last executing test programs: 4.692293216s ago: executing program 2 (id=748): r0 = socket$inet(0x2, 0x3, 0x4) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x58, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_blackhole={0xe}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x58}}, 0x0) 4.421822791s ago: executing program 2 (id=752): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x18}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c010000270001"], 0x13c}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000640)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd606b88ef00053a00fc010000000000000000000000000000fe8000000000000000000000000000aa"], 0x0) 4.112368594s ago: executing program 2 (id=756): socket$nl_generic(0x10, 0x3, 0x10) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) getsockopt$bt_BT_SECURITY(r0, 0x12, 0x4, 0x0, 0xf0ff1f00000000) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@enum={0x0, 0x0, 0x0, 0x10}, @volatile={0x0, 0x0, 0x0, 0x9, 0x1}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x7, [{0x0, 0x2, 0x1}]}]}}, 0x0, 0x4a}, 0x20) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20) r3 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'geneve0\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b051000e0ff030006004788aa96a13bb100000000000800400f", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r5}, 0x14) sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=@ipv4_getnetconf={0x0, 0x52, 0x321, 0x70bd2c, 0x25dfdbfd, {}, [@NETCONFA_RP_FILTER={0x0, 0x3, 0x8}, @NETCONFA_PROXY_NEIGH={0x0, 0x5, 0x9}, @NETCONFA_PROXY_NEIGH={0x0, 0x5, 0x8}]}, 0x5f}, 0x1, 0x0, 0x0, 0x4000}, 0x880) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00') connect$unix(0xffffffffffffffff, 0x0, 0x0) 2.724860104s ago: executing program 0 (id=768): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r2, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x408c5333, &(0x7f0000000500)) tkill(r1, 0x7) 2.484332007s ago: executing program 0 (id=770): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x3, &(0x7f00000001c0)=@framed={{}, [], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x90) 2.417925457s ago: executing program 0 (id=771): unshare(0x4020400) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r2 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x202ddd, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) io_uring_setup(0x3eab, &(0x7f0000000400)={0x0, 0xfffffffd, 0x0, 0x1}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) 1.740359164s ago: executing program 4 (id=774): r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) r2 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000), &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0x381b, 0x0, 0x0, 0x0, 0x0) connect$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) 1.547324283s ago: executing program 4 (id=776): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000006e100000000000001d400500000000004704000001ed00000f030000000000007f440000000000006b0ab0fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cde538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82684d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca48"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) 1.511872478s ago: executing program 2 (id=777): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d69") ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70}) 1.458866434s ago: executing program 0 (id=778): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001040)={r0, r2}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000280)="0c78bca32c37898d78318e236899", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.396283074s ago: executing program 3 (id=779): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x18}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c010000270001"], 0x13c}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000640)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd606b88ef00053a00fc010000000000000000000000000000fe8000000000000000000000000000aa"], 0x0) 1.238112382s ago: executing program 3 (id=781): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000001000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) write$6lowpan_control(r1, &(0x7f0000000000)='disconnect aa:aa:aa:aa:aa:11 2', 0x1e) 1.152413057s ago: executing program 4 (id=782): bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x54}}, 0x0}, 0x90) 1.152193106s ago: executing program 2 (id=783): unshare(0x4020400) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r2 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x202ddd, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)) 1.138638336s ago: executing program 0 (id=784): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001a000100000000000000000002000000000000000000000004001e"], 0x20}}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xdb, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xec, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x3ff, 0x800, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r2, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000870000001801000020786c2500000000002020207b1af8ff00000000bfa108000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x23}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000001000000018000180140002006e657464657673696d3000000000000008000f0000000000"], 0x34}}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10001800", 0x33fe0}], 0x1}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000cc0), r6) sendmsg$IEEE802154_LLSEC_LIST_KEY(r5, &(0x7f0000001340)={0x0, 0x6, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r7, 0x325}, 0x14}}, 0x0) 1.035577605s ago: executing program 4 (id=785): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 932.281939ms ago: executing program 1 (id=786): r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) r2 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000), &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0x381b, 0x0, 0x0, 0x0, 0x0) connect$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) 803.433579ms ago: executing program 1 (id=787): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0}, 0x90) 787.464659ms ago: executing program 0 (id=788): unshare(0x4020400) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r2 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x202ddd, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) io_uring_setup(0x3eab, &(0x7f0000000400)={0x0, 0xfffffffd, 0x0, 0x1}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) 724.313146ms ago: executing program 3 (id=789): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6}]}}, 0x0, 0x2a, 0x0, 0x1}, 0x20) 724.126173ms ago: executing program 4 (id=790): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f00000001c0)=@framed={{}, [@ldst={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x90) 572.927188ms ago: executing program 3 (id=791): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x18}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c010000270001"], 0x13c}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000640)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd606b88ef00053a00fc010000000000000000000000000000fe8000000000000000000000000000aa"], 0x0) 540.882467ms ago: executing program 1 (id=792): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000006e100000000000001d400500000000004704000001ed00000f030000000000007f440000000000006b0ab0fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cde538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82684d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) 404.010345ms ago: executing program 1 (id=793): bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96030000000000000004bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd846ac8f823402eea2bdeaf5e99514e64e36cad5eba82010b2d149aa72e5f070000000000000000000000002904000000003a4a00009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0ee478e46c8ca3e4c5d2b3cb4ad480100000000000000dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cbe97565d5000000000000000455355d5d55f551df82ea475a711ec56d00000000507c093f4fad7095fbec5b005ebb710d87"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195}, 0x48) 292.313688ms ago: executing program 4 (id=794): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001040)={r0, r2}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000280)="0c78bca32c37898d78318e236899", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 243.495088ms ago: executing program 3 (id=795): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d69") ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70}) 209.336936ms ago: executing program 1 (id=796): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r2, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x408c5333, &(0x7f0000000500)) tkill(r1, 0x7) 132.073124ms ago: executing program 2 (id=797): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) r2 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000), &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0x381b, 0x0, 0x0, 0x0, 0x0) connect$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) 175.396µs ago: executing program 3 (id=798): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001a000100000000000000000002000000000000000000000004001e"], 0x20}}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xdb, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xec, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x3ff, 0x800, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r2, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000870000001801000020786c2500000000002020207b1af8ff00000000bfa108000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x23}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000001000000018000180140002006e657464657673696d3000000000000008000f0000000000"], 0x34}}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10001800", 0x33fe0}], 0x1}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000cc0), r6) sendmsg$IEEE802154_LLSEC_LIST_KEY(r5, &(0x7f0000001340)={0x0, 0x6, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r7, 0x325}, 0x14}}, 0x0) 0s ago: executing program 1 (id=799): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000001000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$6lowpan_control(r1, &(0x7f0000000000)='disconnect aa:aa:aa:aa:aa:11 2', 0x1e) kernel console output (not intermixed with test programs): 28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.546790][ T5246] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 91.608444][ T928] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 92.599401][ T8] cfg80211: failed to load regulatory.db [ 92.619962][ T928] cdc_acm 4-1:1.0: ttyACM0: USB ACM device [ 92.636929][ T928] usb 4-1: USB disconnect, device number 2 [ 92.671741][ T5205] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 92.792028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.894204][ T5205] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 92.945334][ T5205] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 92.982258][ T5205] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.035721][ T5205] usb 3-1: config 0 descriptor?? [ 93.053732][ T5283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.35'. [ 93.069204][ T5205] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 93.383700][ T5105] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 93.396150][ T5105] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 93.405482][ T5105] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 93.425647][ T5105] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 93.442317][ T5105] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 93.449849][ T5105] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 94.019550][ T5091] syz-executor (5091) used greatest stack depth: 18680 bytes left [ 94.285933][ T46] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 94.475527][ T46] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 94.487205][ T2810] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.555941][ T46] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 94.610461][ T46] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 94.620264][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.653036][ T5293] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 94.739718][ T2810] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.798898][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 94.852794][ T2810] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.917460][ T5286] chnl_net:caif_netlink_parms(): no params data found [ 95.000584][ T2810] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.005689][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.044102][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.056126][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 95.069862][ T25] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 95.079739][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.105941][ T25] usb 2-1: config 0 descriptor?? [ 95.247156][ T5286] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.275177][ T5286] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.301327][ T5286] bridge_slave_0: entered allmulticast mode [ 95.325923][ T5286] bridge_slave_0: entered promiscuous mode [ 95.369408][ T5286] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.378395][ T5286] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.388984][ T5286] bridge_slave_1: entered allmulticast mode [ 95.397842][ T5286] bridge_slave_1: entered promiscuous mode [ 95.501853][ T4488] Bluetooth: hci5: command tx timeout [ 95.553312][ T2810] bridge_slave_1: left allmulticast mode [ 95.562390][ T2810] bridge_slave_1: left promiscuous mode [ 95.569454][ T2810] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.591212][ T25] acrux 0003:1A34:0802.0001: item fetching failed at offset 3/5 [ 95.604090][ T25] acrux 0003:1A34:0802.0001: parse failed [ 95.610222][ T25] acrux 0003:1A34:0802.0001: probe with driver acrux failed with error -22 [ 95.618410][ T2810] bridge_slave_0: left allmulticast mode [ 95.666795][ T2810] bridge_slave_0: left promiscuous mode [ 95.673483][ T2810] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.751204][ T8] usb 3-1: USB disconnect, device number 3 [ 95.758914][ T46] aiptek 1-1:17.0: Aiptek using 400 ms programming speed [ 95.774797][ T928] usb 2-1: USB disconnect, device number 2 [ 95.780852][ T5149] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 95.798863][ T46] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input5 [ 95.954132][ C1] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 95.997855][ T46] usb 1-1: USB disconnect, device number 2 [ 96.007478][ T5149] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 96.036266][ T5149] usb 4-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 96.091769][ T5149] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 96.112205][ T5149] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.418226][ T5320] netlink: 12 bytes leftover after parsing attributes in process `syz.0.46'. [ 96.531681][ T928] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 96.586149][ T5149] aiptek 4-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 96.602975][ T5149] usb 4-1: USB disconnect, device number 3 [ 96.712534][ T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!! [ 96.743101][ T928] usb 3-1: Using ep0 maxpacket: 16 [ 96.753068][ T928] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.788577][ T928] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 96.811796][ T928] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 96.822400][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 96.841384][ T928] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 96.856359][ T928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.862247][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 96.871062][ T5318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 96.902355][ T928] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 96.946938][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 96.969508][ T2810] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 97.016407][ T2810] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 97.036116][ T2810] bond0 (unregistering): Released all slaves [ 97.088153][ T5286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.101291][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.110828][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.169634][ T5286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.189345][ T928] cdc_acm 3-1:1.0: ttyACM0: USB ACM device [ 97.243370][ T928] usb 3-1: USB disconnect, device number 4 [ 97.582517][ T4488] Bluetooth: hci5: command tx timeout [ 97.723980][ T5286] team0: Port device team_slave_0 added [ 97.762248][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 97.875249][ T5286] team0: Port device team_slave_1 added [ 97.976178][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 98.020555][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 98.058703][ T8] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 98.091683][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.152687][ T8] usb 2-1: config 0 descriptor?? [ 98.272145][ T2810] hsr_slave_0: left promiscuous mode [ 98.290929][ T2810] hsr_slave_1: left promiscuous mode [ 98.335008][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.351346][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.415189][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.443892][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.788439][ T8] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor [ 98.819165][ T2810] veth1_macvtap: left promiscuous mode [ 99.002405][ T2810] veth0_macvtap: left promiscuous mode [ 99.009683][ T2810] veth1_vlan: left promiscuous mode [ 99.023527][ T2810] veth0_vlan: left promiscuous mode [ 99.059928][ T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0002/input/input7 [ 99.299529][ T8] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 99.346423][ T8] usb 2-1: USB disconnect, device number 3 [ 99.662851][ T4488] Bluetooth: hci5: command tx timeout [ 100.083833][ T5387] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.462374][ T5206] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 100.673983][ T5206] usb 1-1: Using ep0 maxpacket: 16 [ 100.693085][ T5206] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.724352][ T5206] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 100.739922][ T5206] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 100.768794][ T5206] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 100.780297][ T5206] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.798663][ T5389] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 100.830775][ T5206] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 100.931816][ T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 101.051964][ T5206] cdc_acm 1-1:1.0: ttyACM0: USB ACM device [ 101.105703][ T5206] usb 1-1: USB disconnect, device number 3 [ 101.123704][ T2810] team0 (unregistering): Port device team_slave_1 removed [ 101.134691][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.179213][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.215320][ T8] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 101.228130][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.244970][ T8] usb 3-1: config 0 descriptor?? [ 101.368709][ T2810] team0 (unregistering): Port device team_slave_0 removed [ 101.737510][ T8] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor [ 101.741923][ T4488] Bluetooth: hci5: command tx timeout [ 101.806739][ T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0003/input/input8 [ 102.037691][ T8] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 102.082646][ T8] usb 3-1: USB disconnect, device number 5 [ 102.976367][ T5286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.984599][ T5286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.022656][ T5286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.106880][ T5286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.147916][ T5286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.182196][ T5206] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 103.237665][ T5286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.418141][ T5206] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 103.444198][ T5206] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 103.469364][ T5206] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 103.498176][ T5206] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.535035][ T5445] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 103.567205][ T5286] hsr_slave_0: entered promiscuous mode [ 103.612353][ T5286] hsr_slave_1: entered promiscuous mode [ 103.652446][ T5286] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.661730][ T5286] Cannot create hsr debugfs directory [ 104.382337][ T46] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 104.584361][ T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 104.642592][ T46] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 104.679259][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.695500][ T5206] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 104.724105][ T46] usb 4-1: config 0 descriptor?? [ 104.758765][ T5206] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input9 [ 104.764080][ T46] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 104.897659][ C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 104.908015][ T5206] usb 3-1: USB disconnect, device number 6 [ 105.270068][ T5496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.101'. [ 105.336303][ T5496] wireguard0: entered allmulticast mode [ 106.554283][ T5286] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 106.623572][ T5286] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 106.659948][ T5286] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 106.711229][ T5286] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 106.912120][ T5205] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 107.024834][ T5286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.950958][ T25] usb 4-1: USB disconnect, device number 4 [ 107.973153][ T5205] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48 [ 108.023957][ T5205] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 108.055795][ T5286] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.072269][ T5205] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 108.109383][ T5205] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 108.121148][ T2530] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.123149][ T5205] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.128504][ T2530] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.162580][ T5205] usb 3-1: Product: syz [ 108.184519][ T5205] usb 3-1: Manufacturer: syz [ 108.216644][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.223828][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.255965][ T5205] usb 3-1: SerialNumber: syz [ 108.303900][ T5205] usb 3-1: config 0 descriptor?? [ 108.334974][ T5205] usb-storage 3-1:0.0: USB Mass Storage device detected [ 108.397292][ T5205] usb-storage 3-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 108.582491][ T5205] usb 3-1: USB disconnect, device number 7 [ 109.027450][ T5567] netlink: 'syz.0.120': attribute type 4 has an invalid length. [ 109.241331][ T5286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.346803][ T5286] veth0_vlan: entered promiscuous mode [ 110.394056][ T5608] input: syz0 as /devices/virtual/input/input10 [ 110.414965][ T5286] veth1_vlan: entered promiscuous mode [ 110.621239][ T5286] veth0_macvtap: entered promiscuous mode [ 110.664890][ T5286] veth1_macvtap: entered promiscuous mode [ 110.756030][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.796241][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.821083][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.845012][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.875787][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.900180][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.920553][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.942516][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.993212][ T5286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.060039][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.116869][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.146858][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.213943][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.244308][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.286216][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.317483][ T5286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.369142][ T5286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.403600][ T5286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.476704][ T5286] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.530997][ T5286] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.565546][ T5286] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.651513][ T5286] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.081807][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.081876][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.216996][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.245241][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.931729][ T5154] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 113.153960][ T5154] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 113.180719][ T5154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.231210][ T5154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.271010][ T5154] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 113.337807][ T5154] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 113.362680][ T5154] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 113.371030][ T5154] usb 5-1: Manufacturer: syz [ 113.385477][ T5154] usb 5-1: config 0 descriptor?? [ 113.834768][ T5675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.868285][ T5675] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.455862][ T5724] ======================================================= [ 115.455862][ T5724] WARNING: The mand mount option has been deprecated and [ 115.455862][ T5724] and is ignored by this kernel. Remove the mand [ 115.455862][ T5724] option from the mount to silence this warning. [ 115.455862][ T5724] ======================================================= [ 116.145860][ T5154] usbhid 5-1:0.0: can't add hid device: -71 [ 116.163565][ T5154] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 116.186466][ T5154] usb 5-1: USB disconnect, device number 2 [ 117.069094][ T5746] netlink: 4 bytes leftover after parsing attributes in process `syz.4.166'. [ 117.148059][ T5746] wireguard0: entered allmulticast mode [ 120.111992][ T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 120.393112][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 120.415449][ T8] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7 [ 120.444677][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.481853][ T8] usb 3-1: Product: syz [ 120.511104][ T8] usb 3-1: Manufacturer: syz [ 120.540922][ T8] usb 3-1: SerialNumber: syz [ 120.578671][ T8] usb 3-1: config 0 descriptor?? [ 120.616881][ T8] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 120.880407][ T5805] input: syz0 as /devices/virtual/input/input11 [ 120.928310][ T8] usb 3-1: USB disconnect, device number 8 [ 121.254456][ T5105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 121.264922][ T5105] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 121.273804][ T5105] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 121.284552][ T5105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 121.292631][ T5105] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 121.300078][ T5105] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 122.869694][ T140] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.208084][ T140] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.319115][ T5105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 123.327975][ T5105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 123.336737][ T5105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 123.343999][ T5105] Bluetooth: hci2: command tx timeout [ 123.410711][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 123.426704][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 123.436598][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 123.468988][ T140] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.612754][ T140] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.988814][ T5849] syz.4.203[5849] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.988995][ T5849] syz.4.203[5849] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.069135][ T5852] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0) [ 124.231166][ T5812] chnl_net:caif_netlink_parms(): no params data found [ 124.356996][ T5854] netlink: 'syz.4.205': attribute type 27 has an invalid length. [ 124.623885][ T140] bridge_slave_1: left allmulticast mode [ 124.629608][ T140] bridge_slave_1: left promiscuous mode [ 124.635725][ T140] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.665037][ T140] bridge_slave_0: left allmulticast mode [ 124.672679][ T140] bridge_slave_0: left promiscuous mode [ 124.678653][ T140] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.530756][ T54] Bluetooth: hci2: command tx timeout [ 125.536474][ T54] Bluetooth: hci0: command tx timeout [ 127.597970][ T4488] Bluetooth: hci0: command tx timeout [ 127.597992][ T54] Bluetooth: hci2: command tx timeout [ 128.258347][ T140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.278333][ T140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.300960][ T140] bond0 (unregistering): Released all slaves [ 128.698234][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.727042][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.757693][ T5812] bridge_slave_0: entered allmulticast mode [ 128.773487][ T5812] bridge_slave_0: entered promiscuous mode [ 128.930580][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.944809][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.957715][ T5812] bridge_slave_1: entered allmulticast mode [ 128.973801][ T5812] bridge_slave_1: entered promiscuous mode [ 129.130836][ T140] hsr_slave_0: left promiscuous mode [ 129.140456][ T140] hsr_slave_1: left promiscuous mode [ 129.141407][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.141449][ T140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.143598][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.143631][ T140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.189762][ T140] veth1_macvtap: left promiscuous mode [ 129.189886][ T140] veth0_macvtap: left promiscuous mode [ 129.190094][ T140] veth1_vlan: left promiscuous mode [ 129.190257][ T140] veth0_vlan: left promiscuous mode [ 129.662459][ T54] Bluetooth: hci2: command tx timeout [ 129.672568][ T54] Bluetooth: hci0: command tx timeout [ 130.070291][ T140] team0 (unregistering): Port device team_slave_1 removed [ 130.107804][ T140] team0 (unregistering): Port device team_slave_0 removed [ 130.481131][ T5909] netlink: 'syz.1.219': attribute type 10 has an invalid length. [ 130.489771][ T5909] netlink: 2 bytes leftover after parsing attributes in process `syz.1.219'. [ 130.508915][ T5909] bond0: entered promiscuous mode [ 130.517594][ T5909] bond_slave_0: entered promiscuous mode [ 130.535469][ T5909] bond_slave_1: entered promiscuous mode [ 130.552719][ T5909] bridge0: port 3(bond0) entered blocking state [ 130.559229][ T5909] bridge0: port 3(bond0) entered disabled state [ 130.566122][ T5909] bond0: entered allmulticast mode [ 130.571271][ T5909] bond_slave_0: entered allmulticast mode [ 130.578902][ T5909] bond_slave_1: entered allmulticast mode [ 130.588264][ T5909] bridge0: port 3(bond0) entered blocking state [ 130.595012][ T5909] bridge0: port 3(bond0) entered forwarding state [ 130.685261][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.709831][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 130.875287][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.116460][ T5812] team0: Port device team_slave_0 added [ 131.299969][ T5812] team0: Port device team_slave_1 added [ 131.682782][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 131.697542][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.742389][ T54] Bluetooth: hci0: command tx timeout [ 131.756526][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 131.805511][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.828231][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.866708][ T5838] bridge_slave_0: entered allmulticast mode [ 131.885999][ T5838] bridge_slave_0: entered promiscuous mode [ 131.908019][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.933916][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.961744][ T5838] bridge_slave_1: entered allmulticast mode [ 131.985550][ T5838] bridge_slave_1: entered promiscuous mode [ 132.002063][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.017173][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.093237][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.185509][ T5984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.237'. [ 132.232436][ T5984] wireguard1: entered allmulticast mode [ 132.299922][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.426619][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.555534][ T5812] hsr_slave_0: entered promiscuous mode [ 132.580511][ T5812] hsr_slave_1: entered promiscuous mode [ 132.613978][ T5812] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 132.634939][ T5812] Cannot create hsr debugfs directory [ 132.737877][ T5838] team0: Port device team_slave_0 added [ 132.838716][ T29] audit: type=1326 audit(1721638671.294:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6010 comm="syz.1.249" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fa5f75b59 code=0x0 [ 132.853756][ T6013] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 132.886048][ T5838] team0: Port device team_slave_1 added [ 133.061184][ T140] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.174530][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz.4.250'. [ 133.194808][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.203185][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.211375][ T6015] wireguard2: entered allmulticast mode [ 133.966356][ T140] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.029094][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 134.049402][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.161836][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 134.212555][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 134.219567][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.311743][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 134.330042][ T6044] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 134.438802][ T140] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.694545][ T29] audit: type=1326 audit(1721638673.144:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6061 comm="syz.0.264" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed12d75b59 code=0x0 [ 134.751163][ T140] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.518383][ T5838] hsr_slave_0: entered promiscuous mode [ 135.609510][ T5838] hsr_slave_1: entered promiscuous mode [ 135.647712][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.696769][ T5838] Cannot create hsr debugfs directory [ 136.552288][ T140] bridge_slave_1: left allmulticast mode [ 136.577550][ T29] audit: type=1326 audit(1721638675.024:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.1.279" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fa5f75b59 code=0x0 [ 136.594663][ T140] bridge_slave_1: left promiscuous mode [ 136.618228][ T140] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.643739][ T140] bridge_slave_0: left allmulticast mode [ 136.649452][ T140] bridge_slave_0: left promiscuous mode [ 136.668762][ T140] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.833821][ T6122] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 138.671304][ T140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.730449][ T140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.852103][ T140] bond0 (unregistering): Released all slaves [ 139.144631][ T6113] Zero length message leads to an empty skb [ 139.152190][ T6126] netlink: 32 bytes leftover after parsing attributes in process `syz.4.286'. [ 139.461077][ T29] audit: type=1326 audit(1721638677.914:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6141 comm="syz.1.291" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fa5f75b59 code=0x0 [ 140.535417][ T140] hsr_slave_0: left promiscuous mode [ 140.588086][ T140] hsr_slave_1: left promiscuous mode [ 140.619159][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 140.648088][ T140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 140.677823][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 140.700325][ T140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 140.731246][ T140] veth1_macvtap: left promiscuous mode [ 140.738111][ T140] veth0_macvtap: left promiscuous mode [ 140.748782][ T140] veth1_vlan: left promiscuous mode [ 140.758591][ T140] veth0_vlan: left promiscuous mode [ 141.300419][ T140] team0 (unregistering): Port device team_slave_1 removed [ 141.339288][ T140] team0 (unregistering): Port device team_slave_0 removed [ 141.719867][ T6171] netlink: 32 bytes leftover after parsing attributes in process `syz.4.298'. [ 142.029194][ T5812] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 142.077635][ T5812] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 142.120136][ T5812] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 142.263547][ T5812] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 143.385504][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.510718][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.537806][ T29] audit: type=1326 audit(1721638681.994:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6200 comm="syz.1.305" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fa5f75b59 code=0x0 [ 143.584816][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.592076][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.650715][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.657975][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.842560][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 144.374248][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 144.693480][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 144.893940][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 145.500093][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.690522][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.772435][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.779759][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.838563][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.845909][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.955512][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.237547][ T29] audit: type=1326 audit(1721638684.694:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6249 comm="syz.0.315" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed12d75b59 code=0x0 [ 146.271474][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 147.202463][ T6252] warning: `syz.1.314' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 147.237871][ T5812] veth0_vlan: entered promiscuous mode [ 147.335782][ T5812] veth1_vlan: entered promiscuous mode [ 147.773685][ T5812] veth0_macvtap: entered promiscuous mode [ 147.841753][ T5812] veth1_macvtap: entered promiscuous mode [ 147.870527][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 147.890360][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.904608][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 147.929064][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.154560][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.252178][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.265824][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.642093][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.762075][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.815757][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.861211][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.872235][ T5812] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.909531][ T5812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.924579][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.030084][ T5812] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.091759][ T5812] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.119574][ T5812] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.156334][ T5812] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.204967][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.231059][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.319'. [ 150.277433][ T6282] wireguard3: entered allmulticast mode [ 150.481914][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 150.732131][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 150.747621][ T9] usb 2-1: New USB device found, idVendor=1d6f, idProduct=0010, bcdDevice= a.a7 [ 150.770223][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.815503][ T9] usb 2-1: Product: syz [ 150.824944][ T9] usb 2-1: Manufacturer: syz [ 150.836855][ T2810] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.852890][ T9] usb 2-1: SerialNumber: syz [ 150.874239][ T2810] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.894827][ T9] usb 2-1: config 0 descriptor?? [ 150.931962][ T9] usb 2-1: bad CDC descriptors [ 150.947555][ T9] cp210x 2-1:0.0: cp210x converter detected [ 150.995044][ T5838] veth0_vlan: entered promiscuous mode [ 151.039558][ T140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.069483][ T140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.070863][ T5838] veth1_vlan: entered promiscuous mode [ 151.139654][ T6284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.172188][ T6284] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 151.238942][ T9] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 151.271100][ T9] cp210x 2-1:0.0: querying part number failed [ 151.356557][ T5838] veth0_macvtap: entered promiscuous mode [ 151.404424][ T9] usb 2-1: cp210x converter now attached to ttyUSB0 [ 151.466568][ T5838] veth1_macvtap: entered promiscuous mode [ 151.509140][ T9] usb 2-1: USB disconnect, device number 4 [ 151.607616][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 151.695976][ T9] cp210x 2-1:0.0: device disconnected [ 151.759627][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.809879][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.855380][ T29] audit: type=1326 audit(1721638690.314:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6312 comm="syz.0.324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed12d75b59 code=0x0 [ 151.891912][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.957022][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.993395][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.031316][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.091686][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.161908][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.257706][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.065745][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.136515][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.177555][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.264632][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.451663][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.510486][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.592647][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.657150][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.733561][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.788660][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.842216][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.891497][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.980033][ T6353] VFS: could not find a valid V7 on nullb0. [ 154.406096][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.260858][ T140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 155.310989][ T140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.442906][ T2810] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 155.469435][ T2810] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.510867][ T6370] pimreg: entered allmulticast mode [ 155.617463][ T29] audit: type=1326 audit(1721638694.074:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6371 comm="syz.0.338" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed12d75b59 code=0x0 [ 157.399885][ T6399] VFS: could not find a valid V7 on nullb0. [ 158.842767][ T29] audit: type=1326 audit(1721638697.304:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6425 comm="syz.2.351" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7906575b59 code=0x0 [ 158.863795][ C0] vkms_vblank_simulate: vblank timer overrun [ 158.893834][ T6431] Cannot find del_set index 4 as target [ 160.783412][ T6448] netlink: 4 bytes leftover after parsing attributes in process `syz.4.357'. [ 160.972971][ T6448] wireguard4: entered allmulticast mode [ 161.022980][ T928] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 161.032896][ T54] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 161.261817][ T928] usb 2-1: device descriptor read/64, error -71 [ 161.571882][ T928] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 161.607737][ T6469] netlink: 'syz.4.361': attribute type 30 has an invalid length. [ 161.782168][ T928] usb 2-1: device descriptor read/64, error -71 [ 161.945209][ T928] usb usb2-port1: attempt power cycle [ 162.052609][ T29] audit: type=1326 audit(1721638700.504:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6483 comm="syz.4.364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3deef75b59 code=0x0 [ 162.801974][ T928] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 163.081727][ T54] Bluetooth: hci0: command tx timeout [ 163.240421][ T928] usb 2-1: device descriptor read/8, error -71 [ 164.457002][ T6517] netlink: 'syz.3.373': attribute type 30 has an invalid length. [ 164.471717][ T928] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 164.532363][ T928] usb 2-1: Using ep0 maxpacket: 8 [ 164.550096][ T928] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 164.582998][ T6518] capability: warning: `syz.4.372' uses deprecated v2 capabilities in a way that may be insecure [ 164.613743][ T928] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 164.677842][ T928] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 164.722551][ T928] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 164.785754][ T928] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 164.821793][ T928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.014405][ T29] audit: type=1326 audit(1721638703.444:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.4.376" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3deef75b59 code=0x0 [ 165.778585][ T928] usb 2-1: GET_CAPABILITIES returned 0 [ 165.819330][ T928] usbtmc 2-1:16.0: can't read capabilities [ 166.264076][ T928] usb 2-1: USB disconnect, device number 8 [ 166.632346][ T6559] netlink: 'syz.0.384': attribute type 30 has an invalid length. [ 167.223062][ T6583] VFS: could not find a valid V7 on nullb0. [ 168.268266][ T29] audit: type=1326 audit(1721638706.724:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6592 comm="syz.3.392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43c4b75b59 code=0x0 [ 168.601802][ T6608] netlink: 'syz.0.396': attribute type 30 has an invalid length. [ 169.737332][ T6635] VFS: could not find a valid V7 on nullb0. [ 170.908679][ T29] audit: type=1326 audit(1721638709.364:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6653 comm="syz.2.413" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7906575b59 code=0x0 [ 170.970112][ T6659] netlink: 'syz.3.416': attribute type 30 has an invalid length. [ 171.002614][ T6659] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.416'. [ 171.018621][ T6659] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 171.772035][ T6670] VFS: could not find a valid V7 on nullb0. [ 173.772087][ T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 173.994986][ T8] usb 4-1: config 0 has no interfaces? [ 174.022015][ T8] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 174.057367][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.099633][ T8] usb 4-1: config 0 descriptor?? [ 174.275677][ T6694] netlink: 'syz.1.428': attribute type 30 has an invalid length. [ 174.318256][ T6696] netlink: 'syz.1.429': attribute type 30 has an invalid length. [ 174.478158][ T6696] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.429'. [ 174.515250][ T6696] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 174.721729][ T29] audit: type=1326 audit(1721638713.164:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6700 comm="syz.2.431" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7906575b59 code=0x0 [ 174.903250][ T6677] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 175.044239][ T6677] batadv0: entered promiscuous mode [ 175.051791][ T6677] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 175.063661][ T6677] batadv0: left promiscuous mode [ 176.360744][ T5206] usb 4-1: USB disconnect, device number 5 [ 176.500538][ T6724] netlink: 'syz.0.439': attribute type 30 has an invalid length. [ 176.791297][ T54] Bluetooth: hci0: unexpected subevent 0x01 length: 78 > 18 [ 177.484442][ T6759] netlink: 'syz.0.452': attribute type 30 has an invalid length. [ 177.870331][ T6779] VFS: could not find a valid V7 on nullb0. [ 178.991478][ T6795] netlink: 'syz.2.467': attribute type 30 has an invalid length. [ 179.334368][ T6813] VFS: could not find a valid V7 on nullb0. [ 179.725638][ T6814] netlink: 'syz.3.475': attribute type 30 has an invalid length. [ 180.120293][ T6812] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.475'. [ 180.151858][ T6812] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 180.426180][ T6827] netlink: 32 bytes leftover after parsing attributes in process `syz.3.481'. [ 180.732781][ T54] Bluetooth: hci1: unexpected subevent 0x01 length: 78 > 18 [ 180.875298][ T54] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 180.940769][ T6850] netlink: 'syz.4.491': attribute type 30 has an invalid length. [ 181.030124][ T6850] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.491'. [ 181.075724][ T6850] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 181.143164][ T6855] syz.2.494[6855] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.143563][ T6855] syz.2.494[6855] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.157589][ T6857] netlink: 32 bytes leftover after parsing attributes in process `syz.4.496'. [ 181.396219][ T6868] bridge0: port 3(gretap0) entered blocking state [ 181.403365][ T6868] bridge0: port 3(gretap0) entered disabled state [ 181.410473][ T6868] gretap0: entered allmulticast mode [ 181.418593][ T6868] gretap0: entered promiscuous mode [ 181.426231][ T6868] bridge0: port 3(gretap0) entered blocking state [ 181.433402][ T6868] bridge0: port 3(gretap0) entered forwarding state [ 181.640415][ T54] Bluetooth: hci1: unexpected subevent 0x01 length: 78 > 18 [ 181.648939][ T54] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 181.895582][ T6884] netlink: 'syz.1.506': attribute type 30 has an invalid length. [ 181.954219][ T6884] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.506'. [ 181.969689][ T6884] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 182.039237][ T6887] syzkaller0: entered promiscuous mode [ 182.056633][ T6887] syzkaller0: entered allmulticast mode [ 182.508841][ T6900] syzkaller0: entered promiscuous mode [ 182.518643][ T6900] syzkaller0: entered allmulticast mode [ 182.544132][ T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 182.746861][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 182.752662][ T6911] netlink: 'syz.4.520': attribute type 30 has an invalid length. [ 182.771393][ T54] Bluetooth: hci1: unexpected subevent 0x01 length: 78 > 18 [ 182.779983][ T54] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 182.792493][ T8] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 182.807937][ T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 182.821165][ T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 182.832543][ T8] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 182.852961][ T8] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 182.867760][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.907816][ T6911] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.520'. [ 182.979327][ T6911] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 183.119157][ T8] usb 2-1: GET_CAPABILITIES returned 0 [ 183.140708][ T8] usbtmc 2-1:16.0: can't read capabilities [ 183.222739][ T6918] syzkaller0: entered promiscuous mode [ 183.228302][ T6918] syzkaller0: entered allmulticast mode [ 183.320635][ T928] usb 2-1: USB disconnect, device number 9 [ 183.792925][ T54] Bluetooth: hci0: unexpected subevent 0x01 length: 78 > 18 [ 183.800843][ T54] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 183.932009][ T6946] netlink: 'syz.4.534': attribute type 30 has an invalid length. [ 183.977889][ T6948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.535'. [ 184.025198][ T6946] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.534'. [ 184.039730][ T6949] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 184.047574][ T6949] IPv6: NLM_F_CREATE should be set when creating new route [ 184.054167][ T6946] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 184.101154][ T6948] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 184.108537][ T6948] IPv6: NLM_F_CREATE should be set when creating new route [ 184.558342][ T6963] syzkaller0: entered promiscuous mode [ 184.564919][ T6963] syzkaller0: entered allmulticast mode [ 184.578572][ T4488] Bluetooth: hci4: unexpected subevent 0x01 length: 78 > 18 [ 184.974533][ T6977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.547'. [ 185.106717][ T6981] netlink: 'syz.1.548': attribute type 30 has an invalid length. [ 185.127229][ T6979] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 185.134621][ T6979] IPv6: NLM_F_CREATE should be set when creating new route [ 185.164030][ T6981] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.548'. [ 185.174429][ T6981] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 185.175380][ T6977] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 185.190739][ T6977] IPv6: NLM_F_CREATE should be set when creating new route [ 185.377794][ T4488] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 185.385979][ T4488] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 185.476608][ T6991] syzkaller0: entered promiscuous mode [ 185.504424][ T6991] syzkaller0: entered allmulticast mode [ 185.889497][ T7006] netlink: 'syz.2.560': attribute type 30 has an invalid length. [ 185.920917][ T7006] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.560'. [ 185.941819][ T7006] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 190.530309][ T4488] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 190.538290][ T4488] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 194.641227][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.648621][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.746990][ T7040] syzkaller0: entered promiscuous mode [ 195.960197][ T7040] syzkaller0: entered allmulticast mode [ 198.225350][ T54] Bluetooth: hci3: sending frame failed (-49) [ 198.235260][ T4488] Bluetooth: hci3: Opcode 0x1003 failed: -49 [ 201.167170][ T7060] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 201.822003][ T4488] Bluetooth: hci1: command 0x0406 tx timeout [ 201.829721][ T5104] Bluetooth: hci4: command 0x0406 tx timeout [ 217.181719][ T4488] Bluetooth: hci5: command 0x0406 tx timeout [ 247.902346][ T5105] Bluetooth: hci2: command 0x0406 tx timeout [ 253.196799][ T5105] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 253.272177][ T5105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 253.413978][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 253.763564][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 253.798840][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 253.848585][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 255.901887][ T4488] Bluetooth: hci3: command tx timeout [ 256.074784][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.291964][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.982358][ T5105] Bluetooth: hci3: command tx timeout [ 258.176148][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 258.189853][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 258.200868][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 258.217404][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 258.237578][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 258.276984][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 259.096420][ T4488] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 259.130696][ T4488] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 259.150901][ T4488] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 259.182383][ T4488] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 259.250118][ T4488] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 259.264365][ T4488] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 260.076488][ T5105] Bluetooth: hci3: command tx timeout [ 260.385427][ T5105] Bluetooth: hci4: command tx timeout [ 260.400841][ T5104] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 260.439159][ T5104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 260.491762][ T5104] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 260.543056][ T5104] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 260.653700][ T5104] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 260.689349][ T5104] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 261.082380][ T5104] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 261.138078][ T5104] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 261.157817][ T5104] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 261.185740][ T5104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 261.213200][ T5104] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 261.231734][ T5104] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 261.342765][ T4488] Bluetooth: hci6: command tx timeout [ 262.141743][ T4488] Bluetooth: hci3: command tx timeout [ 262.461638][ T4488] Bluetooth: hci4: command tx timeout [ 262.782838][ T4488] Bluetooth: hci0: command tx timeout [ 263.342415][ T4488] Bluetooth: hci2: command tx timeout [ 263.432214][ T4488] Bluetooth: hci6: command tx timeout [ 263.596865][ T3707] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.439242][ T3707] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.541648][ T4488] Bluetooth: hci4: command tx timeout [ 264.609335][ T5105] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 264.667098][ T5105] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 264.741855][ T5105] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 264.804498][ T5105] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 264.858120][ T5105] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 264.868644][ T4488] Bluetooth: hci0: command tx timeout [ 264.877759][ T4488] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 265.421702][ T4488] Bluetooth: hci2: command tx timeout [ 265.511722][ T4488] Bluetooth: hci6: command tx timeout [ 266.631731][ T4488] Bluetooth: hci4: command tx timeout [ 266.942258][ T5104] Bluetooth: hci0: command tx timeout [ 267.114113][ T5104] Bluetooth: hci5: command tx timeout [ 267.506925][ T5104] Bluetooth: hci2: command tx timeout [ 267.662144][ T5104] Bluetooth: hci6: command tx timeout [ 269.101717][ T5104] Bluetooth: hci0: command tx timeout [ 269.181682][ T4488] Bluetooth: hci5: command tx timeout [ 269.581780][ T4488] Bluetooth: hci2: command tx timeout [ 269.584526][ T3707] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.900162][ T3707] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.261695][ T4488] Bluetooth: hci5: command tx timeout [ 273.341668][ T4488] Bluetooth: hci5: command tx timeout [ 276.921727][ T3707] bridge_slave_1: left allmulticast mode [ 276.935556][ T3707] bridge_slave_1: left promiscuous mode [ 276.944240][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.984075][ T3707] bridge_slave_0: left allmulticast mode [ 276.990064][ T3707] bridge_slave_0: left promiscuous mode [ 276.997647][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.460334][ T3707] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 279.565068][ T3707] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 279.772429][ T3707] bond0 (unregistering): Released all slaves [ 285.060409][ T7093] chnl_net:caif_netlink_parms(): no params data found [ 285.107369][ T3707] hsr_slave_0: left promiscuous mode [ 285.114150][ T3707] hsr_slave_1: left promiscuous mode [ 285.120495][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.129530][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.137678][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.145260][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.168372][ T3707] veth1_macvtap: left promiscuous mode [ 285.174293][ T3707] veth0_macvtap: left promiscuous mode [ 285.180039][ T3707] veth1_vlan: left promiscuous mode [ 285.187796][ T3707] veth0_vlan: left promiscuous mode [ 285.656576][ T3707] team0 (unregistering): Port device team_slave_1 removed [ 285.696785][ T3707] team0 (unregistering): Port device team_slave_0 removed [ 286.083157][ T7095] chnl_net:caif_netlink_parms(): no params data found [ 286.155862][ T7090] chnl_net:caif_netlink_parms(): no params data found [ 286.246694][ T7099] chnl_net:caif_netlink_parms(): no params data found [ 286.440900][ T7101] chnl_net:caif_netlink_parms(): no params data found [ 286.532597][ T7090] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.539806][ T7090] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.549642][ T7090] bridge_slave_0: entered allmulticast mode [ 286.558671][ T7090] bridge_slave_0: entered promiscuous mode [ 286.682159][ T7090] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.689397][ T7090] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.709074][ T7090] bridge_slave_1: entered allmulticast mode [ 286.717279][ T7090] bridge_slave_1: entered promiscuous mode [ 286.750821][ T7095] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.776603][ T7095] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.791843][ T7095] bridge_slave_0: entered allmulticast mode [ 286.813040][ T7095] bridge_slave_0: entered promiscuous mode [ 286.937519][ T7093] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.958847][ T7093] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.970728][ T7093] bridge_slave_0: entered allmulticast mode [ 286.989985][ T7093] bridge_slave_0: entered promiscuous mode [ 287.037030][ T7095] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.053820][ T7095] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.061150][ T7095] bridge_slave_1: entered allmulticast mode [ 287.079177][ T7095] bridge_slave_1: entered promiscuous mode [ 287.088803][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.096452][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.107432][ T7099] bridge_slave_0: entered allmulticast mode [ 287.115255][ T7099] bridge_slave_0: entered promiscuous mode [ 287.133119][ T7090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.145869][ T7090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.156314][ T7093] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.163754][ T7093] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.171060][ T7093] bridge_slave_1: entered allmulticast mode [ 287.179066][ T7093] bridge_slave_1: entered promiscuous mode [ 287.260160][ T7099] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.267607][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.275235][ T7099] bridge_slave_1: entered allmulticast mode [ 287.283324][ T7099] bridge_slave_1: entered promiscuous mode [ 287.367184][ T7101] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.374721][ T7101] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.382779][ T7101] bridge_slave_0: entered allmulticast mode [ 287.390698][ T7101] bridge_slave_0: entered promiscuous mode [ 287.402606][ T7095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.416566][ T7095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.445651][ T7090] team0: Port device team_slave_0 added [ 287.455158][ T7090] team0: Port device team_slave_1 added [ 287.498064][ T7101] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.505655][ T7101] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.515333][ T7101] bridge_slave_1: entered allmulticast mode [ 287.523203][ T7101] bridge_slave_1: entered promiscuous mode [ 287.569442][ T7099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.584242][ T7099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.633069][ T3707] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.656521][ T7093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.669672][ T7093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.697801][ T7101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.711431][ T7095] team0: Port device team_slave_0 added [ 287.725087][ T7095] team0: Port device team_slave_1 added [ 287.760142][ T7090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.767227][ T7090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.793759][ T7090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.842009][ T7093] team0: Port device team_slave_0 added [ 287.860954][ T3707] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.879455][ T7101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.944163][ T7099] team0: Port device team_slave_0 added [ 287.950992][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.958078][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.984475][ T7095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.998779][ T7090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.006129][ T7090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.035029][ T7090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.049604][ T7093] team0: Port device team_slave_1 added [ 288.075800][ T7101] team0: Port device team_slave_0 added [ 288.096276][ T3707] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.114855][ T7099] team0: Port device team_slave_1 added [ 288.136556][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.143630][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.170253][ T7095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.223886][ T7101] team0: Port device team_slave_1 added [ 288.232601][ T7093] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.239596][ T7093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.265661][ T7093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.296820][ T7099] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.304057][ T7099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.331118][ T7099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.360841][ T3707] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.435643][ T7093] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.442774][ T7093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.468906][ T7093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.489560][ T7099] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.497875][ T7099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.524635][ T7099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.625935][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.633648][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.662264][ T7101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.708151][ T7095] hsr_slave_0: entered promiscuous mode [ 288.717291][ T7095] hsr_slave_1: entered promiscuous mode [ 288.724061][ T7095] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 288.732642][ T7095] Cannot create hsr debugfs directory [ 288.746363][ T7090] hsr_slave_0: entered promiscuous mode [ 288.753628][ T7090] hsr_slave_1: entered promiscuous mode [ 288.759992][ T7090] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 288.767679][ T7090] Cannot create hsr debugfs directory [ 288.782691][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.789699][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.815841][ T7101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.852702][ T7093] hsr_slave_0: entered promiscuous mode [ 288.859498][ T7093] hsr_slave_1: entered promiscuous mode [ 288.866525][ T7093] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 288.874464][ T7093] Cannot create hsr debugfs directory [ 288.900510][ T7099] hsr_slave_0: entered promiscuous mode [ 288.908428][ T7099] hsr_slave_1: entered promiscuous mode [ 288.915211][ T7099] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 288.923142][ T7099] Cannot create hsr debugfs directory [ 289.121376][ T7101] hsr_slave_0: entered promiscuous mode [ 289.139319][ T7101] hsr_slave_1: entered promiscuous mode [ 289.150123][ T7101] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.171936][ T7101] Cannot create hsr debugfs directory [ 289.630088][ T3707] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.788548][ T3707] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.930478][ T3707] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.040920][ T7090] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.091764][ T3707] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.169247][ T7090] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.266024][ T7090] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.401415][ T7090] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.508695][ T3707] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.613134][ T3707] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.725972][ T3707] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.800851][ T7090] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 290.845489][ T3707] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.912810][ T7090] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 290.938921][ T7090] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 290.962523][ T7090] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 291.142502][ T3707] bridge_slave_1: left allmulticast mode [ 291.148236][ T3707] bridge_slave_1: left promiscuous mode [ 291.155683][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.166632][ T3707] bridge_slave_0: left allmulticast mode [ 291.173094][ T3707] bridge_slave_0: left promiscuous mode [ 291.178903][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.192299][ T3707] gretap0: left allmulticast mode [ 291.197396][ T3707] gretap0: left promiscuous mode [ 291.205022][ T3707] bridge0: port 3(gretap0) entered disabled state [ 291.214965][ T3707] bridge_slave_1: left allmulticast mode [ 291.220673][ T3707] bridge_slave_1: left promiscuous mode [ 291.226830][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.237227][ T3707] bridge_slave_0: left allmulticast mode [ 291.245385][ T3707] bridge_slave_0: left promiscuous mode [ 291.251131][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.262972][ T3707] bridge_slave_1: left allmulticast mode [ 291.268689][ T3707] bridge_slave_1: left promiscuous mode [ 291.276828][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.287829][ T3707] bridge_slave_0: left allmulticast mode [ 291.295359][ T3707] bridge_slave_0: left promiscuous mode [ 291.301097][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.216192][ T3707] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.231760][ T3707] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.243766][ T3707] bond0 (unregistering): Released all slaves [ 292.352357][ T3707] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.364276][ T3707] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.380836][ T3707] bond0 (unregistering): Released all slaves [ 292.484181][ T3707] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.496222][ T3707] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.507999][ T3707] bond0 (unregistering): Released all slaves [ 292.739475][ T7090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 292.842466][ T7090] 8021q: adding VLAN 0 to HW filter on device team0 [ 292.974944][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.982219][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.023340][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.030631][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.058206][ T7095] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 293.204772][ T7095] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 293.225900][ T7095] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 293.338135][ T7095] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 293.914949][ T7090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.090674][ T3707] hsr_slave_0: left promiscuous mode [ 294.099527][ T3707] hsr_slave_1: left promiscuous mode [ 294.117469][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.126813][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.140101][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.154108][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.178834][ T3707] hsr_slave_0: left promiscuous mode [ 294.193437][ T3707] hsr_slave_1: left promiscuous mode [ 294.209693][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.217785][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.227525][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.235613][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.261385][ T3707] hsr_slave_0: left promiscuous mode [ 294.267911][ T3707] hsr_slave_1: left promiscuous mode [ 294.283406][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.290905][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.304594][ T3707] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.312779][ T3707] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.373671][ T3707] veth1_macvtap: left promiscuous mode [ 294.379308][ T3707] veth0_macvtap: left promiscuous mode [ 294.385713][ T3707] veth1_vlan: left promiscuous mode [ 294.391283][ T3707] veth0_vlan: left promiscuous mode [ 294.406592][ T3707] veth1_macvtap: left promiscuous mode [ 294.413690][ T3707] veth0_macvtap: left promiscuous mode [ 294.419701][ T3707] veth1_vlan: left promiscuous mode [ 294.429439][ T3707] veth0_vlan: left promiscuous mode [ 294.441331][ T3707] veth1_macvtap: left promiscuous mode [ 294.452062][ T3707] veth0_macvtap: left promiscuous mode [ 294.457802][ T3707] veth1_vlan: left promiscuous mode [ 294.474924][ T3707] veth0_vlan: left promiscuous mode [ 295.215531][ T3707] team0 (unregistering): Port device team_slave_1 removed [ 295.259398][ T3707] team0 (unregistering): Port device team_slave_0 removed [ 295.671141][ T3707] pimreg (unregistering): left allmulticast mode [ 296.089366][ T3707] team0 (unregistering): Port device team_slave_1 removed [ 296.131342][ T3707] team0 (unregistering): Port device team_slave_0 removed [ 296.856698][ T3707] team0 (unregistering): Port device team_slave_1 removed [ 296.910115][ T3707] team0 (unregistering): Port device team_slave_0 removed [ 297.471661][ T7095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.543385][ T7095] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.560568][ T7090] veth0_vlan: entered promiscuous mode [ 297.644341][ T7090] veth1_vlan: entered promiscuous mode [ 297.659139][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.666443][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.677939][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.685129][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.926299][ T7090] veth0_macvtap: entered promiscuous mode [ 298.058492][ T7090] veth1_macvtap: entered promiscuous mode [ 298.166786][ T7090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.188495][ T7090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.215288][ T7090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 298.254819][ T7090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 298.277681][ T7090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.300857][ T7090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 298.356686][ T7090] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.379789][ T7090] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.400739][ T7090] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.410952][ T7090] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.648121][ T7101] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 298.673516][ T7101] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 298.701020][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.716794][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.731097][ T7101] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 298.779852][ T7101] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 298.781693][ T140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.795439][ T140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.938115][ T7093] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 299.001194][ T7095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 299.030247][ T7093] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 299.100453][ T7093] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 299.177461][ T7093] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 299.420005][ T7099] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 299.499559][ T7099] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 299.543471][ T7099] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 299.607032][ T7101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.633248][ T7099] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 299.659256][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.587'. [ 299.681980][ T7250] wireguard0: entered allmulticast mode [ 299.756726][ T7101] 8021q: adding VLAN 0 to HW filter on device team0 [ 299.786791][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.794040][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 299.862647][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.869955][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 299.909082][ T7095] veth0_vlan: entered promiscuous mode [ 299.933661][ T7256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.588'. [ 299.947365][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.588'. [ 300.073299][ T7095] veth1_vlan: entered promiscuous mode [ 300.346477][ T7099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 300.367828][ T7095] veth0_macvtap: entered promiscuous mode [ 300.389414][ T7093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 300.427444][ T7095] veth1_macvtap: entered promiscuous mode [ 300.496460][ T7099] 8021q: adding VLAN 0 to HW filter on device team0 [ 300.529268][ T7093] 8021q: adding VLAN 0 to HW filter on device team0 [ 300.555649][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.570079][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.581274][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.610004][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.645106][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 300.709760][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.717123][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 300.756823][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.791341][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.824991][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.892734][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.937132][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 300.949870][ T4488] Bluetooth: hci4: ACL packet for unknown connection handle 203 [ 301.009442][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.016751][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.164006][ T7095] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.180940][ T7095] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.201693][ T7095] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.211478][ T7095] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.274697][ T5206] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.281963][ T5206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.315881][ T5206] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.323118][ T5206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.515712][ T7101] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 301.759461][ T7099] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 301.962238][ T7101] veth0_vlan: entered promiscuous mode [ 302.097228][ T7101] veth1_vlan: entered promiscuous mode [ 302.103180][ T7067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.125182][ T7067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.358821][ T7067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.372707][ T7101] veth0_macvtap: entered promiscuous mode [ 302.422891][ T7067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.437108][ T7101] veth1_macvtap: entered promiscuous mode [ 302.688060][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.748426][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.786435][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.831611][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.844575][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.857951][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.944753][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 303.620464][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.649354][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.659478][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.678759][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.689121][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.704176][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.716205][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 303.738944][ T7101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.756677][ T7101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.768104][ T7101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.784508][ T7101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.810814][ T7099] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 303.935600][ T7093] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 303.972137][ T7323] process 'syz.1.595' launched '/dev/fd/10/./file0' with NULL argv: empty string added [ 304.150978][ T7322] input input13: cannot allocate more than FF_MAX_EFFECTS effects [ 304.175612][ T3700] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.193593][ T3700] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.250927][ T7099] veth0_vlan: entered promiscuous mode [ 304.298897][ T7099] veth1_vlan: entered promiscuous mode [ 304.314305][ T3685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.324288][ T7093] veth0_vlan: entered promiscuous mode [ 304.343761][ T3685] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.457950][ T7093] veth1_vlan: entered promiscuous mode [ 305.097435][ T7099] veth0_macvtap: entered promiscuous mode [ 305.186790][ T7337] netlink: 'syz.0.574': attribute type 30 has an invalid length. [ 305.203933][ T7093] veth0_macvtap: entered promiscuous mode [ 305.231175][ T7337] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.574'. [ 305.251024][ T7099] veth1_macvtap: entered promiscuous mode [ 305.298455][ T7093] veth1_macvtap: entered promiscuous mode [ 305.302602][ T7337] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 305.405769][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 305.460272][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.476704][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 305.491301][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.540607][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 305.609029][ T7355] rdma_op ffff88801e9881f0 conn xmit_rdma 0000000000000000 [ 305.687108][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 305.868043][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.072169][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.303226][ T7099] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 306.361099][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.411603][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.441487][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.512789][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.551597][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.590671][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.613630][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.646332][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.683189][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.721193][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.766704][ T7093] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 306.790223][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 306.846366][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.888250][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 306.927517][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.965071][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 306.979572][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.990282][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.001974][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.014625][ T7099] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 307.059274][ T7099] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.100977][ T7099] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.125038][ T5104] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 307.136505][ T5104] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 307.145393][ T5104] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 307.153209][ T7099] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.162292][ T7099] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.201303][ T5104] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 307.209715][ T5104] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 307.231756][ T5104] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 307.845996][ T7396] netlink: 'syz.1.609': attribute type 30 has an invalid length. [ 307.975573][ T7396] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.609'. [ 308.048829][ T7396] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 308.389561][ T7413] rdma_op ffff88807756f1f0 conn xmit_rdma 0000000000000000 [ 309.271681][ T5104] Bluetooth: hci1: command tx timeout [ 309.444783][ T4488] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 309.458873][ T4488] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 309.469072][ T4488] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 309.542018][ T4488] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 309.560453][ T4488] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 309.568627][ T4488] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 309.861448][ T7432] netlink: 92 bytes leftover after parsing attributes in process `syz.4.617'. [ 310.053323][ T7432] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 310.645198][ T7379] chnl_net:caif_netlink_parms(): no params data found [ 310.750731][ T7451] netlink: 'syz.0.621': attribute type 30 has an invalid length. [ 311.030132][ T7461] rdma_op ffff88807dbac1f0 conn xmit_rdma 0000000000000000 [ 311.357942][ T4488] Bluetooth: hci1: command tx timeout [ 311.677502][ T4488] Bluetooth: hci2: command tx timeout [ 311.909976][ T11] bridge_slave_1: left allmulticast mode [ 311.924536][ T11] bridge_slave_1: left promiscuous mode [ 311.930381][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.958180][ T11] bridge_slave_0: left allmulticast mode [ 311.971248][ T11] bridge_slave_0: left promiscuous mode [ 311.978378][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.174721][ T5163] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 312.420069][ T5163] usb 1-1: Using ep0 maxpacket: 8 [ 312.433500][ T5163] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 312.447646][ T5163] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 312.474165][ T5163] usb 1-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 312.490241][ T5163] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 312.525357][ T5163] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 312.535126][ T5163] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.555089][ T5163] usbtmc 1-1:16.0: bulk endpoints not found [ 312.844679][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 312.892372][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 312.910896][ T11] bond0 (unregistering): Released all slaves [ 313.122567][ T7379] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.131860][ T7379] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.139155][ T7379] bridge_slave_0: entered allmulticast mode [ 313.155474][ T7379] bridge_slave_0: entered promiscuous mode [ 313.195379][ T11] hsr_slave_0: left promiscuous mode [ 313.246430][ T11] hsr_slave_1: left promiscuous mode [ 313.257136][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 313.269725][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 313.284334][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 313.336646][ T11] veth1_macvtap: left promiscuous mode [ 313.349370][ T11] veth0_macvtap: left promiscuous mode [ 313.357342][ T11] veth1_vlan: left promiscuous mode [ 313.369827][ T11] veth0_vlan: left promiscuous mode [ 313.422236][ T4488] Bluetooth: hci1: command tx timeout [ 313.556022][ T7490] hub 6-0:1.0: USB hub found [ 313.568141][ T7490] hub 6-0:1.0: 1 port detected [ 313.643653][ T7490] Invalid ELF header magic: != ELF [ 313.742324][ T4488] Bluetooth: hci2: command tx timeout [ 314.251775][ T7492] netlink: 'syz.1.631': attribute type 30 has an invalid length. [ 314.349965][ T7494] Unknown options in mask 2474 [ 314.773681][ T11] team0 (unregistering): Port device team_slave_1 removed [ 314.817207][ T11] team0 (unregistering): Port device team_slave_0 removed [ 314.898512][ T5206] usb 1-1: USB disconnect, device number 4 [ 315.502460][ T4488] Bluetooth: hci1: command tx timeout [ 315.522990][ T7379] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.550535][ T7379] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.559224][ T7379] bridge_slave_1: entered allmulticast mode [ 315.574079][ T7379] bridge_slave_1: entered promiscuous mode [ 315.822390][ T4488] Bluetooth: hci2: command tx timeout [ 315.840726][ T7379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 315.917892][ T7379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.121751][ T7379] team0: Port device team_slave_0 added [ 316.131779][ T7419] chnl_net:caif_netlink_parms(): no params data found [ 316.174054][ T7379] team0: Port device team_slave_1 added [ 316.347271][ T7379] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 316.376213][ T7379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 316.461696][ T7379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 316.488497][ T7379] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 316.499241][ T7379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 316.568162][ T7379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 316.945548][ T7419] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.002176][ T7419] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.022682][ T7419] bridge_slave_0: entered allmulticast mode [ 317.041024][ T7419] bridge_slave_0: entered promiscuous mode [ 317.053122][ T7538] Unknown options in mask 2474 [ 317.123370][ T7379] hsr_slave_0: entered promiscuous mode [ 317.176967][ T7379] hsr_slave_1: entered promiscuous mode [ 317.243887][ T7379] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 317.261129][ T7379] Cannot create hsr debugfs directory [ 317.532361][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.538859][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.006044][ T4488] Bluetooth: hci2: command tx timeout [ 318.502815][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.543245][ T7419] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.588050][ T7419] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.660144][ T7419] bridge_slave_1: entered allmulticast mode [ 318.704208][ T7419] bridge_slave_1: entered promiscuous mode [ 319.020810][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.168224][ T7576] netlink: 'syz.0.650': attribute type 30 has an invalid length. [ 319.221064][ T7576] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.650'. [ 319.235323][ T7576] openvswitch: netlink: Tunnel attr 0 has unexpected len 20 expected 8 [ 319.246784][ T7419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 319.297576][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.440826][ T7419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 319.512284][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.736452][ T7419] team0: Port device team_slave_0 added [ 319.866956][ T7419] team0: Port device team_slave_1 added [ 320.090534][ T7419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 320.127337][ T7419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.208486][ T7419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 320.311886][ T7419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 320.353166][ T7419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.477274][ T7419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 320.733217][ T7613] netlink: 'syz.0.659': attribute type 30 has an invalid length. [ 320.844136][ T7613] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.659'. [ 320.881716][ T7613] openvswitch: netlink: Tunnel attr 0 has unexpected len 20 expected 8 [ 320.897497][ T11] bond0: left allmulticast mode [ 320.912376][ T11] bond_slave_0: left allmulticast mode [ 320.934267][ T11] bond_slave_1: left allmulticast mode [ 320.961033][ T11] bridge0: port 3(bond0) entered disabled state [ 321.000357][ T11] bridge_slave_1: left allmulticast mode [ 321.012671][ T11] bridge_slave_1: left promiscuous mode [ 321.018504][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.030881][ T11] bridge_slave_0: left allmulticast mode [ 321.050017][ T11] bridge_slave_0: left promiscuous mode [ 321.060367][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.098090][ T11] bridge_slave_1: left allmulticast mode [ 321.106702][ T11] bridge_slave_1: left promiscuous mode [ 321.120697][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.152587][ T11] bridge_slave_0: left allmulticast mode [ 321.158835][ T11] bridge_slave_0: left promiscuous mode [ 321.174701][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.201654][ T5163] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 321.391692][ T5163] usb 2-1: Using ep0 maxpacket: 32 [ 321.414755][ T5163] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 321.458147][ T5163] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 321.480765][ T5163] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 321.501974][ T5163] usb 2-1: config 1 has no interface number 0 [ 321.524738][ T5163] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 321.555866][ T5163] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 321.571694][ T5163] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 321.613062][ T5163] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.670783][ T5163] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 322.226048][ T5163] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached [ 322.324436][ T7637] netlink: 'syz.0.667': attribute type 2 has an invalid length. [ 322.511385][ T7641] netlink: 'syz.0.669': attribute type 30 has an invalid length. [ 322.550882][ T7641] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.669'. [ 322.562587][ T7641] openvswitch: netlink: Tunnel attr 0 has unexpected len 20 expected 8 [ 322.645284][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 322.661233][ T11] bond_slave_0: left promiscuous mode [ 322.673907][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 322.684917][ T11] bond_slave_1: left promiscuous mode [ 322.694618][ T11] bond0 (unregistering): Released all slaves [ 322.953067][ T29] audit: type=1326 audit(1721638861.404:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.012151][ T29] audit: type=1326 audit(1721638861.414:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.042415][ T29] audit: type=1326 audit(1721638861.434:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.069647][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 323.100203][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 323.120359][ T29] audit: type=1326 audit(1721638861.434:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.172652][ T29] audit: type=1326 audit(1721638861.434:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.204074][ T11] bond0 (unregistering): Released all slaves [ 323.239160][ T29] audit: type=1326 audit(1721638861.434:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.263463][ T5150] snd_usb_pod 2-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22) [ 323.287873][ T29] audit: type=1326 audit(1721638861.444:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.345491][ T7419] hsr_slave_0: entered promiscuous mode [ 323.355477][ T29] audit: type=1326 audit(1721638861.444:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.395433][ T7419] hsr_slave_1: entered promiscuous mode [ 323.418004][ T7419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 323.446509][ T29] audit: type=1326 audit(1721638861.444:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.475147][ T7419] Cannot create hsr debugfs directory [ 323.525937][ T29] audit: type=1326 audit(1721638861.444:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7590 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 323.528108][ T7634] netlink: 4 bytes leftover after parsing attributes in process `syz.4.666'. [ 323.560928][ T7634] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 329.214046][ T5150] usb 2-1: USB disconnect, device number 10 [ 329.321897][ T5150] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 329.523250][ T7672] netlink: 'syz.4.678': attribute type 30 has an invalid length. [ 329.594175][ T7672] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.678'. [ 329.641689][ T7672] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 329.664458][ T11] hsr_slave_0: left promiscuous mode [ 329.729547][ T11] hsr_slave_1: left promiscuous mode [ 329.791667][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 329.799181][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 329.839934][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 329.881860][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 329.947435][ T11] hsr_slave_0: left promiscuous mode [ 329.972596][ T11] hsr_slave_1: left promiscuous mode [ 329.997519][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 330.015660][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 330.050945][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 330.080348][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 330.231398][ T11] veth1_macvtap: left promiscuous mode [ 330.242696][ T11] veth0_macvtap: left promiscuous mode [ 330.248615][ T11] veth1_vlan: left promiscuous mode [ 330.260590][ T11] veth0_vlan: left promiscuous mode [ 330.329561][ T11] veth1_macvtap: left promiscuous mode [ 330.358885][ T11] veth0_macvtap: left promiscuous mode [ 330.388309][ T11] veth1_vlan: left promiscuous mode [ 330.407487][ T11] veth0_vlan: left promiscuous mode [ 332.051323][ T7709] netlink: 'syz.4.688': attribute type 30 has an invalid length. [ 332.113739][ T7709] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.688'. [ 332.141732][ T7709] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 333.508889][ T11] team0 (unregistering): Port device team_slave_1 removed [ 333.551071][ T11] team0 (unregistering): Port device team_slave_0 removed [ 333.573644][ T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 333.776404][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 333.789795][ T8] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 333.799739][ T8] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 333.808705][ T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 333.818116][ T8] usb 2-1: config 1 has no interface number 0 [ 333.824528][ T8] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 333.847202][ T8] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 333.860558][ T8] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 333.870444][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.923271][ T8] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 334.494875][ T8] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached [ 334.874350][ T11] team0 (unregistering): Port device team_slave_1 removed [ 334.947266][ T11] team0 (unregistering): Port device team_slave_0 removed [ 335.155791][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 335.155806][ T29] audit: type=1326 audit(1721638873.614:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.200947][ T29] audit: type=1326 audit(1721638873.644:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.247793][ T29] audit: type=1326 audit(1721638873.654:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.287328][ T29] audit: type=1326 audit(1721638873.654:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.311250][ T29] audit: type=1326 audit(1721638873.654:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.414842][ T29] audit: type=1326 audit(1721638873.684:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.441610][ T29] audit: type=1326 audit(1721638873.684:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.501256][ T29] audit: type=1326 audit(1721638873.684:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.526718][ T8] snd_usb_pod 2-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22) [ 335.553401][ T29] audit: type=1326 audit(1721638873.744:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.575530][ T29] audit: type=1326 audit(1721638873.744:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7710 comm="syz.1.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1924575b59 code=0x7ffc0000 [ 335.867776][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.681'. [ 335.896551][ T7687] wireguard0: entered allmulticast mode [ 335.938350][ T7379] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 335.966028][ T7379] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 335.992703][ T7739] netlink: 'syz.0.698': attribute type 30 has an invalid length. [ 336.026606][ T7379] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 336.058989][ T7739] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.698'. [ 336.072572][ T7739] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 336.100752][ T7379] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 337.431139][ T5206] usb 2-1: USB disconnect, device number 11 [ 337.454500][ T5206] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 338.665416][ T7379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 338.844069][ T7379] 8021q: adding VLAN 0 to HW filter on device team0 [ 338.889401][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.896605][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 338.975303][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.982553][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.284379][ T7419] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 339.356058][ T7419] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 339.441226][ T7419] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 339.508688][ T7419] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 340.021888][ T7777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.706'. [ 340.101292][ T7777] wireguard1: entered allmulticast mode [ 340.340663][ T7419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.470486][ T7419] 8021q: adding VLAN 0 to HW filter on device team0 [ 340.479261][ T7784] netlink: 'syz.1.707': attribute type 30 has an invalid length. [ 340.552736][ T5206] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.560265][ T5206] bridge0: port 1(bridge_slave_0) entered forwarding state [ 340.563539][ T7784] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.707'. [ 340.581743][ T5206] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.588940][ T5206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.640637][ T7379] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.681948][ T7784] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 340.923767][ T7379] veth0_vlan: entered promiscuous mode [ 341.125825][ T7379] veth1_vlan: entered promiscuous mode [ 342.154646][ T7379] veth0_macvtap: entered promiscuous mode [ 342.199118][ T7379] veth1_macvtap: entered promiscuous mode [ 342.305816][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.714943][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.935017][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.132163][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.197936][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.221737][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.246600][ T7379] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 343.271056][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.302642][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.330587][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.478769][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.523889][ T7379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.581683][ T7379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.592617][ T7831] netlink: 'syz.1.717': attribute type 30 has an invalid length. [ 343.635293][ T7379] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 343.667524][ T7831] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.717'. [ 343.690320][ T7379] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.699332][ T7831] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 343.707946][ T7379] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.721287][ T7379] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.731979][ T7379] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.844779][ T7419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.991357][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.029226][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.228993][ T7419] veth0_vlan: entered promiscuous mode [ 344.267951][ T3707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.291404][ T3707] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.312558][ T7419] veth1_vlan: entered promiscuous mode [ 344.467483][ T7419] veth0_macvtap: entered promiscuous mode [ 344.540110][ T7419] veth1_macvtap: entered promiscuous mode [ 344.605296][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.625439][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.645876][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.665414][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.684165][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.716323][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.737033][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.776804][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.824218][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 344.878455][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.916340][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.946947][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.075232][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.110020][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.930552][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.940518][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.951046][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.965278][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 345.980584][ T7419] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.042422][ T7419] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.082200][ T7419] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.125086][ T7419] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.173510][ T7860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.722'. [ 346.228991][ T7860] wireguard1: entered allmulticast mode [ 346.465624][ T7873] netlink: 'syz.4.726': attribute type 30 has an invalid length. [ 346.547889][ T7873] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.726'. [ 346.560655][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 346.596719][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 346.632006][ T7873] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 346.703443][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 346.720419][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 347.073521][ T4488] Bluetooth: hci2: unexpected subevent 0x01 length: 78 > 18 [ 348.806699][ T7921] netlink: 'syz.0.739': attribute type 30 has an invalid length. [ 348.858082][ T7924] Illegal XDP return value 4294967294 on prog (id 186) dev N/A, expect packet loss! [ 348.899670][ T7921] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.739'. [ 349.180719][ T7921] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 349.535222][ T4488] Bluetooth: hci5: unexpected subevent 0x01 length: 78 > 18 [ 350.196603][ T7955] netlink: 296 bytes leftover after parsing attributes in process `syz.2.752'. [ 350.272217][ T7955] unsupported nlmsg_type 40 [ 350.367458][ T7962] netlink: 'syz.3.755': attribute type 30 has an invalid length. [ 350.455290][ T7962] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.755'. [ 350.503841][ T7962] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 351.646707][ T7995] netlink: 296 bytes leftover after parsing attributes in process `syz.0.766'. [ 352.045883][ T8005] netlink: 'syz.4.769': attribute type 30 has an invalid length. [ 352.141340][ T8005] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.769'. [ 352.183988][ T8005] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 353.133533][ T8026] netlink: 296 bytes leftover after parsing attributes in process `syz.3.779'. [ 353.449022][ T8040] netlink: 'syz.0.784': attribute type 30 has an invalid length. [ 354.033496][ T8063] netlink: 296 bytes leftover after parsing attributes in process `syz.3.791'. [ 354.448776][ C0] ================================================================== [ 354.456931][ C0] BUG: KASAN: slab-out-of-bounds in bq_xmit_all+0x134/0x11d0 [ 354.464366][ C0] Read of size 8 at addr ffff888067349b60 by task syz.4.794/8067 [ 354.472119][ C0] [ 354.474475][ C0] CPU: 0 PID: 8067 Comm: syz.4.794 Not tainted 6.10.0-syzkaller-11323-g7846b618e0a4 #0 [ 354.484130][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 354.494220][ C0] Call Trace: [ 354.497513][ C0] [ 354.500359][ C0] dump_stack_lvl+0x241/0x360 [ 354.505052][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.510255][ C0] ? __pfx__printk+0x10/0x10 [ 354.514857][ C0] ? _printk+0xd5/0x120 [ 354.519022][ C0] ? __virt_addr_valid+0x183/0x530 [ 354.524143][ C0] ? __virt_addr_valid+0x183/0x530 [ 354.529263][ C0] print_report+0x169/0x550 [ 354.533803][ C0] ? __virt_addr_valid+0x183/0x530 [ 354.538947][ C0] ? __virt_addr_valid+0x183/0x530 [ 354.544081][ C0] ? __virt_addr_valid+0x45f/0x530 [ 354.549207][ C0] ? __phys_addr+0xba/0x170 [ 354.553721][ C0] ? bq_xmit_all+0x134/0x11d0 [ 354.558420][ C0] kasan_report+0x143/0x180 [ 354.562939][ C0] ? bq_xmit_all+0x134/0x11d0 [ 354.567702][ C0] bq_xmit_all+0x134/0x11d0 [ 354.572206][ C0] ? dql_completed+0x79c/0xcf0 [ 354.576983][ C0] ? __pfx_lock_release+0x10/0x10 [ 354.582027][ C0] ? __pfx_bq_xmit_all+0x10/0x10 [ 354.586967][ C0] ? virtqueue_poll+0x186/0x230 [ 354.591840][ C0] ? virtnet_poll_tx+0x510/0x7d0 [ 354.596805][ C0] __dev_flush+0x81/0x160 [ 354.601138][ C0] xdp_do_check_flushed+0x129/0x240 [ 354.606355][ C0] __napi_poll+0xe4/0x490 [ 354.610696][ C0] net_rx_action+0x89b/0x1240 [ 354.615383][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 354.620492][ C0] ? sched_clock+0x4a/0x70 [ 354.624919][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 354.631255][ C0] handle_softirqs+0x2c4/0x970 [ 354.636033][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 354.640822][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 354.646115][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 354.651324][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 354.655920][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 354.661129][ C0] irq_exit_rcu+0x9/0x30 [ 354.665373][ C0] common_interrupt+0xaa/0xd0 [ 354.670055][ C0] [ 354.672986][ C0] [ 354.675921][ C0] asm_common_interrupt+0x26/0x40 [ 354.680959][ C0] RIP: 0010:__rcu_read_unlock+0x8b/0x110 [ 354.686605][ C0] Code: 20 84 c0 0f 85 88 00 00 00 41 83 3f 00 75 29 42 0f b6 04 23 84 c0 75 62 41 8b 45 00 3d 00 00 00 40 73 0f 5b 41 5c 41 5d 41 5e <41> 5f 5d c3 cc cc cc cc 90 0f 0b 90 eb eb 4c 89 f7 e8 7f 00 00 00 [ 354.706229][ C0] RSP: 0018:ffffc9000b6172c8 EFLAGS: 00000287 [ 354.712319][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000b617203 [ 354.720312][ C0] RDX: 0000000000000001 RSI: ffffffff8bcadea0 RDI: ffffffff8c1fa440 [ 354.728287][ C0] RBP: 0000000000000000 R08: ffffffff8fae9caf R09: 1ffffffff1f5d395 [ 354.736261][ C0] R10: dffffc0000000000 R11: fffffbfff1f5d396 R12: 0000000000000009 [ 354.744232][ C0] R13: ffffea0001824340 R14: 0000000000000000 R15: ffff88802d77a248 [ 354.752215][ C0] free_unref_folios+0xf26/0x19c0 [ 354.757270][ C0] folios_put_refs+0x93a/0xa60 [ 354.762053][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 354.767351][ C0] ? free_swap_cache+0xb3/0x880 [ 354.772211][ C0] free_pages_and_swap_cache+0x2ea/0x690 [ 354.777851][ C0] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 354.784033][ C0] ? tlb_table_flush+0x143/0x410 [ 354.789000][ C0] tlb_flush_mmu+0x3a3/0x680 [ 354.793662][ C0] tlb_finish_mmu+0xd4/0x200 [ 354.798284][ C0] exit_mmap+0x44f/0xc80 [ 354.802540][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 354.807318][ C0] ? __asan_memset+0x23/0x50 [ 354.811925][ C0] ? uprobe_clear_state+0x277/0x290 [ 354.817126][ C0] ? mm_update_next_owner+0x559/0x6b0 [ 354.822510][ C0] __mmput+0x115/0x380 [ 354.826584][ C0] exit_mm+0x220/0x310 [ 354.830672][ C0] ? __pfx_exit_mm+0x10/0x10 [ 354.835271][ C0] ? taskstats_exit+0x326/0xa60 [ 354.840130][ C0] do_exit+0x9b2/0x27f0 [ 354.844298][ C0] ? __pfx_do_exit+0x10/0x10 [ 354.848896][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 354.854273][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 354.860260][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 354.866613][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 354.871730][ C0] do_group_exit+0x207/0x2c0 [ 354.876319][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 354.881521][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 354.886729][ C0] get_signal+0x16a1/0x1740 [ 354.891261][ C0] ? __pfx_get_signal+0x10/0x10 [ 354.896125][ C0] arch_do_signal_or_restart+0x96/0x860 [ 354.901690][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 354.907869][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 354.913860][ C0] ? syscall_exit_to_user_mode+0xa3/0x370 [ 354.919580][ C0] syscall_exit_to_user_mode+0xc9/0x370 [ 354.925124][ C0] do_syscall_64+0x100/0x230 [ 354.929716][ C0] ? clear_bhb_loop+0x35/0x90 [ 354.934397][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.940290][ C0] RIP: 0033:0x7fb34a775b59 [ 354.944720][ C0] Code: Unable to access opcode bytes at 0x7fb34a775b2f. [ 354.951739][ C0] RSP: 002b:00007fb34b4a50f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 354.960152][ C0] RAX: fffffffffffffe00 RBX: 00007fb34a905f68 RCX: 00007fb34a775b59 [ 354.968144][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb34a905f68 [ 354.976114][ C0] RBP: 00007fb34a905f60 R08: 00007fb34b4a56c0 R09: 00007fb34b4a56c0 [ 354.984084][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb34a905f6c [ 354.992053][ C0] R13: 000000000000000b R14: 00007fff2301df30 R15: 00007fff2301e018 [ 355.000032][ C0] [ 355.003051][ C0] [ 355.005368][ C0] Allocated by task 7095: [ 355.009693][ C0] kasan_save_track+0x3f/0x80 [ 355.014377][ C0] __kasan_slab_alloc+0x66/0x80 [ 355.019228][ C0] kmem_cache_alloc_noprof+0x135/0x2a0 [ 355.024693][ C0] vm_area_dup+0x27/0x290 [ 355.029018][ C0] copy_mm+0xc7b/0x1f30 [ 355.033180][ C0] copy_process+0x187a/0x3dc0 [ 355.037856][ C0] kernel_clone+0x223/0x870 [ 355.042360][ C0] __x64_sys_clone+0x258/0x2a0 [ 355.047156][ C0] do_syscall_64+0xf3/0x230 [ 355.051654][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.057549][ C0] [ 355.059869][ C0] The buggy address belongs to the object at ffff888067349aa8 [ 355.059869][ C0] which belongs to the cache vm_area_struct of size 184 [ 355.074193][ C0] The buggy address is located 0 bytes to the right of [ 355.074193][ C0] allocated 184-byte region [ffff888067349aa8, ffff888067349b60) [ 355.088688][ C0] [ 355.091010][ C0] The buggy address belongs to the physical page: [ 355.097417][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67349 [ 355.106189][ C0] memcg:ffff88802b341501 [ 355.110427][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 355.117537][ C0] page_type: 0xffffefff(slab) [ 355.122212][ C0] raw: 00fff00000000000 ffff888015eefb40 ffffea00019bb3c0 0000000000000004 [ 355.130808][ C0] raw: 0000000000000000 0000000000100010 00000001ffffefff ffff88802b341501 [ 355.139381][ C0] page dumped because: kasan: bad access detected [ 355.145798][ C0] page_owner tracks the page as allocated [ 355.151592][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7745, tgid 7745 (dhcpcd-run-hook), ts 338969575997, free_ts 338929799303 [ 355.171219][ C0] post_alloc_hook+0x1f3/0x230 [ 355.176011][ C0] get_page_from_freelist+0x2e4c/0x2f10 [ 355.181553][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 355.186747][ C0] alloc_slab_page+0x5f/0x120 [ 355.191419][ C0] allocate_slab+0x5a/0x2f0 [ 355.195922][ C0] ___slab_alloc+0xcd1/0x14b0 [ 355.200602][ C0] __slab_alloc+0x58/0xa0 [ 355.204957][ C0] kmem_cache_alloc_noprof+0x1c1/0x2a0 [ 355.210413][ C0] vm_area_dup+0x27/0x290 [ 355.214746][ C0] copy_mm+0xc7b/0x1f30 [ 355.218904][ C0] copy_process+0x187a/0x3dc0 [ 355.223582][ C0] kernel_clone+0x223/0x870 [ 355.228088][ C0] __x64_sys_clone+0x258/0x2a0 [ 355.232855][ C0] do_syscall_64+0xf3/0x230 [ 355.237353][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.243244][ C0] page last free pid 7761 tgid 7761 stack trace: [ 355.249557][ C0] free_unref_folios+0xf12/0x19c0 [ 355.254587][ C0] folios_put_refs+0x93a/0xa60 [ 355.259360][ C0] free_pages_and_swap_cache+0x5c8/0x690 [ 355.265083][ C0] tlb_flush_mmu+0x3a3/0x680 [ 355.269681][ C0] tlb_finish_mmu+0xd4/0x200 [ 355.274272][ C0] exit_mmap+0x44f/0xc80 [ 355.278514][ C0] __mmput+0x115/0x380 [ 355.282593][ C0] exit_mm+0x220/0x310 [ 355.286667][ C0] do_exit+0x9b2/0x27f0 [ 355.290830][ C0] do_group_exit+0x207/0x2c0 [ 355.295423][ C0] __x64_sys_exit_group+0x3f/0x40 [ 355.300451][ C0] x64_sys_call+0x26c3/0x26d0 [ 355.305137][ C0] do_syscall_64+0xf3/0x230 [ 355.309648][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.315554][ C0] [ 355.317873][ C0] Memory state around the buggy address: [ 355.323500][ C0] ffff888067349a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc [ 355.331559][ C0] ffff888067349a80: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 [ 355.339616][ C0] >ffff888067349b00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 355.347677][ C0] ^ [ 355.354871][ C0] ffff888067349b80: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 [ 355.362946][ C0] ffff888067349c00: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc [ 355.371105][ C0] ================================================================== [ 355.379298][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 355.386520][ C0] CPU: 0 PID: 8067 Comm: syz.4.794 Not tainted 6.10.0-syzkaller-11323-g7846b618e0a4 #0 [ 355.396189][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 355.406283][ C0] Call Trace: [ 355.409588][ C0] [ 355.412456][ C0] dump_stack_lvl+0x241/0x360 [ 355.417180][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 355.422412][ C0] ? __pfx__printk+0x10/0x10 [ 355.427041][ C0] ? vscnprintf+0x5d/0x90 [ 355.431403][ C0] panic+0x349/0x860 [ 355.435336][ C0] ? check_panic_on_warn+0x21/0xb0 [ 355.440469][ C0] ? __pfx_panic+0x10/0x10 [ 355.444925][ C0] ? mark_lock+0x9a/0x350 [ 355.449299][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 355.455232][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 355.461168][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 355.467538][ C0] ? print_report+0x502/0x550 [ 355.472263][ C0] check_panic_on_warn+0x86/0xb0 [ 355.477235][ C0] ? bq_xmit_all+0x134/0x11d0 [ 355.481947][ C0] end_report+0x77/0x160 [ 355.486231][ C0] kasan_report+0x154/0x180 [ 355.490778][ C0] ? bq_xmit_all+0x134/0x11d0 [ 355.495491][ C0] bq_xmit_all+0x134/0x11d0 [ 355.500025][ C0] ? dql_completed+0x79c/0xcf0 [ 355.504883][ C0] ? __pfx_lock_release+0x10/0x10 [ 355.509957][ C0] ? __pfx_bq_xmit_all+0x10/0x10 [ 355.514934][ C0] ? virtqueue_poll+0x186/0x230 [ 355.519829][ C0] ? virtnet_poll_tx+0x510/0x7d0 [ 355.524811][ C0] __dev_flush+0x81/0x160 [ 355.529178][ C0] xdp_do_check_flushed+0x129/0x240 [ 355.534423][ C0] __napi_poll+0xe4/0x490 [ 355.538798][ C0] net_rx_action+0x89b/0x1240 [ 355.543515][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 355.548665][ C0] ? sched_clock+0x4a/0x70 [ 355.553216][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 355.559587][ C0] handle_softirqs+0x2c4/0x970 [ 355.564399][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 355.569204][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 355.574569][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 355.579813][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 355.584446][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 355.589692][ C0] irq_exit_rcu+0x9/0x30 [ 355.593977][ C0] common_interrupt+0xaa/0xd0 [ 355.598698][ C0] [ 355.601655][ C0] [ 355.604609][ C0] asm_common_interrupt+0x26/0x40 [ 355.609678][ C0] RIP: 0010:__rcu_read_unlock+0x8b/0x110 [ 355.615344][ C0] Code: 20 84 c0 0f 85 88 00 00 00 41 83 3f 00 75 29 42 0f b6 04 23 84 c0 75 62 41 8b 45 00 3d 00 00 00 40 73 0f 5b 41 5c 41 5d 41 5e <41> 5f 5d c3 cc cc cc cc 90 0f 0b 90 eb eb 4c 89 f7 e8 7f 00 00 00 [ 355.634992][ C0] RSP: 0018:ffffc9000b6172c8 EFLAGS: 00000287 [ 355.641103][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000b617203 [ 355.649112][ C0] RDX: 0000000000000001 RSI: ffffffff8bcadea0 RDI: ffffffff8c1fa440 [ 355.657124][ C0] RBP: 0000000000000000 R08: ffffffff8fae9caf R09: 1ffffffff1f5d395 [ 355.665131][ C0] R10: dffffc0000000000 R11: fffffbfff1f5d396 R12: 0000000000000009 [ 355.673144][ C0] R13: ffffea0001824340 R14: 0000000000000000 R15: ffff88802d77a248 [ 355.681225][ C0] free_unref_folios+0xf26/0x19c0 [ 355.686320][ C0] folios_put_refs+0x93a/0xa60 [ 355.691143][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 355.696479][ C0] ? free_swap_cache+0xb3/0x880 [ 355.701391][ C0] free_pages_and_swap_cache+0x2ea/0x690 [ 355.707084][ C0] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 355.713305][ C0] ? tlb_table_flush+0x143/0x410 [ 355.718291][ C0] tlb_flush_mmu+0x3a3/0x680 [ 355.723447][ C0] tlb_finish_mmu+0xd4/0x200 [ 355.728087][ C0] exit_mmap+0x44f/0xc80 [ 355.732373][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 355.737171][ C0] ? __asan_memset+0x23/0x50 [ 355.741808][ C0] ? uprobe_clear_state+0x277/0x290 [ 355.747049][ C0] ? mm_update_next_owner+0x559/0x6b0 [ 355.752469][ C0] __mmput+0x115/0x380 [ 355.756570][ C0] exit_mm+0x220/0x310 [ 355.760704][ C0] ? __pfx_exit_mm+0x10/0x10 [ 355.765342][ C0] ? taskstats_exit+0x326/0xa60 [ 355.770240][ C0] do_exit+0x9b2/0x27f0 [ 355.774456][ C0] ? __pfx_do_exit+0x10/0x10 [ 355.779089][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 355.784501][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 355.790546][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 355.796908][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 355.802056][ C0] do_group_exit+0x207/0x2c0 [ 355.806685][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 355.812004][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 355.817260][ C0] get_signal+0x16a1/0x1740 [ 355.821821][ C0] ? __pfx_get_signal+0x10/0x10 [ 355.826726][ C0] arch_do_signal_or_restart+0x96/0x860 [ 355.832328][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 355.838524][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 355.844550][ C0] ? syscall_exit_to_user_mode+0xa3/0x370 [ 355.850303][ C0] syscall_exit_to_user_mode+0xc9/0x370 [ 355.855895][ C0] do_syscall_64+0x100/0x230 [ 355.860615][ C0] ? clear_bhb_loop+0x35/0x90 [ 355.865333][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.871244][ C0] RIP: 0033:0x7fb34a775b59 [ 355.875691][ C0] Code: Unable to access opcode bytes at 0x7fb34a775b2f. [ 355.882711][ C0] RSP: 002b:00007fb34b4a50f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 355.891131][ C0] RAX: fffffffffffffe00 RBX: 00007fb34a905f68 RCX: 00007fb34a775b59 [ 355.899103][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb34a905f68 [ 355.907075][ C0] RBP: 00007fb34a905f60 R08: 00007fb34b4a56c0 R09: 00007fb34b4a56c0 [ 355.915068][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb34a905f6c [ 355.923136][ C0] R13: 000000000000000b R14: 00007fff2301df30 R15: 00007fff2301e018 [ 355.931122][ C0] [ 355.934475][ C0] Kernel Offset: disabled [ 355.938804][ C0] Rebooting in 86400 seconds..