_simulate: vblank timer overrun [ 571.298677][ C1] vkms_vblank_simulate: vblank timer overrun [ 571.978848][ C1] vkms_vblank_simulate: vblank timer overrun [ 572.030903][ C1] vkms_vblank_simulate: vblank timer overrun [ 572.800178][ C1] vkms_vblank_simulate: vblank timer overrun [ 573.572895][ C1] vkms_vblank_simulate: vblank timer overrun [ 573.637031][ C1] vkms_vblank_simulate: vblank timer overrun [ 573.785953][ C1] vkms_vblank_simulate: vblank timer overrun [ 574.275739][ C1] vkms_vblank_simulate: vblank timer overrun [ 574.455309][ C1] vkms_vblank_simulate: vblank timer overrun [ 574.840940][ C1] vkms_vblank_simulate: vblank timer overrun [ 574.858014][T13951] bridge0: port 1(bridge_slave_0) entered blocking state [ 574.858164][T13951] bridge0: port 1(bridge_slave_0) entered disabled state [ 574.858415][T13951] bridge_slave_0: entered allmulticast mode [ 574.886411][T13951] bridge_slave_0: entered promiscuous mode [ 574.902355][T13951] bridge0: port 2(bridge_slave_1) entered blocking state [ 574.902557][T13951] bridge0: port 2(bridge_slave_1) entered disabled state [ 574.902817][T13951] bridge_slave_1: entered allmulticast mode [ 575.741141][ C1] vkms_vblank_simulate: vblank timer overrun [ 575.754786][T13951] bridge_slave_1: entered promiscuous mode [ 577.942539][T13951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 578.349266][T13951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 578.786630][T13951] team0: Port device team_slave_0 added [ 578.835399][T13951] team0: Port device team_slave_1 added [ 580.496472][T14152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2985'. [ 582.123568][ T5809] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 582.146647][ T5809] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 582.148232][ T5809] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 582.149382][ T5809] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 582.150181][ T5809] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 582.436070][T13951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 582.436085][T13951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 582.436110][T13951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 582.453586][T13951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 582.453602][T13951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 582.453628][T13951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 583.731972][ T6023] bridge_slave_1: left allmulticast mode [ 583.732002][ T6023] bridge_slave_1: left promiscuous mode [ 583.732260][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 583.849306][ T6023] bridge_slave_0: left allmulticast mode [ 583.849335][ T6023] bridge_slave_0: left promiscuous mode [ 583.849632][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 584.271209][ T5809] Bluetooth: hci0: command tx timeout [ 584.435173][T14173] 9pnet_virtio: no channels available for device ./file0 [ 584.780525][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 584.910727][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 584.968160][ T6023] bond0 (unregistering): Released all slaves [ 585.453979][T13951] hsr_slave_0: entered promiscuous mode [ 585.455473][T13951] hsr_slave_1: entered promiscuous mode [ 585.472771][T13951] debugfs: 'hsr0' already exists in 'hsr' [ 585.472798][T13951] Cannot create hsr debugfs directory [ 585.640204][ T5852] kernel read not supported for file inotify (pid: 5852 comm: kworker/0:3) [ 585.655747][ T6023] hsr_slave_0: left promiscuous mode [ 585.698616][ T6023] hsr_slave_1: left promiscuous mode [ 585.700626][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 585.736728][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 586.336225][ T5809] Bluetooth: hci0: command tx timeout [ 588.425625][ T5809] Bluetooth: hci0: command tx timeout [ 588.426841][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 589.456232][ T5887] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 121 sec [ 589.771160][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 590.501009][ T5809] Bluetooth: hci0: command tx timeout [ 591.471753][ T37] kauditd_printk_skb: 285 callbacks suppressed [ 591.471773][ T37] audit: type=1326 audit(591.207:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.471816][ T37] audit: type=1326 audit(591.207:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.471857][ T37] audit: type=1326 audit(591.217:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.471896][ T37] audit: type=1326 audit(591.217:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.471935][ T37] audit: type=1326 audit(591.217:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.471975][ T37] audit: type=1326 audit(591.217:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.472013][ T37] audit: type=1326 audit(591.217:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.472052][ T37] audit: type=1326 audit(591.217:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.472090][ T37] audit: type=1326 audit(591.217:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 591.472129][ T37] audit: type=1326 audit(591.217:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14238 comm="syz.2.3013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80861ef749 code=0x7ffc0000 [ 594.319257][T14157] chnl_net:caif_netlink_parms(): no params data found [ 598.431673][T14157] bridge0: port 1(bridge_slave_0) entered blocking state [ 598.431810][T14157] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.432068][T14157] bridge_slave_0: entered allmulticast mode [ 598.445877][T14157] bridge_slave_0: entered promiscuous mode [ 598.481045][T14157] bridge0: port 2(bridge_slave_1) entered blocking state [ 598.481267][T14157] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.481526][T14157] bridge_slave_1: entered allmulticast mode [ 598.484593][T14157] bridge_slave_1: entered promiscuous mode [ 598.834181][ T37] kauditd_printk_skb: 23 callbacks suppressed [ 598.834200][ T37] audit: type=1326 audit(598.607:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.834643][ T37] audit: type=1326 audit(598.607:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.834776][ T37] audit: type=1326 audit(598.607:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.835103][ T37] audit: type=1326 audit(598.607:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.835428][ T37] audit: type=1326 audit(598.607:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.898776][T14328] kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 598.899168][T14328] kvm: requested 143314 ns i8254 timer period limited to 200000 ns [ 598.899466][T14328] kvm: requested 101409 ns i8254 timer period limited to 200000 ns [ 598.899772][T14328] kvm: requested 188571 ns i8254 timer period limited to 200000 ns [ 598.899964][T14328] kvm: requested 162590 ns i8254 timer period limited to 200000 ns [ 598.979700][ T37] audit: type=1326 audit(598.607:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.979755][ T37] audit: type=1326 audit(598.617:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.979793][ T37] audit: type=1326 audit(598.617:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.979832][ T37] audit: type=1326 audit(598.667:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 598.979870][ T37] audit: type=1326 audit(598.687:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.0.3039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 599.556549][T14157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 600.618673][T14157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 603.062284][T14157] team0: Port device team_slave_0 added [ 603.175198][T14157] team0: Port device team_slave_1 added [ 604.945954][T14157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 604.945970][T14157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 604.945997][T14157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 604.951510][T13951] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 605.215313][T14157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 605.215325][T14157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 605.215339][T14157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 605.219554][T13951] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 606.041642][T13951] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 606.221128][T13951] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 607.977972][T14157] hsr_slave_0: entered promiscuous mode [ 607.979587][T14157] hsr_slave_1: entered promiscuous mode [ 608.738115][T14157] debugfs: 'hsr0' already exists in 'hsr' [ 608.738145][T14157] Cannot create hsr debugfs directory [ 608.846676][ T6023] bridge_slave_1: left allmulticast mode [ 608.846705][ T6023] bridge_slave_1: left promiscuous mode [ 608.846969][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.156782][ T6023] bridge_slave_0: left allmulticast mode [ 609.156802][ T6023] bridge_slave_0: left promiscuous mode [ 609.157006][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.953695][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 616.296547][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 617.442449][ T6023] bond0 (unregistering): Released all slaves [ 617.558893][T12249] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 617.581653][T12249] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 617.607284][T12249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 617.608657][T12249] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 617.619194][T12249] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 618.639489][ T6023] hsr_slave_0: left promiscuous mode [ 618.695993][ T6023] hsr_slave_1: left promiscuous mode [ 618.696622][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 618.747012][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 619.851053][ T5809] Bluetooth: hci3: command tx timeout [ 622.556446][ T5809] Bluetooth: hci3: command tx timeout [ 624.106295][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 624.316760][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 624.582389][ T5809] Bluetooth: hci3: command tx timeout [ 624.592120][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.623291][T14500] orangefs_mount: mount request failed with -4 [ 624.932772][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 624.932792][ T37] audit: type=1326 audit(624.677:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.932840][ T37] audit: type=1326 audit(624.677:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.932880][ T37] audit: type=1326 audit(624.677:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.932921][ T37] audit: type=1326 audit(624.677:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.932961][ T37] audit: type=1326 audit(624.677:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.933006][ T37] audit: type=1326 audit(624.677:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.933046][ T37] audit: type=1326 audit(624.687:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 624.933086][ T37] audit: type=1326 audit(624.687:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14511 comm="syz.0.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b680f749 code=0x7ffc0000 [ 625.341672][T14517] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3091'. [ 626.666316][T12249] Bluetooth: hci3: command tx timeout [ 626.699924][T14517] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 631.191829][T14552] overlayfs: failed to clone upperpath [ 636.834409][T14456] chnl_net:caif_netlink_parms(): no params data found [ 641.828863][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 641.865519][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 641.867157][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 641.868461][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 641.869206][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 644.905839][ T5809] Bluetooth: hci5: command tx timeout [ 645.420690][T14456] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.420823][T14456] bridge0: port 1(bridge_slave_0) entered disabled state [ 645.421002][T14456] bridge_slave_0: entered allmulticast mode [ 645.422898][T14456] bridge_slave_0: entered promiscuous mode [ 645.494142][T14456] bridge0: port 2(bridge_slave_1) entered blocking state [ 645.538623][T14456] bridge0: port 2(bridge_slave_1) entered disabled state [ 645.539787][T14456] bridge_slave_1: entered allmulticast mode [ 645.555794][T14456] bridge_slave_1: entered promiscuous mode [ 647.334578][ T5809] Bluetooth: hci5: command tx timeout [ 649.550682][ T5809] Bluetooth: hci5: command tx timeout [ 649.778179][ T5887] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 181 sec [ 652.350764][ T5809] Bluetooth: hci5: command tx timeout [ 652.538292][T14456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 652.832047][T14456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 652.843659][T14691] netlink: 'syz.7.3134': attribute type 4 has an invalid length. [ 654.502209][T14456] team0: Port device team_slave_0 added [ 654.704193][T14456] team0: Port device team_slave_1 added [ 655.131972][T14456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 655.131989][T14456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 655.132014][T14456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 655.273913][T14456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 655.273924][T14456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 655.273939][T14456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 658.998541][T14456] hsr_slave_0: entered promiscuous mode [ 659.006193][T14456] hsr_slave_1: entered promiscuous mode [ 659.007270][T14456] debugfs: 'hsr0' already exists in 'hsr' [ 659.007294][T14456] Cannot create hsr debugfs directory [ 659.659635][ T6023] bridge_slave_1: left allmulticast mode [ 659.659662][ T6023] bridge_slave_1: left promiscuous mode [ 659.659908][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.799999][T14744] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 660.547214][ T6023] bridge_slave_0: left allmulticast mode [ 660.547243][ T6023] bridge_slave_0: left promiscuous mode [ 660.547526][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.727443][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 670.192064][T14792] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 671.797413][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 672.796688][ T6023] bond0 (unregistering): Released all slaves [ 675.765425][T14627] chnl_net:caif_netlink_parms(): no params data found [ 678.471820][T12249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 678.518018][ T6023] hsr_slave_0: left promiscuous mode [ 678.522104][T12249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 678.533868][T12249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 678.549975][T12249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 678.550760][T12249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 678.685734][ T6023] hsr_slave_1: left promiscuous mode [ 678.686736][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 678.769344][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 680.678602][T12249] Bluetooth: hci0: command tx timeout [ 681.133353][T14871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3176'. [ 681.967830][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8d1000: rx timeout, send abort [ 681.972245][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8d1800: rx timeout, send abort [ 682.444258][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 682.467956][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8d1000: abort rx timeout. Force session deactivation [ 682.472374][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8d1800: abort rx timeout. Force session deactivation [ 682.735706][T12249] Bluetooth: hci0: command tx timeout [ 682.776435][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 683.038653][T14882] overlayfs: failed to resolve './file0': -2 [ 684.819438][T12249] Bluetooth: hci0: command tx timeout [ 686.217634][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.895869][T12249] Bluetooth: hci0: command tx timeout [ 687.898637][T14907] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 687.898701][T14907] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 692.458855][T14627] bridge0: port 1(bridge_slave_0) entered blocking state [ 692.458989][T14627] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.459254][T14627] bridge_slave_0: entered allmulticast mode [ 692.462215][T14627] bridge_slave_0: entered promiscuous mode [ 692.490496][T14627] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.490640][T14627] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.490856][T14627] bridge_slave_1: entered allmulticast mode [ 692.493603][T14627] bridge_slave_1: entered promiscuous mode [ 694.264437][T14627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 694.292651][T14627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 696.092431][T14627] team0: Port device team_slave_0 added [ 696.106845][T14627] team0: Port device team_slave_1 added [ 696.445858][T14627] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 696.445871][T14627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 696.445885][T14627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 696.474551][T14627] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 696.474568][T14627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 696.474594][T14627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 699.357986][T14627] hsr_slave_0: entered promiscuous mode [ 699.366135][T14627] hsr_slave_1: entered promiscuous mode [ 699.367240][T14627] debugfs: 'hsr0' already exists in 'hsr' [ 699.367264][T14627] Cannot create hsr debugfs directory [ 699.630231][ T6023] bridge_slave_1: left allmulticast mode [ 699.630268][ T6023] bridge_slave_1: left promiscuous mode [ 699.630547][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 699.767301][ T6023] bridge_slave_0: left allmulticast mode [ 699.767331][ T6023] bridge_slave_0: left promiscuous mode [ 699.767607][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.901166][ T6023] bridge_slave_1: left allmulticast mode [ 699.901196][ T6023] bridge_slave_1: left promiscuous mode [ 699.901440][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.047879][ T6023] bridge_slave_0: left allmulticast mode [ 700.047908][ T6023] bridge_slave_0: left promiscuous mode [ 700.048136][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 701.039902][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 701.067372][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 701.070801][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 701.073238][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 701.100231][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 701.627821][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 701.916673][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 702.715123][ T6023] bond0 (unregistering): Released all slaves [ 703.648991][T15006] ptrace attach of ""[15009] was attempted by "./syz-executor exec"[15006] [ 703.651335][ T5809] Bluetooth: hci3: command tx timeout [ 704.626570][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 704.756459][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 704.819133][ T6023] bond0 (unregistering): Released all slaves [ 706.000794][ T5809] Bluetooth: hci3: command tx timeout [ 707.495942][ T992] usb 1-1: new full-speed USB device number 20 using dummy_hcd [ 708.025154][ T5809] Bluetooth: hci3: command tx timeout [ 708.040648][ T992] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 708.040682][ T992] usb 1-1: can't read configurations, error -71 [ 709.863321][ T5867] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 241 sec [ 710.271201][ T5809] Bluetooth: hci3: command tx timeout [ 710.426633][T15047] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3216'. [ 711.322708][T14845] chnl_net:caif_netlink_parms(): no params data found [ 713.515832][ T6023] hsr_slave_0: left promiscuous mode [ 713.555814][ T6023] hsr_slave_1: left promiscuous mode [ 713.556567][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 713.609078][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 713.785801][ T6023] hsr_slave_0: left promiscuous mode [ 713.847092][ T6023] hsr_slave_1: left promiscuous mode [ 713.848181][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 714.020576][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 715.896330][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 716.086379][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 726.125846][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 726.299588][T15132] syz.2.3236 (15132) used greatest stack depth: 14392 bytes left [ 727.309212][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 731.154184][T12249] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 731.453044][T12249] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 731.493483][T12249] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 731.601717][T12249] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 731.602527][T12249] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 733.859092][ T5809] Bluetooth: hci5: command tx timeout [ 736.255573][ T5809] Bluetooth: hci5: command tx timeout [ 738.367074][ T5809] Bluetooth: hci5: command tx timeout [ 738.752456][T12249] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 738.845849][T12249] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 738.867930][T12249] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 738.893221][T12249] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 738.903385][T12249] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 739.159790][ T37] audit: type=1326 audit(738.917:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.159840][ T37] audit: type=1326 audit(738.927:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.159880][ T37] audit: type=1326 audit(738.927:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.159922][ T37] audit: type=1326 audit(738.927:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.159962][ T37] audit: type=1326 audit(738.927:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.160002][ T37] audit: type=1326 audit(738.927:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.181482][ T37] audit: type=1326 audit(738.937:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.181538][ T37] audit: type=1326 audit(738.937:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 739.181578][ T37] audit: type=1326 audit(738.937:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15204 comm="syz.7.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7328ef749 code=0x7ffc0000 [ 740.693686][ T5809] Bluetooth: hci5: command tx timeout [ 741.089120][ T5809] Bluetooth: hci6: command tx timeout [ 743.219592][ T5809] Bluetooth: hci6: command tx timeout [ 745.135222][T14988] chnl_net:caif_netlink_parms(): no params data found [ 745.309945][ T5809] Bluetooth: hci6: command tx timeout [ 745.598523][T15147] chnl_net:caif_netlink_parms(): no params data found [ 747.385131][ T5809] Bluetooth: hci6: command tx timeout [ 747.551311][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 751.199471][T14988] bridge0: port 1(bridge_slave_0) entered blocking state [ 751.199618][T14988] bridge0: port 1(bridge_slave_0) entered disabled state [ 751.199889][T14988] bridge_slave_0: entered allmulticast mode [ 751.202662][T14988] bridge_slave_0: entered promiscuous mode [ 751.419342][T14988] bridge0: port 2(bridge_slave_1) entered blocking state [ 751.419495][T14988] bridge0: port 2(bridge_slave_1) entered disabled state [ 751.419757][T14988] bridge_slave_1: entered allmulticast mode [ 751.422851][T14988] bridge_slave_1: entered promiscuous mode [ 754.978828][T15290] libceph: resolve '400' (ret=-3): failed [ 756.374400][ T44] IPVS: starting estimator thread 0... [ 757.461011][T15296] IPVS: using max 11 ests per chain, 26400 per kthread [ 758.109858][T14988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 758.266357][T14988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 758.889279][T15147] bridge0: port 1(bridge_slave_0) entered blocking state [ 758.889353][T15147] bridge0: port 1(bridge_slave_0) entered disabled state [ 758.889499][T15147] bridge_slave_0: entered allmulticast mode [ 758.891821][T15147] bridge_slave_0: entered promiscuous mode [ 759.286374][T15147] bridge0: port 2(bridge_slave_1) entered blocking state [ 759.286450][T15147] bridge0: port 2(bridge_slave_1) entered disabled state [ 759.286623][T15147] bridge_slave_1: entered allmulticast mode [ 759.288221][T15147] bridge_slave_1: entered promiscuous mode [ 760.264381][T14988] team0: Port device team_slave_0 added [ 760.352199][ T6023] bridge_slave_1: left allmulticast mode [ 760.352231][ T6023] bridge_slave_1: left promiscuous mode [ 760.352540][ T6023] bridge0: port 2(bridge_slave_1) entered disabled state [ 760.467436][ T6023] bridge_slave_0: left allmulticast mode [ 760.467465][ T6023] bridge_slave_0: left promiscuous mode [ 760.468420][ T6023] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.064226][ T6023] bond0 (unregistering): Released all slaves [ 763.921697][T12249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 763.953223][T12249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 763.954887][T12249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 763.958672][T12249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 763.959545][T12249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 765.886528][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 766.872365][ T5809] Bluetooth: hci0: command tx timeout [ 766.956522][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 767.029065][ T6023] bond0 (unregistering): Released all slaves [ 769.055573][ T5809] Bluetooth: hci0: command tx timeout [ 770.948152][ T44] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 303 sec [ 771.142904][ T5809] Bluetooth: hci0: command tx timeout [ 771.590483][T15147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 771.629822][T15197] chnl_net:caif_netlink_parms(): no params data found [ 771.654296][T15147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 772.544224][ T6023] hsr_slave_0: left promiscuous mode [ 772.665703][ T6023] hsr_slave_1: left promiscuous mode [ 772.666684][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 772.856712][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 773.456928][ T5809] Bluetooth: hci0: command tx timeout [ 780.486504][ T6023] team0 (unregistering): Port device team_slave_1 removed [ 780.617177][ T37] audit: type=1800 audit(780.397:618): pid=15388 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.7.3295" name="nullb0" dev="tmpfs" ino=1666 res=0 errno=0 [ 780.676509][ T6023] team0 (unregistering): Port device team_slave_0 removed [ 783.488125][T15402] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3300'. [ 785.521896][T15147] team0: Port device team_slave_0 added [ 785.556264][T15147] team0: Port device team_slave_1 added [ 788.243388][T15147] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 788.243400][T15147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 788.243413][T15147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 788.412741][T15147] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 788.412754][T15147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 788.412767][T15147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 788.413278][T15197] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.413450][T15197] bridge0: port 1(bridge_slave_0) entered disabled state [ 788.413580][T15197] bridge_slave_0: entered allmulticast mode [ 788.415209][T15197] bridge_slave_0: entered promiscuous mode [ 788.450871][T15197] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.451033][T15197] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.451212][T15197] bridge_slave_1: entered allmulticast mode [ 788.454644][T15197] bridge_slave_1: entered promiscuous mode [ 788.854708][T15197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 788.902610][T15197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.120909][T12249] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 789.155454][T12249] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 789.159111][T12249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 789.163024][T12249] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 789.372518][T12249] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 797.574970][T12249] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 797.579376][T12249] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 797.581068][T12249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 797.584819][T12249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 797.585571][T12249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 806.562651][T15449] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 806.580699][T15449] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 806.582910][T15449] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 806.584718][T15449] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 806.589042][T15449] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 806.729704][T15454] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 806.734484][T15454] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 806.736129][T15454] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 806.775045][T15454] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 806.776445][T15454] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 822.208746][ T5118] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 822.235129][ T5118] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 822.236830][ T5118] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 822.251528][ T5118] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 822.252419][ T5118] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 831.755977][ T5867] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 363 sec [ 849.151740][T15463] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 849.182527][T15463] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 849.184245][T15463] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 849.186189][T15463] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 849.211050][T15463] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 858.374327][T15459] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 858.394907][T15459] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 858.405132][T15459] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 858.407335][T15459] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 858.412137][T15459] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 862.140399][T15471] Bluetooth: hci6: command 0x0406 tx timeout [ 866.157325][T15474] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 866.184816][T15474] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 866.187086][T15474] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 866.205186][T15474] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 866.207316][T15474] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 866.739724][T15480] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 866.766830][T15480] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 866.789032][T15480] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 866.790996][T15480] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 866.791825][T15480] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 883.402654][T15486] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 883.433621][T15486] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 883.435416][T15486] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 883.436821][T15486] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 883.437756][T15486] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 892.045834][ T5887] page_pool_release_retry() stalled pool shutdown: id 93, 50 inflight 424 sec [ 895.233456][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 895.233478][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P16 [ 895.233502][ C0] rcu: (detected by 0, t=10502 jiffies, g=67177, q=3270 ncpus=2) [ 895.233522][ C0] task:ktimers/0 state:R running task stack:20728 pid:16 tgid:16 ppid:2 task_flags:0x4208040 flags:0x00080000 [ 895.233573][ C0] Call Trace: [ 895.233586][ C0] [ 895.233595][ C0] sched_show_task+0x49d/0x630 [ 895.233613][ C0] ? __pfx_sched_show_task+0x10/0x10 [ 895.233622][ C0] ? rcu_dump_cpu_stacks+0x79/0x4e0 [ 895.233636][ C0] ? wq_watchdog_touch+0xef/0x180 [ 895.233647][ C0] print_other_cpu_stall+0xf78/0x1340 [ 895.233666][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 895.233687][ C0] rcu_sched_clock_irq+0xa47/0x11b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 895.233696][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 895.233709][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 895.233723][ C0] update_process_times+0x235/0x2d0 [ 895.233736][ C0] tick_nohz_handler+0x39a/0x520 [ 895.233749][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 895.233759][ C0] __hrtimer_run_queues+0x506/0xd40 [ 895.233781][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 895.233793][ C0] ? read_tsc+0x9/0x20 [ 895.233807][ C0] hrtimer_interrupt+0x45d/0xa90 [ 895.233833][ C0] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 895.233847][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 895.233860][ C0] [ 895.233863][ C0] [ 895.233868][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 895.233878][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110 [ 895.233909][ C0] Code: 74 05 e8 ab 3c 02 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 93 76 cb f6 65 8b 05 0c 8e de 06 85 c0 74 40 48 c7 04 24 0e 36 [ 895.233918][ C0] RSP: 0018:ffffc90000157760 EFLAGS: 00000206 [ 895.233925][ C0] RAX: 9ec5618893d31a00 RBX: 0000000000000a02 RCX: 9ec5618893d31a00 [ 895.233932][ C0] RDX: 0000000000000002 RSI: ffffffff8cd8ed48 RDI: 0000000000000001 [ 895.233938][ C0] RBP: ffffc900001577f0 R08: ffffffff8ed64777 R09: 1ffffffff1dac8ee [ 895.233944][ C0] R10: dffffc0000000000 R11: fffffbfff1dac8ef R12: dffffc0000000000 [ 895.233950][ C0] R13: 0000000000000a02 R14: ffff8880297ea428 R15: 1ffff9200002aeec [ 895.233966][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 895.233979][ C0] ? do_raw_spin_lock+0x121/0x290 [ 895.233993][ C0] rt_spin_lock+0x16d/0x3e0 [ 895.234005][ C0] ? __pfx_rt_spin_lock+0x10/0x10 [ 895.234020][ C0] ? __pfx_advance_sched+0x10/0x10 [ 895.234031][ C0] advance_sched+0xca/0xc90 [ 895.234040][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 895.234052][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 895.234067][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 895.234084][ C0] ? __pfx_advance_sched+0x10/0x10 [ 895.234099][ C0] __hrtimer_run_queues+0x552/0xd40 [ 895.234121][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 895.234132][ C0] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 895.234148][ C0] hrtimer_run_softirq+0x1a3/0x2e0 [ 895.234159][ C0] handle_softirqs+0x22f/0x710 [ 895.234175][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 895.234191][ C0] run_ktimerd+0xcf/0x190 [ 895.234202][ C0] ? __pfx_run_ktimerd+0x10/0x10 [ 895.234214][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 895.234226][ C0] ? smpboot_thread_fn+0x5f4/0xa60 [ 895.234238][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 895.234248][ C0] smpboot_thread_fn+0x542/0xa60 [ 895.234259][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 895.234274][ C0] kthread+0x711/0x8a0 [ 895.234288][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 895.234299][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234309][ C0] ? rt_spin_unlock+0x150/0x200 [ 895.234322][ C0] ? rt_spin_unlock+0x161/0x200 [ 895.234331][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234343][ C0] ret_from_fork+0x4bc/0x870 [ 895.234355][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 895.234369][ C0] ? __switch_to_asm+0x39/0x70 [ 895.234376][ C0] ? __switch_to_asm+0x33/0x70 [ 895.234384][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234396][ C0] ret_from_fork_asm+0x1a/0x30 [ 895.234414][ C0] [ 895.234418][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 7300 jiffies! g67177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 895.234429][ C0] rcu: Possible timer handling issue on cpu=0 timer-softirq=45501 [ 895.234434][ C0] rcu: rcu_preempt kthread starved for 7301 jiffies! g67177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 895.234444][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 895.234449][ C0] rcu: RCU grace-period kthread stack dump: [ 895.234452][ C0] task:rcu_preempt state:I stack:26512 pid:18 tgid:18 ppid:2 task_flags:0x208040 flags:0x00080000 [ 895.234477][ C0] Call Trace: [ 895.234480][ C0] [ 895.234485][ C0] __schedule+0x16f3/0x4c20 [ 895.234502][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 895.234518][ C0] ? __lock_acquire+0xab9/0xd20 [ 895.234530][ C0] ? __pfx___schedule+0x10/0x10 [ 895.234549][ C0] ? schedule+0x91/0x360 [ 895.234562][ C0] schedule+0x165/0x360 [ 895.234574][ C0] schedule_timeout+0x12b/0x270 [ 895.234585][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 895.234596][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 895.234608][ C0] ? __pfx_process_timeout+0x10/0x10 [ 895.234620][ C0] ? prepare_to_swait_event+0x341/0x380 [ 895.234634][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 895.234652][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 895.234664][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 895.234675][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 895.234689][ C0] ? finish_swait+0xcd/0x1f0 [ 895.234701][ C0] rcu_gp_kthread+0x99/0x390 [ 895.234713][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 895.234725][ C0] ? __kthread_parkme+0x7b/0x200 [ 895.234736][ C0] ? __kthread_parkme+0x1a1/0x200 [ 895.234750][ C0] kthread+0x711/0x8a0 [ 895.234763][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 895.234774][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234784][ C0] ? rt_spin_unlock+0x150/0x200 [ 895.234797][ C0] ? rt_spin_unlock+0x161/0x200 [ 895.234805][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234818][ C0] ret_from_fork+0x4bc/0x870 [ 895.234829][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 895.234843][ C0] ? __switch_to_asm+0x39/0x70 [ 895.234850][ C0] ? __switch_to_asm+0x33/0x70 [ 895.234858][ C0] ? __pfx_kthread+0x10/0x10 [ 895.234870][ C0] ret_from_fork_asm+0x1a/0x30 [ 895.234887][ C0] [ 895.234890][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 895.234905][ C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 895.234915][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 895.234920][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110 [ 895.234932][ C0] Code: 74 05 e8 ab 3c 02 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 93 76 cb f6 65 8b 05 0c 8e de 06 85 c0 74 40 48 c7 04 24 0e 36 [ 895.234940][ C0] RSP: 0018:ffffc90000157760 EFLAGS: 00000206 [ 895.234947][ C0] RAX: 9ec5618893d31a00 RBX: 0000000000000a02 RCX: 9ec5618893d31a00 [ 895.234953][ C0] RDX: 0000000000000002 RSI: ffffffff8cd8ed48 RDI: 0000000000000001 [ 895.234958][ C0] RBP: ffffc900001577f0 R08: ffffffff8ed64777 R09: 1ffffffff1dac8ee [ 895.234964][ C0] R10: dffffc0000000000 R11: fffffbfff1dac8ef R12: dffffc0000000000 [ 895.234970][ C0] R13: 0000000000000a02 R14: ffff8880297ea428 R15: 1ffff9200002aeec [ 895.234976][ C0] FS: 0000000000000000(0000) GS:ffff888126df4000(0000) knlGS:0000000000000000 [ 895.234983][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 895.234989][ C0] CR2: 00007f96383ebaf8 CR3: 000000002465c000 CR4: 00000000003526f0 [ 895.234997][ C0] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000404 [ 895.235002][ C0] DR3: ffffffffefffff14 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 895.235008][ C0] Call Trace: [ 895.235011][ C0] [ 895.235015][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 895.235028][ C0] ? do_raw_spin_lock+0x121/0x290 [ 895.235041][ C0] rt_spin_lock+0x16d/0x3e0 [ 895.235052][ C0] ? __pfx_rt_spin_lock+0x10/0x10 [ 895.235067][ C0] ? __pfx_advance_sched+0x10/0x10 [ 895.235076][ C0] advance_sched+0xca/0xc90 [ 895.235085][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 895.235101][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 895.235113][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 895.235130][ C0] ? __pfx_advance_sched+0x10/0x10 [ 895.235139][ C0] __hrtimer_run_queues+0x552/0xd40 [ 895.235160][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 895.235171][ C0] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 895.235186][ C0] hrtimer_run_softirq+0x1a3/0x2e0 [ 895.235196][ C0] handle_softirqs+0x22f/0x710 [ 895.235211][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 895.235226][ C0] run_ktimerd+0xcf/0x190 [ 895.235237][ C0] ? __pfx_run_ktimerd+0x10/0x10 [ 895.235249][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 895.235259][ C0] ? smpboot_thread_fn+0x5f4/0xa60 [ 895.235270][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 895.235279][ C0] smpboot_thread_fn+0x542/0xa60 [ 895.235290][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 895.235304][ C0] kthread+0x711/0x8a0 [ 895.235317][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 895.235328][ C0] ? __pfx_kthread+0x10/0x10 [ 895.235338][ C0] ? rt_spin_unlock+0x150/0x200 [ 895.235350][ C0] ? rt_spin_unlock+0x161/0x200 [ 895.235358][ C0] ? __pfx_kthread+0x10/0x10 [ 895.235371][ C0] ret_from_fork+0x4bc/0x870 [ 895.235382][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 895.235395][ C0] ? __switch_to_asm+0x39/0x70 [ 895.235403][ C0] ? __switch_to_asm+0x33/0x70 [ 895.235410][ C0] ? __pfx_kthread+0x10/0x10 [ 895.235422][ C0] ret_from_fork_asm+0x1a/0x30 [ 895.235439][ C0] [ 909.300269][T15468] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 909.330544][T15468] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 909.350750][T15468] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 909.352039][T15468] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 909.352929][T15468] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2