last executing test programs: 23.041788713s ago: executing program 1 (id=77): getpid() memfd_create(&(0x7f0000000300)='\xe9\x00\x10\xda\x8b\xd7m\xa6\x86\xbd\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O{\xd4\x11\xde\xc3\xd2\xcc\xb90\xcf\xef\xb4\xeb\xb3\xd7\x1e\x8c\xf5UBmw\xe6\xc9\xd2\xff5\x80\xdf8bT\x10\xc7\xfc\xd6\x0f\x94\xb1;:e\x8b\xef\xf3@\xac\x92xD^\xaf\xe8!c(\xdf\x8a\x8d\xb0\t\\\x15\x98i\xb0\x16\xa3g\x0e\x93\x92\xd7\xd0\x85\b\xef\x15\x95\xb2\x11\xc7\xc2`\xf6\x92\xc3\x17\xb1\xd66\x10\xb9\xd0\xba\xef\x03\x97 \xeaGG\b\x85g\xc5#x\xd6A\x9f\x12j\x1e\aS\x19\xe5|\x8bv\xa6y\xe4*\xd7#\x05\x84\xac\x88z\x92\xf6\xb87\x13\xdd\xb6\xc5\xca\x02\x0f\xf1,\t\xdbk\xe1\xd5\xcd}>\xd3\x00\x004*\x812\xdf\xc1i\xcd\x82X9m\x01>#\x9f\x85q\x0f\a\x8d\x06\x85x\x1a\xac\x10\xb4B\x85&\x13h\xa7=\x96\xeb\xf0\a*\xac\x84\xcb\xac', 0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bd2) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udplite(0xa, 0x2, 0x88) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x1ff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, 0x6}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 22.276356286s ago: executing program 1 (id=83): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil) shmat(r0, &(0x7f0000ff7000/0x3000)=nil, 0x400c) mremap(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='westwood\x00', 0x9) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="89000000120081ae08060cdc03a6000000000008000000006ee2ffca1b1f0000000004c00e72010000000000000019bf9ed720000000d4e747033a0093b837dc6cc01e32efaec8c7a6ec0012790002400d0c0c00bdad44099bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000009, @void, @value}, 0x94) socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000, @void, @value}, 0x94) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 18.476320757s ago: executing program 1 (id=88): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="290000001e00190f00003fffffffda060200000000ec0001dd0008040d000800ea11c21d", 0x24}], 0x1) 18.239809825s ago: executing program 0 (id=93): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0xffffffffffffffff}, 0x0) accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000000000000bc0900000000000000000000000000005c03000000000000323f000000000000b102000000000000e306000000000000"]) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$can_bcm(0x1d, 0x2, 0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x32658aeb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x1000}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xe8}, 0x1, 0x0, 0x0, 0x20008084}, 0x0) 18.024026465s ago: executing program 1 (id=94): socket$inet_mptcp(0x2, 0x1, 0x106) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) iopl(0x3) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x3ff, 0x1) syz_io_uring_setup(0x111, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r2, 0x6, 0x5, 0x0, &(0x7f0000000040)) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) fcntl$getflags(0xffffffffffffffff, 0x401) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff99) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, 0x0) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86df0000000000000019b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 11.81945569s ago: executing program 4 (id=114): r0 = gettid() ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) set_mempolicy(0x4005, 0x0, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) read(r4, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000400)={0x131, @time={0x3, 0x800}, 0x0, {0x4}}) tkill(r0, 0x7) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r4, 0xc0305302, &(0x7f0000000480)) 10.167292988s ago: executing program 2 (id=118): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0) r3 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r3, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) 9.379043489s ago: executing program 4 (id=120): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000280)={0x9, "bcdc28a9c85b9fd8c188be4dc76ca21943a5bc371870660b11180a8dd75e97d8", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f0000000480)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000300)=[{}]}) 9.054588785s ago: executing program 0 (id=122): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0xc000) mount$fuse(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}]}) 9.014651918s ago: executing program 4 (id=123): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x8039, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0xc000) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r3, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f00000000c0)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b}}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x84a03, 0x0) 8.249154232s ago: executing program 2 (id=124): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_80211_join_ibss(&(0x7f0000000100)='wlan1\x00', 0x0, 0x0, 0x1) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r3}, 0x38) 8.248581706s ago: executing program 3 (id=125): r0 = socket$inet(0x2b, 0x801, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 7.932466733s ago: executing program 4 (id=126): socket$nl_route(0x10, 0x3, 0x0) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10) r1 = socket(0x10, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d00e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28) write$binfmt_script(r2, &(0x7f0000000780)={'#! ', './file0'}, 0xb) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffe000/0x2000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x1, 0x0, 0x15}, &(0x7f0000000740)=0x40) writev(r2, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4) close_range(r1, r2, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000001c00), 0x0, 0x40155) 7.77332464s ago: executing program 0 (id=127): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) setns(r1, 0x24020000) userfaultfd(0x80801) bind$inet6(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000200)='./bus\x00', 0x100) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="840100001000010026bd700000000000e0000001000000000000000000000000ac1e01010000000000000020005e00"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb001000006c00000000000000000000000000000000000000000000000000000000000000000000000600000000000000fffffffff7ffffff000000000000000001000000000000000100008000000000000000800000000000000000000000000000000600000000000000000000000006000000000000000000000000000000030000000000000000000000020002066000000000000000480003006c7a7300"/240], 0x184}, 0x1, 0x0, 0x0, 0x4004050}, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_auto}]}) 5.750155706s ago: executing program 2 (id=128): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f00000008c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0xc0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r3 = creat(&(0x7f0000000340)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000005c0)=0x20) ioctl$SOUND_MIXER_READ_CAPS(0xffffffffffffffff, 0x80044dfc, 0x0) 5.711402335s ago: executing program 3 (id=129): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 5.606235818s ago: executing program 1 (id=130): getpid() memfd_create(&(0x7f0000000300)='\xe9\x00\x10\xda\x8b\xd7m\xa6\x86\xbd\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O{\xd4\x11\xde\xc3\xd2\xcc\xb90\xcf\xef\xb4\xeb\xb3\xd7\x1e\x8c\xf5UBmw\xe6\xc9\xd2\xff5\x80\xdf8bT\x10\xc7\xfc\xd6\x0f\x94\xb1;:e\x8b\xef\xf3@\xac\x92xD^\xaf\xe8!c(\xdf\x8a\x8d\xb0\t\\\x15\x98i\xb0\x16\xa3g\x0e\x93\x92\xd7\xd0\x85\b\xef\x15\x95\xb2\x11\xc7\xc2`\xf6\x92\xc3\x17\xb1\xd66\x10\xb9\xd0\xba\xef\x03\x97 \xeaGG\b\x85g\xc5#x\xd6A\x9f\x12j\x1e\aS\x19\xe5|\x8bv\xa6y\xe4*\xd7#\x05\x84\xac\x88z\x92\xf6\xb87\x13\xdd\xb6\xc5\xca\x02\x0f\xf1,\t\xdbk\xe1\xd5\xcd}>\xd3\x00\x004*\x812\xdf\xc1i\xcd\x82X9m\x01>#\x9f\x85q\x0f\a\x8d\x06\x85x\x1a\xac\x10\xb4B\x85&\x13h\xa7=\x96\xeb\xf0\a*\xac\x84\xcb\xac', 0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bd2) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e24, 0x1ff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, 0x6}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 4.573224197s ago: executing program 2 (id=131): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='xprt_reserve\x00', r3, 0x0, 0x1}, 0x18) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 4.526782968s ago: executing program 0 (id=132): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000002c0)={0x0, 0x0}) sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x3) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r4, &(0x7f0000000000)=0x12f, 0x12) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) syz_io_uring_setup(0x6c27, 0x0, 0x0, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000240)=[@mss, @timestamp, @mss={0x2, 0x1}, @window, @timestamp, @timestamp], 0x6) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) 3.742465876s ago: executing program 3 (id=133): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0xffffffffffffffff}, 0x0) accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000000000000bc0900000000000000000000000000005c03000000000000323f000000000000b102000000000000e306000000000000"]) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$can_bcm(0x1d, 0x2, 0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x32658aeb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x1000}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xe8}, 0x1, 0x0, 0x0, 0x20008084}, 0x0) 2.698151562s ago: executing program 0 (id=134): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0) r3 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r3, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) 2.653194113s ago: executing program 4 (id=135): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$BTRFS_IOC_RM_DEV(r4, 0x5000940b, &(0x7f0000000a80)={{r2}, "fad7b9428d93038f63c4dafa1da7e07527fe756bde6d960d81bfd34ba5cca803ad5bdebe227152d43a607faa0dc407fc189b0d7e7468ab55f146ff0337aed82849987da5e1ab963dda992d377e4eacce0e342581ab9962694df4a98aef6d7813fb8b796948ff95415e9d71a47ede207b1794f624b034487af5832e243034017f4f93e15abf71e2dc1e26f97de375b5a1f1a24f98467d2d07d33c06c55c3f89c8d5282a18faedb7595cdedc33c345c89deca5b925cf8467200094111705e71154b451ed8407d1c89255b27d9b243d3a333b099595c33db04682ac22a418c49f5c39a0918c015e8393d2cb7c20feb2c54c82b6387812412e3237e938369453e1e8030d49fcd1c91bf36f2422d1a72f49b31ec3889ebc0d28c929b0c6736f00b53b9ccfd3934a7d933a8202fd2bdb2a8b0d58d6180c1a69b7fb41255ce92795786d10a8c7d9e4f680517f4e34b1e8f884e81e09bd5ec5ecf38b7b8f1637afb0aee0e708c4074eec24e3141b9e12ced6b4beaedec6d55dbae69d5a63142b3e81997458d7151a84d0d7cd4ebd25d24f3d2a3b4c403ab707fe38aa61cab1b070d4730625f76dc37f201e8698204637fe62fe52ed11ae0d8f98f69d4f92762bcba03b8b42feeca7a9fa9300ca4759ff9d7e9162479f954b1316775fcbfc6640b91dd1cb976ceaf2f9f28040ecfdc0e28bb9705a1b985274c7d08bd96aacd6a00f865f3a22f86ef2ace146c4f40bb20798e0bc2db4ce62f0873c09a85e7892729489a7b9c8c9a2939812595942b1ca2d3260315bc723ac2edf24d88f0f49d586a8065817ad936dc8161e438eb5b845df96b2c9a56eb7535ee9e255f41def5d9e9720857fbfd84b4bf1c97c574f568933df8f25d6df5d74a374e4f9a6a2e76644df77da621a8c9ce947af8f20feda0e22ef467eb210665589823025c9144ec05d80276574d3cae61c639d3b12438e012ffe1ca3823b4b79185ce1896b7a41aa36a47776fade667af70c25d9543bc036f40aec1c521f39239cdbf2748883f86b89349ffee1f528f955bdf6f29686c57a49b66ebfc26ee604316f27f9547cf3c21c221581458246b04d627e29e8b846e099e5d8234ce0db1d3e77130147580622b8eeaa34707ea25369c250ce5f5adc14b7afcfbce3c25e5e65d04858dc056456e2f2d2bd6afb59afae8d63b7ab5b8b6ad3386d52dbcee60c7f0945517a77edeeda33789acdb3b7b3242704d6c51940c004cde1d3a342477607581a92a50716caf93495cbc1a6b2f1be20081f7ba8a013416e6b8433383299b752feabd1455bc336b868b38f5ad73f397f0381a51748ffa8550510837d9128ab095629b7a159c6b0dfadfd8a8bff53c80481c59d861954790c593524d8a53cd8b2f2c234b850ec7576a46074293453a86cb3c0c346a8cbbac65eda4a2130e00053f5a054603776ea1d2975e4badbaa83518dad9274c22ac17f20686f56315340e5581c787a2f71ab3a2063664bcc82c7380a13cc8eb106c036800c7b0f14ed667f39af9a5cc01dcdd5809b534fad505858508845d9c547e19c632cd8024ecd777e193c2258312b7a5998a875d33dd8b861500946852af487bbefa54e9b16a83b6131ac343eacb2558e759a9b6ce5db0f1ab173d457d144fd5a65f092e553e1d0e3f9972ec57d27bb48c78332c7a6fab0d5958c61898b3a5ae8810e2246ae36291cd5f79f9475e697c9da84d05cc8dc197485ad790d2a8da5400583dce8ffa3c8adfe276884ed5d33f0e7bc4fb1748e83884213c10ec673dbbbf55670da7fbdd6d8927cd41106064ce22cd2ae14084c439e8f07e4e261667507c0acb03033f30665dbf928d31ff9cf38f61a46d6d1286065bfad5839b0247c975673839f6f685ebaad9396c5f93b3a5f346202a40969ab5c72d0355fd609d33b9443093a53dfbf8052a405389ce269f71da8ae1fb39b30f6a701f56838ca11527de58850f17b4fcc6397614da8e2e331f06024f1ee7f6a8b2f910711526361244a585dfacb4bab57738d7938adb436cf17cfeceb95016e339aa5f2ba30515f289ba35118d32504f52710044e78666dd2834fc2d9fad35e2df29b10e0557ab4789c7dc718d2d03434062bb58fd824c13a0bc6298ed9bdc3d0cc79d008972fcc9f751af4824b2be0823313581cd2fd2b436f84b14719b93dd95a38941c11af5b51f3b0503f3db3569ac847a93ea9124622044b37b083fcf8882a788041289905296e1bf2eb12aadb5228f366a925269a20f7ca9db7f317d5117a70d93f90b402993a7f84328409bda0fdc6306dd5c126fdb179fde4e4d7314d2ee419c8635e62895f8dffdf73f38188121f7b24dae40531b6e43054d3b9b459df2f2613536819643e6b7038de55ffa43bc9edc72e2038e2bf9da70a4a24a3fce0b8673f7f8f5099fcf0d23ab90c7f8770bdfd23e6aaabf7d110768ff08c8754ff6d962e43ff215d78d2ebd882353490da27dabd92ab08291338eaacf3e1ebe6a7da8286d3d57e272b9eac7c70a9a1bd67fb3f4e3052779422a7e19b7cfb01760f949ce4562ce5ad5292cb607e42d513d1facd0903a87836d5c30c181b5728db474154d3cb4e524ba5e03336534ca9f6b093fd6d9e5b89ede5becc677996321d65e9022d1c00e2907767a51c75c9f0688e4e82e045dc972e6be8948c7fc8a84ca8e1a992d44ac8e7a962a931d8eb3d0c4756b838c1339758a4a563d108d35940366b582c48567b5ca539839fbd327361ed76f4204f8ec84ec6401079a189b271747129c3d0025ccc25c9d7fbea0aa4f6a0e5f10422e9866e42ab0f86d6e9022688652536eef7fd28dc5961670a4058eaec61ba3e11273111be9cc3da57edc16321e1382d20f4cf52827032b5f79e395e742113303b0aa595f7188a417ddfdc3b6259b56f9f8f7b133774bfb5c181f1288713e3144ac4ff69fc146cc633dc70c8aee1da2384b72115b49cdbdfe9508b2e06fcd02df78d895e12cf6f0cf4171c7570809b949c6bfbff07da4018935a186630be06d42a4844521428afbed6b3a34aa0226a948fa12e8bdfbb27d13fd5627093511f52a51a6dcd33e0122d2dd1736885c797e1d1c65c06739790767be42582349c147d52e377732742f176b79243edd2c6b585d5512702ce4a7395835e2ab038a5deff84f7ff0d4622aebcd31c58d2dbbaad54638473e5fb428b827a577215460489001af429b40d0dae3521be9a381913740ea72a8b707d2ed4a12f5791fc2d0ea9674d59d68ff02a7b7dda9b9a1917db6093bf8ba4a186c952434dfd664cf9607d9b194b874c24ad03b04148d6f1951d4127146b22783be7eceefc686c4bef899e6cce8ce1344e9e49cfc0d43633098983a40276b4b4fcbe4ce0b695d58471afcfcce714ff1da6e975bd1494d127fbcda25c0110f596e4e0882e01acc674446d2c6e3d08d8034eebd4432968b1aab2e825eba0f76612ae6617667ad6c823fb8234363d5bb341c440fe0a0cad018b6c36ca317e3473eedbcc5f6740a7fad23b55a6fb626d8093ea62d6f35d2babd391e138b24a4ddfa86fef5487a710289f2994f36e87fadd178a5e139455d398a8809e30d2569650ceee90ad6b68942087ae0e33c49c6f7952b08da8762be2c9066e56d27a69a926fc58c82565877e913bff08e0827c45f9e74c964f282d5023efb21e976b93177464a686150ef09a32c352505c534e467ce014fec144dbbdcc8e2d28b6bf619ddf63a48054406dfa33aa541cb9beafa70cabcd8600cabf93d138de261f6f5b63273691669e363e06bc583bdee1ed210179f2ab50a6bc0a727475551e90b0265e1e8ca02acabe93b596b7a782151d792a5679e21e730b7e964c38a49717d0a1385bbb1b0459916424133149720bf47ac38687178a8b351ae3f29bf4a6ea369c90f85f4f123416c8c09c3f25b133ddcdb71b1289821d81581b78ae66c075c535e30151ae1bd48e787b55cc45951c83b5ce097711df0764feab81f24d63940915c471479c24222bd5569201ac4c56577168b76c1f0684f981df516cf5ac5d4307ef2bf429d818c9809f6669f43b1eb160bdcb817154bc36cd8bd24cd6c75e037edab6fa0fe9a0f19b6dbaf99dd68f0318382ccf8d20fe2fdc08134a86b5b0794a534992751fca4ec726dfca985cc239bae2b04ce49416e07e14f752767d05f6584479b5da973fa22477be64fef48b5f3c07936c2be9fa8b92c9e8a0412a2718932edf53382efe2aa1531bbde87363fee5a15501a490c16d26354c0ffeeccf0d05705a6b68a0b88de1e15736092014273f7494474a24555e7e7a6b4e274a9dd4d534cac979a0e99758203f74309af7b221e925c592ad25e13c7907c1030fc79bb728bce4437047470cf97ebc48f45ef67695585caa73178057802a24e3e4fea0a55111275c738d2b09aa7e7a00e91be43ee507b6533c6c6e9d1848e708240d7547b08bb9121fc024caed12805a0a8bfb72f72c6787b760ccd3657328507050f8ad3e348597b38685ad6d44125266382dbf433a9628c548f89eea1691e92fc755502e4656d2faa2077ab1d749a3d2d0543cd5248db49cdb1a60f006ec8cb5b3ecfc1b6b38ed802a6885c6733dbdfbe9d6c0a0daacda38f9bdbd728bfae407e2be620cd8e66743c70073e38e87ede0daf00e7e6205bc0f5cc3ff5657ad559ad13a865d01357215e2e813153212d13d6817ff2badace7edac682ea459e30b476b98ea7ca540c9ec3f8a0550ab51340e04425e3eb0d36fcfa6612bfe947263322afb876ef4a86edf8adf41f4bf4fd617c2cc57c0639baa79f4e6468258e53b76ae51c83f37b6d128cbe4eaf3e58e7d24a7c24451289c991984bed04ce060e4ee13a0c0e43fc98baae2352366672075a6c8c26165aa538b1bac0765ffda39bfafaa401cea38646e418fc99704540acd08e128121bb0b8ab8e316f924cfdae1002d54e2ef3cf3477558d77881beaa3c31cb9cc2429eaf858ebaf06709910faf26d7433290a3250cca586c0e49c3d2456a6409da11259bc7b7e2345146a360404f3d7333487343d9dfbb2813bbeba56a1e1f90d421aca2d1e6ca075b1fcb5733df856fc45de7fe5dbe6174ebc4a6241576e46503a3f7e4ad18b5965c0525faa3d031b09b2b9aa1874285c874382359e93775a69701bb63fccc33d095aac42e79a74ec9700218add3c93114c0686f6897f3228cf3bee05ca63f709075df1b5e89e44c05feb00356c0de06190b84e09285443e58a361840e93da22a3ab64d8a4a0474466d13738c07c71847b6b2e47adb22db94e92524a08ca0dbb02de2e0eb5c2edb7e29d89ed5c2d76bb2fc5da5cd57b89bfd47465b5a57ebd72261ddfb443a141415670a59ae82acde715d73b4ab62602b9a347764a05a15159d25abfa2e26531efc90cce8692bb61d859ef6ecb4d9d6d44813085915e8d97916127241aa470b55cdf629ad52b7ad48d4253b2539726f26cf169c208a591ed4a3d4c0474446493a2da85d1226e58d988bcd484ed94d8b18f3298815be6627d1eb5bde9a2f8a3864b2e0c772502854afab501e8cbf1425028bebc3aece71cae8fc40f1606902d0ebcb124be02fcfb6a2810f580942e9f6a2871f9e9bd4a43bb3428c8e4cc16c5b7f3f6cf92bc0aec8c7826c2e759d6062c7409e2e770e3780bbff8e390bc9b551d12c5d295dda72b46cbf9a20c76f6881d69ec27a003b6edb5b2983483d06b246cc3cbd2c8524e601ce0d45c7441bb9e1dcd676ccb5ac3a9e59e6d65c4eee6b120b6bb71eafc80f9ca5de3529ff04fc2f3546"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 2.225164226s ago: executing program 3 (id=136): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) socket(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[], 0x48) syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, 0x0) ioctl$UI_DEV_CREATE(r4, 0x5501) socket$l2tp(0x2, 0x2, 0x73) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000900, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x80000000, 0x0, 0x0, 0x6, 0x0, 0x3ff, 0x4}) 2.148967359s ago: executing program 1 (id=137): r0 = fsopen(&(0x7f0000000680)='tracefs\x00', 0x0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1c) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='\xdc\xa0I=\xf8\xd7B\x86\x99U\\>S\x96$\xa4\x85\xc3b7\xfb\x9c\xb9]Ca}\b\xb5\x8a\x81sW\xf3\x9b\xc7Qa\xf57\xdc\x829\xc18\xfc\x87+\xe5ue\x0f\x9b_\xd8M\xdaR\x11O)\xa6\x92u5\x1ftr\x03\xdc\x83\x06\x10\xfa\xd8Yl\xcbZ-wo^\xabz\x87J\xff&l\n\x98\x8aa:7aK\x88\xe0\f\x15\a\v\x9e]\xc2\xa9\x98\x9a}\xb1\xc4H\r\xadK\xb1\xa4,\x02\xac_[>\x1d\xe0\xcf\xa2\x87w\xc5\xda\x9a\x10\xb4`\\\xa6\x1e\xbc\x9f\x8f\xb8o\xae\x00\xc8\x1e\xef\v1^\xa4G8]r\xccGT\xb1\xa1\\\x88\xf2u\xc5\xefto\xd8\xe2\x8a\xcfdG\xc6\xadf\x80:\xb73\xfc\xbe}\'\xb1\x02~`\x9fE\xd5\x04\xa1O<$~Wt\xba\xb97\x93b\x82', 0x0, 0x0) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000080)={0x28, 0x0, 0x0, 0x0, &(0x7f0000236000/0x800000)=nil, 0x800000, 0x400000000000000}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e7cc6120c4108a81ad7d0102030109021b00010000c00509042300010300000009058503"], 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, 0x0) mount$afs(&(0x7f00000001c0)=ANY=[@ANYBLOB="2573794412fda7f65eb4e1726561646f6e5a7500"], 0x0, 0x0, 0x2c0008, &(0x7f00000003c0)={[{@dyn}, {}, {@flock_strict}, {@flock_openafs}, {}, {@flock_local}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@seclabel}, {@flag='sync'}, {@dont_measure}, {@flag='nomand'}]}) r4 = socket$qrtr(0x2a, 0x2, 0x0) r5 = syz_io_uring_setup(0x497, &(0x7f0000000140)={0x0, 0x4b56, 0x0, 0x4, 0x28b}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x20, 0x1}) io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x5) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="6c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7bbf0100000000004c0012800b00010062726964676500003c00028008000500010000000c001e00010000000000000008000500001a0000050025800000000005001800000000000c001f00"], 0x6c}}, 0x0) r9 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r11 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r10, &(0x7f0000000040)) write$FUSE_INIT(r9, &(0x7f0000000140)={0x50}, 0xffd3) 2.145626073s ago: executing program 2 (id=138): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r3, 0x0, {}, 0xfe}, 0x18) connect$can_j1939(r2, &(0x7f0000000040)={0x1d, r3}, 0x18) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x0, {}, 0xfe}, 0x18) connect$can_j1939(r0, &(0x7f0000000640)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18) sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)="8ba1835fdb98d51a4c", 0x9}, 0x1, 0x0, 0x0, 0x2400c840}, 0x48010) r4 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x48, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181, 0x4000, 0x12345}) io_uring_enter(r4, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) sendmmsg(r0, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000002680)="b875431a05b182855f", 0x9}], 0x1}}], 0x1, 0x0) close(0x3) 1.209181669s ago: executing program 0 (id=139): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r0, 0x0, 0x0, 0x9200000000000000) syz_io_uring_setup(0x9e, &(0x7f00000002c0)={0x0, 0xec25, 0x40, 0x3, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, 0x0) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, &(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @private1}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000140)=0xa5cf, 0x4) read(r3, &(0x7f0000002240)=""/4107, 0x100b) r4 = socket$inet6(0xa, 0x2, 0x0) socket$inet6(0xa, 0x1, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(r6, r6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) 1.073302613s ago: executing program 4 (id=140): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r1 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000100)='noblock_validity', 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x10d, &(0x7f00000001c0)={0x0, 0x5885}, 0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(0x0, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'tunl0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0x2}, {0x5, 0xffff}, {0x1, 0x8}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x11}]}}]}, 0x38}}, 0x0) r8 = userfaultfd(0x1) ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_WAKE(r8, 0x8010aa02, &(0x7f0000000200)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[], 0x28}}, 0x0) 1.068423761s ago: executing program 3 (id=141): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffdf9) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000480)=@file={0x0, './file1/file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(0x0, &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r2) setgroups(0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x50, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x50}}, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) 610.075554ms ago: executing program 3 (id=142): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f00000008c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0xc0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r3 = creat(&(0x7f0000000340)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000005c0)=0x20) ioctl$SOUND_MIXER_READ_CAPS(0xffffffffffffffff, 0x80044dfc, 0x0) 0s ago: executing program 2 (id=143): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.99' (ED25519) to the list of known hosts. [ 80.869888][ T5822] cgroup: Unknown subsys name 'net' [ 81.043231][ T5822] cgroup: Unknown subsys name 'cpuset' [ 81.052761][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.863062][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.283728][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.292460][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.301578][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.310709][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.319365][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.324197][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.328052][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.341671][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.350868][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.351424][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.358863][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.377864][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.387808][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.397525][ T5850] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.405764][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.412870][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.418657][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.428395][ T5854] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.438047][ T5855] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.446013][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.446346][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.455069][ T5855] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.461408][ T5853] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.467986][ T5854] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.474770][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.484887][ T5854] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.497519][ T5855] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.506072][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.514104][ T5855] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.525159][ T5855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.251062][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 88.324985][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 88.375033][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 88.598110][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 88.638667][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.645898][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.654223][ T5835] bridge_slave_0: entered allmulticast mode [ 88.661551][ T5835] bridge_slave_0: entered promiscuous mode [ 88.693103][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 88.714583][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.721856][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.729490][ T5835] bridge_slave_1: entered allmulticast mode [ 88.736630][ T5835] bridge_slave_1: entered promiscuous mode [ 88.916781][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.924074][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.932465][ T5838] bridge_slave_0: entered allmulticast mode [ 88.940336][ T5838] bridge_slave_0: entered promiscuous mode [ 88.951592][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.958842][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.966089][ T5838] bridge_slave_1: entered allmulticast mode [ 88.973843][ T5838] bridge_slave_1: entered promiscuous mode [ 89.014958][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.025333][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.033502][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.041239][ T5837] bridge_slave_0: entered allmulticast mode [ 89.048541][ T5837] bridge_slave_0: entered promiscuous mode [ 89.107419][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.135941][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.143595][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.151705][ T5837] bridge_slave_1: entered allmulticast mode [ 89.159335][ T5837] bridge_slave_1: entered promiscuous mode [ 89.239922][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.254267][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.263840][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.271444][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.278906][ T5834] bridge_slave_0: entered allmulticast mode [ 89.285884][ T5834] bridge_slave_0: entered promiscuous mode [ 89.294812][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.301974][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.309418][ T5833] bridge_slave_0: entered allmulticast mode [ 89.316350][ T5833] bridge_slave_0: entered promiscuous mode [ 89.326924][ T5835] team0: Port device team_slave_0 added [ 89.337231][ T5835] team0: Port device team_slave_1 added [ 89.392057][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.399279][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.406434][ T5834] bridge_slave_1: entered allmulticast mode [ 89.414482][ T5834] bridge_slave_1: entered promiscuous mode [ 89.422820][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.434131][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.441511][ T5833] bridge_slave_1: entered allmulticast mode [ 89.449430][ T5833] bridge_slave_1: entered promiscuous mode [ 89.489809][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.504916][ T5838] team0: Port device team_slave_0 added [ 89.511632][ T5855] Bluetooth: hci3: command tx timeout [ 89.547912][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.554969][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.581919][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.589266][ T5855] Bluetooth: hci1: command tx timeout [ 89.592682][ T55] Bluetooth: hci2: command tx timeout [ 89.597946][ T5848] Bluetooth: hci4: command tx timeout [ 89.603700][ T55] Bluetooth: hci0: command tx timeout [ 89.612893][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.621835][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.647891][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.663760][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.676310][ T5838] team0: Port device team_slave_1 added [ 89.792241][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.805621][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.822815][ T5837] team0: Port device team_slave_0 added [ 89.832436][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.842718][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.849814][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.876194][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.888614][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.895583][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.921916][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.935734][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.958966][ T5837] team0: Port device team_slave_1 added [ 90.051384][ T5833] team0: Port device team_slave_0 added [ 90.077421][ T5835] hsr_slave_0: entered promiscuous mode [ 90.084933][ T5835] hsr_slave_1: entered promiscuous mode [ 90.111696][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.119194][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.145556][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.160404][ T5833] team0: Port device team_slave_1 added [ 90.169929][ T5834] team0: Port device team_slave_0 added [ 90.180158][ T5834] team0: Port device team_slave_1 added [ 90.199163][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.206157][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.232596][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.310439][ T5838] hsr_slave_0: entered promiscuous mode [ 90.317017][ T5838] hsr_slave_1: entered promiscuous mode [ 90.324678][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.332610][ T5838] Cannot create hsr debugfs directory [ 90.361869][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.368983][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.395460][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.469418][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.476409][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.503789][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.516044][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.523492][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.550195][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.618541][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.625522][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.652384][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.792897][ T5837] hsr_slave_0: entered promiscuous mode [ 90.799848][ T5837] hsr_slave_1: entered promiscuous mode [ 90.806010][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.813687][ T5837] Cannot create hsr debugfs directory [ 90.941097][ T5833] hsr_slave_0: entered promiscuous mode [ 90.947474][ T5833] hsr_slave_1: entered promiscuous mode [ 90.953867][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.961474][ T5833] Cannot create hsr debugfs directory [ 91.002021][ T5834] hsr_slave_0: entered promiscuous mode [ 91.008765][ T5834] hsr_slave_1: entered promiscuous mode [ 91.014947][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.023085][ T5834] Cannot create hsr debugfs directory [ 91.433859][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.497715][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.517948][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.566967][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.588505][ T55] Bluetooth: hci3: command tx timeout [ 91.654654][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.666891][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.674095][ T55] Bluetooth: hci4: command tx timeout [ 91.678466][ T5839] Bluetooth: hci1: command tx timeout [ 91.679559][ T55] Bluetooth: hci2: command tx timeout [ 91.684852][ T5839] Bluetooth: hci0: command tx timeout [ 91.704152][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.716943][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.817397][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.838153][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.862997][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.894211][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.995221][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.006486][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.020691][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.035022][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.185114][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.202800][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.220931][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.243765][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.312045][ T47] cfg80211: failed to load regulatory.db [ 92.325523][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.360002][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.442899][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.455730][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.486429][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.493776][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.540755][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.547910][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.589295][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.596431][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.606555][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.613788][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.666601][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.785519][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.843396][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.865803][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.873052][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.932924][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.940164][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.994954][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.094020][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.120729][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.223255][ T1135] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.230511][ T1135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.265651][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.273418][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.284971][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.292117][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.331941][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.339181][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.444834][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.477500][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.668513][ T5839] Bluetooth: hci3: command tx timeout [ 93.750523][ T5839] Bluetooth: hci0: command tx timeout [ 93.756001][ T5839] Bluetooth: hci2: command tx timeout [ 93.761600][ T5848] Bluetooth: hci1: command tx timeout [ 93.761622][ T55] Bluetooth: hci4: command tx timeout [ 93.775907][ T5835] veth0_vlan: entered promiscuous mode [ 93.846567][ T5838] veth0_vlan: entered promiscuous mode [ 93.884986][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.896478][ T5835] veth1_vlan: entered promiscuous mode [ 93.934909][ T5838] veth1_vlan: entered promiscuous mode [ 94.092697][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.141639][ T5835] veth0_macvtap: entered promiscuous mode [ 94.158059][ T5838] veth0_macvtap: entered promiscuous mode [ 94.199781][ T5837] veth0_vlan: entered promiscuous mode [ 94.222581][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.249425][ T5837] veth1_vlan: entered promiscuous mode [ 94.257230][ T5835] veth1_macvtap: entered promiscuous mode [ 94.273372][ T5838] veth1_macvtap: entered promiscuous mode [ 94.357466][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.404698][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.416444][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.430892][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.444789][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.485770][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.495097][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.506448][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.515410][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.532938][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.543936][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.557526][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.585310][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.594381][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.604278][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.613331][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.636738][ T5837] veth0_macvtap: entered promiscuous mode [ 94.667910][ T5837] veth1_macvtap: entered promiscuous mode [ 94.684672][ T5833] veth0_vlan: entered promiscuous mode [ 94.772819][ T5833] veth1_vlan: entered promiscuous mode [ 94.833084][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.845149][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.855566][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.873228][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.885006][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.964213][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.975258][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.987733][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.000483][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.012647][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.024728][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.034567][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.061172][ T5834] veth0_vlan: entered promiscuous mode [ 95.076523][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.085723][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.094950][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.104443][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.139807][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.147875][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.216197][ T5833] veth0_macvtap: entered promiscuous mode [ 95.233725][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.234160][ T5834] veth1_vlan: entered promiscuous mode [ 95.247301][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.309418][ T5833] veth1_macvtap: entered promiscuous mode [ 95.329547][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.343909][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.481346][ T5834] veth0_macvtap: entered promiscuous mode [ 95.507547][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.524857][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.543950][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.547972][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.572960][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.585214][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.596308][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.607867][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.621204][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.631877][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.642843][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.653613][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.663802][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.680043][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.692940][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.725822][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.742417][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.750184][ T55] Bluetooth: hci3: command tx timeout [ 95.785130][ T5834] veth1_macvtap: entered promiscuous mode [ 95.813468][ T5833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.827563][ T5833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.836828][ T55] Bluetooth: hci2: command tx timeout [ 95.836885][ T55] Bluetooth: hci1: command tx timeout [ 95.836921][ T55] Bluetooth: hci0: command tx timeout [ 95.845978][ T5839] Bluetooth: hci4: command tx timeout [ 95.849385][ T5833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.870848][ T5833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.963126][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.976068][ T5926] 9pnet_fd: Insufficient options for proto=fd [ 95.984513][ T5926] vivid-001: disconnect [ 95.990734][ T5925] vivid-001: reconnect [ 96.025602][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.156081][ T5929] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.184649][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.203982][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.337748][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.356044][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.375150][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.386165][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.404332][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.416539][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.456449][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.506099][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.268415][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.291056][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.302099][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.312338][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.323201][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.333702][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.344648][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.359851][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.582348][ T5834] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.634807][ T5834] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.693744][ T5834] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.702713][ T5834] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.840021][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.847896][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.059553][ T5902] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 100.091807][ T3015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.138004][ T3015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.265720][ T5902] usb 3-1: Using ep0 maxpacket: 8 [ 100.428170][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.690240][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.930549][ T5966] 9pnet_fd: Insufficient options for proto=fd [ 100.946415][ T5966] vivid-001: disconnect [ 100.956532][ T5965] vivid-001: reconnect [ 101.057359][ T5902] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 101.070911][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 101.079306][ T5902] usb 3-1: Product: syz [ 101.083676][ T5902] usb 3-1: Manufacturer: syz [ 101.088352][ T5902] usb 3-1: SerialNumber: syz [ 101.105314][ T5902] usb 3-1: config 0 descriptor?? [ 101.133206][ T5902] gspca_main: sq930x-2.14.0 probing 2770:930c [ 101.235358][ T5964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.930398][ T5964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.088841][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 103.138846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.139158][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.162443][ T5902] gspca_sq930x: reg_w 0105 0f00 failed -71 [ 103.208679][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.112009][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.262626][ T5902] gspca_sq930x: Sensor ov9630 not yet treated [ 104.281867][ T5902] sq930x 3-1:0.0: probe with driver sq930x failed with error -22 [ 104.318081][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.328017][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.224077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.238377][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!! [ 105.458538][ T5902] usb 3-1: USB disconnect, device number 2 [ 106.744595][ T29] audit: type=1326 audit(1739134929.323:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 106.869342][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 106.996372][ T29] audit: type=1326 audit(1739134929.323:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.105104][ T29] audit: type=1326 audit(1739134929.333:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.168680][ T29] audit: type=1326 audit(1739134929.333:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.302615][ T29] audit: type=1326 audit(1739134929.333:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.525345][ T29] audit: type=1326 audit(1739134929.333:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.759414][ T6011] 9pnet_fd: Insufficient options for proto=fd [ 107.770244][ T29] audit: type=1326 audit(1739134929.333:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 107.872989][ T29] audit: type=1326 audit(1739134929.333:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 108.082772][ T29] audit: type=1326 audit(1739134929.333:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 108.106937][ T29] audit: type=1326 audit(1739134929.343:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d958cde9 code=0x7ffc0000 [ 110.564849][ T6035] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 110.959559][ T6038] xt_cgroup: invalid path, errno=-2 [ 112.668109][ T6052] 9pnet_fd: Insufficient options for proto=fd [ 112.988948][ T5902] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 113.880878][ T5902] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.934516][ T5902] usb 2-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00 [ 114.020462][ T5902] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.125412][ T5902] usb 2-1: config 0 descriptor?? [ 116.629613][ T5902] asus 0003:0B05:17E0.0001: hidraw0: USB HID v0.80 Device [HID 0b05:17e0] on usb-dummy_hcd.1-1/input0 [ 116.664791][ T5902] asus 0003:0B05:17E0.0001: Asus input not registered [ 116.676743][ T6053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.704418][ T6053] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.742535][ T5902] asus 0003:0B05:17E0.0001: probe with driver asus failed with error -12 [ 117.284904][ T8] usb 2-1: USB disconnect, device number 2 [ 118.301295][ T6098] 9pnet_fd: Insufficient options for proto=fd [ 119.611953][ T6109] syz.3.52 uses obsolete (PF_INET,SOCK_PACKET) [ 120.651371][ T6117] bond1: entered promiscuous mode [ 122.217949][ T6135] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.605858][ T6148] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 123.719222][ T6155] process 'syz.0.59' launched './file0' with NULL argv: empty string added [ 123.951340][ T6161] Zero length message leads to an empty skb [ 125.039386][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 125.039405][ T29] audit: type=1326 audit(1739134948.373:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.0.67" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff63378cde9 code=0x0 [ 131.048740][ T5839] Bluetooth: hci4: command 0x0406 tx timeout [ 132.856181][ T6246] netlink: 16 bytes leftover after parsing attributes in process `syz.3.90'. [ 133.339693][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.346510][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.906109][ T6327] 9pnet_fd: Insufficient options for proto=fd [ 145.975021][ T6374] netlink: 76 bytes leftover after parsing attributes in process `syz.0.127'. [ 146.016714][ T6374] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 146.028087][ T6374] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 148.364278][ T6390] block device autoloading is deprecated and will be removed. [ 148.557181][ T6392] smc: net device bond0 applied user defined pnetid SYZ2 [ 149.469049][ T3415] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 150.524026][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807b000400: rx timeout, send abort [ 151.033435][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807b000400: abort rx timeout. Force session deactivation [ 151.208335][ T3415] usb 2-1: Using ep0 maxpacket: 32 [ 151.228502][ T6424] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN PTI [ 151.241131][ T6424] KASAN: null-ptr-deref in range [0x0000000000000048-0x000000000000004f] [ 151.249571][ T6424] CPU: 0 UID: 0 PID: 6424 Comm: syz.3.142 Not tainted 6.14.0-rc1-next-20250207-syzkaller #0 [ 151.259655][ T6424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 151.269737][ T6424] RIP: 0010:clone_private_mount+0x184/0x3e0 [ 151.275669][ T6424] Code: 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 83 c3 48 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 4d 89 fc 74 08 48 89 df e8 0b c6 e4 ff 48 8b 1b 31 ff [ 151.295294][ T6424] RSP: 0018:ffffc9000c24f958 EFLAGS: 00010206 [ 151.301379][ T6424] RAX: 0000000000000009 RBX: 0000000000000048 RCX: dffffc0000000000 [ 151.309344][ T6424] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888032f29a50 [ 151.317301][ T6424] RBP: 0000000000000000 R08: ffffffff8ea81da7 R09: 1ffffffff1d503b4 [ 151.325273][ T6424] R10: dffffc0000000000 R11: fffffbfff1d503b5 R12: ffff888032f29a40 [ 151.333239][ T6424] R13: ffff888032f29a60 R14: 1ffff1102845e0e0 R15: ffff8881422f0700 [ 151.341293][ T6424] FS: 00007fb8d73d56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 151.350649][ T6424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.357226][ T6424] CR2: 0000400000001000 CR3: 0000000034ef6000 CR4: 00000000003526f0 [ 151.365191][ T6424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 151.373153][ T6424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 151.381112][ T6424] Call Trace: [ 151.384379][ T6424] [ 151.387300][ T6424] ? __die_body+0x5f/0xb0 [ 151.391629][ T6424] ? die_addr+0xb0/0xe0 [ 151.395779][ T6424] ? exc_general_protection+0x3dd/0x5d0 [ 151.401336][ T6424] ? asm_exc_general_protection+0x26/0x30 [ 151.407053][ T6424] ? clone_private_mount+0x184/0x3e0 [ 151.412327][ T6424] ? clone_private_mount+0x83/0x3e0 [ 151.417511][ T6424] ? _raw_spin_unlock+0x28/0x50 [ 151.422361][ T6424] ovl_fill_super+0xe4c/0x3560 [ 151.427122][ T6424] ? shrinker_register+0x118/0x230 [ 151.432232][ T6424] ? __pfx_lock_release+0x10/0x10 [ 151.437261][ T6424] ? __pfx_ovl_fill_super+0x10/0x10 [ 151.442455][ T6424] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 151.448266][ T6424] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 151.454249][ T6424] ? sget_fc+0x909/0x9c0 [ 151.458492][ T6424] ? __pfx_set_anon_super_fc+0x10/0x10 [ 151.463967][ T6424] ? __pfx_ovl_fill_super+0x10/0x10 [ 151.469160][ T6424] get_tree_nodev+0xb7/0x140 [ 151.473747][ T6424] vfs_get_tree+0x90/0x2b0 [ 151.478166][ T6424] do_new_mount+0x2be/0xb40 [ 151.482681][ T6424] ? __pfx_do_new_mount+0x10/0x10 [ 151.487721][ T6424] __se_sys_mount+0x2d6/0x3c0 [ 151.492403][ T6424] ? __pfx___se_sys_mount+0x10/0x10 [ 151.497603][ T6424] ? do_syscall_64+0x100/0x230 [ 151.502364][ T6424] ? __x64_sys_mount+0x20/0xc0 [ 151.507120][ T6424] do_syscall_64+0xf3/0x230 [ 151.511627][ T6424] ? clear_bhb_loop+0x35/0x90 [ 151.516306][ T6424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.522465][ T6424] RIP: 0033:0x7fb8d958cde9 [ 151.526890][ T6424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.546522][ T6424] RSP: 002b:00007fb8d73d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 151.554942][ T6424] RAX: ffffffffffffffda RBX: 00007fb8d97a6080 RCX: 00007fb8d958cde9 [ 151.562905][ T6424] RDX: 0000400000000340 RSI: 00004000000000c0 RDI: 0000000000000000 [ 151.570868][ T6424] RBP: 00007fb8d960e2a0 R08: 0000400000000080 R09: 0000000000000000 [ 151.578839][ T6424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.586803][ T6424] R13: 0000000000000000 R14: 00007fb8d97a6080 R15: 00007ffc250e1958 [ 151.594776][ T6424] [ 151.597785][ T6424] Modules linked in: [ 151.602996][ T6424] ---[ end trace 0000000000000000 ]--- [ 151.609816][ T6424] RIP: 0010:clone_private_mount+0x184/0x3e0 [ 151.615856][ T6424] Code: 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 83 c3 48 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 4d 89 fc 74 08 48 89 df e8 0b c6 e4 ff 48 8b 1b 31 ff [ 151.636161][ T6424] RSP: 0018:ffffc9000c24f958 EFLAGS: 00010206 [ 151.642765][ T6424] RAX: 0000000000000009 RBX: 0000000000000048 RCX: dffffc0000000000 [ 151.650909][ T6424] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888032f29a50 [ 151.659137][ T6424] RBP: 0000000000000000 R08: ffffffff8ea81da7 R09: 1ffffffff1d503b4 [ 151.659327][ T3415] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 151.675487][ T6424] R10: dffffc0000000000 R11: fffffbfff1d503b5 R12: ffff888032f29a40 [ 151.683601][ T6424] R13: ffff888032f29a60 R14: 1ffff1102845e0e0 R15: ffff8881422f0700 [ 151.691663][ T6424] FS: 00007fb8d73d56c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 151.700680][ T6424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.707287][ T6424] CR2: 00007fc16a873440 CR3: 0000000034ef6000 CR4: 00000000003526f0 [ 151.715488][ T6424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 151.723553][ T6424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 151.732728][ T6424] Kernel panic - not syncing: Fatal exception [ 151.739106][ T6424] Kernel Offset: disabled [ 151.743422][ T6424] Rebooting in 86400 seconds..