last executing test programs: 1m15.020085773s ago: executing program 1 (id=1230): socket(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f0000000ac0)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="cdb6d1667f2c6f3c4df60ce5c47773c6", 0x10) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x6, @loopback, 0x0, 0x0, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000180)={0x6, @dev={0xac, 0x14, 0x14, 0x1}, 0x0, 0x0, 'rr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000030000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0af2e90000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d555000007d0454caa10350e11cb97c8adf00000000eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761401000100000000008004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fb76d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e11000012a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8d7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1e7a5fe29302cec9f2e62900bfaee62467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c4608800000000000000000000000000000000000000000000000000000000007cb27365d3c447282bf03fe98cb22197bde9ea6ea8c9adb17dae87c4c81657b99922322148d2913f0a00000000fd23c234c20ae1f0bc9034f0d8dd33f45c9bdbbfefce0365013664fb8cc638f924d07bda73c1c1e5a6d86a10d74230b0031078b4de5bc684b8d5a1b5839c26bf6fe9eb6dd26c9790c419bb"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0xa}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000c40)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000105000000000000000000000001000005000000000000000001000000000000000000a5b46ba285d4c0dba96bc1ae7b33c7308b5f88f51b0f7b54c05c06fb11d146afe4c79d039654ff5e9757f7e476f3556bdfd7e891ee88c704dd3d6fd7fbdbedeea7b935fdafaf2358324300a52c06845dacd688d81a2e5b1757e51ce9ebc795eda22fb0c64333db191900e7a60d28482f5b32d107ae07a187037f2c03d12398f75e2383d30d62b3ac2c"], 0x0, 0x42, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89b0, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @multicast1}}}) r4 = socket$packet(0x11, 0x0, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x35, &(0x7f0000fbe000)={0x0, 0x0}, 0x10) r5 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/uts\x00') r6 = dup3(r3, r5, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0) write$uinput_user_dev(r8, &(0x7f0000000200)={'syz0\x00', {}, 0x0, [0xffffff38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffdffffe, 0x4]}, 0x45c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000d40)=ANY=[@ANYRES16, @ANYBLOB="2fdb1e0e398e89bde74ea1aa988fe505e93b015e060d7c2a8a9ae568", @ANYRES32=r9, @ANYBLOB="534749e5939d6103b4c6e895247d00ac4e9f669ec802b17556ed6dcc4df36ccd272cc5af92685521e2967c00af002084fac8d9b2c6b50837d5905b0ea1e06e6f7b75aa0fb312fd4519a75f45f5230d0e39c4b605798be8e98ef5e80dbb93a26cc3ab11f178e5"], 0x2c}, 0x1, 0x0, 0x0, 0x8084}, 0x4048000) 20.126557824s ago: executing program 3 (id=1315): r0 = socket$inet6(0xa, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r3, 0x26, &(0x7f00000031c0)) r4 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001280)={0x2, 0xf, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_address={0x3, 0x0, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x50}}, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r6, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10) sendmmsg$inet(r6, 0x0, 0x0, 0xc044) sendmmsg$inet(r6, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="4a4b1091d520ad6fe99665f97f7d40315878c0cf55a0326945b02d63ab7be97f7acd520aebb94b5ac63b51363870a641d0890dcef8a9ca353cad1633ecbd239abaed680353cc2481fdc73111cb4da6874aa61bf0f7b9c34f3bb36739f465d19753bf9cced30bb4b760fb591bcae63058ef44954c9671c88282a207c8294437cebb9a58ed7c7705a6fb641960d368b41acbbc4dd2253c083da6516b12140948029eb0d0762b5a74", 0xa7}, {&(0x7f0000003c80)}], 0x2}}], 0x1, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r4, 0xc0385720, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180010000700000000000000000000007419640000000000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0) 18.372882857s ago: executing program 3 (id=1319): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x85c0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000740), 0x1ff, 0x0) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x9237, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000001240)={&(0x7f0000001180)="b7", 0x1, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r4, 0xc00464be, &(0x7f0000000180)={r5}) ioctl$NS_GET_USERNS(r2, 0x5450, 0x0) pipe2(&(0x7f0000000040), 0x0) socket$unix(0x1, 0x1, 0x0) r6 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r6, 0x0, 0x0) close(0xffffffffffffffff) prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x1ff}, 0x0) timerfd_create(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TIOCSETD(r1, 0x5423, 0x0) 14.961319767s ago: executing program 2 (id=1321): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000300)=0x8281336) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x3) dup(r1) write$binfmt_script(r1, &(0x7f0000000e00), 0x107) 11.641412995s ago: executing program 0 (id=1322): socket$can_raw(0x1d, 0x3, 0x1) socket$unix(0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102398, 0x18ffe}, {0x0}], 0x2, 0x0, 0x0) r1 = socket(0x11, 0x0, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000200), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) bind$can_raw(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x806, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000000)={0xf0f045}) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080)={0x2011}) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') close(r5) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB]) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0xe) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000300000000000100000509000100737a30000000002c000000030a01130000000000000000010000000900030073797a32000000000900010073797a400000000058000000060a010400000000000000000100000008af000b40000000000900010073797a3000000000300004802c0001800b000100736f636b657400001c000280080002400000000008000140000000030800030871bfaab8a3fa60df8680dcfa143c39f080dd356f9197f89a0e393ac275b1f80dbc2303403ccd7f475c840af5ba338c86aadc3badb5643bb95f0611e431cae1aff363d3936e795db3ab973eb246a4a44fed70f82ee79c251796b4e31cf42b2ade5d5bac5b0fbf6f1c45dc7dd13e89a39d51bae9e553e6aaddecf8a3b79527d9072510", @ANYBLOB="7e2e6ad3b4ad1663d324401679c652", @ANYRES32=r3], 0xcc}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) 11.629670025s ago: executing program 4 (id=1323): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$tipc(0x1e, 0x0, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0xc0505405, &(0x7f00000000c0)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b405eafffeffffff71103a00000000f2ffffff000000000000000200000013d0"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100), 0x10) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f0000000200)=0x3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) sendmmsg$inet6(r4, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044051) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r5, 0x0, &(0x7f00000001c0)=0x208) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x2200c014, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) poll(0x0, 0x0, 0x0) sendto$inet6(r5, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda46", 0xc4, 0x1, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x0) 11.457189209s ago: executing program 2 (id=1324): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x85c0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000740), 0x1ff, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x9237, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000001240)={&(0x7f0000001180)="b7", 0x1}) ioctl$NS_GET_USERNS(r2, 0x5450, 0x0) pipe2(&(0x7f0000000040), 0x0) socket$unix(0x1, 0x1, 0x0) r4 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r4, 0x0, 0x0) close(0xffffffffffffffff) prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x1ff}, 0x0) timerfd_create(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TIOCSETD(r1, 0x5423, 0x0) 10.663051758s ago: executing program 4 (id=1325): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="5400000002060108000034e40000000000000000050005000a000000050001000600008776b009000500040000000000090002009c570b426ddb92550d000300686173683a6e6574000000000ccf9d4007fb523360c7c20eb40007800800124000000000"], 0x54}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, 0x0, 0x0) socket$inet(0x2, 0x4000000805, 0x0) syz_emit_ethernet(0xa2, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000008440)=""/102392, 0x18ff8}], 0x1, 0xfffffe01, 0x0) r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x77, 0x101341) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x42}}, 0x10) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xa, 0x924, 0x5, 0x0, r1, 0x0, '\x00', 0x0, r1, 0x3, 0x0, 0x1, 0x3, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000180)={r5, 0x0, 0x0}, 0x20) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x11, &(0x7f0000000000), 0x4) bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(r3, &(0x7f0000001b40)={&(0x7f0000001800)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10, 0x0}, 0x0) ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) setpriority(0x3, 0x0, 0x0) 10.349179974s ago: executing program 0 (id=1326): socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = getpid() mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa) prlimit64(0x0, 0xe, 0x0, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380), 0x2}}, 0x20) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080)}, {0x0}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) rt_tgsigqueueinfo(r2, 0x0, 0x18, &(0x7f0000000080)={0x0, 0x0, 0x4000}) 9.91228096s ago: executing program 1 (id=1247): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x85c0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x9237, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000001240)={&(0x7f0000001180)="b7", 0x1, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r3, 0xc00464be, &(0x7f0000000180)={r4}) ioctl$NS_GET_USERNS(r2, 0x5450, 0x0) pipe2(&(0x7f0000000040), 0x0) socket$unix(0x1, 0x1, 0x0) r5 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r5, 0x0, 0x0) close(0xffffffffffffffff) prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x1ff}, 0x0) timerfd_create(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TIOCSETD(r1, 0x5423, 0x0) 9.543642276s ago: executing program 3 (id=1327): syz_open_dev$evdev(&(0x7f00000003c0), 0x0, 0x440282) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) shmget(0x2, 0x4000, 0x20, &(0x7f0000ffb000/0x4000)=nil) ptrace$peek(0x2, r0, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'}) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) io_setup(0x0, &(0x7f0000000280)) r5 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0x0) finit_module(r5, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x62, 0x0, 0x0) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020400030e000000000700000000000004000900a0000000e9255bb992464e73a02159d3720df19f7a1dfec30000000003000600000000000200000000000000000000000000000002000100000000fffffffb0d00000000030005000000000002"], 0x70}, 0x1, 0x7}, 0x0) 9.543445903s ago: executing program 4 (id=1328): socket$inet6_sctp(0xa, 0x1, 0x84) socket$kcm(0x2, 0x922000000001, 0x106) unshare(0x20020480) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000140)='EG', 0x2, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x13}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x4, 0x0, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r3, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$FUSE_INIT(r3, &(0x7f0000002300)={0x50, 0x0, r4, {0x7, 0x9}}, 0x50) read$FUSE(r3, &(0x7f00000044c0)={0x2020, 0x0, 0x0}, 0xfe63) write$FUSE_NOTIFY_STORE(r3, &(0x7f0000002400)=ANY=[@ANYBLOB="290000000400000000000000000000000100000000000000000000150000000001"], 0x29) write$FUSE_INTERRUPT(r3, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r5}, 0x10) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0xc0280, 0x0) dup3(r6, r3, 0x0) setsockopt$inet6_int(r2, 0x29, 0x42, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$qrtr(0x2a, 0x2, 0x0) r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000100)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r7, 0x3ba0, &(0x7f0000000240)={0x48, 0x1, r8}) 8.487445462s ago: executing program 0 (id=1329): r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80) ioctl$FIBMAP(r1, 0x401870cb, 0x0) mmap$snddsp_control(&(0x7f0000ffb000/0x4000)=nil, 0x1000, 0x0, 0x110, r1, 0x83000000) bind$inet(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x6) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_create1(0x0) mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000180)='./file0\x00', 0x4000000) bind$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x1}, 0x6e) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$RTC_PIE_ON(r4, 0x7005) r5 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_XRUN(r5, 0xc0984124, 0x1000000000000) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x400000, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 8.454159757s ago: executing program 2 (id=1330): keyctl$chown(0x4, 0x0, 0xee01, 0x0) io_setup(0x9, &(0x7f0000000080)=0x0) r1 = eventfd2(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) landlock_create_ruleset(&(0x7f00000001c0)={0x0, 0x1}, 0x10, 0x0) r6 = fsopen(&(0x7f0000000280)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) fsmount(r6, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x7, 0x0, 0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000e40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc6fffffd) 8.313153888s ago: executing program 3 (id=1331): r0 = creat(&(0x7f0000000040)='./file0\x00', 0x1de) close(r0) r1 = socket$qrtr(0x2a, 0x2, 0x0) r2 = dup2(r1, r1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) ioctl$TIOCVHANGUP(r2, 0x891b, 0x1000000000000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x0, 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) accept4$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000140)=0x1c, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r6) sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000008000100030000002c0004800500030080ff0000050003ff600000000500030001000000050003008000000005000300800000000800020003"], 0x50}}, 0x0) bind$inet(r0, 0x0, 0x0) setresgid(0xee00, 0xee01, 0x0) setgroups(0x0, 0x0) shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil) 5.952353544s ago: executing program 3 (id=1332): ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'erspan0\x00', &(0x7f0000000300)={'sit0\x00', 0x0, 0x7800, 0x10, 0x1000, 0x8, {{0x22, 0x4, 0x0, 0x0, 0x88, 0x65, 0x0, 0x2, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x36}, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x1f, 0xb2, [@dev, @remote, @rand_addr=0x64010100, @local, @empty, @multicast2, @local]}, @noop, @noop, @generic={0x88, 0xc, "191f408b9203caa52a2d"}, @ssrr={0x89, 0x17, 0x41, [@multicast2, @remote, @multicast1, @multicast1, @dev={0xac, 0x14, 0x14, 0x1e}]}, @timestamp_prespec={0x44, 0x2c, 0xb6, 0x3, 0x6, [{@multicast2, 0x40}, {@loopback}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x5}, {@local, 0xaf}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x24f12f54}]}]}}}}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioperm(0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x35, 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f00000002c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_DEBUGREGS(r9, 0x8080aea1, &(0x7f0000000200)) 5.855059647s ago: executing program 2 (id=1333): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) openat$nullb(0xffffffffffffff9c, 0x0, 0x280a80, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000000)) connect(0xffffffffffffffff, 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000dc0), r2) sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x28, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}]}]}, 0x28}}, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x40186f40, 0x20000502) r4 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) listen(r4, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x4}, 0x10) r5 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2d8, 0xffffffff, 0x0, 0x190, 0x98, 0xffffffff, 0xffffffff, 0x240, 0x240, 0x240, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @rand_addr, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@uncond, 0x287, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x3}}, @common=@icmp={{0x28}, {0x0, "e2fa"}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "81d0042c436dbdac8bebde18b54dd11bf035c1d8b6b0e88ef5aee0eccad7"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x338) 5.778766568s ago: executing program 0 (id=1334): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$tipc(0x1e, 0x0, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0xc0505405, &(0x7f00000000c0)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r2, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b405eafffeffffff71103a00000000f2ffffff000000000000000200000013d0"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100), 0x10) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) ioctl$PTP_PEROUT_REQUEST2(r3, 0x40383d0c, &(0x7f0000000000)={{0x0, 0x9}, {0x2b92, 0x66b}, 0xd3}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) sendmmsg$inet6(r4, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044051) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r5, 0x0, &(0x7f00000001c0)=0x208) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x2200c014, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) poll(0x0, 0x0, 0x0) sendto$inet6(r5, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda46", 0xc4, 0x1, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x0) 5.268405253s ago: executing program 2 (id=1335): socket$can_raw(0x1d, 0x3, 0x1) socket$unix(0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102398, 0x18ffe}, {0x0}], 0x2, 0x0, 0x0) r1 = socket(0x11, 0x0, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000200), 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) bind$can_raw(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x806, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000000)={0xf0f045}) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080)={0x2011}) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') close(r5) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB]) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0xe) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000300000000000100000509000100737a30000000002c000000030a01130000000000000000010000000900030073797a32000000000900010073797a400000000058000000060a010400000000000000000100000008af000b40000000000900010073797a3000000000300004802c0001800b000100736f636b657400001c000280080002400000000008000140000000030800030871bfaab8a3fa60df8680dcfa143c39f080dd356f9197f89a0e393ac275b1f80dbc2303403ccd7f475c840af5ba338c86aadc3badb5643bb95f0611e431cae1aff363d3936e795db3ab973eb246a4a44fed70f82ee79c251796b4e31cf42b2ade5d5bac5b0fbf6f1c45dc7dd13e89a39d51bae9e553e6aaddecf8a3b79527d9072510", @ANYBLOB="7e2e6ad3b4ad1663d324401679c652", @ANYRES32=r3], 0xcc}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) 5.12271335s ago: executing program 4 (id=1336): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) msgsnd(0x0, 0x0, 0x17, 0x0) msgget(0x1, 0x0) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) pipe(0x0) msgsnd(0x0, 0x0, 0x9d, 0x0) msgrcv(0x0, 0x0, 0x0, 0x3, 0x3000) msgget$private(0x0, 0x0) msgsnd(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="03"], 0xe4, 0x0) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) msgctl$IPC_RMID(0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000004800090100000000000000000a000000"], 0x38}}, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESDEC=0x0]) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000180), &(0x7f0000000200)=0x8) read$FUSE(0xffffffffffffffff, 0x0, 0x0) 4.138324764s ago: executing program 0 (id=1337): io_setup(0x9, &(0x7f0000000080)) epoll_create1(0x0) eventfd2(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) fsopen(&(0x7f0000000280)='proc\x00', 0x0) futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc6fffffd) 4.026184376s ago: executing program 4 (id=1338): r0 = epoll_create1(0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r2) write$tun(r2, &(0x7f0000000640)={@val={0x0, 0x6007}, @void, @llc={@snap={0xab, 0x0, "ff", "099984", 0x88ca, "c870e074fea9ed569a64718eaa2dc9d48220a94469e85b5b437e4a5e027dfee6cacce1cdcba77d048b25beafc946703239127be4ed46ae7c6f47f22ab889027a203486949798398701cfaa62ca1c9306556af433cafb1ee1fc657412944d2076abcc40f486e12a23a11363b882cb17959080c41fedb6052e65a27a8d8404e227a8ba86aa00b1000d5db15c9e04dc33d40f2045d289492e470691eb97f68b9a52bf03b8d632bc197d54b3d8ba65e41c760424c1cc0b2e364460465f53426d30c5fe09dc25a153c5a542e5c37ea38d356569f0e24f6733a5cde407bf49bba089aaa8a32ca1f8148b02aa96fa49297f240c41bef05d815cee416d8fde8dbbefee1be1370f3e8925b127731be482429dd0b7770a96d36ed731da36b83a0000000000005511cfca20df0e45fe5a7af226ab7426fc87ab58878027e5890f5618f7007d9973039b195810afe0f5403479cf43ed000000"}}}, 0x15f) socket(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000001880)='numa_maps\x00') pread64(r4, &(0x7f0000000880)=""/4096, 0x1000, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000380)=0x85000) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0) r8 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getstat={0xe0, 0x15, 0x0, 0x0, 0x0, {{'digest_null-generic\x00'}}}, 0xe0}}, 0x0) sendmsg$nl_crypto(r8, &(0x7f00000001c0)={0x0, 0x48, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xfff) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x21008, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) 3.942262528s ago: executing program 1 (id=1339): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) madvise(&(0x7f0000ffc000/0x4000)=nil, 0xffffffffdf003fff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)={0x40, 0x39, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x05G'}]}, @typed={0x14, 0x2, 0x0, 0x0, @ipv6=@loopback}, @nested={0x8, 0x7, 0x0, 0x1, [@typed={0x4}]}]}, 0x40}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000001100), 0x0) sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x18, 0x17, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@NFTA_FLOWTABLE_HOOK={0x4}]}, 0x18}}, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000003b00)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r6 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000)) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10) socket$packet(0x11, 0x3, 0x300) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000005c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f200011800e000100636f6e6e6c696d69740000000c0002800800014000000000400000000c0a01020000000000000000010000000900020073797a320000000014000380100000800800034000000002040400800900010073797a30"], 0xe4}}, 0x0) 2.648020294s ago: executing program 2 (id=1340): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x85c0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000740), 0x1ff, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x9237, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000001240)={&(0x7f0000001180)="b7", 0x1}) ioctl$NS_GET_USERNS(r2, 0x5450, 0x0) pipe2(&(0x7f0000000040), 0x0) socket$unix(0x1, 0x1, 0x0) r4 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r4, 0x0, 0x0) close(0xffffffffffffffff) prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x1ff}, 0x0) timerfd_create(0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) ioctl$TIOCSETD(r1, 0x5423, 0x0) 2.643622183s ago: executing program 1 (id=1341): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getrlimit(0x6, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0xac14140b}}]}, &(0x7f00000002c0)=0x10) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="580000001400010627bd7000000000000a84bfc6fc"], 0x58}}, 0x20010810) ioctl$PTP_EXTTS_REQUEST(0xffffffffffffffff, 0x40103d02, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r7 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580, 0x5, 0xfa}, &(0x7f0000000100), &(0x7f0000000280)=0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000140)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r7, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r9 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0]) close(r9) close_range(r6, 0xffffffffffffffff, 0x0) 1.361011323s ago: executing program 1 (id=1342): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_open_dev$media(0x0, 0x0, 0x0) syz_open_dev$media(0x0, 0x0, 0x6802c1) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0) memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x2000, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000140000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0, @ANYBLOB="2c7365636c6162656c2c636f6e746578743d73746166665f752c7063723d30303030303030303030303030303030303031342c7375626a5f726f6c653d5b245b405d2c66756e633d46494c455f4d4d41502c736d61636b66737472616e736d7574653d3b650000a4d8e09c7f398a5a5d334ebbe15e9ce19b3673243059f89000000000d27e6cf612deddd51d96b061adcd16d847b6d9445a6dab4fad1663c0b61fe3001a5fc7bfa754be138bb3728f4ce6bae718b42442496aa3c9c67c9b88dd50780249dee80102c1ed633206cb4dfb136a5a96ee6a9be4586a4eb93edf33550d208d6838542f682990ff8dd989abf850ac59746ba3edfa2a381308cef87aedad6e96a39a3952d95de1315765fe33e0361a5e045eefa30f559b31c64a839d5b5c61fddca1cdbe9bc57a37e8565089164d4b60e5133708000000d501ea98e65a956ae30e6b3e14800d5853cef90e89c4c61b4f6d344c6c610dce17b57226f396bcc339a795d946172c0000000000001c"]) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') r3 = open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r4}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r6) sendmsg$IEEE802154_ASSOCIATE_REQ(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, r7, 0x409, 0x0, 0x0, {}, [@IEEE802154_ATTR_CHANNEL={0x5}]}, 0x1c}}, 0x0) r8 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, 0x0) ioctl$PPPIOCSPASS(r8, 0x40107447, &(0x7f0000000100)={0x2028, &(0x7f0000000080)=[{}, {}]}) r9 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r9, 0xc0884123, &(0x7f0000000080)) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000800)) 410.862894ms ago: executing program 4 (id=1343): setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x100000000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000380)={0x11, 0x1, 0x0, "96a34ca4baf870af763944000eb5250000002000"}) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0x2, 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000600)={0x28, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0x28}}, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000500)={@cgroup, 0xffffffffffffffff, 0x25, 0x0, 0x0, @prog_id}, 0x20) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x80c002000104082, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000b, 0x13, r6, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a32000000000800410073697700140033007465616d300000000000000000000000fae454e361a54f8e562824c8997194450163919ebc34a2631f835b23985684b641c4f3d4e8a619e1dd088ca89f1a257304e54943de0c9af36fcaf042d602e53a35e26608684186075e711dd845bc9b69c791274a4b282f2a8fd6ac720c8946394680a8726fddf651c8202519b8f257c319816790d1b5393bb4de7b827ddbaa98fc293a1ed9e727618930e29fa37ddeae358dcd6de37bbeb13d45f58319917fd7af796f51bc314d9d79b09dcf"], 0x38}}, 0x0) 360.391313ms ago: executing program 0 (id=1344): keyctl$chown(0x4, 0x0, 0xee01, 0x0) io_setup(0x9, &(0x7f0000000080)=0x0) r1 = eventfd2(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) landlock_create_ruleset(&(0x7f00000001c0)={0x0, 0x1}, 0x10, 0x0) r6 = fsopen(&(0x7f0000000280)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) fsmount(r6, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x7, 0x0, 0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000e40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc6fffffd) 185.038165ms ago: executing program 3 (id=1345): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x1e, 0x0, 0x0, 0x0, 0x100, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) move_mount(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000300)='./file0\x00', 0x40) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$caif_seqpacket(0x25, 0x5, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000080)={{0x6, @rose}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x8, 0x0}, @default, @bcast]}, 0x10) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r7, 0x0, 0x0, 0x0, 0x0}) r9 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x13, r9, 0x0) ioctl$IOMMU_HWPT_ALLOC$NONE(0xffffffffffffffff, 0x3b89, &(0x7f0000000380)={0x28, 0x0, r8, r7, 0x0, 0x0, 0x0, 0x0, 0x0}) close(r6) 0s ago: executing program 1 (id=1346): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) msgsnd(0x0, 0x0, 0x17, 0x0) msgget(0x1, 0x0) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) pipe(0x0) msgrcv(0x0, 0x0, 0x0, 0x3, 0x3000) msgget$private(0x0, 0x0) msgrcv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) msgsnd(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="03"], 0xe4, 0x0) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) msgctl$IPC_RMID(0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000004800090100000000000000000a000000"], 0x38}}, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESDEC=0x0]) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000180), &(0x7f0000000200)=0x8) kernel console output (not intermixed with test programs): de [ 985.558576][ T9788] veth0_macvtap: left promiscuous mode [ 986.344754][ T9788] veth1_vlan: left promiscuous mode [ 986.379675][ T9788] veth0_vlan: left promiscuous mode [ 987.813409][ T5325] usb 5-1: USB disconnect, device number 9 [ 989.148640][ T9788] team0 (unregistering): Port device team_slave_1 removed [ 989.273091][ T9788] team0 (unregistering): Port device team_slave_0 removed [ 990.477058][ T5248] Bluetooth: hci1: unexpected event 0x13 length: 0 < 1 [ 990.935570][T10480] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 991.141757][T10480] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 991.157925][T10480] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 991.194379][T10480] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 991.215928][T10480] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 991.244088][T10480] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f [ 991.253666][T10480] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 991.275993][T10480] usb 4-1: Product: syz [ 991.281193][T10480] usb 4-1: Manufacturer: syz [ 991.286151][T10480] usb 4-1: SerialNumber: syz [ 991.325190][T10480] usb 4-1: config 0 descriptor?? [ 991.354771][T10480] redrat3 4-1:0.0: Couldn't find all endpoints [ 991.647824][ T5273] usb 4-1: USB disconnect, device number 7 [ 991.847585][T11245] team0: Port device team_slave_0 added [ 992.025240][T11245] team0: Port device team_slave_1 added [ 992.395947][T11396] futex_wake_op: syz.2.926 tries to shift op by -1; fix this program [ 993.596719][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 995.513680][T11245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 995.584299][T11245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 995.877069][T11245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 995.911028][T11245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 995.918870][T11245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 998.386594][T11245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 999.428072][T11245] hsr_slave_0: entered promiscuous mode [ 999.966870][T11245] hsr_slave_1: entered promiscuous mode [ 1000.037817][T11245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1000.091607][T11245] Cannot create hsr debugfs directory [ 1001.187420][ T29] audit: type=1400 audit(1000.777:703): avc: denied { mount } for pid=11420 comm="syz.2.933" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 1002.612245][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1002.633680][ T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1002.643758][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1002.661407][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1002.670146][ T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1002.679445][ T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1003.370675][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1003.633947][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1003.773124][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1004.736680][ T55] Bluetooth: hci0: command tx timeout [ 1004.792230][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1005.054864][T11245] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1005.076526][T11245] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1005.105515][T11245] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1006.170544][T11245] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1006.930617][ T55] Bluetooth: hci0: command tx timeout [ 1007.045046][T11435] chnl_net:caif_netlink_parms(): no params data found [ 1007.262881][ T29] audit: type=1326 audit(1007.237:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11460 comm="syz.3.943" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x0 [ 1007.360841][ T11] bridge_slave_1: left allmulticast mode [ 1007.376033][ T11] bridge_slave_1: left promiscuous mode [ 1007.395331][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1007.412136][ T11] bridge_slave_0: left allmulticast mode [ 1007.418115][ T11] bridge_slave_0: left promiscuous mode [ 1007.425046][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1007.546528][T11473] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 1008.646912][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1008.681266][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1008.715188][ T11] bond0 (unregistering): Released all slaves [ 1008.981232][ T55] Bluetooth: hci0: command tx timeout [ 1009.883119][T11435] bridge0: port 1(bridge_slave_0) entered blocking state [ 1009.907911][T11435] bridge0: port 1(bridge_slave_0) entered disabled state [ 1009.931031][T11435] bridge_slave_0: entered allmulticast mode [ 1009.953937][T11435] bridge_slave_0: entered promiscuous mode [ 1010.310902][T11490] netlink: 28 bytes leftover after parsing attributes in process `syz.3.947'. [ 1010.550742][T11435] bridge0: port 2(bridge_slave_1) entered blocking state [ 1010.558905][T11435] bridge0: port 2(bridge_slave_1) entered disabled state [ 1010.569023][T11435] bridge_slave_1: entered allmulticast mode [ 1010.578616][T11435] bridge_slave_1: entered promiscuous mode [ 1010.770826][ T29] audit: type=1400 audit(1010.747:705): avc: denied { getopt } for pid=11492 comm="syz.3.948" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1011.505573][ T55] Bluetooth: hci0: command tx timeout [ 1011.812233][T11499] ptrace attach of "./syz-executor exec"[10049] was attempted by " [ 1012.907637][T11435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1012.998778][ C1] vkms_vblank_simulate: vblank timer overrun [ 1013.112930][T11435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1013.300695][ T55] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 1013.430444][ T11] hsr_slave_0: left promiscuous mode [ 1013.496730][ T11] hsr_slave_1: left promiscuous mode [ 1013.512340][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1013.535973][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1013.555638][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1013.563912][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1013.689175][ T11] veth1_macvtap: left promiscuous mode [ 1013.723973][ T11] veth0_macvtap: left promiscuous mode [ 1013.750938][ T11] veth1_vlan: left promiscuous mode [ 1013.763324][ T11] veth0_vlan: left promiscuous mode [ 1013.771118][T11519] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1016.261948][T11525] No control pipe specified [ 1016.428582][T11533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.956'. [ 1017.094361][ T55] Bluetooth: hci1: unexpected subevent 0x01 length: 25 > 18 [ 1017.246459][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1017.496477][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1019.135872][ T5248] Bluetooth: hci1: command 0x0406 tx timeout [ 1019.425896][T11552] binder: 11551:11552 ioctl 4018620d 0 returned -22 [ 1022.275285][T11573] netlink: 28 bytes leftover after parsing attributes in process `syz.3.966'. [ 1028.606146][T11435] team0: Port device team_slave_0 added [ 1028.619060][T11435] team0: Port device team_slave_1 added [ 1029.693511][T11435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1029.761325][T11435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.852521][T11435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1029.900106][T11245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1029.923437][ T5273] IPVS: starting estimator thread 0... [ 1030.447394][T11608] IPVS: using max 31 ests per chain, 74400 per kthread [ 1031.146359][T11435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1031.355573][T11435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1032.128415][T11435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1032.190145][T11245] 8021q: adding VLAN 0 to HW filter on device team0 [ 1033.278124][T11435] hsr_slave_0: entered promiscuous mode [ 1033.366238][T11435] hsr_slave_1: entered promiscuous mode [ 1033.387664][T11435] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1033.411297][T11435] Cannot create hsr debugfs directory [ 1034.517991][ T5248] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1034.533237][ T5248] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1034.560236][ T5248] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1034.569546][ T5248] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1034.589754][ T5248] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1034.599848][ T5248] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1034.878165][T11623] Illegal XDP return value 11623 on prog (id 287) dev N/A, expect packet loss! [ 1036.961929][ T29] audit: type=1400 audit(1036.567:706): avc: denied { create } for pid=11645 comm="syz.3.980" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 1036.994781][ T5248] Bluetooth: hci4: command tx timeout [ 1039.083613][ T5248] Bluetooth: hci4: command tx timeout [ 1039.999563][ T29] audit: type=1400 audit(1039.977:707): avc: denied { unlink } for pid=10955 comm="syz-executor" name="file0" dev="tmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 1040.014886][T11634] chnl_net:caif_netlink_parms(): no params data found [ 1041.036455][ T9777] bridge_slave_1: left allmulticast mode [ 1041.055481][ T9777] bridge_slave_1: left promiscuous mode [ 1041.061355][ T9777] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.106751][ T9777] bridge_slave_0: left allmulticast mode [ 1041.123480][ T9777] bridge_slave_0: left promiscuous mode [ 1041.135839][ T5248] Bluetooth: hci4: command tx timeout [ 1041.139850][ T9777] bridge0: port 1(bridge_slave_0) entered disabled state [ 1042.276027][ T9777] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1042.309102][ T9777] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1042.347275][ T9777] bond0 (unregistering): Released all slaves [ 1042.390414][T11634] bridge0: port 1(bridge_slave_0) entered blocking state [ 1042.443416][T11634] bridge0: port 1(bridge_slave_0) entered disabled state [ 1042.471739][T11634] bridge_slave_0: entered allmulticast mode [ 1042.520843][T11634] bridge_slave_0: entered promiscuous mode [ 1042.544128][T11634] bridge0: port 2(bridge_slave_1) entered blocking state [ 1042.552409][T11634] bridge0: port 2(bridge_slave_1) entered disabled state [ 1042.579130][T11634] bridge_slave_1: entered allmulticast mode [ 1042.600225][T11634] bridge_slave_1: entered promiscuous mode [ 1042.619779][T11673] netlink: 'syz.2.984': attribute type 4 has an invalid length. [ 1042.670763][T11435] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1042.723932][ T9777] hsr_slave_0: left promiscuous mode [ 1042.743274][ T9777] hsr_slave_1: left promiscuous mode [ 1042.766759][ T9777] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1042.806266][ T9777] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1043.200505][T11693] futex_wake_op: syz.2.989 tries to shift op by -1; fix this program [ 1043.229523][ T5248] Bluetooth: hci4: command tx timeout [ 1044.303906][ T9777] team0 (unregistering): Port device team_slave_1 removed [ 1044.377541][ T9777] team0 (unregistering): Port device team_slave_0 removed [ 1046.295110][T11435] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1047.914900][T11435] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1048.089557][T11435] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1048.117958][T11634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1048.174879][T11634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1048.511106][T11634] team0: Port device team_slave_0 added [ 1048.540003][T11634] team0: Port device team_slave_1 added [ 1050.590000][T11634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1050.598126][T11634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1050.636477][T11634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1050.718706][T11634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1050.740650][T11634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1050.819710][T11634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1051.074602][T11634] hsr_slave_0: entered promiscuous mode [ 1051.082796][T11634] hsr_slave_1: entered promiscuous mode [ 1051.092491][T11634] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1051.104287][T11634] Cannot create hsr debugfs directory [ 1052.511146][ T5248] Bluetooth: hci5: command 0x0406 tx timeout [ 1053.246419][ T29] audit: type=1326 audit(1053.227:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.4.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c77d7def9 code=0x7fc00000 [ 1053.281120][T11435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1053.690237][T11435] 8021q: adding VLAN 0 to HW filter on device team0 [ 1053.752642][ T9782] bridge0: port 1(bridge_slave_0) entered blocking state [ 1053.759779][ T9782] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1053.819261][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1053.826512][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1054.992004][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 1056.460493][T11634] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1056.480370][T11754] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1056.513692][T11634] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1056.590543][T11435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1056.610734][T11634] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1056.629209][T11634] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1056.703216][T11761] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1056.953637][T11435] veth0_vlan: entered promiscuous mode [ 1056.973298][T11435] veth1_vlan: entered promiscuous mode [ 1057.183140][T11634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1057.226643][T11435] veth0_macvtap: entered promiscuous mode [ 1057.275124][T11435] veth1_macvtap: entered promiscuous mode [ 1057.338545][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1057.349700][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1057.364706][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1057.398456][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1057.416566][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1057.455622][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1057.481421][T11435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1057.511501][T11634] 8021q: adding VLAN 0 to HW filter on device team0 [ 1057.578365][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1057.768718][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1057.783749][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1058.228535][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1058.572243][T11435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1058.583045][T11435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1058.596880][T11435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1059.019341][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1059.026585][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1059.078745][ T9777] bridge0: port 2(bridge_slave_1) entered blocking state [ 1059.085969][ T9777] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1059.168126][T11435] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.185967][T11435] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.203339][T11435] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.224343][T11435] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.923488][T11634] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1060.373768][ T9800] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1060.406952][ T9800] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1060.713575][ T9788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1060.744416][ T9788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1060.789892][T11780] sctp: failed to load transform for md5: -4 [ 1060.801313][T11634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1061.362958][T11634] veth0_vlan: entered promiscuous mode [ 1061.562717][T11634] veth1_vlan: entered promiscuous mode [ 1065.162531][T11634] veth0_macvtap: entered promiscuous mode [ 1065.251745][ T29] audit: type=1400 audit(1065.227:709): avc: denied { getopt } for pid=11811 comm="syz.3.1014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1065.302649][T11634] veth1_macvtap: entered promiscuous mode [ 1065.920773][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1065.949706][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1065.969262][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1065.994041][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1066.024836][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1066.640059][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1066.681289][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1066.704185][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1066.755364][T11634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1066.785782][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1066.805092][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1066.840246][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1066.864252][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1066.913874][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1066.960450][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1067.000456][T11634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1067.051483][T11634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1067.071704][T11634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1067.107179][T11634] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.153600][T11634] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.184566][T11634] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.215684][T11634] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.329520][T11824] netlink: 'syz.3.1016': attribute type 10 has an invalid length. [ 1067.338537][T11824] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1016'. [ 1067.363642][T11824] bond0: entered promiscuous mode [ 1067.369940][T11824] bond_slave_0: entered promiscuous mode [ 1067.380608][T11824] bond_slave_1: entered promiscuous mode [ 1067.414650][T11824] bridge0: port 3(bond0) entered blocking state [ 1067.428859][T11824] bridge0: port 3(bond0) entered disabled state [ 1067.445861][T11824] bond0: entered allmulticast mode [ 1067.467450][T11824] bond_slave_0: entered allmulticast mode [ 1067.473366][T11824] bond_slave_1: entered allmulticast mode [ 1067.537603][T11824] bridge0: port 3(bond0) entered blocking state [ 1067.543990][T11824] bridge0: port 3(bond0) entered forwarding state [ 1068.359288][ T29] audit: type=1400 audit(1067.937:710): avc: denied { write } for pid=11827 comm="syz.2.1018" lport=58211 faddr=::ffff:10.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 1068.507573][ T29] audit: type=1400 audit(1067.937:711): avc: denied { setopt } for pid=11827 comm="syz.2.1018" lport=58211 faddr=::ffff:10.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 1068.548493][T11832] input: syz0 as /devices/virtual/input/input19 [ 1068.671232][ T29] audit: type=1326 audit(1068.647:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11833 comm="syz.2.1020" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed10f7def9 code=0x0 [ 1068.802897][ T9782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1068.827440][ T9782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1068.950712][ T9782] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1068.978884][ T9782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1070.281521][T11840] overlayfs: missing 'lowerdir' [ 1070.448968][ T29] audit: type=1400 audit(1070.427:713): avc: denied { accept } for pid=11847 comm="syz.3.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1072.432146][T11860] input: syz1 as /devices/virtual/input/input20 [ 1079.295146][T11881] Cannot find add_set index 0 as target [ 1079.326165][ T29] audit: type=1400 audit(1079.297:714): avc: denied { bind } for pid=11874 comm="syz.3.1030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1082.449808][T11900] 9pnet_fd: Insufficient options for proto=fd [ 1083.645328][ T5325] IPVS: starting estimator thread 0... [ 1083.666700][ T5233] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1083.678271][ T5233] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1083.691728][ T5233] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1083.701781][T11908] futex_wake_op: syz.2.1039 tries to shift op by -1; fix this program [ 1083.726759][ T5233] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1083.738905][T11906] IPVS: using max 23 ests per chain, 55200 per kthread [ 1083.909177][ T5233] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1083.916917][ T5233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1083.927588][T11904] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1084.524832][ T29] audit: type=1400 audit(1084.497:715): avc: denied { append } for pid=11911 comm="syz.3.1040" name="card1" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 1084.547428][ C0] vkms_vblank_simulate: vblank timer overrun [ 1084.646256][ T29] audit: type=1326 audit(1084.497:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1084.946823][ T29] audit: type=1326 audit(1084.497:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1086.007523][ T29] audit: type=1326 audit(1084.497:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1086.165688][ T29] audit: type=1326 audit(1084.527:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1086.245663][ T29] audit: type=1326 audit(1084.547:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1086.338316][ T29] audit: type=1326 audit(1084.567:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1086.484041][ T29] audit: type=1326 audit(1084.567:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1087.311383][ T29] audit: type=1326 audit(1084.567:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1087.387639][ T29] audit: type=1326 audit(1084.567:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11911 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f10b237def9 code=0x7ffc0000 [ 1089.177985][ T5233] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1089.208155][ T5233] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1089.217536][ T5233] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1089.233594][ T5233] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1089.243634][ T5233] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1089.248564][ T9782] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1089.283035][ T5233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1089.338983][T11948] binder: 11941:11948 ioctl 4018620d 0 returned -22 [ 1089.451986][T11951] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1089.770481][ T9782] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1090.847581][ T9782] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1090.899941][T11959] futex_wake_op: syz.2.1050 tries to shift op by -1; fix this program [ 1091.184803][ T9782] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1091.386051][ T55] Bluetooth: hci2: command tx timeout [ 1092.267573][ T9782] bridge_slave_1: left allmulticast mode [ 1092.296670][ T9782] bridge_slave_1: left promiscuous mode [ 1092.323498][ T9782] bridge0: port 2(bridge_slave_1) entered disabled state [ 1092.353801][ T9782] bridge_slave_0: left allmulticast mode [ 1092.365808][ T9782] bridge_slave_0: left promiscuous mode [ 1092.382759][ T9782] bridge0: port 1(bridge_slave_0) entered disabled state [ 1093.270707][T11985] futex_wake_op: syz.3.1057 tries to shift op by -1; fix this program [ 1093.458591][ T55] Bluetooth: hci2: command tx timeout [ 1093.681561][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 1093.681578][ T29] audit: type=1400 audit(1093.657:754): avc: denied { getopt } for pid=11982 comm="syz.2.1056" lport=34230 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 1094.407340][ T9782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1094.420834][ T9782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1094.444935][ T9782] bond0 (unregistering): Released all slaves [ 1094.509635][T11986] lo speed is unknown, defaulting to 1000 [ 1094.525738][T11945] chnl_net:caif_netlink_parms(): no params data found [ 1094.571947][T11986] lo speed is unknown, defaulting to 1000 [ 1094.716254][T11986] lo speed is unknown, defaulting to 1000 [ 1094.738865][T11986] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 1094.756037][T11986] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 1094.881518][T11986] lo speed is unknown, defaulting to 1000 [ 1095.036169][T11986] lo speed is unknown, defaulting to 1000 [ 1095.154935][T11945] bridge0: port 1(bridge_slave_0) entered blocking state [ 1095.171963][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 1095.184793][T11945] bridge_slave_0: entered allmulticast mode [ 1095.198606][T12004] Bluetooth: MGMT ver 1.23 [ 1095.201044][T11945] bridge_slave_0: entered promiscuous mode [ 1095.205515][T12004] Bluetooth: hci3: unsupported parameter 1540 [ 1095.233111][T11986] lo speed is unknown, defaulting to 1000 [ 1095.250605][T11986] lo speed is unknown, defaulting to 1000 [ 1095.284145][T12004] Bluetooth: hci3: unsupported parameter 1540 [ 1095.353980][T11945] bridge0: port 2(bridge_slave_1) entered blocking state [ 1095.363940][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 1095.389183][T11945] bridge_slave_1: entered allmulticast mode [ 1095.418902][T11945] bridge_slave_1: entered promiscuous mode [ 1095.455906][T11986] lo speed is unknown, defaulting to 1000 [ 1095.462754][T11986] lo speed is unknown, defaulting to 1000 [ 1095.535966][ T55] Bluetooth: hci2: command tx timeout [ 1095.568793][ T55] Bluetooth: hci3: unexpected event 0x04 length: 14 > 10 [ 1097.006676][T11945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1097.091446][ T9782] hsr_slave_0: left promiscuous mode [ 1097.104788][ T9782] hsr_slave_1: left promiscuous mode [ 1097.118572][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1097.131109][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1097.146963][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1097.154731][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1097.695692][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 1097.695756][ T5233] Bluetooth: hci2: command tx timeout [ 1097.853378][ T9782] veth1_macvtap: left promiscuous mode [ 1098.185943][ T9782] veth0_macvtap: left promiscuous mode [ 1098.205823][ T9782] veth1_vlan: left promiscuous mode [ 1098.211222][ T9782] veth0_vlan: left promiscuous mode [ 1101.126551][T12048] futex_wake_op: syz.4.1070 tries to shift op by -1; fix this program [ 1101.622553][ T9782] team0 (unregistering): Port device team_slave_1 removed [ 1101.773897][ T9782] team0 (unregistering): Port device team_slave_0 removed [ 1103.148730][T11945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1103.487792][T11945] team0: Port device team_slave_0 added [ 1103.504010][T12060] 9pnet_virtio: no channels available for device syz [ 1103.547113][T11945] team0: Port device team_slave_1 added [ 1103.695930][ T52] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 1103.710301][T11945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1103.729859][T11945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1103.827125][T11945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1103.845532][ T29] audit: type=1400 audit(1103.817:755): avc: denied { setopt } for pid=12059 comm="syz.4.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 1103.896668][T11945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1103.904156][T11945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1103.940197][ T52] usb 4-1: Using ep0 maxpacket: 16 [ 1103.960480][T11945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1103.967193][ T52] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1104.020822][ T52] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1104.067211][ T52] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1104.077274][ T52] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1104.085299][ T52] usb 4-1: Product: syz [ 1104.113975][ T52] usb 4-1: Manufacturer: syz [ 1104.119485][ T52] usb 4-1: SerialNumber: syz [ 1104.156258][ T52] usb 4-1: config 0 descriptor?? [ 1104.164166][ T52] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1104.193841][ T52] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 1104.239836][T11945] hsr_slave_0: entered promiscuous mode [ 1104.364430][T11945] hsr_slave_1: entered promiscuous mode [ 1104.416024][T11945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1104.676470][T11945] Cannot create hsr debugfs directory [ 1105.586421][ T52] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 1105.911871][ T52] em28xx 4-1:0.0: Config register raw data: 0x52 [ 1106.781783][ T52] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 1106.832973][ T52] em28xx 4-1:0.0: No AC97 audio processor [ 1107.543562][T12091] Bluetooth: MGMT ver 1.23 [ 1109.615583][ T5233] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1109.626473][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 1110.847903][T11945] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1110.899327][T11945] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1110.919190][T11945] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1110.935261][T11945] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1111.368968][ T5273] usb 4-1: USB disconnect, device number 8 [ 1111.397880][ T5273] em28xx 4-1:0.0: Disconnecting em28xx [ 1111.418594][T11945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1111.462309][ T5273] em28xx 4-1:0.0: Freeing device [ 1111.683993][T11945] 8021q: adding VLAN 0 to HW filter on device team0 [ 1111.716241][ T9782] bridge0: port 1(bridge_slave_0) entered blocking state [ 1111.723504][ T9782] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1112.605275][ T9782] bridge0: port 2(bridge_slave_1) entered blocking state [ 1112.612521][ T9782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1112.897928][ T25] libceph: connect (1)[c::]:6789 error -101 [ 1112.916607][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 1112.978036][ T25] libceph: connect (1)[c::]:6789 error -101 [ 1112.994775][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 1113.086341][T12117] ceph: No mds server is up or the cluster is laggy [ 1113.269854][ T25] libceph: connect (1)[c::]:6789 error -101 [ 1113.286475][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 1113.372915][ T29] audit: type=1400 audit(1113.347:756): avc: denied { getopt } for pid=12121 comm="syz.4.1088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 1113.820472][T11945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1114.038408][T11945] veth0_vlan: entered promiscuous mode [ 1114.108277][T11945] veth1_vlan: entered promiscuous mode [ 1114.219381][T11945] veth0_macvtap: entered promiscuous mode [ 1114.262685][T11945] veth1_macvtap: entered promiscuous mode [ 1114.741282][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1114.827675][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1114.897648][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1115.307801][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.490513][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1115.502643][ T29] audit: type=1400 audit(1115.447:757): avc: denied { unmount } for pid=10059 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 1115.535670][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.586434][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1115.628873][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.666596][T11945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1115.725229][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.775687][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.805552][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.824517][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.839552][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.895696][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1115.935098][T11945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1115.954287][T11945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1116.108085][T11945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1116.474371][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.837872][T11945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.867736][T11945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.889329][T11945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.985172][T11945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.879737][ T29] audit: type=1400 audit(1117.277:758): avc: denied { read } for pid=12160 comm="syz.3.1097" path="socket:[50669]" dev="sockfs" ino=50669 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1118.083273][T12165] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11) [ 1118.090264][T12165] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 1118.114905][T12165] vhci_hcd vhci_hcd.0: Device attached [ 1118.219400][ T9788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1119.080627][ T9788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1119.161368][T12168] vhci_hcd: connection closed [ 1119.182883][ T9777] vhci_hcd: stop threads [ 1119.192666][ T9777] vhci_hcd: release socket [ 1119.199550][ T9777] vhci_hcd: disconnect device [ 1119.245711][ T5318] usb 14-1: enqueue for inactive port 0 [ 1119.481660][ T9784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1119.546947][ T9784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1119.838177][ T5318] usb usb14-port1: attempt power cycle [ 1123.044318][ T29] audit: type=1400 audit(1120.615:759): avc: denied { lock } for pid=12179 comm="syz.3.1101" path="socket:[50843]" dev="sockfs" ino=50843 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 1123.044756][ T5318] usb usb14-port1: unable to enumerate USB device [ 1123.067520][ C0] vkms_vblank_simulate: vblank timer overrun [ 1123.749243][T12196] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 1130.518650][ T5233] Bluetooth: hci0: command 0x0c1a tx timeout [ 1132.127402][T12229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1112'. [ 1132.670392][T12235] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1113'. [ 1132.690396][T12235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1113'. [ 1133.363746][T12235] Can't find ip_set type hash:i [ 1133.658387][ T5233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1133.668873][ T5233] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1133.677455][ T5233] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1133.689429][ T5233] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1133.698093][ T5233] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1133.708412][ T5233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1135.128433][T12241] block nbd1: shutting down sockets [ 1136.505469][ T5233] Bluetooth: hci1: command tx timeout [ 1137.065122][ T9782] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1137.271522][ T5233] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1137.284524][ T5233] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1137.459475][ T5233] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1137.474381][ T5233] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1137.493050][T12261] futex_wake_op: syz.2.1119 tries to shift op by -1; fix this program [ 1137.516846][ T5233] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1137.531009][ T5233] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1137.708576][T12238] lo speed is unknown, defaulting to 1000 [ 1137.874934][ T9782] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1138.304249][ T9782] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1138.388424][T12260] lo speed is unknown, defaulting to 1000 [ 1138.492467][T12271] ubi1: attaching mtd0 [ 1138.502322][T12271] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1122'. [ 1138.637346][ T5233] Bluetooth: hci1: command tx timeout [ 1139.310463][ T9782] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1139.377704][T12271] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1122'. [ 1139.763079][T12280] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1139.836111][ T5233] Bluetooth: hci4: command tx timeout [ 1140.657313][ T5233] Bluetooth: hci1: command tx timeout [ 1140.842298][T12287] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1141.825648][T12238] chnl_net:caif_netlink_parms(): no params data found [ 1141.856828][ T5233] Bluetooth: hci4: command tx timeout [ 1141.972894][ T9782] bridge_slave_1: left allmulticast mode [ 1141.978646][ T9782] bridge_slave_1: left promiscuous mode [ 1141.995686][ T9782] bridge0: port 2(bridge_slave_1) entered disabled state [ 1142.024777][ T9782] bridge_slave_0: left allmulticast mode [ 1142.063216][ T9782] bridge_slave_0: left promiscuous mode [ 1142.092691][ T9782] bridge0: port 1(bridge_slave_0) entered disabled state [ 1142.569437][ T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1142.735676][ T5233] Bluetooth: hci1: command tx timeout [ 1143.285762][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 1143.808495][ T25] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 1143.817892][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1143.834695][ T25] usb 2-1: Product: syz [ 1143.857474][ T25] usb 2-1: Manufacturer: syz [ 1143.862133][ T25] usb 2-1: SerialNumber: syz [ 1143.892378][ T25] usb 2-1: config 0 descriptor?? [ 1143.923842][ T25] ums-onetouch 2-1:0.0: USB Mass Storage device detected [ 1143.950288][ T5233] Bluetooth: hci4: command tx timeout [ 1144.313285][ T25] usb 2-1: USB disconnect, device number 12 [ 1144.585031][ T9782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1144.600170][ T9782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1144.613313][ T9782] bond0 (unregistering): Released all slaves [ 1144.793238][T12260] chnl_net:caif_netlink_parms(): no params data found [ 1145.024343][T12238] bridge0: port 1(bridge_slave_0) entered blocking state [ 1145.046906][T12238] bridge0: port 1(bridge_slave_0) entered disabled state [ 1145.084226][T12238] bridge_slave_0: entered allmulticast mode [ 1145.103872][T12238] bridge_slave_0: entered promiscuous mode [ 1145.396823][T12238] bridge0: port 2(bridge_slave_1) entered blocking state [ 1145.463887][T12238] bridge0: port 2(bridge_slave_1) entered disabled state [ 1145.486856][T12238] bridge_slave_1: entered allmulticast mode [ 1145.495718][T12238] bridge_slave_1: entered promiscuous mode [ 1145.803082][T12238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1146.015650][ T5233] Bluetooth: hci4: command tx timeout [ 1146.165606][T12318] lo speed is unknown, defaulting to 1000 [ 1146.190614][T12238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1146.288170][ T9782] hsr_slave_0: left promiscuous mode [ 1146.318502][ T9782] hsr_slave_1: left promiscuous mode [ 1146.374139][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1146.430199][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1146.459704][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1146.468587][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1146.534535][ T9782] veth1_macvtap: left promiscuous mode [ 1146.541369][ T9782] veth0_macvtap: left promiscuous mode [ 1146.557042][ T9782] veth1_vlan: left promiscuous mode [ 1146.562626][ T9782] veth0_vlan: left promiscuous mode [ 1153.049254][ T9782] team0 (unregistering): Port device team_slave_1 removed [ 1153.172538][ T9782] team0 (unregistering): Port device team_slave_0 removed [ 1153.340807][ T29] audit: type=1400 audit(1153.305:760): avc: denied { setattr } for pid=12351 comm="syz.0.1137" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1153.365708][ T29] audit: type=1400 audit(1153.345:761): avc: denied { write } for pid=12351 comm="syz.0.1137" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1153.420810][ T29] audit: type=1400 audit(1153.345:762): avc: denied { open } for pid=12351 comm="syz.0.1137" path="/13/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1154.130945][T12345] netlink: 'syz.1.1135': attribute type 4 has an invalid length. [ 1154.230306][T12238] team0: Port device team_slave_0 added [ 1154.298867][T12238] team0: Port device team_slave_1 added [ 1154.372514][T12260] bridge0: port 1(bridge_slave_0) entered blocking state [ 1154.396011][T12260] bridge0: port 1(bridge_slave_0) entered disabled state [ 1154.408418][T12260] bridge_slave_0: entered allmulticast mode [ 1154.420198][T12260] bridge_slave_0: entered promiscuous mode [ 1154.446188][T12260] bridge0: port 2(bridge_slave_1) entered blocking state [ 1154.453379][T12260] bridge0: port 2(bridge_slave_1) entered disabled state [ 1155.309391][T12260] bridge_slave_1: entered allmulticast mode [ 1155.358925][T12260] bridge_slave_1: entered promiscuous mode [ 1155.969800][T12238] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1155.984927][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1156.064885][T12238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1157.052441][T12260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1157.080328][T12238] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1157.095481][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1157.140981][T12238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1157.172845][T12260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1157.218587][ T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1157.229784][ T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1157.239313][ T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1157.250680][ T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1157.263740][ T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1157.276286][ T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1157.410956][T12260] team0: Port device team_slave_0 added [ 1157.450038][T12238] hsr_slave_0: entered promiscuous mode [ 1157.463057][T12238] hsr_slave_1: entered promiscuous mode [ 1157.480931][T12238] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1157.490083][T12238] Cannot create hsr debugfs directory [ 1157.514928][T12260] team0: Port device team_slave_1 added [ 1157.657320][T12260] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1157.664747][T12260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1157.694281][T12260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1157.977564][ T9782] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1158.078336][T12260] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1158.085316][T12260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1158.168969][T12260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1158.240333][T12369] lo speed is unknown, defaulting to 1000 [ 1158.366627][ T9782] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1158.442560][T12260] hsr_slave_0: entered promiscuous mode [ 1158.455703][T12260] hsr_slave_1: entered promiscuous mode [ 1158.468765][T12260] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1158.478642][T12260] Cannot create hsr debugfs directory [ 1158.537784][ T9782] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1158.654331][ T9782] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1159.210812][ T9782] bond0: left allmulticast mode [ 1159.215801][ T9782] bond_slave_0: left allmulticast mode [ 1159.221532][ T9782] bond_slave_1: left allmulticast mode [ 1159.228269][ T9782] bridge0: port 3(bond0) entered disabled state [ 1159.237540][ T9782] bridge_slave_1: left allmulticast mode [ 1159.243197][ T9782] bridge_slave_1: left promiscuous mode [ 1159.250300][ T9782] bridge0: port 2(bridge_slave_1) entered disabled state [ 1159.263720][ T9782] bridge_slave_0: left allmulticast mode [ 1159.270728][ T9782] bridge_slave_0: left promiscuous mode [ 1159.277129][ T9782] bridge0: port 1(bridge_slave_0) entered disabled state [ 1159.376229][ T5233] Bluetooth: hci5: command tx timeout [ 1159.804438][ T9782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1159.817113][ T9782] bond_slave_0: left promiscuous mode [ 1159.825238][ T9782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1159.834732][ T9782] bond_slave_1: left promiscuous mode [ 1159.843668][ T9782] bond0 (unregistering): Released all slaves [ 1160.014120][T12369] chnl_net:caif_netlink_parms(): no params data found [ 1160.311172][T12238] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1160.327012][T12369] bridge0: port 1(bridge_slave_0) entered blocking state [ 1160.334136][T12369] bridge0: port 1(bridge_slave_0) entered disabled state [ 1160.347272][T12369] bridge_slave_0: entered allmulticast mode [ 1160.354325][T12369] bridge_slave_0: entered promiscuous mode [ 1160.363817][T12369] bridge0: port 2(bridge_slave_1) entered blocking state [ 1160.372071][T12369] bridge0: port 2(bridge_slave_1) entered disabled state [ 1160.379360][T12369] bridge_slave_1: entered allmulticast mode [ 1160.387271][T12369] bridge_slave_1: entered promiscuous mode [ 1160.440260][T12238] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1160.452527][T12238] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1160.477591][ T9782] hsr_slave_0: left promiscuous mode [ 1160.483869][ T9782] hsr_slave_1: left promiscuous mode [ 1160.489914][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1160.497751][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1160.506640][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1160.514053][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1160.538743][ T9782] veth1_macvtap: left promiscuous mode [ 1160.544395][ T9782] veth0_macvtap: left promiscuous mode [ 1160.550295][ T9782] veth1_vlan: left promiscuous mode [ 1160.555878][ T9782] veth0_vlan: left promiscuous mode [ 1161.342529][ T9782] team0 (unregistering): Port device team_slave_1 removed [ 1161.412463][ T9782] team0 (unregistering): Port device team_slave_0 removed [ 1161.457184][ T5233] Bluetooth: hci5: command tx timeout [ 1162.242135][T12369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1162.251318][T12238] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1162.326106][T12369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1162.447468][T12369] team0: Port device team_slave_0 added [ 1162.481852][T12369] team0: Port device team_slave_1 added [ 1162.574719][T12369] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1162.585603][T12369] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1162.611493][ C0] vkms_vblank_simulate: vblank timer overrun [ 1162.627658][T12369] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1162.646789][T12369] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1162.653795][T12369] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1162.686856][T12369] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1162.813755][T12369] hsr_slave_0: entered promiscuous mode [ 1162.823798][T12369] hsr_slave_1: entered promiscuous mode [ 1162.948829][ T9782] IPVS: stop unused estimator thread 0... [ 1162.999001][T12260] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1163.023086][T12260] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1163.039606][T12260] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1163.051856][T12260] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1163.101754][T12238] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1163.301783][T12238] 8021q: adding VLAN 0 to HW filter on device team0 [ 1163.453533][ T9782] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1163.541184][ T5233] Bluetooth: hci5: command tx timeout [ 1163.558894][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state [ 1163.566042][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1163.683713][ T9782] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1163.723481][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1163.735312][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1163.740969][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state [ 1163.749522][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1163.761032][ T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1163.769734][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1163.777810][ T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1163.785171][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1163.855181][ T9782] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1164.027770][ T9782] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1164.178237][T12382] lo speed is unknown, defaulting to 1000 [ 1164.400533][T12260] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1164.670507][ T9782] bridge_slave_1: left allmulticast mode [ 1164.691448][ T9782] bridge_slave_1: left promiscuous mode [ 1164.704425][ T9782] bridge0: port 2(bridge_slave_1) entered disabled state [ 1164.748684][ T9782] bridge_slave_0: left allmulticast mode [ 1164.754328][ T9782] bridge_slave_0: left promiscuous mode [ 1164.774662][ T9782] bridge0: port 1(bridge_slave_0) entered disabled state [ 1165.615807][ T5233] Bluetooth: hci5: command tx timeout [ 1165.621914][ T9782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1165.634288][ T9782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1165.648095][ T9782] bond0 (unregistering): Released all slaves [ 1165.663855][T12260] 8021q: adding VLAN 0 to HW filter on device team0 [ 1165.788444][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state [ 1165.795697][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1165.824990][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state [ 1165.832225][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1165.856124][ T5233] Bluetooth: hci3: command tx timeout [ 1165.947871][T12238] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1166.235280][T12382] chnl_net:caif_netlink_parms(): no params data found [ 1166.323539][T12260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1166.409472][ T9782] hsr_slave_0: left promiscuous mode [ 1166.415329][ T9782] hsr_slave_1: left promiscuous mode [ 1166.424195][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1166.434684][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1166.443011][ T9782] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1166.451664][ T9782] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1166.475674][ T9782] veth1_macvtap: left promiscuous mode [ 1166.481216][ T9782] veth0_macvtap: left promiscuous mode [ 1166.491187][ T9782] veth1_vlan: left promiscuous mode [ 1166.497318][ T9782] veth0_vlan: left promiscuous mode [ 1167.224236][ T9782] team0 (unregistering): Port device team_slave_1 removed [ 1167.296903][ T9782] team0 (unregistering): Port device team_slave_0 removed [ 1167.945963][ T5233] Bluetooth: hci3: command tx timeout [ 1168.264708][T12369] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1168.297248][T12369] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1168.381860][T12369] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1168.429726][T12369] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1168.442760][T12382] bridge0: port 1(bridge_slave_0) entered blocking state [ 1168.451315][T12382] bridge0: port 1(bridge_slave_0) entered disabled state [ 1168.460156][T12382] bridge_slave_0: entered allmulticast mode [ 1168.468089][T12382] bridge_slave_0: entered promiscuous mode [ 1168.528684][T12382] bridge0: port 2(bridge_slave_1) entered blocking state [ 1168.546650][T12382] bridge0: port 2(bridge_slave_1) entered disabled state [ 1168.553941][T12382] bridge_slave_1: entered allmulticast mode [ 1168.567066][T12382] bridge_slave_1: entered promiscuous mode [ 1168.631788][T12382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1168.657520][T12238] veth0_vlan: entered promiscuous mode [ 1168.672847][T12260] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1168.693592][T12382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1168.761907][T12238] veth1_vlan: entered promiscuous mode [ 1168.766926][ T9782] IPVS: stop unused estimator thread 0... [ 1168.788369][T12382] team0: Port device team_slave_0 added [ 1168.804035][T12382] team0: Port device team_slave_1 added [ 1168.877816][T12382] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1168.884786][T12382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1168.916305][T12382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1168.930234][T12382] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1168.937601][T12382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1168.964454][T12382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1169.062161][T12238] veth0_macvtap: entered promiscuous mode [ 1169.126355][T12382] hsr_slave_0: entered promiscuous mode [ 1169.132901][T12382] hsr_slave_1: entered promiscuous mode [ 1169.140432][T12382] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1169.148247][T12382] Cannot create hsr debugfs directory [ 1169.162939][T12238] veth1_macvtap: entered promiscuous mode [ 1169.247242][T12369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1169.290740][T12260] veth0_vlan: entered promiscuous mode [ 1169.371720][T12260] veth1_vlan: entered promiscuous mode [ 1169.381481][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1169.396111][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.406016][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1169.416632][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.430834][T12238] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1169.470941][T12369] 8021q: adding VLAN 0 to HW filter on device team0 [ 1169.563897][T12382] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.591322][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1169.602387][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.622853][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1169.637824][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.649733][T12238] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1169.694140][T12382] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.718320][ T9784] bridge0: port 1(bridge_slave_0) entered blocking state [ 1169.725545][ T9784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1169.759871][T12238] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.768766][T12238] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.779134][T12238] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.787926][T12238] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1169.807864][ T9784] bridge0: port 2(bridge_slave_1) entered blocking state [ 1169.815051][ T9784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1169.867055][T12382] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.988616][T12382] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1170.016794][ T5233] Bluetooth: hci3: command tx timeout [ 1170.054554][T12260] veth0_macvtap: entered promiscuous mode [ 1170.121945][T12260] veth1_macvtap: entered promiscuous mode [ 1170.200823][ T8631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1170.220684][ T8631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1170.265159][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1170.281265][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.292391][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1170.310096][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.321745][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1170.335544][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.352331][T12260] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1170.398956][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1170.409801][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.421164][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1170.431821][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.441757][T12260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1170.453628][T12260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.466675][T12260] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1170.524124][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1170.549497][T12260] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1170.554140][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1170.571240][T12260] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1170.582652][T12260] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1170.591910][T12260] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1170.689605][T12382] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1170.770579][T12382] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1170.805193][T12382] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1171.030833][T12369] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1171.316147][T12420] netlink: 368 bytes leftover after parsing attributes in process `syz.4.1105'. [ 1171.839208][ T29] audit: type=1400 audit(1171.205:763): avc: denied { map } for pid=12415 comm="syz.4.1105" path="socket:[53206]" dev="sockfs" ino=53206 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1171.863049][T12382] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1171.886823][ T29] audit: type=1400 audit(1171.205:764): avc: denied { read } for pid=12415 comm="syz.4.1105" path="socket:[53206]" dev="sockfs" ino=53206 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1172.361547][ T5233] Bluetooth: hci3: command tx timeout [ 1172.580893][ T9782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1172.626206][ T9782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1172.789945][ T8631] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1172.819080][ T8631] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1172.833368][T12369] veth0_vlan: entered promiscuous mode [ 1173.003074][T12382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1173.073517][T12369] veth1_vlan: entered promiscuous mode [ 1173.214942][T12382] 8021q: adding VLAN 0 to HW filter on device team0 [ 1173.292988][ T1057] bridge0: port 1(bridge_slave_0) entered blocking state [ 1173.300148][ T1057] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1173.419286][T12369] veth0_macvtap: entered promiscuous mode [ 1173.487116][ T9782] bridge0: port 2(bridge_slave_1) entered blocking state [ 1173.494280][ T9782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1173.612755][T12369] veth1_macvtap: entered promiscuous mode [ 1174.952738][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1174.979055][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1174.989149][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1175.003294][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1175.154397][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1175.167206][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1175.177874][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1175.188796][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1175.201334][T12369] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1175.579190][ T29] audit: type=1400 audit(1175.535:765): avc: denied { ioctl } for pid=12442 comm="syz.4.1150" path="/dev/usbmon0" dev="devtmpfs" ino=705 ioctlcmd=0xf507 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 1175.993356][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1176.010206][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1176.031887][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1176.125756][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1176.965656][ T29] audit: type=1400 audit(1176.405:766): avc: denied { append } for pid=12447 comm="syz.1.1151" name="event0" dev="devtmpfs" ino=835 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1177.114757][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1177.170668][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1178.833262][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.869320][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1178.880965][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1178.902058][T12369] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1179.060082][T12456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'. [ 1179.688164][T12369] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1179.743771][T12369] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1179.812386][T12369] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1179.866854][T12369] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1180.194636][T12461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1154'. [ 1180.461664][ T9800] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1180.520527][ T9800] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1180.710838][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1180.741534][T12382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1180.745590][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1181.163181][T12382] veth0_vlan: entered promiscuous mode [ 1181.213743][T12382] veth1_vlan: entered promiscuous mode [ 1181.452708][T12487] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1140'. [ 1182.690967][T12382] veth0_macvtap: entered promiscuous mode [ 1182.747602][T12382] veth1_macvtap: entered promiscuous mode [ 1182.914577][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1182.954546][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1182.997218][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1183.040094][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1183.082559][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1183.128766][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1183.163843][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1183.201140][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1183.261210][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1183.286033][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1183.392595][T12382] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1183.508801][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1183.689202][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1183.854313][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1183.967211][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.007267][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.036026][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.086750][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.143809][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.171593][T12382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.197963][T12382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.247820][T12382] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1184.310397][T12382] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.334145][T12382] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.377883][T12382] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.395483][T12382] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.847002][ T9782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.884401][ T9782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1186.194931][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1186.216304][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1186.672632][T12519] /dev/sg0: Can't lookup blockdev [ 1187.047780][T12524] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1188.412506][T12533] futex_wake_op: syz.2.1166 tries to shift op by -1; fix this program [ 1188.508994][ T46] IPVS: starting estimator thread 0... [ 1188.605516][T12539] IPVS: using max 18 ests per chain, 43200 per kthread [ 1189.160872][T12543] netlink: 'syz.4.1169': attribute type 25 has an invalid length. [ 1189.680341][ T29] audit: type=1400 audit(1189.165:767): avc: denied { sqpoll } for pid=12536 comm="syz.4.1169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 1194.474943][ T29] audit: type=1400 audit(1194.445:768): avc: denied { getopt } for pid=12568 comm="syz.1.1175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 1194.525822][T12572] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1175'. [ 1194.663671][ T29] audit: type=1400 audit(1194.635:769): avc: denied { write } for pid=12568 comm="syz.1.1175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 1197.726627][T12592] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1197.784020][T12595] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1180'. [ 1197.988434][ T29] audit: type=1326 audit(1197.945:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1198.869596][ T29] audit: type=1326 audit(1197.945:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1198.909082][ T29] audit: type=1326 audit(1198.455:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1199.049342][ T29] audit: type=1326 audit(1198.455:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1199.912726][ T29] audit: type=1326 audit(1198.555:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1200.264477][ T29] audit: type=1326 audit(1198.765:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1200.417443][ T29] audit: type=1326 audit(1198.785:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1200.514244][T12612] netlink: 'syz.1.1185': attribute type 2 has an invalid length. [ 1201.280752][ T29] audit: type=1326 audit(1198.825:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1201.378787][ T29] audit: type=1326 audit(1198.825:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1201.402850][ T29] audit: type=1326 audit(1198.825:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x7ffc0000 [ 1201.406697][ T5318] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1201.736037][ T5318] usb 2-1: Using ep0 maxpacket: 8 [ 1201.745636][ T5318] usb 2-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=b4.99 [ 1201.800558][ T5318] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1201.854275][ T5318] usb 2-1: Product: syz [ 1201.859253][ T5318] usb 2-1: Manufacturer: syz [ 1201.873957][ T5318] usb 2-1: SerialNumber: syz [ 1201.904527][ T5318] usb 2-1: config 0 descriptor?? [ 1202.014020][ T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1202.029698][ T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1202.038665][ T5318] rtsx_usb 2-1:0.0: probe with driver rtsx_usb failed with error -22 [ 1202.047406][ T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1202.055737][ T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1202.063328][ T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1202.070715][ T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1202.364349][ T3005] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1202.826799][T12622] sp0: Synchronizing with TNC [ 1202.981168][ T3005] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1203.193052][ T3005] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1203.491594][ T5282] usb 2-1: USB disconnect, device number 13 [ 1204.100457][ T5233] Bluetooth: hci5: command tx timeout [ 1204.684411][ T3005] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1205.610899][T12617] chnl_net:caif_netlink_parms(): no params data found [ 1206.176011][ T5233] Bluetooth: hci5: command tx timeout [ 1207.090272][ T3005] bridge_slave_1: left allmulticast mode [ 1207.100703][ T3005] bridge_slave_1: left promiscuous mode [ 1207.112656][ T3005] bridge0: port 2(bridge_slave_1) entered disabled state [ 1207.126489][ T3005] bridge_slave_0: left allmulticast mode [ 1207.132546][ T3005] bridge_slave_0: left promiscuous mode [ 1207.139141][ T3005] bridge0: port 1(bridge_slave_0) entered disabled state [ 1208.264649][ T5233] Bluetooth: hci5: command tx timeout [ 1209.315538][T12671] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1198'. [ 1209.954359][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 1209.954395][ T29] audit: type=1400 audit(1209.925:806): avc: denied { mounton } for pid=12672 comm="syz.4.1199" path="/18/file1/bus" dev="autofs" ino=55577 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 1210.150452][T12680] ax25_connect(): syz.1.1200 uses autobind, please contact jreuter@yaina.de [ 1210.335915][ T5233] Bluetooth: hci5: command tx timeout [ 1210.830079][T12674] overlay: filesystem on ./bus not supported [ 1211.154795][T12685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1201'. [ 1211.946896][ T29] audit: type=1326 audit(1211.885:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.075109][ T29] audit: type=1326 audit(1211.955:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.109180][ T29] audit: type=1326 audit(1211.955:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.146203][T12689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1202'. [ 1212.149483][ T29] audit: type=1326 audit(1211.955:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.178365][T12689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1202'. [ 1212.239463][ T29] audit: type=1326 audit(1211.955:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.398670][ T29] audit: type=1326 audit(1211.955:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.502050][ T52] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 1212.535898][ T29] audit: type=1326 audit(1211.955:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12686 comm="syz.1.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1212.687305][T12696] overlayfs: failed to resolve './file0': -2 [ 1212.766241][ T52] usb 2-1: Using ep0 maxpacket: 8 [ 1213.943390][ T52] usb 2-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice=e9.41 [ 1213.962373][ T52] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1214.081353][ T52] usb 2-1: config 0 descriptor?? [ 1214.694012][T12704] ebt_limit: overflow, try lower: 0/0 [ 1215.581782][ T3005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1215.598765][ T3005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1215.631177][ T3005] bond0 (unregistering): Released all slaves [ 1215.776791][T12718] xt_CONNSECMARK: invalid mode: 0 [ 1216.668723][T12410] usb 2-1: USB disconnect, device number 14 [ 1216.846105][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1209'. [ 1217.285029][T12617] bridge0: port 1(bridge_slave_0) entered blocking state [ 1217.292519][T12617] bridge0: port 1(bridge_slave_0) entered disabled state [ 1217.415625][T12617] bridge_slave_0: entered allmulticast mode [ 1217.457419][T12617] bridge_slave_0: entered promiscuous mode [ 1217.606651][ T29] audit: type=1326 audit(1217.585:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1217.766294][ T29] audit: type=1326 audit(1217.585:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1217.825635][T12617] bridge0: port 2(bridge_slave_1) entered blocking state [ 1217.846682][T12617] bridge0: port 2(bridge_slave_1) entered disabled state [ 1217.856796][ T29] audit: type=1326 audit(1217.585:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1217.902071][T12617] bridge_slave_1: entered allmulticast mode [ 1217.920981][T12617] bridge_slave_1: entered promiscuous mode [ 1217.971267][ T29] audit: type=1326 audit(1217.585:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.126903][ T29] audit: type=1326 audit(1217.585:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.291710][ T29] audit: type=1326 audit(1217.585:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.469007][ T29] audit: type=1326 audit(1217.585:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.657907][ T29] audit: type=1326 audit(1217.635:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.774577][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1218.796131][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1218.832999][T12617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1218.843736][ T5248] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1218.868035][ T5248] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1218.878411][ T5248] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1218.889242][ T29] audit: type=1326 audit(1217.635:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1218.918751][ T5248] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1218.981514][T12617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1219.051254][ T29] audit: type=1326 audit(1217.655:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12728 comm="syz.1.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd958b7def9 code=0x7ffc0000 [ 1219.516455][T12742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1219.549931][ T3005] hsr_slave_0: left promiscuous mode [ 1219.581806][ T3005] hsr_slave_1: left promiscuous mode [ 1219.592843][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1219.628175][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1219.643572][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1219.675430][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1219.736003][T12748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1214'. [ 1219.760874][ T3005] veth1_macvtap: left promiscuous mode [ 1219.780774][ T3005] veth0_macvtap: left promiscuous mode [ 1220.075756][ T3005] veth1_vlan: left promiscuous mode [ 1220.086468][ T3005] veth0_vlan: left promiscuous mode [ 1220.935516][ T5233] Bluetooth: hci2: command 0x0406 tx timeout [ 1221.058019][ T5233] Bluetooth: hci3: command tx timeout [ 1222.799641][T12764] netlink: 'syz.3.1219': attribute type 1 has an invalid length. [ 1223.481225][ T55] Bluetooth: hci3: command tx timeout [ 1223.643810][ T3005] team0 (unregistering): Port device team_slave_1 removed [ 1223.719135][ T3005] team0 (unregistering): Port device team_slave_0 removed [ 1224.252091][T12770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1221'. [ 1225.536096][ T55] Bluetooth: hci3: command tx timeout [ 1225.946238][T12617] team0: Port device team_slave_0 added [ 1226.018972][T12617] team0: Port device team_slave_1 added [ 1226.275954][T12782] binder: 12781:12782 ioctl c0306201 20000280 returned -14 [ 1226.293006][T12617] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1226.328441][T12617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1226.392789][T12617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1226.420842][T12617] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1226.434304][T12617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1226.463586][T12617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1226.653735][T12617] hsr_slave_0: entered promiscuous mode [ 1226.684903][T12617] hsr_slave_1: entered promiscuous mode [ 1226.980237][ T9800] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1227.084613][ T9800] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1227.103681][T12738] chnl_net:caif_netlink_parms(): no params data found [ 1227.181352][ T9800] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1227.274755][ T9800] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1227.414148][T12738] bridge0: port 1(bridge_slave_0) entered blocking state [ 1227.423779][T12738] bridge0: port 1(bridge_slave_0) entered disabled state [ 1227.431365][T12738] bridge_slave_0: entered allmulticast mode [ 1227.441917][T12738] bridge_slave_0: entered promiscuous mode [ 1227.474410][T12738] bridge0: port 2(bridge_slave_1) entered blocking state [ 1227.481640][T12738] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.493533][T12738] bridge_slave_1: entered allmulticast mode [ 1227.501032][T12738] bridge_slave_1: entered promiscuous mode [ 1227.549237][T12738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1227.620252][ T55] Bluetooth: hci3: command tx timeout [ 1227.631717][T12738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1227.705252][T12738] team0: Port device team_slave_0 added [ 1227.747945][T12738] team0: Port device team_slave_1 added [ 1227.790466][ T9800] bridge_slave_1: left allmulticast mode [ 1227.798291][ T9800] bridge_slave_1: left promiscuous mode [ 1227.804102][ T9800] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.815166][ T9800] bridge_slave_0: left allmulticast mode [ 1227.821139][ T9800] bridge_slave_0: left promiscuous mode [ 1227.827872][ T9800] bridge0: port 1(bridge_slave_0) entered disabled state [ 1228.374365][ T9800] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1228.385819][ T9800] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1228.396878][ T9800] bond0 (unregistering): Released all slaves [ 1228.533695][T12738] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1228.544481][T12738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1228.570873][T12738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1228.631256][T12738] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1228.638643][T12738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1228.664781][T12738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1228.774255][T12617] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1228.801465][T12617] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1228.846835][T12617] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1228.869943][T12617] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1228.887557][T12738] hsr_slave_0: entered promiscuous mode [ 1228.894577][T12738] hsr_slave_1: entered promiscuous mode [ 1228.901622][T12738] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1228.909340][T12738] Cannot create hsr debugfs directory [ 1228.925015][ T9800] hsr_slave_0: left promiscuous mode [ 1228.931619][ T9800] hsr_slave_1: left promiscuous mode [ 1228.942698][ T9800] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1228.951853][ T9800] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1228.959959][ T9800] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1228.968613][ T9800] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1228.992958][ T9800] veth1_macvtap: left promiscuous mode [ 1228.998609][ T9800] veth0_macvtap: left promiscuous mode [ 1229.004208][ T9800] veth1_vlan: left promiscuous mode [ 1229.009639][ T9800] veth0_vlan: left promiscuous mode [ 1229.798889][ T9800] team0 (unregistering): Port device team_slave_1 removed [ 1229.873957][ T9800] team0 (unregistering): Port device team_slave_0 removed [ 1231.016504][ T9800] IPVS: stop unused estimator thread 0... [ 1231.050922][T12617] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1231.096868][T12617] 8021q: adding VLAN 0 to HW filter on device team0 [ 1231.111829][ T8631] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.119053][ T8631] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.158301][ T9784] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.165532][ T9784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1231.387136][T12738] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1231.403347][T12738] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1231.421368][T12738] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1231.440429][T12738] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1231.599332][T12738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1231.610931][T12617] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1231.669239][T12738] 8021q: adding VLAN 0 to HW filter on device team0 [ 1231.704905][ T3005] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.712147][ T3005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.737833][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.745019][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1231.793405][T12617] veth0_vlan: entered promiscuous mode [ 1231.834674][T12617] veth1_vlan: entered promiscuous mode [ 1231.922648][T12617] veth0_macvtap: entered promiscuous mode [ 1231.935312][T12617] veth1_macvtap: entered promiscuous mode [ 1231.969283][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1231.981556][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.003221][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1232.020397][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.030288][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1232.041065][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.050997][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1232.061542][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.073545][T12617] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1232.102028][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1232.127439][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.137848][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1232.151983][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.168725][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1232.184297][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.200112][T12617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1232.210877][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1232.222658][T12617] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1232.243376][T12617] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1232.253409][T12617] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1232.262898][T12617] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1232.272047][T12617] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1232.349768][T12738] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1232.429221][ T9782] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1232.446946][ T9782] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1232.528151][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1232.546026][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1232.552672][T12738] veth0_vlan: entered promiscuous mode [ 1232.585061][T12738] veth1_vlan: entered promiscuous mode [ 1232.682431][T12738] veth0_macvtap: entered promiscuous mode [ 1232.761987][T12738] veth1_macvtap: entered promiscuous mode [ 1233.164425][T12809] VFS: could not find a valid V7 on nullb0. [ 1233.720811][T12812] support for the xor transformation has been removed. [ 1233.820367][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 1233.820413][ T29] audit: type=1800 audit(1233.235:851): pid=12811 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.1235" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1234.283813][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.374591][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.390434][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.405048][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.423060][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.433949][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.444295][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.459164][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.469281][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.479861][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.492147][T12738] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1234.533551][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.554784][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.570379][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.580954][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.590937][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.601509][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.613449][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.623980][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.633964][T12738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.644533][T12738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.661417][T12738] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1234.686693][T12738] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.695904][T12738] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.704933][T12738] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.714585][T12738] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.953683][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1234.994390][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1235.067717][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1235.087289][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1236.337752][ T7483] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 1236.614974][ T7483] usb 4-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=2d.62 [ 1236.635471][ T7483] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1236.718263][ T7483] usb 4-1: config 0 descriptor?? [ 1236.731635][ T7483] usb 4-1: selecting invalid altsetting 1 [ 1236.779082][ T7483] flexcop_usb: set interface failed. [ 1236.850002][ T7483] b2c2_flexcop_usb 4-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22 [ 1237.081830][ T29] audit: type=1326 audit(1237.055:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12814 comm="syz.3.1238" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e60b7def9 code=0x0 [ 1237.302786][ T29] audit: type=1400 audit(1237.275:853): avc: denied { read } for pid=12816 comm="syz.0.1212" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1237.429778][ T29] audit: type=1326 audit(1237.355:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.617073][ T29] audit: type=1326 audit(1237.355:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.640018][ C0] vkms_vblank_simulate: vblank timer overrun [ 1237.658764][ T29] audit: type=1326 audit(1237.355:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.721140][ T29] audit: type=1326 audit(1237.355:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.756716][ T29] audit: type=1326 audit(1237.355:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.914835][ T29] audit: type=1326 audit(1237.355:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1237.937748][ C0] vkms_vblank_simulate: vblank timer overrun [ 1238.108154][ T29] audit: type=1326 audit(1237.355:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12834 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27aa57def9 code=0x7ffc0000 [ 1240.417492][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 1240.623108][ T25] usb 4-1: USB disconnect, device number 9 [ 1242.349108][T12867] xt_CONNSECMARK: invalid mode: 0 [ 1243.975675][ T7483] IPVS: starting estimator thread 0... [ 1249.035933][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 1249.035947][ T29] audit: type=1400 audit(1244.115:892): avc: denied { getopt } for pid=12871 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 1249.095891][T12876] IPVS: using max 31 ests per chain, 74400 per kthread [ 1253.806687][ T5282] IPVS: starting estimator thread 0... [ 1253.825486][T12410] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1254.165520][T12908] IPVS: using max 16 ests per chain, 38400 per kthread [ 1255.582548][ T5248] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1255.606197][ T5248] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1255.625866][ T5248] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1255.634194][ T5248] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1255.653552][ T5248] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1255.662233][ T5248] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1255.853013][T12929] netlink: 'syz.3.1254': attribute type 2 has an invalid length. [ 1256.815995][ T5233] Bluetooth: hci1: command 0x0406 tx timeout [ 1256.819112][ T9800] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1256.990714][T12929] : entered promiscuous mode [ 1257.365582][T12937] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1256'. [ 1257.807908][ T5233] Bluetooth: hci0: command tx timeout [ 1257.919467][ T9800] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1258.198617][ T9800] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1259.068611][ T29] audit: type=1400 audit(1258.825:893): avc: denied { remount } for pid=12943 comm="syz.0.1258" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 1259.087883][ C0] vkms_vblank_simulate: vblank timer overrun [ 1259.432118][ T9800] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1259.555699][ T29] audit: type=1400 audit(1259.465:894): avc: denied { unmount } for pid=12738 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 1259.857278][ T5248] Bluetooth: hci0: command tx timeout [ 1261.490526][T12926] chnl_net:caif_netlink_parms(): no params data found [ 1261.855691][ T5248] Bluetooth: hci4: command 0x0406 tx timeout [ 1261.935584][ T5248] Bluetooth: hci0: command tx timeout [ 1262.568884][ T9800] bridge_slave_1: left allmulticast mode [ 1262.574537][ T9800] bridge_slave_1: left promiscuous mode [ 1262.620929][ T9800] bridge0: port 2(bridge_slave_1) entered disabled state [ 1262.707570][ T9800] bridge_slave_0: left allmulticast mode [ 1262.774350][ T9800] bridge_slave_0: left promiscuous mode [ 1262.800526][ T9800] bridge0: port 1(bridge_slave_0) entered disabled state [ 1262.868582][T12972] vivid-004: ================= START STATUS ================= [ 1262.895067][T12972] vivid-004: Radio HW Seek Mode: Bounded [ 1262.910677][T12972] vivid-004: Radio Programmable HW Seek: false [ 1262.935246][T12972] vivid-004: RDS Rx I/O Mode: Block I/O [ 1262.966431][T12972] vivid-004: Generate RBDS Instead of RDS: false [ 1263.004194][T12972] vivid-004: RDS Reception: true [ 1263.058509][T12972] vivid-004: RDS Program Type: 0 inactive [ 1263.092954][T12974] Bluetooth: MGMT ver 1.23 [ 1263.142050][T12972] vivid-004: RDS PS Name: inactive [ 1263.197227][T12972] vivid-004: RDS Radio Text: inactive [ 1263.229280][T12972] vivid-004: RDS Traffic Announcement: false inactive [ 1263.246414][T12972] vivid-004: RDS Traffic Program: false inactive [ 1263.258015][T12972] vivid-004: RDS Music: false inactive [ 1263.301147][T12972] vivid-004: ================== END STATUS ================== [ 1264.015448][ T5233] Bluetooth: hci0: command tx timeout [ 1264.132072][T12986] futex_wake_op: syz.2.1267 tries to shift op by -1; fix this program [ 1266.213488][ T7483] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 1266.386966][T13001] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048) [ 1266.456388][ T7483] usb 3-1: device descriptor read/64, error -71 [ 1267.099545][ T7483] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 1267.265431][ T7483] usb 3-1: device descriptor read/64, error -71 [ 1267.366555][T13007] binder: 12989:13007 ioctl 4018620d 0 returned -22 [ 1267.428462][ T7483] usb usb3-port1: attempt power cycle [ 1267.512903][ T9800] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1267.556293][ T9800] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1267.599351][ T9800] bond0 (unregistering): Released all slaves [ 1267.876646][ T7483] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 1267.922493][ T7483] usb 3-1: device descriptor read/8, error -71 [ 1268.640999][ T9800] hsr_slave_0: left promiscuous mode [ 1268.714935][ T9800] hsr_slave_1: left promiscuous mode [ 1268.729158][ T9800] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1268.774936][ T9800] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1268.809547][ T9800] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1268.835518][ T9800] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1268.976357][ T9800] veth1_macvtap: left promiscuous mode [ 1269.010137][ T9800] veth0_macvtap: left promiscuous mode [ 1269.054285][ T9800] veth1_vlan: left promiscuous mode [ 1269.079717][ T9800] veth0_vlan: left promiscuous mode [ 1272.456723][T13031] futex_wake_op: syz.2.1278 tries to shift op by -1; fix this program [ 1275.376458][ T9800] team0 (unregistering): Port device team_slave_1 removed [ 1279.021920][ T9800] team0 (unregistering): Port device team_slave_0 removed [ 1280.439451][T12926] bridge0: port 1(bridge_slave_0) entered blocking state [ 1280.459789][T12926] bridge0: port 1(bridge_slave_0) entered disabled state [ 1280.486836][T12926] bridge_slave_0: entered allmulticast mode [ 1280.504468][T12926] bridge_slave_0: entered promiscuous mode [ 1280.517042][T12926] bridge0: port 2(bridge_slave_1) entered blocking state [ 1280.524774][T12926] bridge0: port 2(bridge_slave_1) entered disabled state [ 1280.538394][T12926] bridge_slave_1: entered allmulticast mode [ 1280.551164][T12926] bridge_slave_1: entered promiscuous mode [ 1280.617903][T13051] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1282'. [ 1280.746398][T12926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1280.815525][T12926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1281.911071][T13082] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1292'. [ 1282.225030][T12926] team0: Port device team_slave_0 added [ 1282.242768][T13078] netlink: 'syz.2.1291': attribute type 21 has an invalid length. [ 1282.302808][T13078] netlink: 'syz.2.1291': attribute type 20 has an invalid length. [ 1282.509159][T13078] IPv6: NLM_F_CREATE should be specified when creating new route [ 1283.315910][T12926] team0: Port device team_slave_1 added [ 1283.759894][T12926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1284.140332][T12926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1284.699340][T12926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1284.711582][ T29] audit: type=1326 audit(1284.685:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13094 comm="syz.4.1295" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f009f37def9 code=0x0 [ 1284.874319][T12926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1284.882720][T12926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1284.966765][T12926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1285.103496][ T5282] IPVS: starting estimator thread 0... [ 1285.219790][T13110] IPVS: using max 18 ests per chain, 43200 per kthread [ 1285.429933][T12926] hsr_slave_0: entered promiscuous mode [ 1286.316006][T12926] hsr_slave_1: entered promiscuous mode [ 1286.370815][T12926] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1286.411585][T12926] Cannot create hsr debugfs directory [ 1286.451242][ T9800] IPVS: stop unused estimator thread 0... [ 1291.640042][T13150] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1306'. [ 1292.628338][T13153] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1305'. [ 1293.433831][T12926] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1293.472775][T12926] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1293.661291][T12926] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1294.358036][T12926] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1294.683497][T13169] netlink: 'syz.2.1311': attribute type 2 has an invalid length. [ 1294.744457][T13169] : entered promiscuous mode [ 1294.957488][T12926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1295.100240][T12926] 8021q: adding VLAN 0 to HW filter on device team0 [ 1295.175209][ T1057] bridge0: port 1(bridge_slave_0) entered blocking state [ 1295.182522][ T1057] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1295.228823][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1295.236009][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1295.609657][T12926] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1297.184908][T12926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1297.528440][T13201] futex_wake_op: syz.4.1318 tries to shift op by -1; fix this program [ 1300.675263][T12926] veth0_vlan: entered promiscuous mode [ 1300.774230][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.870161][T12926] veth1_vlan: entered promiscuous mode [ 1300.951021][T12926] veth0_macvtap: entered promiscuous mode [ 1300.997886][T12926] veth1_macvtap: entered promiscuous mode [ 1304.077150][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1304.186711][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.265453][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1304.292690][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.322187][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1304.338378][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.358994][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1304.373107][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.412572][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1304.442743][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.527454][T12926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1304.584157][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1304.640396][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.663382][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1304.684299][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.753833][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1304.770098][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.811070][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1304.825406][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.862414][T12926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1304.894920][T12926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1304.939420][T12926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1305.066631][T12926] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1305.079430][T12926] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1305.090112][T12926] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1305.099051][T12926] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1305.337963][ T9784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1305.409124][ T9784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1305.629471][ T9782] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1305.682685][ T9782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1307.705686][ T29] audit: type=1800 audit(1307.685:896): pid=13243 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.1328" name="/" dev="fuse" ino=1 res=0 errno=0 [ 1307.927765][T13256] futex_wake_op: syz.2.1330 tries to shift op by -1; fix this program [ 1309.975456][ T29] audit: type=1400 audit(1307.985:897): avc: denied { accept } for pid=13251 comm="syz.3.1331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1310.102214][ T29] audit: type=1400 audit(1307.995:898): avc: denied { bind } for pid=13251 comm="syz.3.1331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1310.171109][ T29] audit: type=1400 audit(1308.225:899): avc: denied { recv } for pid=13251 comm="syz.3.1331" saddr=10.128.0.169 src=30006 daddr=10.128.1.118 dest=34260 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 1310.258741][ T29] audit: type=1400 audit(1308.405:900): avc: denied { egress } for pid=13251 comm="syz.3.1331" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 1310.624629][ T29] audit: type=1400 audit(1308.415:901): avc: denied { sendto } for pid=13251 comm="syz.3.1331" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 1310.775805][ T29] audit: type=1400 audit(1309.555:902): avc: denied { watch } for pid=13247 comm="syz.0.1329" path="/24/file0" dev="tmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 1310.884494][ T29] audit: type=1800 audit(1309.835:903): pid=13246 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.1328" name="/" dev="fuse" ino=1 res=0 errno=0 [ 1311.297014][T13274] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1336'. [ 1311.483446][ T29] audit: type=1400 audit(1310.115:904): avc: denied { listen } for pid=13262 comm="syz.2.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 1311.557665][ T29] audit: type=1400 audit(1310.265:905): avc: denied { execmem } for pid=13259 comm="syz.3.1332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 1311.991371][T13281] netlink: 'syz.1.1339': attribute type 2 has an invalid length. [ 1312.003392][T13281] : entered promiscuous mode [ 1312.344871][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1339'. [ 1312.353925][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1339'. [ 1314.574497][T13295] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1338'. [ 1315.910791][T13307] futex_wake_op: syz.0.1344 tries to shift op by -1; fix this program [ 1316.088141][T13305] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1317.445823][ T30] INFO: task kworker/u8:16:9777 blocked for more than 144 seconds. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1318.345528][ T29] audit: type=1400 audit(1318.315:906): avc: denied { recv } for pid=5282 comm="kworker/1:4" saddr=10.128.0.169 src=48872 daddr=10.128.1.118 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 1318.370301][ C1] vkms_vblank_simulate: vblank timer overrun [ 1318.435703][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 1318.468060][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1318.515496][ T30] task:kworker/u8:16 state:D stack:24008 pid:9777 tgid:9777 ppid:2 flags:0x00004000 [ 1318.601224][ T30] Workqueue: events_unbound netfs_write_collection_worker [ 1318.689184][ T30] Call Trace: [ 1318.692487][ T30] [ 1318.709559][ T30] __schedule+0xe37/0x5490 [ 1318.714020][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 1318.855048][ T30] ? hlock_class+0x4e/0x130 [ 1318.867760][ T30] ? __pfx___schedule+0x10/0x10 [ 1318.872642][ T30] ? schedule+0x298/0x350 [ 1318.985348][T13312] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1346'. [ 1319.225188][ T30] ? __pfx_lock_release+0x10/0x10 [ 1319.236348][ T30] ? __pfx_lock_release+0x10/0x10 [ 1319.255463][ T30] schedule+0xe7/0x350 [ 1319.259581][ T30] bit_wait+0x15/0xe0 [ 1319.263565][ T30] __wait_on_bit+0x62/0x180 [ 1319.298117][ T30] ? __pfx_bit_wait+0x10/0x10 [ 1319.335483][ T30] out_of_line_wait_on_bit+0xda/0x110 [ 1319.344441][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1319.356098][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 1319.361578][ T30] netfs_write_collection_worker+0x3369/0x5a00 [ 1319.376166][ T30] ? __pfx_netfs_write_collection_worker+0x10/0x10 [ 1319.382738][ T30] process_one_work+0x9c5/0x1b40 [ 1319.397506][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1319.402585][ T30] ? __pfx_process_one_work+0x10/0x10 [ 1319.413377][ T30] ? assign_work+0x1a0/0x250 [ 1319.418574][ T30] worker_thread+0x6c8/0xed0 [ 1319.423221][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1319.438391][ T30] kthread+0x2c1/0x3a0 [ 1319.454465][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1319.465521][ T30] ? __pfx_kthread+0x10/0x10 [ 1319.470165][ T30] ret_from_fork+0x45/0x80 [ 1319.474613][ T30] ? __pfx_kthread+0x10/0x10 [ 1319.482840][ T30] ret_from_fork_asm+0x1a/0x30 [ 1319.487729][ T30] [ 1319.490916][ T30] INFO: task syz.0.1137:12352 blocked for more than 146 seconds. [ 1319.538621][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 1319.556679][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1319.578137][ T30] task:syz.0.1137 state:D stack:25104 pid:12352 tgid:12351 ppid:11945 flags:0x00004006 [ 1319.594174][ T30] Call Trace: [ 1319.600245][ T30] [ 1319.603208][ T30] __schedule+0xe37/0x5490 [ 1319.607931][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 1319.613253][ T30] ? mark_lock+0xb5/0xc60 [ 1319.618839][ T30] ? __pfx___schedule+0x10/0x10 [ 1319.623732][ T30] ? schedule+0x298/0x350 [ 1319.628675][ T30] ? __pfx_lock_release+0x10/0x10 [ 1319.633736][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 1319.638967][ T30] ? __mutex_trylock_common+0x78/0x250 [ 1319.654833][ T30] schedule+0xe7/0x350 [ 1319.659416][ T30] schedule_preempt_disabled+0x13/0x30 [ 1319.664928][ T30] __mutex_lock+0x5b8/0x9c0 [ 1319.672578][ T30] ? __pfx_mark_lock+0x10/0x10 [ 1319.685452][ T30] ? netfs_writepages+0x5e1/0xdd0 [ 1319.690538][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1319.696627][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 1319.702319][ T30] ? netfs_writepages+0x5e1/0xdd0 [ 1319.718796][ T30] netfs_writepages+0x5e1/0xdd0 [ 1319.723709][ T30] ? __pfx_netfs_writepages+0x10/0x10 [ 1319.729797][ T30] ? hlock_class+0x4e/0x130 [ 1319.734334][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 1319.750501][ T30] ? __pfx_netfs_writepages+0x10/0x10 [ 1319.756472][ T30] do_writepages+0x1a3/0x7f0 [ 1319.761109][ T30] ? __pfx_do_writepages+0x10/0x10 [ 1319.766624][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1319.771702][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 1319.779668][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 1319.784902][ T30] ? _raw_spin_unlock+0x28/0x50 [ 1319.790210][ T30] ? wbc_attach_and_unlock_inode+0x597/0x940 [ 1319.796367][ T30] filemap_fdatawrite_wbc+0x148/0x1c0 [ 1319.801967][ T30] __filemap_fdatawrite_range+0xba/0x100 [ 1319.807751][ T30] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 1319.814215][ T30] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 1319.820441][ T30] v9fs_dir_release+0x42f/0x590 [ 1319.825589][ T30] ? __pfx_v9fs_dir_release+0x10/0x10 [ 1319.830994][ T30] ? evm_file_release+0x162/0x1d0 [ 1319.836113][ T30] ? __pfx_v9fs_dir_release+0x10/0x10 [ 1319.841594][ T30] __fput+0x408/0xbb0 [ 1319.846065][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1319.853876][ T30] task_work_run+0x14e/0x250 [ 1319.858639][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1319.864000][ T30] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1319.870212][ T30] ? task_work_add+0x1d6/0x370 [ 1319.875008][ T30] get_signal+0x1ca/0x2770 [ 1319.879479][ T30] ? fput+0x13d/0x390 [ 1319.883646][ T30] ? __pfx_get_signal+0x10/0x10 [ 1319.891342][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 1319.897073][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1319.903398][ T30] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1319.909245][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 1319.915027][ T30] do_syscall_64+0xda/0x250 [ 1319.919612][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1319.925846][ T30] RIP: 0033:0x7f2eef77def9 [ 1319.930292][ T30] RSP: 002b:00007f2ef0498038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1319.940162][ T30] RAX: 0000000000070000 RBX: 00007f2eef935f80 RCX: 00007f2eef77def9 [ 1319.948279][ T30] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000b [ 1319.959030][ T30] RBP: 00007f2eef7f0b56 R08: 0000000000000000 R09: 0000000000000000 [ 1319.967188][ T30] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000 [ 1319.975180][ T30] R13: 0000000000000000 R14: 00007f2eef935f80 R15: 00007ffc7c103808 [ 1319.983289][ T30] [ 1320.364332][ T30] [ 1320.364332][ T30] Showing all locks held in the system: [ 1320.419229][ T30] 1 lock held by pool_workqueue_/3: [ 1320.424467][ T30] #0: ffffffff8ddc5778 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 1320.535527][ T30] 1 lock held by khungtaskd/30: [ 1320.540385][ T30] #0: ffffffff8ddb9fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 1320.625590][ T30] 3 locks held by kworker/1:1/46: [ 1320.630662][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 1320.695653][ T30] #1: ffffc90000b67d80 (drain_vmap_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 1320.736571][ T30] #2: ffffffff8df39628 (vmap_purge_lock){+.+.}-{3:3}, at: drain_vmap_area_work+0x17/0x40 [ 1320.755795][ T30] 2 locks held by getty/4983: [ 1320.760507][ T30] #0: ffff8880308e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1320.815449][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 1320.850174][ T30] 3 locks held by kworker/1:4/5282: [ 1320.865559][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 1320.895451][ T30] #1: ffffc90004127d80 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 1320.905140][ T30] #2: ffffffff8ddc5778 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 1320.938619][ T30] 2 locks held by kworker/u8:16/9777: [ 1320.945706][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 1320.957222][ T30] #1: ffffc900047d7d80 ((work_completion)(&wreq->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 1320.974579][ T30] 3 locks held by kworker/u8:18/9784: [ 1320.988467][ T30] #0: ffff8880b883edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 1320.998920][ T30] #1: ffffc90004827d80 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 1321.012072][ T30] #2: ffff8880b892a858 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x6c1/0xdc0 [ 1321.021453][ T30] 1 lock held by syz.0.1137/12352: [ 1321.027341][ T30] #0: ffff888011f39850 (&ctx->wb_lock){+.+.}-{3:3}, at: netfs_writepages+0x5e1/0xdd0 [ 1321.040938][ T30] 3 locks held by syz.0.1137/12354: [ 1321.046572][ T30] #0: ffff88805d974420 (sb_writers#23){.+.+}-{0:0}, at: do_fchownat+0x118/0x200 [ 1321.056670][ T30] #1: ffff888011f39498 (&sb->s_type->i_mutex_key#32){++++}-{3:3}, at: chown_common+0x331/0x660 [ 1321.067597][ T30] #2: ffff888011f39850 (&ctx->wb_lock){+.+.}-{3:3}, at: netfs_writepages+0x5e1/0xdd0 [ 1321.077625][ T30] 3 locks held by syz.2.1340/13287: [ 1321.086368][ T30] #0: ffff88806d648d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 1321.096360][ T30] #1: ffff88806d648078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 1321.107021][ T30] #2: ffffffff8fc9cb68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 1321.117484][ T30] 3 locks held by syz.4.1343/13309: [ 1321.122702][ T30] #0: ffff88807449cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 1321.132485][ T30] #1: ffff88807449c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 1321.142485][ T30] #2: ffffffff8fc9cb68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 1321.154261][ T30] 1 lock held by syz.0.1344/13307: [ 1321.159433][ T30] #0: ffffffff8ddc5640 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x6c0 [ 1321.169711][ T30] 1 lock held by syz.3.1345/13304: [ 1321.174812][ T30] #0: ffffffff8ddc5640 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x6c0 [ 1321.187278][ T30] 3 locks held by syz.1.1346/13312: [ 1321.192504][ T30] #0: ffff88805dc90d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 1321.202199][ T30] #1: ffff88805dc90078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 1321.211929][ T30] #2: ffffffff8fc9cb68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 1321.223128][ T30] [ 1321.238044][ T30] ============================================= [ 1321.238044][ T30] [ 1321.247257][ T30] NMI backtrace for cpu 0 [ 1321.251595][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 1321.262080][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1321.272122][ T30] Call Trace: [ 1321.275389][ T30] [ 1321.278303][ T30] dump_stack_lvl+0x116/0x1f0 [ 1321.282979][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 1321.287935][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1321.293909][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1321.299884][ T30] watchdog+0xf0c/0x1240 [ 1321.304113][ T30] ? __pfx_watchdog+0x10/0x10 [ 1321.308792][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 1321.314020][ T30] ? __kthread_parkme+0x148/0x220 [ 1321.319060][ T30] ? __pfx_watchdog+0x10/0x10 [ 1321.323724][ T30] kthread+0x2c1/0x3a0 [ 1321.327782][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1321.332965][ T30] ? __pfx_kthread+0x10/0x10 [ 1321.337543][ T30] ret_from_fork+0x45/0x80 [ 1321.341951][ T30] ? __pfx_kthread+0x10/0x10 [ 1321.346546][ T30] ret_from_fork_asm+0x1a/0x30 [ 1321.351307][ T30] [ 1321.356313][ T30] Sending NMI from CPU 0 to CPUs 1: [ 1321.362813][ C1] NMI backtrace for cpu 1 [ 1321.362834][ C1] CPU: 1 UID: 0 PID: 9790 Comm: kworker/u8:20 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 1321.362860][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1321.362872][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 1321.362900][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0xc/0x70 [ 1321.362933][ C1] Code: c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 a4 0a 78 7e <65> 8b 05 a5 0a 78 7e a9 00 01 ff 00 48 8b 34 24 74 1d f6 c4 01 74 [ 1321.362954][ C1] RSP: 0018:ffffc90004656ee0 EFLAGS: 00000246 [ 1321.362969][ C1] RAX: 0000000000000000 RBX: ffffc90004656f68 RCX: ffffffff813d0026 [ 1321.362984][ C1] RDX: ffff888028490000 RSI: 0000000000000001 RDI: 0000000000000004 [ 1321.362998][ C1] RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000001 [ 1321.363010][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 1321.363023][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001 [ 1321.363036][ C1] FS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 1321.363057][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1321.363072][ C1] CR2: 000055a28d212000 CR3: 000000000db7c000 CR4: 00000000003506f0 [ 1321.363103][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1321.363116][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1321.363129][ C1] Call Trace: [ 1321.363136][ C1] [ 1321.363144][ C1] ? show_regs+0x8c/0xa0 [ 1321.363172][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 1321.363201][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1321.363228][ C1] ? nmi_handle+0x1a9/0x5c0 [ 1321.363249][ C1] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 1321.363278][ C1] ? default_do_nmi+0x6a/0x160 [ 1321.363300][ C1] ? exc_nmi+0x170/0x1e0 [ 1321.363321][ C1] ? end_repeat_nmi+0xf/0x53 [ 1321.363347][ C1] ? unwind_next_frame+0x1126/0x23a0 [ 1321.363369][ C1] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 1321.363403][ C1] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 1321.363434][ C1] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 1321.363463][ C1] [ 1321.363469][ C1] [ 1321.363476][ C1] unwind_next_frame+0x1134/0x23a0 [ 1321.363498][ C1] ? cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 1321.363523][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1321.363549][ C1] arch_stack_walk+0x100/0x170 [ 1321.363575][ C1] ? ieee80211_bss_info_update+0x311/0xab0 [ 1321.363602][ C1] ? cfg80211_inform_single_bss_data+0x52f/0x1dc0 [ 1321.363626][ C1] stack_trace_save+0x95/0xd0 [ 1321.363650][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1321.363675][ C1] ? __pfx_mark_lock+0x10/0x10 [ 1321.363704][ C1] kasan_save_stack+0x33/0x60 [ 1321.363732][ C1] ? kasan_save_stack+0x33/0x60 [ 1321.363757][ C1] ? kasan_save_track+0x14/0x30 [ 1321.363783][ C1] ? __kasan_kmalloc+0xaa/0xb0 [ 1321.363809][ C1] ? __kmalloc_noprof+0x1e8/0x400 [ 1321.363836][ C1] ? cfg80211_inform_single_bss_data+0x52f/0x1dc0 [ 1321.363859][ C1] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 1321.363881][ C1] ? cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 1321.363927][ C1] kasan_save_track+0x14/0x30 [ 1321.363955][ C1] __kasan_kmalloc+0xaa/0xb0 [ 1321.363982][ C1] __kmalloc_noprof+0x1e8/0x400 [ 1321.364014][ C1] cfg80211_inform_single_bss_data+0x52f/0x1dc0 [ 1321.364038][ C1] ? ret_from_fork_asm+0x19/0x30 [ 1321.364069][ C1] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 1321.364101][ C1] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 1321.364127][ C1] ? stack_trace_save+0x95/0xd0 [ 1321.364150][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1321.364175][ C1] ? stack_depot_save_flags+0x28/0x8f0 [ 1321.364203][ C1] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 1321.364225][ C1] cfg80211_inform_bss_data+0x205/0x39c0 [ 1321.364247][ C1] ? __kmalloc_noprof+0x1e8/0x400 [ 1321.364274][ C1] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 1321.364299][ C1] ? ieee80211_ibss_rx_queued_mgmt+0xc4f/0x2f40 [ 1321.364323][ C1] ? ieee80211_iface_work+0xc0b/0xf00 [ 1321.364348][ C1] ? ret_from_fork+0x45/0x80 [ 1321.364379][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 1321.364408][ C1] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 1321.364432][ C1] ? hlock_class+0x4e/0x130 [ 1321.364454][ C1] ? mark_lock+0xb5/0xc60 [ 1321.364479][ C1] ? hlock_class+0x4e/0x130 [ 1321.364502][ C1] ? hlock_class+0x4e/0x130 [ 1321.364523][ C1] ? __lock_acquire+0xbdd/0x3cb0 [ 1321.364560][ C1] ? hlock_class+0x4e/0x130 [ 1321.364585][ C1] ? find_held_lock+0x2d/0x110 [ 1321.364624][ C1] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 1321.364651][ C1] cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 1321.364680][ C1] ieee80211_bss_info_update+0x311/0xab0 [ 1321.364706][ C1] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 1321.364736][ C1] ? ieee80211_ibss_rx_queued_mgmt+0x185e/0x2f40 [ 1321.364764][ C1] ? ieee80211_mandatory_rates+0x1ab/0x220 [ 1321.364796][ C1] ieee80211_ibss_rx_queued_mgmt+0x1898/0x2f40 [ 1321.364823][ C1] ? hlock_class+0x4e/0x130 [ 1321.364849][ C1] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 1321.364874][ C1] ? lock_acquire+0x1b1/0x560 [ 1321.364900][ C1] ? find_held_lock+0x2d/0x110 [ 1321.364921][ C1] ? find_held_lock+0x2d/0x110 [ 1321.364946][ C1] ? kcov_remote_start+0x370/0x6e0 [ 1321.364969][ C1] ? mark_held_locks+0x9f/0xe0 [ 1321.364996][ C1] ? kcov_remote_start+0x3cf/0x6e0 [ 1321.365021][ C1] ieee80211_iface_work+0xc0b/0xf00 [ 1321.365047][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1321.365073][ C1] cfg80211_wiphy_work+0x445/0x760 [ 1321.365100][ C1] process_one_work+0x9c5/0x1b40 [ 1321.365135][ C1] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 1321.365159][ C1] ? __pfx_process_one_work+0x10/0x10 [ 1321.365193][ C1] ? assign_work+0x1a0/0x250 [ 1321.365221][ C1] worker_thread+0x6c8/0xed0 [ 1321.365257][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1321.365285][ C1] kthread+0x2c1/0x3a0 [ 1321.365309][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1321.365332][ C1] ? __pfx_kthread+0x10/0x10 [ 1321.365356][ C1] ret_from_fork+0x45/0x80 [ 1321.365387][ C1] ? __pfx_kthread+0x10/0x10 [ 1321.365409][ C1] ret_from_fork_asm+0x1a/0x30 [ 1321.365443][ C1] [ 1321.368137][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1321.368151][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 1321.368178][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1321.368192][ T30] Call Trace: [ 1321.368200][ T30] [ 1321.368209][ T30] dump_stack_lvl+0x3d/0x1f0 [ 1321.368237][ T30] panic+0x6dc/0x7c0 [ 1321.368268][ T30] ? __pfx_panic+0x10/0x10 [ 1321.368297][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1321.368326][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1321.368356][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1321.368381][ T30] ? watchdog+0xd76/0x1240 [ 1321.368403][ T30] ? watchdog+0xd69/0x1240 [ 1321.368428][ T30] watchdog+0xd87/0x1240 [ 1321.368456][ T30] ? __pfx_watchdog+0x10/0x10 [ 1321.368477][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 1321.368509][ T30] ? __kthread_parkme+0x148/0x220 [ 1321.368537][ T30] ? __pfx_watchdog+0x10/0x10 [ 1321.368559][ T30] kthread+0x2c1/0x3a0 [ 1321.368583][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1321.368610][ T30] ? __pfx_kthread+0x10/0x10 [ 1321.368637][ T30] ret_from_fork+0x45/0x80 [ 1321.368668][ T30] ? __pfx_kthread+0x10/0x10 [ 1321.368693][ T30] ret_from_fork_asm+0x1a/0x30 [ 1321.368738][ T30] [ 1321.370001][ T30] Kernel Offset: disabled [ 1322.092812][ T30] Rebooting in 86400 seconds..