last executing test programs: 2m57.691154234s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 2m32.507316192s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 1m57.86415019s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 1m27.922345563s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 52.552364275s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 49.008708501s ago: executing program 3 (id=2019): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 47.869129228s ago: executing program 3 (id=2022): unshare(0x42000000) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_print_times', 0x111c40, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0x10d}], 0x1, 0x4b5, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8) write$vga_arbiter(0xffffffffffffffff, &(0x7f00000001c0)=@other={'decodes', ' ', 'none'}, 0xd) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001439) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x0) 14.974856434s ago: executing program 2 (id=2078): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xf, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 14.745184165s ago: executing program 2 (id=2079): socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0xfffffffe, 0x1ff) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) 12.378839695s ago: executing program 1 (id=1465): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) bind$tipc(r1, 0x0, 0x0) socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0}, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r5, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) 10.210113396s ago: executing program 2 (id=2084): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mkdir(&(0x7f0000000580)='./file0\x00', 0xaa6f6396d0ed07f2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='fusectl\x00', 0x3015800, &(0x7f0000000500)='cgroup.procs\x00') r4 = open(&(0x7f0000000100)='./file0\x00', 0x2000, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r5, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) 10.209885677s ago: executing program 3 (id=2043): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 8.170325508s ago: executing program 3 (id=2089): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x5) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000004640)={0x0}}, 0x8000) sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0xae) munmap(&(0x7f0000ff2000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e02000/0x4000)=nil, 0x4000, 0x2) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x901) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_SPLICE={0x1e, 0x8, 0x0, @fd_index=0x7, 0x6, {0x0, r3}, 0x9, 0x9}) io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58) r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000400)=ANY=[]) r6 = accept4(r4, 0x0, 0x0, 0x0) sendfile(r6, 0xffffffffffffffff, 0x0, 0x8a000) 6.869712903s ago: executing program 4 (id=2091): r0 = socket$inet6(0xa, 0x3, 0xff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4) r3 = dup2(r0, r0) write$tun(r3, &(0x7f00000003c0)=ANY=[], 0x46) recvmmsg(r3, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0) 6.500718465s ago: executing program 2 (id=2092): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x9, &(0x7f0000000380)=[{0x8, 0x3, 0x6d, 0x7}, {0xfffd, 0xb, 0xd, 0x3ff}, {0x8, 0x7, 0xb1}, {0x82a, 0x3, 0x9, 0x401}, {0x5, 0x5, 0xd, 0x5d0}, {0x7, 0x3, 0x2, 0x3}, {0x100, 0x7f, 0x0, 0x5}, {0x8, 0x7, 0x9, 0x7}, {0x9, 0x6, 0x2, 0x400}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r0 = syz_open_dev$vbi(0x0, 0x3, 0x2) r1 = gettid() setrlimit(0xb, &(0x7f0000000100)) signalfd(r0, &(0x7f0000000080)={[0x6]}, 0x8) r2 = signalfd(r0, &(0x7f00007aeff8)={[0x7]}, 0x8) readv(r2, &(0x7f0000000340)=[{&(0x7f0000006a40)=""/161, 0xa1}], 0x1) tkill(r1, 0xb) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x20010, 0xffffffffffffffff, 0xffffc000) syz_emit_ethernet(0x3e, &(0x7f0000000240)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x8, 0x2c, 0x0, @dev, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x0, 0x13}}}}}}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_usb_connect(0x0, 0x5d, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a0000052406000005241d00000d240f01000200000000000200072414003824d0062413"], 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x4) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f00000001c0)=0x2) r6 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGPKT(r6, 0x40045431, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x4000004e) 5.394291181s ago: executing program 0 (id=2093): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000), 0x7, 0x4e0, &(0x7f0000000740)="$eJzs3E9sFNUfAPDvbFvaQvnRHyIKohbR2GhsoSBwMDEYTTxoYsSDHpu2EKRQQ2sihMiSGDwaEq/GePTqwat6M55MvOLRxJAQwwXwNGZ2Z7bb7Xb7b9tC+/kky7739s28efPmzb55j20AW9ZA9k8S0RcRtyJiV0SUGjMMVN/u37069uDu1bEop+npf5Jss7iXxXNJ/r4jjwyWIkpfJLMf1Jm+fOX86OTkxKU8Pjxz4ZPh6ctXXjl3YfTsxNmJiyMnTx47euTE8ZFXl1+pJuVl9bq3//OpA/ve/ujmu2OdRXpP/l5fj3YZiIFmh1LxQrsL22A768JJZ6ucr6/9wbBk2fWfNVdXpf/vio5o2XjAJpKmadq98MfltNH1eSnAIyuJjT4CYGMUX/TZ82/xajYQ2LY2w48Nd+dU9QEoq/f9/BXxbCWxmAfpani+baeBiPiw/O+32SvWaB4CAKDez6eKkWDD+K8/Ym9dvv/layj9EfH/iNgdEY9FxJ6IeDyqeZ+IiCcb9t8REWmL8gca4vPHP6Xbq6tha9n477V8bWt2/Bf1q2D9HXlsZ0QxYJ44nJ+TwejqPnNucuJIizJ+efOPrxb6rH78l72y8ouxYH4ctzsbJujGR2dGV1zhBneuR+zvbKx/0hmR1FYCkojYFxH7l7Hf/rrwuZe+P1CLdM3Nt3j9K9Km62htWKpIv4t4sdr+5ZjT/rMlJq3XJ4d7YnLi8HB2FRxuWsZvv994b6HyF63/j381bvLWiZ9O5z1r9bL23153/Uexfjtb//4kIqmt104vv4wbf3654DPNSq//bckHlXDxXPrZ6MzMpSMR25J35qePzG5bxLP3KFfrP3ioef/fnW+TnYmnIiK7iJ+OiGei+oQ4EOm1gxHxXEQcalH/X994/uPF6t+bv+f1L7XYXVtl9R9vev+b0/6z6/WVwDeRB2opk0m5mns2pRboOH/w1oMFbh5La/9jldBgntL8/pfMuUXMP4rmgdWePwAAAHgUlCKir24uqS9KpaGh6hzQnthempyannn5zNSnF8ervxHoj65SMdNVnQ/uSor5z/66+EhD/Gg+b/x1R28lPjQ2NTm+oTUHdlT6fFIaqt0Lqv0/83d7ppiBh5mf/MDWtVj/33tznQ4EWHe+/2Hrquv/5QWylP1PGdiclvL9by4QNqdm/f/aCrYBHi2pvgxb2nL6v3sFbC6d8X4tvG6/PAQeCr7TYUta0o/klxEo/rxHNSXtbp65J+ZvHj2t99wRKzuw3iZlbUigVDst61x670q2Kv6awoJ5orS8HXbHatr0eC3lzOpPy9m9bb/403x9rN0t+MMa9dPFA63vGyN9a3M/AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLf/AgAA//928tWD") r0 = open(&(0x7f0000022ff6)='./file0\x00', 0x80, 0x2) mount(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0x40086610, &(0x7f0000000500)={@id={0x40000, 0x0, @d}}) sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, 0x0, 0x0) 4.79138608s ago: executing program 4 (id=2094): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) ioctl$TUNSETLINK(r1, 0x400454cd, 0x310) 4.662328339s ago: executing program 3 (id=2095): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20) 4.526920454s ago: executing program 0 (id=2096): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000a40)={[0x401, 0x8, 0x5, 0x8, 0x0, 0x3, 0x5, 0x4, 0xd2, 0x7, 0x46d8, 0xffffff01, 0xfffffff9, 0x7, 0x1, 0x2, 0x7, 0x2, 0x2, 0x3, 0x239b, 0x5, 0x8, 0x5, 0xf0e9, 0xfff, 0x3, 0xffffffff, 0xdf90, 0xffffffff, 0x1, 0xbf, 0x5, 0xf50, 0xad7, 0x10, 0x80000001, 0x73, 0x401, 0x7, 0x0, 0x1, 0x7, 0x5, 0x5, 0x3, 0xcc, 0x9, 0x4df, 0x9e, 0x3, 0x9, 0xf, 0x9, 0x3, 0x1, 0x4, 0x7, 0x9, 0x32e, 0x6, 0xe188, 0x8, 0x10, 0xe6, 0x20000000, 0x5d, 0xbc, 0x4, 0xe2, 0x5, 0x7, 0x2, 0x7, 0x2, 0xfffeffff, 0x401, 0x8, 0xfff, 0x9, 0x4, 0x6, 0x7, 0x200, 0x7, 0x6, 0x2c73, 0x7, 0xfffffffe, 0x9, 0x9, 0x6, 0x8, 0x2, 0x4, 0xc4, 0x562e8ab8, 0xd, 0x7, 0x3ff, 0x1438f0eb, 0x6, 0x80000001, 0x6, 0x6, 0x680, 0x3, 0xf935, 0x7, 0x1, 0x4, 0xd, 0x692f, 0x7, 0x5, 0x5, 0x10, 0x0, 0x1ff, 0x5, 0x7, 0x2, 0xffff, 0x0, 0x44, 0x0, 0x7, 0x6, 0x69, 0x3, 0x9, 0x4, 0xfffffffa, 0x2, 0x2000000, 0x7a, 0x9, 0xd7a, 0x6, 0x8df8, 0x7, 0x0, 0xfffffff8, 0x7, 0x3ff, 0xfffffff7, 0x5, 0x6ad1b9e2, 0x81, 0x3a81, 0x4, 0x3, 0x5, 0x0, 0x29, 0xff, 0x1, 0x1, 0x9, 0x6, 0x10, 0x7a, 0x5, 0x800, 0x6, 0x772, 0x75e5, 0x9, 0x2, 0x9, 0x5, 0x8, 0xd, 0x101, 0x99, 0x0, 0x5, 0xffff, 0x0, 0x8, 0x1, 0x3e, 0x5, 0x7d8f, 0x5, 0x7, 0x3, 0x72, 0x4, 0x5, 0x2fb, 0x3, 0xe171, 0x8, 0x5, 0x8, 0xffffffff, 0x101, 0x8001, 0x4, 0x4, 0x2, 0x3, 0x3, 0xa81, 0x6, 0x656, 0x4, 0x1, 0x3, 0x80000000, 0x3, 0x3, 0xfffffffc, 0x6, 0x1ff, 0xdbf, 0x7, 0x4, 0x1, 0x98f4, 0x7, 0x2, 0x80000001, 0xff, 0x1, 0x7, 0x5, 0x3ff, 0x8, 0x2, 0x8, 0x7, 0x4, 0x1, 0x37, 0x21ad, 0x6c1e, 0x1c12e9d4, 0xfffffabe, 0x0, 0xf8, 0x91bb, 0xb, 0x2, 0x4, 0xfffffff9, 0x9, 0x23f, 0x3, 0x8000, 0xffffffff, 0x6, 0x5d, 0x2, 0xe47b, 0x1, 0xb966, 0xfffffffb, 0x6, 0x2, 0xffffffff, 0x2, 0xfffffffd, 0x7f, 0x2, 0x8, 0x2, 0x4561, 0x7efe, 0x3, 0x7, 0x51, 0x7, 0xfffffffd, 0x1, 0x4, 0x3, 0xeb, 0x4, 0x0, 0x6, 0x8000, 0x7fffffff, 0xfffffff7, 0x8, 0x5, 0x6, 0x4, 0x3, 0x5, 0xc, 0x1, 0x3e5, 0x9, 0x7, 0x7, 0x0, 0x7fff, 0x80000001, 0xc, 0x6, 0x80000001, 0x8001, 0xbce, 0x6, 0x2, 0x5, 0x1, 0x10000, 0x6b, 0x5, 0x80000001, 0x2, 0xffffff33, 0x97f2a2, 0x4, 0xfff7, 0xfffff5a3, 0x4, 0x4, 0x4, 0x1, 0x9, 0x80000000, 0x3, 0x4000, 0x370d, 0x5, 0x0, 0xdd1, 0x566, 0x7, 0x38, 0x3388ed50, 0x1, 0x4, 0x9, 0xc, 0x6, 0xa2e4, 0x80000001, 0x7ff, 0x6, 0x0, 0xffffffff, 0x3, 0x1, 0x3, 0xfffffffe, 0x101, 0x1, 0x9, 0x8, 0x6, 0x6, 0x6, 0x4a0, 0x6, 0x0, 0x0, 0x994, 0x0, 0x8, 0x0, 0x8, 0x0, 0x4, 0x67bfca38, 0x0, 0x7, 0x519, 0x7, 0x4, 0x10001, 0x6, 0xfffffff9, 0xe, 0x7fff, 0x6, 0x2, 0x101, 0x8, 0x7, 0xfffffff1, 0x8, 0x0, 0x2, 0x5, 0xa297, 0x48cfc524, 0x9, 0xe91, 0x0, 0xb, 0xd43, 0xfffffffb, 0x8, 0x7, 0xbe8, 0x3ff, 0x9, 0xff, 0x400000, 0x9, 0x2, 0x8, 0x9, 0x0, 0x4, 0x74, 0x2, 0x5, 0xeac, 0x1, 0x6, 0x9, 0x1, 0x1ff, 0xd01, 0x5, 0x401, 0xffffff30, 0x101, 0xd1, 0x1, 0x0, 0x5, 0x2, 0x0, 0x2, 0x9, 0x9, 0x1, 0x6, 0x1a5, 0x5, 0x5, 0x6, 0x1c000000, 0x7, 0xdd1f, 0x4, 0x1, 0x80000001, 0x33, 0x3, 0x0, 0x4b, 0x57b, 0x100, 0x10000, 0x3, 0x7fffffff, 0x7000, 0x8, 0x2, 0x3, 0x34a, 0xf3d, 0x8, 0x4, 0x2, 0x0, 0x7, 0x4, 0x4, 0x2, 0xcaaa, 0x3, 0x0, 0x0, 0x91, 0x1608, 0x9, 0x8000, 0x800, 0x5, 0x885, 0x97c2, 0x8, 0x3cfc, 0x8, 0x101, 0x3, 0x401, 0x4b, 0xff, 0x37af, 0xfffffffa, 0x9, 0x6, 0x3, 0x6, 0x80, 0x9, 0x26b94117, 0x3, 0x0, 0x7, 0x8, 0x1, 0x0, 0x4, 0x3, 0x8887, 0x5cc, 0x0, 0x7, 0x2, 0x8, 0x6, 0x321, 0x68f6, 0x200000, 0x9, 0x5, 0xe, 0x55c1, 0x526, 0x1, 0x8, 0x5, 0x3, 0x4, 0xc4ab, 0x6, 0x1, 0x4, 0x119d, 0x1, 0x5, 0x7ff, 0x8, 0x6, 0x0, 0x4, 0x3, 0x5, 0x2, 0x1, 0x3ff, 0x8, 0x6, 0x6, 0x3, 0x8000, 0x8, 0x6db, 0xfffffffd, 0x2, 0x5, 0x9, 0x4, 0x80, 0x0, 0x8, 0x6da4, 0x81, 0x4, 0xfffffff7, 0x6, 0x5, 0x2, 0x10000, 0x0, 0x33f, 0xbe47, 0x8, 0x800, 0x2c0e, 0x4, 0x0, 0x4, 0x2, 0xffffff3b, 0x3, 0x5, 0xffffe85d, 0x40, 0x5, 0x6, 0x9, 0x9, 0x3, 0x80000001, 0x2, 0x1, 0x6, 0xa, 0xfffffeff, 0x3, 0xfffff97f, 0x7, 0x1, 0x7, 0x101, 0x7, 0x8001, 0x1, 0x200, 0xffff, 0x9, 0x1000, 0xd4, 0xfffffffd, 0xfffffff6, 0x1ff, 0x0, 0x8, 0x5, 0x1ff, 0x0, 0x0, 0x1, 0x8, 0x4, 0x7, 0x303, 0x7, 0x1ee, 0x1, 0xffffffff, 0xff, 0x5, 0x2, 0x7, 0x4, 0x1, 0x6, 0x4c7, 0xfffffffa, 0x2, 0x7bf6, 0xad2, 0x7, 0x78, 0x6, 0x40, 0x40, 0x4, 0x253, 0x1, 0x0, 0x773c7b1, 0x3, 0x1, 0xc, 0x88, 0xc0, 0x5, 0x6baa, 0xa, 0x0, 0x3, 0x4c, 0x1c3, 0x1, 0x10000, 0x6, 0xb8, 0x6, 0x10001, 0x0, 0x1, 0xd2, 0x5, 0x5, 0xfff, 0xe47, 0x96c, 0x7, 0x0, 0x6, 0x3, 0x5, 0x5, 0x5, 0x9, 0x4, 0xf, 0x8, 0x6, 0x6, 0xf, 0x8, 0xb8, 0x81, 0x3, 0x5, 0x1, 0x8, 0x0, 0x10000, 0x4, 0xa72, 0x10000, 0x401, 0x99, 0x7ff, 0x8, 0x4, 0x9, 0x7, 0x8, 0xaa3, 0x3, 0x8, 0x4, 0xfffffff8, 0x7, 0x7fffffff, 0x8001, 0x3, 0x4, 0xa, 0x71, 0x8, 0xddd, 0x3, 0x7, 0x3, 0x12, 0xfff, 0x32, 0xb, 0x23e1, 0xffffffff, 0x0, 0xffffffff, 0x344, 0x5, 0x400, 0xffff, 0xffffff64, 0x9, 0x8, 0x7, 0x8, 0x1, 0x1, 0x18fff8a0, 0x3, 0x6, 0x5, 0x1, 0x2, 0x5, 0x5, 0x8, 0x100, 0x2, 0x5, 0xff, 0x1, 0xc, 0x3ff, 0x6, 0x7, 0x672, 0x8, 0xa, 0x5, 0x9, 0x4ef, 0x2, 0x7, 0x1, 0x1, 0x40, 0x7, 0x6, 0x73f4, 0x40, 0x3, 0x800, 0x5, 0x3, 0x427, 0xbb1, 0x58b0, 0x2, 0x5, 0x2, 0x4000000, 0x6, 0x7fffffff, 0x2, 0x8, 0x8000000, 0x6, 0x0, 0x4, 0x1ff, 0x0, 0x7, 0x5, 0x9, 0xfff, 0x7, 0xfffffffc, 0x40, 0x4, 0x5, 0x9, 0x9, 0x8, 0x4, 0x5, 0x4, 0x4, 0xfffffffd, 0x80000000, 0xf031, 0x606d, 0xffff, 0x7, 0x7, 0xf388, 0x9, 0xe8, 0x9, 0x80, 0x404000, 0x6, 0x6, 0x7fffffff, 0x5, 0x3, 0x1, 0x8000, 0x5, 0x7, 0x7, 0x3, 0x7fffffff, 0x9, 0x200, 0xffffffc0, 0x5, 0x3, 0x4, 0x3, 0x4, 0x401, 0x10, 0x5, 0x400, 0x1, 0x5, 0x7, 0x9, 0x77a, 0x467, 0xfffffffc, 0x8, 0x2, 0xff, 0x200, 0x10, 0x1, 0x3, 0x4, 0xb, 0xfffff0ba, 0xffff, 0x401, 0x6, 0x5, 0xc, 0x80, 0x100, 0x23, 0x2, 0xe0b, 0x10000, 0x6, 0x6, 0x81, 0xc, 0x1000, 0x0, 0xfff, 0x400000, 0x3, 0x5, 0x8001, 0x540, 0x253, 0x6, 0xe, 0x1, 0x5, 0x1, 0x80000000, 0x1, 0x0, 0x6, 0x1000, 0x10001, 0x134, 0x9, 0x10000, 0x8, 0x10001, 0x1000, 0x56a, 0x9, 0x1, 0xb0000000, 0x9, 0xa, 0x504, 0xba8, 0x1, 0xd3f, 0x313f2b05, 0xfffffffe, 0x1110, 0x2, 0x1bf4, 0x242, 0x4, 0x5, 0x10000, 0x200, 0x10001, 0x3, 0x5, 0x5f7, 0x1ff, 0x9, 0xffffff92, 0x101, 0x7, 0x4, 0x3, 0x7, 0x4, 0x9, 0x0, 0x1, 0xffff, 0xfffffffc, 0x2, 0x3, 0x5, 0x1ff, 0x81, 0xdc, 0x40, 0x10, 0x5, 0x101, 0x8000, 0x8, 0x4, 0x0, 0xffffffff, 0x3, 0xe3, 0x5, 0x3, 0x6, 0x1, 0x1, 0x3ae, 0xfffffffd, 0x3, 0xfc38, 0x7, 0x0, 0x1ff, 0xc28, 0x5, 0x3ff, 0xa, 0x1, 0x7, 0x0, 0x5, 0x0, 0x9, 0x96, 0x9, 0x9, 0xfffff000, 0x30, 0xfffffff7, 0x2, 0x5, 0x1, 0xffff, 0xfa2, 0x7fff, 0xfffffff5, 0xffffffa3, 0x9, 0x9, 0x2, 0x9, 0x8000, 0x6, 0xb, 0x1, 0x1, 0x8, 0x758a6d98, 0x8, 0x3ff, 0x6, 0x2, 0xd3f8, 0x41, 0x3, 0x60000, 0x1, 0x5, 0x4, 0x6, 0x3, 0x8, 0x2, 0xfffff801]}) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) sendfile(r1, r0, 0x0, 0x3a) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0}}}}}, 0x0) 4.442328211s ago: executing program 3 (id=2097): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x682, 0x0) recvmmsg(r4, 0x0, 0x0, 0x2, 0x0) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'wg0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0) 4.237414513s ago: executing program 4 (id=2098): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x300}, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') write$UHID_DESTROY(0xffffffffffffffff, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./bus\x00', 0x400145042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r0, 0x0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r1, 0x9) r2 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r2, 0x28, 0x2, &(0x7f0000001680)=""/55, &(0x7f0000000000)=0x21) 4.210328711s ago: executing program 2 (id=2099): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 3.208747188s ago: executing program 0 (id=2100): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x2000}}) 3.003743906s ago: executing program 4 (id=2101): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = memfd_create(&(0x7f0000000140)=' h\xbae\xf4`\x94\xb2n\xea\x92\xd7\x9cl$\x81tF,g\xa6\xbe\xf1\x82\x8d{\xea\xa8\xa2`\x06k\t\xa16q\xb7\xd4\x96\x98\xb5\x9d\xb3\xf4\xad\xecN$\xe6\x0f\x8cV\xd6\x88\xdc\xc9\x90\x16*\x84=\xab\xb5\x99\x1d\x8d^\x99\xa3\xf9\xe8\xee\xf5\\\a\x00\x00\x00\x00\x00\x00\x00\x98/\xbd\xc1\xafg\xc4\v6\x1d5\xc0V\xae\xae\xbb\x13\xf9\xc6\x99\'\xe4D\x7f\x89\xab:8\" \x97\xf2\xb7\xe6W\xa5\xfb:\x8e)\f\xc9\xc6\xe6\xe9\xef\xacf\xa0\":\xdc\xbb\x14\xb0.\xef$p%\f\x95)Z\x06\xbf\xf6\xbd\x8d\xb0\xdb\x01x\x88\xb5\xa9\xf24\xd8\xd2\x17L\n\xb1&y$\x17\xfb\xe7\x9dKs\x15e \xa5D;', 0x0) pwritev(r1, 0x0, 0x0, 0x0, 0x0) 2.942425375s ago: executing program 0 (id=2102): pipe(0x0) syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000280)='./bus\x00', 0x10, &(0x7f0000000480)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00', @ANYRESOCT=0x0, @ANYRESOCT=0x0, @ANYRES16, @ANYRES32=0x0], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=") syz_mount_image$exfat(0x0, &(0x7f0000000400)='./file0\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000400)) mount$bind(0x0, 0x0, 0x0, 0x202000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000780)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000f40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 2.665242088s ago: executing program 4 (id=2103): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x3008498, &(0x7f0000000000), 0xfe, 0x561, &(0x7f0000000240)="$eJzs3d9rW1UcAPDvTdv91nUwhvNBCntwMpeurT8m+DAfRYcDfZ+huSujyTKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFBREiN73psjVpuy5b2+Xzgbudc+9Nzj0593t6Tk5CAhhYY9k/hYijEfFNEnGw49hw5AfHls9benBtOtuSaDY//TOJJN/XPj/J/9+fZ16JiF+/ijhRWHnKPe1EfWFxtlSppHN5frxRvTxeX1g8ebFamkln0kuTU1On356afO/dd/pW1zfO/f39J3c+PP31saXvfr536FYSZ+JAfqyzHk/hemdmLMYiiZGIGIkzj5040YfCtpNkqy+ATRnK4zy7S4/GwRjKox548X0ZEU1gQCXiHwZUexzQntv3aR68Y9z/YHkCtLr+w8vvjcSe1txo31LyyMwom++O9qH8rIxf/rh9K9uif+9DAKzr+o2IODU8vLr/S/L+b/NObeCcx8vQ/8Hzcycb/7zZbfxTWBn/RJfxz/4usbsZ68d/4V4fiukpG/+933X8u7JoNTqU515qjflGkgsXK2nWt70cEcdjZHeWX2s95/TS3WavY53jv2zLym+PBfPruDe8+9HHlEuN0tPUudP9GxGvdh3/Jivtn3Rp/+z1ONfjOf/pmFdkjqS3X+tV/vr1f7aaP0W83rX9H65oJWuvT4637ofx9l2x2l83j/zWq/ytrn/W/vvWrv9o0rleW3/yMn7c82/a69hm7/9dyWet9K5839VSozE3EbEr+Xj1/smHj23n2+dn9T9+bO3+r9v9vzciPt9g/W8evtnz1O3Q/uUnav8nT9z96IsfepW/sfZ/q5U6nu/ZSP+30Qt8mtcOAAAAAAAAtptCRByIpFBcSRcKxeLy5zsOx75CpVZvnLhQm79UjtZ3ZUdjpNBe6T7Y8XmIifzzsO385GP5qYg4FBHfDu1t5YvTtUp5qysPAAAAAAAAAAAAAAAAAAAA28T+Ht//z/w+tNVXBzxzfvIbBte68d/zl56S/5o9f9oI2An8/YfBJf5hcIl/GFziHwaX+IfBJf5hcIl/GFziHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq3Nmz2dZcenBtOsuXryzMz9aunCyn9dlidX66OF2bu1ycqdVmKmlxulZd7/kqtdrlicmYvzreSOuN8frC4vlqbf5S4/zFamkmPZ+OPJdaAQAAAAAAAAAAAAAAAAAAwM5SX1icLVUq6ZzEC5eI0edR1vA2qKlE/xNb3TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEP/BwAA//9Bdj7e") bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r5 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r5, 0x0, 0x4, &(0x7f0000000000)="89", 0x1) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030005000000000002004e21ac1e0001000000000000000003000600000000000200000000000000000000000000000008001200000002"], 0x80}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) 2.520455254s ago: executing program 0 (id=2104): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x64, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@sack={0x5, 0x2}]}}}}}}}, 0x0) 1.912296665s ago: executing program 2 (id=2105): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x5) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000004640)={0x0}}, 0x8000) sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0xae) munmap(&(0x7f0000ff2000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e02000/0x4000)=nil, 0x4000, 0x2) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x901) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_SPLICE={0x1e, 0x8, 0x0, @fd_index=0x7, 0x6, {0x0, r3}, 0x9, 0x9}) r4 = dup(r3) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58) r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000400)=ANY=[]) r7 = accept4(r5, 0x0, 0x0, 0x0) sendfile(r7, r4, 0x0, 0x8a000) 1.695170261s ago: executing program 0 (id=2106): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3c) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0xb, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x3}}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0xb2}}]}, 0x44}}, 0x0) 0s ago: executing program 4 (id=2107): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) signalfd(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x1]}, 0x8, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000f40)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r1}}) signalfd(r2, &(0x7f0000000080), 0x8) kernel console output (not intermixed with test programs): 0: port 1(bridge_slave_0) entered disabled state [ 1307.873303][T15398] bridge_slave_0: entered allmulticast mode [ 1307.884675][T15398] bridge_slave_0: entered promiscuous mode [ 1307.893623][T15398] bridge0: port 2(bridge_slave_1) entered blocking state [ 1307.900755][T15398] bridge0: port 2(bridge_slave_1) entered disabled state [ 1307.909424][T15398] bridge_slave_1: entered allmulticast mode [ 1307.916628][T15398] bridge_slave_1: entered promiscuous mode [ 1307.945147][T14235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1308.264099][T15515] loop3: detected capacity change from 0 to 512 [ 1308.324015][T15515] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 1309.349026][T15515] EXT4-fs (loop3): invalid journal inode [ 1309.355182][T15515] EXT4-fs (loop3): can't get journal size [ 1310.650777][T15398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1310.678622][T15398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1310.826525][T15515] EXT4-fs (loop3): 1 truncate cleaned up [ 1310.842282][ T5296] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1310.852977][T15515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1310.881600][T15398] team0: Port device team_slave_0 added [ 1310.961830][T15398] team0: Port device team_slave_1 added [ 1311.032482][ T5296] usb 3-1: Using ep0 maxpacket: 32 [ 1311.045147][ T5296] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 1311.082256][ T5296] usb 3-1: config 0 has no interface number 0 [ 1311.106808][ T5296] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 1311.122399][ T5296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1311.130452][ T5296] usb 3-1: Product: syz [ 1311.167786][T15398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1311.190331][ T5296] usb 3-1: Manufacturer: syz [ 1311.197788][ T5296] usb 3-1: SerialNumber: syz [ 1311.212414][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1311.258253][T14982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1311.260955][ T5296] usb 3-1: config 0 descriptor?? [ 1311.333490][ T5296] radio-si470x 3-1:0.35: could not find interrupt in endpoint [ 1311.342329][T15398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1311.353517][ T5296] radio-si470x 3-1:0.35: probe with driver radio-si470x failed with error -5 [ 1311.378356][T15398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1311.391910][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1311.483358][T15398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1311.554949][ T5296] radio-raremono 3-1:0.35: this is not Thanko's Raremono. [ 1311.570396][ T5296] usbhid 3-1:0.35: couldn't find an input interrupt endpoint [ 1311.582198][ T8] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 1311.710668][T15552] 9pnet_fd: Insufficient options for proto=fd [ 1311.729589][T15552] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 1311.745956][T15398] hsr_slave_0: entered promiscuous mode [ 1311.789310][T15398] hsr_slave_1: entered promiscuous mode [ 1311.814222][T15398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1311.842200][T15398] Cannot create hsr debugfs directory [ 1311.848373][ T8] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 1311.887107][ T8] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 1311.924638][ T8] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1311.950263][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1311.976696][ T8] usb 1-1: config 0 descriptor?? [ 1312.205871][T15564] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1813'. [ 1312.222962][T15564] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1813'. [ 1312.354535][T15564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1813'. [ 1313.792729][ T9] usb 5-1: new full-speed USB device number 42 using dummy_hcd [ 1313.956580][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1313.989179][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1314.029645][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 1314.082691][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1314.104517][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 1314.148888][ T9] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1314.202380][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1314.236752][ T9] usb 5-1: config 0 descriptor?? [ 1314.552542][ T8] usb 1-1: string descriptor 0 read error: -71 [ 1315.211633][ T8] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 1315.224927][ T8] usb 1-1: USB disconnect, device number 31 [ 1315.235486][ T9] ntrig 0003:1B96:000A.0009: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 1315.400440][ T5296] usb 3-1: USB disconnect, device number 36 [ 1315.484345][ T9] usb 5-1: USB disconnect, device number 42 [ 1315.951853][T15398] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1316.039820][T15398] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1316.144856][T15398] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1316.202924][T15398] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1316.412363][T15398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1316.430118][T15398] 8021q: adding VLAN 0 to HW filter on device team0 [ 1316.464297][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 1316.471474][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1316.531255][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 1316.538572][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1317.694607][T15637] loop4: detected capacity change from 0 to 512 [ 1317.791052][T15645] loop2: detected capacity change from 0 to 256 [ 1317.929506][T15637] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1318.109234][T15654] fuse: Bad value for 'fd' [ 1318.136675][T15637] EXT4-fs (loop4): 1 truncate cleaned up [ 1318.168288][T15637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1319.158197][T15398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1319.249509][T15664] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1839'. [ 1319.343920][T15398] veth0_vlan: entered promiscuous mode [ 1319.360201][T15398] veth1_vlan: entered promiscuous mode [ 1319.384686][T15398] veth0_macvtap: entered promiscuous mode [ 1319.394253][T15398] veth1_macvtap: entered promiscuous mode [ 1319.411499][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.422371][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.432449][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.442989][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.443899][T14235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1319.453256][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.472535][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.482517][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.493073][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.503002][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.514229][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.532343][T15398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1319.543138][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1319.553789][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.563924][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1319.574477][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.584431][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1319.600869][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.610911][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1319.622234][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.632879][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1319.643523][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1319.654818][T15398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1319.777139][T15398] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1319.786497][T15398] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1319.811785][T15398] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1319.841790][T15398] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.054563][T15685] loop3: detected capacity change from 0 to 128 [ 1323.157484][T15685] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1323.283459][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1323.291353][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1323.303000][T15685] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1323.524084][T15489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1323.542328][T15489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1323.898017][T15717] ptrace attach of "./syz-executor exec"[15718] was attempted by "./syz-executor exec"[15717] [ 1324.495569][T15720] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1851'. [ 1324.804640][T14982] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1324.979057][T15738] loop3: detected capacity change from 0 to 512 [ 1325.031626][T15738] EXT4-fs: Ignoring removed oldalloc option [ 1325.050072][T15737] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1325.086983][T15738] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b842e02d, mo2=0002] [ 1325.121040][T15738] System zones: 1-12 [ 1325.140704][T15738] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1855: invalid indirect mapped block 1 (level 1) [ 1325.168197][T15738] EXT4-fs (loop3): Remounting filesystem read-only [ 1325.198450][T15738] EXT4-fs (loop3): 1 truncate cleaned up [ 1325.207103][T15738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1325.247356][T15738] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.1855: error -117 reading directory block [ 1325.271301][T15738] EXT4-fs warning (device loop3): ext4_empty_dir:3090: inode #2: lblock 0: comm syz.3.1855: error -117 reading directory block [ 1325.355723][T14982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1325.433926][T15751] pim6reg1: entered promiscuous mode [ 1325.439379][T15751] pim6reg1: entered allmulticast mode [ 1327.040240][T10392] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 1328.052367][T10392] usb 5-1: Using ep0 maxpacket: 32 [ 1328.067216][T10392] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 1328.075764][T10392] usb 5-1: config 0 has no interface number 0 [ 1328.124009][T10392] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 1328.133769][T10392] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1328.162212][T10392] usb 5-1: Product: syz [ 1328.166487][T10392] usb 5-1: Manufacturer: syz [ 1328.171137][T10392] usb 5-1: SerialNumber: syz [ 1328.181774][T15792] 9pnet_fd: Insufficient options for proto=fd [ 1328.215417][T10392] usb 5-1: config 0 descriptor?? [ 1328.256539][T10392] radio-si470x 5-1:0.35: could not find interrupt in endpoint [ 1328.282459][T10392] radio-si470x 5-1:0.35: probe with driver radio-si470x failed with error -5 [ 1328.374999][T15797] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1328.431576][T10392] radio-raremono 5-1:0.35: this is not Thanko's Raremono. [ 1328.449573][T15799] overlayfs: conflicting lowerdir path [ 1328.542482][T10392] usbhid 5-1:0.35: couldn't find an input interrupt endpoint [ 1329.039867][T15777] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1862'. [ 1329.072255][T15777] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1862'. [ 1329.099920][T15777] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1862'. [ 1329.130055][T15777] bridge0: port 1(bridge_slave_0) entered disabled state [ 1329.204153][T15777] bridge_slave_0 (unregistering): left allmulticast mode [ 1329.211334][T15777] bridge0: port 1(bridge_slave_0) entered disabled state [ 1329.548255][ T6808] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1329.698732][ T6808] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1329.891846][T15841] loop0: detected capacity change from 0 to 512 [ 1329.896547][ T6808] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1329.923916][ T29] audit: type=1326 audit(1729024110.762:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15839 comm="syz.3.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecc617dff9 code=0x7ffc0000 [ 1329.990305][ T29] audit: type=1326 audit(1729024110.762:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15839 comm="syz.3.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecc617dff9 code=0x7ffc0000 [ 1330.013988][ T29] audit: type=1326 audit(1729024110.762:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15839 comm="syz.3.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fecc617dff9 code=0x7ffc0000 [ 1330.048624][ T29] audit: type=1326 audit(1729024110.762:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15839 comm="syz.3.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecc617dff9 code=0x7ffc0000 [ 1330.075596][T15841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1330.088468][T15841] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1330.099653][ T29] audit: type=1326 audit(1729024110.892:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15839 comm="syz.3.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecc617dff9 code=0x7ffc0000 [ 1330.227098][ T6808] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1330.492736][T15855] netlink: 'syz.0.1871': attribute type 3 has an invalid length. [ 1330.504079][T15855] netlink: 'syz.0.1871': attribute type 3 has an invalid length. [ 1331.336946][ T8] usb 5-1: USB disconnect, device number 43 [ 1331.652908][T12807] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1331.689804][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1331.732211][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1331.762254][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1331.790862][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1331.813178][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1331.829113][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1331.866774][ T8803] Bluetooth: hci0: connection err: -111 [ 1331.905629][T15874] 9pnet_fd: Insufficient options for proto=fd [ 1331.961945][ T6808] bridge_slave_1: left allmulticast mode [ 1331.976992][ T6808] bridge_slave_1: left promiscuous mode [ 1331.995403][ T6808] bridge0: port 2(bridge_slave_1) entered disabled state [ 1332.019085][ T6808] bridge_slave_0: left allmulticast mode [ 1332.027158][ T6808] bridge_slave_0: left promiscuous mode [ 1332.038458][ T6808] bridge0: port 1(bridge_slave_0) entered disabled state [ 1332.437117][T15878] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1332.845877][T15876] loop0: detected capacity change from 0 to 40427 [ 1332.863995][T15876] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 1332.870416][T15876] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1332.878930][T15876] F2FS-fs (loop0): Unrecognized mount option "lazytime" or missing value [ 1333.854720][T15891] loop2: detected capacity change from 0 to 2048 [ 1333.882243][ T8803] Bluetooth: hci0: command tx timeout [ 1334.088837][T15891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1334.162687][ T6808] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1334.306754][ T6808] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1334.423828][ T6808] bond0 (unregistering): Released all slaves [ 1335.220703][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1335.415193][T15907] pim6reg1: entered promiscuous mode [ 1335.420528][T15907] pim6reg1: entered allmulticast mode [ 1335.695259][ T6808] hsr_slave_0: left promiscuous mode [ 1335.731728][ T6808] hsr_slave_1: left promiscuous mode [ 1335.766312][ T6808] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1335.832288][ T6808] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1335.870615][ T6808] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1335.891679][ T6808] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1335.945290][ T29] audit: type=1326 audit(1729024116.782:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1335.969908][ T8803] Bluetooth: hci0: command tx timeout [ 1335.971310][ T6808] veth1_macvtap: left promiscuous mode [ 1335.982347][ T6808] veth0_macvtap: left promiscuous mode [ 1336.002380][ T6808] veth1_vlan: left promiscuous mode [ 1336.030983][ T6808] veth0_vlan: left promiscuous mode [ 1336.036485][ T29] audit: type=1326 audit(1729024116.782:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.138753][ T29] audit: type=1326 audit(1729024116.782:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.183080][ T29] audit: type=1326 audit(1729024116.782:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.229475][ T29] audit: type=1326 audit(1729024116.782:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.252251][ T29] audit: type=1326 audit(1729024116.782:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.274948][ T29] audit: type=1326 audit(1729024116.822:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15928 comm="syz.4.1890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.297736][ T29] audit: type=1326 audit(1729024117.052:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.4.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.320502][ T29] audit: type=1326 audit(1729024117.052:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.4.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.343712][ T29] audit: type=1326 audit(1729024117.052:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.4.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1336.815623][ T8] usb 5-1: new full-speed USB device number 44 using dummy_hcd [ 1336.886682][T15941] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 1337.845125][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1337.856613][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1337.872160][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 1337.892234][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1337.902006][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 1337.915676][ T8] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1337.930582][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1337.947698][ T8] usb 5-1: config 0 descriptor?? [ 1338.042198][ T8803] Bluetooth: hci0: command tx timeout [ 1338.391204][ T8] ntrig 0003:1B96:000A.000A: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 1338.730144][T14267] usb 5-1: USB disconnect, device number 44 [ 1338.902823][ T6808] team0 (unregistering): Port device team_slave_1 removed [ 1338.997490][ T6808] team0 (unregistering): Port device team_slave_0 removed [ 1339.590442][T15948] loop2: detected capacity change from 0 to 40427 [ 1339.605057][T15948] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1339.619607][T15948] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1339.688230][T15948] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1339.758847][T15948] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1339.767378][T15948] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1340.132213][ T8803] Bluetooth: hci0: command tx timeout [ 1340.515951][T15866] chnl_net:caif_netlink_parms(): no params data found [ 1340.805025][T15866] bridge0: port 1(bridge_slave_0) entered blocking state [ 1340.814449][T15866] bridge0: port 1(bridge_slave_0) entered disabled state [ 1340.821976][T15866] bridge_slave_0: entered allmulticast mode [ 1340.835767][T15866] bridge_slave_0: entered promiscuous mode [ 1340.865111][T15866] bridge0: port 2(bridge_slave_1) entered blocking state [ 1340.977057][T15866] bridge0: port 2(bridge_slave_1) entered disabled state [ 1341.074600][T15866] bridge_slave_1: entered allmulticast mode [ 1341.106521][T15866] bridge_slave_1: entered promiscuous mode [ 1341.543376][T15866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1341.595316][T15866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1341.849205][T15866] team0: Port device team_slave_0 added [ 1341.871940][T15866] team0: Port device team_slave_1 added [ 1342.102538][T14267] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 1342.195552][T15866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1342.203302][T15866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1342.229619][T15866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1342.244807][T15866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1342.251799][T15866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1342.277045][T15962] loop4: detected capacity change from 0 to 40427 [ 1342.280049][T15866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1342.288693][T15962] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 1342.317609][T15962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1342.329400][T15962] F2FS-fs (loop4): Unrecognized mount option "lazytime" or missing value [ 1342.362742][T15866] hsr_slave_0: entered promiscuous mode [ 1342.369347][T15866] hsr_slave_1: entered promiscuous mode [ 1342.377817][T15866] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1342.385620][T15866] Cannot create hsr debugfs directory [ 1342.725604][T14267] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1342.738670][T14267] usb 1-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00 [ 1342.748349][T14267] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1342.776025][T14267] usb 1-1: config 0 descriptor?? [ 1343.961000][T16013] loop3: detected capacity change from 0 to 512 [ 1347.222023][T14267] usb 1-1: string descriptor 0 read error: -71 [ 1347.320425][T14267] usbhid 1-1:0.0: can't add hid device: -71 [ 1347.355020][T14267] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 1347.870432][T15866] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1347.913561][T14267] usb 1-1: USB disconnect, device number 32 [ 1348.093581][T15866] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1348.196402][T15866] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1348.251481][T15866] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1348.350934][T15866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1348.369081][T15866] 8021q: adding VLAN 0 to HW filter on device team0 [ 1348.389695][ T6808] bridge0: port 1(bridge_slave_0) entered blocking state [ 1348.396941][ T6808] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1348.437390][ T6808] bridge0: port 2(bridge_slave_1) entered blocking state [ 1348.444647][ T6808] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1348.467175][T16035] loop4: detected capacity change from 0 to 40427 [ 1348.504485][T16035] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1348.552239][T16035] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1348.575705][T15866] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1348.608623][T16035] F2FS-fs (loop4): invalid crc value [ 1348.632206][T15866] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1348.763126][ T8803] Bluetooth: hci1: command 0x0406 tx timeout [ 1348.942163][T16035] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1349.222345][T16077] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1920'. [ 1349.339222][T16035] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1349.339365][T15866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1349.394982][T16035] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1349.405339][T15866] veth0_vlan: entered promiscuous mode [ 1349.423899][T15866] veth1_vlan: entered promiscuous mode [ 1349.458255][T15866] veth0_macvtap: entered promiscuous mode [ 1349.536416][T15866] veth1_macvtap: entered promiscuous mode [ 1349.584249][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 1349.584270][ T29] audit: type=1326 audit(1729024130.392:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.631919][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.654602][ T29] audit: type=1326 audit(1729024130.392:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.654651][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.687064][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.697685][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.700351][ T29] audit: type=1326 audit(1729024130.392:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.707558][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.707581][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.707600][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.707617][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.707635][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.707652][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.709231][T15866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1349.805407][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1349.816036][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.826316][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1349.837337][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.847299][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1349.857848][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.867799][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1349.879513][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.889591][T15866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1349.900127][T15866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.911568][T15866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1349.922168][ T29] audit: type=1326 audit(1729024130.392:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.945301][ T29] audit: type=1326 audit(1729024130.392:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.968804][ T29] audit: type=1326 audit(1729024130.392:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1349.991462][ T29] audit: type=1326 audit(1729024130.392:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1350.014039][ T29] audit: type=1326 audit(1729024130.392:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1350.037165][ T29] audit: type=1326 audit(1729024130.392:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1350.060693][ T29] audit: type=1326 audit(1729024130.392:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16086 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1350.098963][T15866] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1350.107976][T15866] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1350.116934][T15866] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1350.126162][T15866] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1350.228307][T16054] loop0: detected capacity change from 0 to 40427 [ 1350.263079][T16054] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 1350.269500][T16054] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1350.289851][T16054] F2FS-fs (loop0): Unrecognized mount option "lazytime" or missing value [ 1350.610061][T15203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1350.669469][T16106] loop3: detected capacity change from 0 to 512 [ 1350.677301][T15203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1350.980929][T16106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1351.097590][T16106] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1351.159004][T13392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1351.192139][T13392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1353.856837][T16123] netlink: 'syz.3.1925': attribute type 3 has an invalid length. [ 1353.865033][T16123] netlink: 'syz.3.1925': attribute type 3 has an invalid length. [ 1353.943572][T10393] bridge_slave_1: left allmulticast mode [ 1353.949291][T10393] bridge_slave_1: left promiscuous mode [ 1353.981114][T10393] bridge0: port 2(bridge_slave_1) entered disabled state [ 1354.037990][T14982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1354.059138][T10393] bridge_slave_0: left allmulticast mode [ 1354.071940][T10393] bridge_slave_0: left promiscuous mode [ 1354.081806][T10393] bridge0: port 1(bridge_slave_0) entered disabled state [ 1354.540702][T16153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1933'. [ 1357.577601][T16176] program syz.0.1935 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1357.959204][T10393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1358.000200][T10393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1358.043484][T10393] bond0 (unregistering): Released all slaves [ 1358.074688][T16148] batadv_slave_1: entered promiscuous mode [ 1358.080974][T16158] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1931'. [ 1358.090260][T16158] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1358.155500][T16158] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1358.354384][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 1358.354406][ T29] audit: type=1326 audit(1729024139.192:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.401233][ T29] audit: type=1326 audit(1729024139.202:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.449724][ T29] audit: type=1326 audit(1729024139.202:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.516732][ T29] audit: type=1326 audit(1729024139.202:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.597817][ T29] audit: type=1326 audit(1729024139.212:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.698502][ T29] audit: type=1326 audit(1729024139.212:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.752297][ T29] audit: type=1326 audit(1729024139.212:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.783614][T10338] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 1358.791956][ T29] audit: type=1326 audit(1729024139.212:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.859501][ T29] audit: type=1326 audit(1729024139.212:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.923109][ T29] audit: type=1326 audit(1729024139.212:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.2.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1358.953074][T10338] usb 3-1: Using ep0 maxpacket: 32 [ 1358.973268][T10338] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1358.994179][T10338] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1359.011536][T10338] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1359.020820][T10338] usb 3-1: Product: syz [ 1359.032496][T10338] usb 3-1: Manufacturer: syz [ 1359.038221][T10338] usb 3-1: SerialNumber: syz [ 1359.054897][T10393] hsr_slave_0: left promiscuous mode [ 1359.060856][T10393] hsr_slave_1: left promiscuous mode [ 1359.069039][T10338] usb 3-1: config 0 descriptor?? [ 1359.076501][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1359.085200][T10338] usb 3-1: bad CDC descriptors [ 1359.090290][T10338] usb 3-1: unsupported MDLM descriptors [ 1359.096151][T10393] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1359.106086][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1359.117054][T10393] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1359.146309][T10393] veth1_macvtap: left promiscuous mode [ 1359.151897][T10393] veth0_macvtap: left promiscuous mode [ 1359.157776][T10393] veth1_vlan: left promiscuous mode [ 1359.163357][T10393] veth0_vlan: left promiscuous mode [ 1359.318749][T14267] usb 3-1: USB disconnect, device number 37 [ 1359.911576][T10393] team0 (unregistering): Port device team_slave_1 removed [ 1360.089830][T10393] team0 (unregistering): Port device team_slave_0 removed [ 1360.119656][T16195] loop2: detected capacity change from 0 to 2048 [ 1360.173920][T16195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1360.437064][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1360.454210][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1360.455832][T16195] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1360.492496][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1360.507807][T16195] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 1360.523650][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1360.530852][T16195] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1360.530852][T16195] [ 1360.542432][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1360.550126][T16195] EXT4-fs (loop2): Total free blocks count 0 [ 1360.557318][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1360.564469][T16195] EXT4-fs (loop2): Free/Dirty block details [ 1360.642372][T16195] EXT4-fs (loop2): free_blocks=2415919104 [ 1360.662291][T16195] EXT4-fs (loop2): dirty_blocks=16 [ 1360.702404][T16195] EXT4-fs (loop2): Block reservation details [ 1360.712195][T16195] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 1360.753389][T16199] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 1360.974781][T16204] loop2: detected capacity change from 0 to 512 [ 1361.016817][T16204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1361.030047][T16204] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1361.134898][T16189] loop0: detected capacity change from 0 to 40427 [ 1361.193480][T16189] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 1361.203468][T16189] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1361.264830][T16189] F2FS-fs (loop0): Unrecognized mount option "lazytime" or missing value [ 1362.359109][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.365590][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.651787][ T8803] Bluetooth: hci0: command tx timeout [ 1363.321562][T16208] netlink: 'syz.2.1941': attribute type 3 has an invalid length. [ 1363.329979][T16208] netlink: 'syz.2.1941': attribute type 3 has an invalid length. [ 1363.481648][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1363.521606][T16219] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1944'. [ 1363.542154][T10338] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 1363.608007][T16222] loop0: detected capacity change from 0 to 512 [ 1363.653870][T16222] EXT4-fs (loop0): Invalid log block size: 33554433 [ 1363.687859][T16200] chnl_net:caif_netlink_parms(): no params data found [ 1363.893349][T10338] usb 4-1: Using ep0 maxpacket: 8 [ 1364.683262][ T54] Bluetooth: hci0: command tx timeout [ 1364.695652][T10338] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1364.704935][T10338] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1364.713244][T10338] usb 4-1: Product: syz [ 1364.717584][T10338] usb 4-1: Manufacturer: syz [ 1364.736880][T16227] bridge_slave_0: default FDB implementation only supports local addresses [ 1364.924990][T10338] usb 4-1: SerialNumber: syz [ 1365.112486][T16200] bridge0: port 1(bridge_slave_0) entered blocking state [ 1365.132267][T16200] bridge0: port 1(bridge_slave_0) entered disabled state [ 1365.143510][T16238] program syz.4.1947 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1365.172865][T16200] bridge_slave_0: entered allmulticast mode [ 1365.181158][T16200] bridge_slave_0: entered promiscuous mode [ 1365.197718][T10338] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 43 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 1365.224980][T16200] bridge0: port 2(bridge_slave_1) entered blocking state [ 1365.243745][T10338] usb 4-1: USB disconnect, device number 43 [ 1365.250997][T16200] bridge0: port 2(bridge_slave_1) entered disabled state [ 1365.266588][T16200] bridge_slave_1: entered allmulticast mode [ 1365.278859][T16200] bridge_slave_1: entered promiscuous mode [ 1365.287161][T10338] usblp0: removed [ 1366.347911][T10393] IPVS: stop unused estimator thread 0... [ 1366.361177][T16200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1366.380619][T16200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1366.459651][T16247] wg2: entered promiscuous mode [ 1366.470783][T16247] wg2: entered allmulticast mode [ 1366.569058][T16200] team0: Port device team_slave_0 added [ 1366.598456][T16200] team0: Port device team_slave_1 added [ 1366.621085][T16248] loop2: detected capacity change from 0 to 2048 [ 1366.686947][T16200] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1366.694165][T16200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1366.720966][T16200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1366.736154][T16200] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1366.743215][T16200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1366.771043][T16200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1366.780716][ T54] Bluetooth: hci0: command tx timeout [ 1366.808468][T16248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1366.831261][T16248] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1367.294156][T10393] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1368.100320][T16200] hsr_slave_0: entered promiscuous mode [ 1368.125831][T16200] hsr_slave_1: entered promiscuous mode [ 1368.144364][T16200] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1368.155851][T16200] Cannot create hsr debugfs directory [ 1368.172701][T12220] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /175/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 1368.418125][T10393] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1368.484634][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1368.667924][T16268] x_tables: duplicate underflow at hook 2 [ 1368.806483][T10393] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1368.840273][T16270] loop2: detected capacity change from 0 to 512 [ 1368.860708][ T54] Bluetooth: hci0: command tx timeout [ 1369.191221][T16270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1369.210361][T16270] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1369.310014][T10393] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1369.327014][T16264] loop0: detected capacity change from 0 to 40427 [ 1369.374490][T16264] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 1369.412304][T16264] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1369.455038][T16264] F2FS-fs (loop0): Unrecognized mount option "lazytime" or missing value [ 1370.710487][T16279] netlink: 'syz.2.1956': attribute type 3 has an invalid length. [ 1370.718742][T16279] netlink: 'syz.2.1956': attribute type 3 has an invalid length. [ 1370.992326][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1371.073790][T10393] bridge_slave_1: left allmulticast mode [ 1371.079736][T10393] bridge_slave_1: left promiscuous mode [ 1371.110833][T10393] bridge0: port 2(bridge_slave_1) entered disabled state [ 1371.488045][T10393] bridge_slave_0: left allmulticast mode [ 1371.488167][T10393] bridge_slave_0: left promiscuous mode [ 1371.490403][T10393] bridge0: port 1(bridge_slave_0) entered disabled state [ 1372.371538][T16289] tty tty21: ldisc open failed (-12), clearing slot 20 [ 1372.487182][T16298] loop0: detected capacity change from 0 to 128 [ 1372.587055][T10338] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 1372.764883][T10338] usb 4-1: Using ep0 maxpacket: 8 [ 1372.802538][T10338] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1372.811793][T10338] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1372.827567][T10338] usb 4-1: Product: syz [ 1372.831785][T10338] usb 4-1: Manufacturer: syz [ 1372.836569][T10338] usb 4-1: SerialNumber: syz [ 1373.898047][T10338] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 44 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 1373.917458][T10338] usb 4-1: USB disconnect, device number 44 [ 1373.932481][T10338] usblp0: removed [ 1373.954567][T16310] program syz.0.1968 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1374.255756][T10393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1374.276421][T10393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1374.287729][T10393] bond0 (unregistering): Released all slaves [ 1374.754799][T16320] loop3: detected capacity change from 0 to 512 [ 1374.920001][T16320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1374.964996][T16320] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1376.263364][T16338] netlink: 'syz.3.1971': attribute type 3 has an invalid length. [ 1376.271309][T16338] netlink: 'syz.3.1971': attribute type 3 has an invalid length. [ 1376.419983][T14982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1376.595406][T16345] loop4: detected capacity change from 0 to 128 [ 1376.605474][T10393] hsr_slave_0: left promiscuous mode [ 1377.407561][T16332] loop2: detected capacity change from 0 to 40427 [ 1377.504307][T16332] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 1377.514784][T16332] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1377.617379][T16332] F2FS-fs (loop2): Unrecognized mount option "lazytime" or missing value [ 1377.706984][T10393] hsr_slave_1: left promiscuous mode [ 1377.713365][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1377.720812][T10393] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1378.003080][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1378.010552][T10393] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1378.639910][T10393] veth1_macvtap: left promiscuous mode [ 1378.656466][T10393] veth0_macvtap: left promiscuous mode [ 1378.681879][T10393] veth1_vlan: left promiscuous mode [ 1378.691963][T10393] veth0_vlan: left promiscuous mode [ 1380.064377][T16372] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1982'. [ 1380.180740][T16374] loop4: detected capacity change from 0 to 128 [ 1380.237764][T16360] loop2: detected capacity change from 0 to 40427 [ 1380.406188][T16360] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1380.458877][T16360] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1380.499382][T16360] F2FS-fs (loop2): invalid crc value [ 1380.541228][T16360] F2FS-fs (loop2): invalid crc_offset: 33558524 [ 1380.565722][T16360] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 1381.693005][T10393] team0 (unregistering): Port device team_slave_1 removed [ 1381.806806][T10393] team0 (unregistering): Port device team_slave_0 removed [ 1381.978625][T16360] loop2: detected capacity change from 0 to 40427 [ 1382.002111][T16360] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1382.030267][T16360] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1382.072651][T16360] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4) [ 1382.838567][T16200] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1382.857536][T16200] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1382.879552][T16200] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1382.908095][T16200] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1383.041525][T16389] loop3: detected capacity change from 0 to 128 [ 1383.170823][T16391] loop0: detected capacity change from 0 to 512 [ 1383.212367][T16391] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent [ 1384.010242][T16200] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1384.177180][T16200] 8021q: adding VLAN 0 to HW filter on device team0 [ 1384.314571][ T5537] bridge0: port 1(bridge_slave_0) entered blocking state [ 1384.321772][ T5537] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1384.473847][ T5537] bridge0: port 2(bridge_slave_1) entered blocking state [ 1384.481041][ T5537] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1384.546725][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1990'. [ 1384.609303][T16409] loop2: detected capacity change from 0 to 512 [ 1384.651148][T16409] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1384.729046][T16409] EXT4-fs error (device loop2): __ext4_fill_super:5458: inode #2: comm syz.2.1990: casefold flag without casefold feature [ 1384.750738][T16409] EXT4-fs (loop2): get root inode failed [ 1384.756699][T16409] EXT4-fs (loop2): mount failed [ 1385.270953][T16200] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1385.316680][T16200] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1386.861629][T16200] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1386.870635][T16431] loop0: detected capacity change from 0 to 1024 [ 1386.921022][T16431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1387.067632][T16200] veth0_vlan: entered promiscuous mode [ 1387.225650][T16200] veth1_vlan: entered promiscuous mode [ 1387.338020][T16200] veth0_macvtap: entered promiscuous mode [ 1387.406998][T16200] veth1_macvtap: entered promiscuous mode [ 1387.771056][T16443] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1996: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 1388.242615][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1388.253448][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.263558][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1388.274327][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.284259][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1388.295038][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.342175][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1388.344472][T16450] loop3: detected capacity change from 0 to 128 [ 1388.376390][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.414697][T16200] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1388.440639][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1388.457431][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.468736][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1388.485706][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.498464][T16200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1388.640303][T16200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1388.661461][T16200] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1388.722326][T16200] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1389.261474][T16200] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1389.300115][T16200] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1389.320242][T16200] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1389.513322][T12807] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 1389.530680][T12807] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 1389.817070][T16458] loop2: detected capacity change from 0 to 256 [ 1389.824706][T16448] loop4: detected capacity change from 0 to 40427 [ 1389.844425][T16448] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 1389.851098][T16448] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1389.862535][T16448] F2FS-fs (loop4): Unrecognized mount option "lazytime" or missing value [ 1390.214896][ T54] Bluetooth: hci5: command 0x0406 tx timeout [ 1390.473125][T16458] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xadbf5ead, utbl_chksum : 0xe619d30d) [ 1390.691735][T16463] loop3: detected capacity change from 0 to 256 [ 1390.839547][T16463] loop3: detected capacity change from 0 to 256 [ 1390.883496][T16463] exfat: Deprecated parameter 'utf8' [ 1390.888913][T16463] exfat: Deprecated parameter 'namecase' [ 1390.895301][T16463] exfat: Deprecated parameter 'namecase' [ 1390.901010][T16463] exfat: Deprecated parameter 'utf8' [ 1391.647401][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1391.663447][T12807] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1391.699563][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1391.825366][T16463] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x822ffc2e, utbl_chksum : 0xe619d30d) [ 1391.850454][ T5537] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1391.881663][ T5537] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1392.269335][T16469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2008'. [ 1392.428359][T16469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2008'. [ 1393.774128][T16479] loop2: detected capacity change from 0 to 512 [ 1393.901165][T16486] wg2: entered promiscuous mode [ 1393.906239][T16486] wg2: entered allmulticast mode [ 1393.940437][T16479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1393.984625][ T8803] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1393.995771][T16479] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1394.006887][ T8803] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1394.015938][ T8803] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1394.030030][ T8803] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1394.045866][ T8803] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1394.090922][ T8803] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1394.426191][T10393] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1395.382738][T16489] syz.3.2012[16489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1395.382858][T16489] syz.3.2012[16489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1395.492363][T16493] netlink: 'syz.2.2010': attribute type 3 has an invalid length. [ 1395.512599][T16493] netlink: 'syz.2.2010': attribute type 3 has an invalid length. [ 1395.642409][T16489] syz.3.2012[16489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1396.278344][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1396.289993][ T54] Bluetooth: hci0: command tx timeout [ 1396.372746][T10393] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1397.228460][ T8803] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1397.248328][ T8803] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1397.259712][ T8803] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1397.268219][ T8803] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1397.277367][ T8803] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1397.285198][ T8803] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1397.496590][T10393] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1397.702903][T10393] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1397.751720][T16485] chnl_net:caif_netlink_parms(): no params data found [ 1398.048467][T16485] bridge0: port 1(bridge_slave_0) entered blocking state [ 1398.085608][T16485] bridge0: port 1(bridge_slave_0) entered disabled state [ 1398.119712][T16485] bridge_slave_0: entered allmulticast mode [ 1398.133471][T16485] bridge_slave_0: entered promiscuous mode [ 1398.203800][T16485] bridge0: port 2(bridge_slave_1) entered blocking state [ 1398.221260][T16485] bridge0: port 2(bridge_slave_1) entered disabled state [ 1398.231489][T16485] bridge_slave_1: entered allmulticast mode [ 1398.245820][T16485] bridge_slave_1: entered promiscuous mode [ 1398.331442][T16485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1398.386108][T16485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1398.422721][T10393] bridge_slave_1: left allmulticast mode [ 1398.434519][T10393] bridge_slave_1: left promiscuous mode [ 1398.444139][ T54] Bluetooth: hci0: command tx timeout [ 1398.463787][T10393] bridge0: port 2(bridge_slave_1) entered disabled state [ 1398.480030][T10393] bridge_slave_0: left allmulticast mode [ 1398.489015][T10393] bridge_slave_0: left promiscuous mode [ 1398.499223][T10393] bridge0: port 1(bridge_slave_0) entered disabled state [ 1399.335787][ T54] Bluetooth: hci2: command tx timeout [ 1400.179730][T10393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1400.192387][T10393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1400.205935][T10393] bond0 (unregistering): Released all slaves [ 1400.345493][T16485] team0: Port device team_slave_0 added [ 1400.422920][T16485] team0: Port device team_slave_1 added [ 1400.539265][ T54] Bluetooth: hci0: command tx timeout [ 1400.840493][T16485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1401.156789][T16485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1401.609374][T16485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1401.633004][ T54] Bluetooth: hci2: command tx timeout [ 1401.654770][T16485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1401.685619][T16485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1401.723846][T16485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1401.771426][T16552] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 1401.871253][T16557] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1402.113567][T16506] chnl_net:caif_netlink_parms(): no params data found [ 1402.402913][T10393] hsr_slave_0: left promiscuous mode [ 1402.412916][T10393] hsr_slave_1: left promiscuous mode [ 1402.432428][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1402.452277][T10393] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1402.490793][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1402.513051][T10393] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1402.549381][T10393] veth1_macvtap: left promiscuous mode [ 1402.631683][ T54] Bluetooth: hci0: command tx timeout [ 1402.685624][T10393] veth0_macvtap: left promiscuous mode [ 1402.719468][T10393] veth1_vlan: left promiscuous mode [ 1402.758505][T10393] veth0_vlan: left promiscuous mode [ 1403.642471][ T54] Bluetooth: hci2: command tx timeout [ 1404.793012][T10393] team0 (unregistering): Port device team_slave_1 removed [ 1404.899141][T16594] loop4: detected capacity change from 0 to 128 [ 1405.105002][T10393] team0 (unregistering): Port device team_slave_0 removed [ 1405.792573][ T54] Bluetooth: hci2: command tx timeout [ 1406.704242][ T29] kauditd_printk_skb: 65 callbacks suppressed [ 1406.704290][ T29] audit: type=1326 audit(1729024187.512:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.2.2038" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x0 [ 1407.600298][T16615] loop2: detected capacity change from 0 to 512 [ 1407.731394][ T9] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 1407.745810][T16615] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1407.759191][T16615] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1407.783779][T16615] EXT4-fs error (device loop2): ext4_search_dir:1505: inode #2: block 3: comm syz.2.2042: bad entry in directory: directory entry overrun - offset=16444, inode=113, rec_len=26368, size=2048 fake=0 [ 1407.894230][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1407.905630][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1407.925124][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1407.940287][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1407.984410][ T9] usb 5-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 1408.022279][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1408.041810][ T9] usb 5-1: config 0 descriptor?? [ 1408.139998][T16485] hsr_slave_0: entered promiscuous mode [ 1408.356719][T16485] hsr_slave_1: entered promiscuous mode [ 1408.573360][T16485] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1408.586605][T16485] Cannot create hsr debugfs directory [ 1408.879470][ T9] usbhid 5-1:0.0: can't add hid device: -71 [ 1408.887511][ T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1408.935346][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1408.942712][ T9] usb 5-1: USB disconnect, device number 45 [ 1409.597789][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1409.841771][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.105580][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.172382][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.179859][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.202177][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.211954][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.232117][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.239923][T16485] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1410.273878][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.281376][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.283965][T16506] bridge0: port 1(bridge_slave_0) entered blocking state [ 1410.295954][T16506] bridge0: port 1(bridge_slave_0) entered disabled state [ 1410.303360][T16506] bridge_slave_0: entered allmulticast mode [ 1410.305647][ T8803] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1410.310565][T16506] bridge_slave_0: entered promiscuous mode [ 1410.323730][ T8803] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1410.325413][T16506] bridge0: port 2(bridge_slave_1) entered blocking state [ 1410.334657][ T8803] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1410.338722][T16506] bridge0: port 2(bridge_slave_1) entered disabled state [ 1410.349758][ T8803] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1410.353268][T16506] bridge_slave_1: entered allmulticast mode [ 1410.360730][ T8803] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1410.367140][T16506] bridge_slave_1: entered promiscuous mode [ 1410.377391][ T8803] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1410.389497][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.397919][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.423777][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.431308][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.438992][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.447713][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.455323][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.462806][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.470533][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.478940][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.488948][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.496635][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.504586][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.512227][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.519978][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.527553][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.535236][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.544572][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.552270][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.559718][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.567537][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.575815][T14267] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1410.635207][T14267] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 1410.656510][T16506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1410.803260][T16485] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1410.911132][T16506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1411.264217][T16485] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1411.974826][T16506] team0: Port device team_slave_0 added [ 1412.149567][T16485] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1412.184016][T16506] team0: Port device team_slave_1 added [ 1412.274986][T16506] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1412.311040][T16506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1412.354103][T16506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1412.452319][ T8803] Bluetooth: hci3: command tx timeout [ 1412.476691][T16506] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1412.492124][T16506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1412.519627][T16506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1413.614095][T10393] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.776276][T16506] hsr_slave_0: entered promiscuous mode [ 1413.789979][T16506] hsr_slave_1: entered promiscuous mode [ 1413.814880][T16506] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1413.832761][T16506] Cannot create hsr debugfs directory [ 1414.098564][T10393] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1414.308190][T10393] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1414.514455][T10393] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1414.525328][ T54] Bluetooth: hci3: command tx timeout [ 1414.551995][T16485] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1414.577443][T16639] chnl_net:caif_netlink_parms(): no params data found [ 1414.652704][T16485] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1414.658535][T16695] loop2: detected capacity change from 0 to 512 [ 1414.686531][T16695] EXT4-fs error (device loop2): __ext4_iget:4952: inode #11: block 16: comm syz.2.2056: invalid block [ 1414.695275][T16485] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1414.708355][T16695] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2056: couldn't read orphan inode 11 (err -117) [ 1414.728499][T16695] EXT4-fs (loop2): 1 truncate cleaned up [ 1414.735459][T16695] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1414.867137][T16485] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1415.173906][ T8803] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1415.290171][T10393] bridge_slave_1: left allmulticast mode [ 1415.297466][T10393] bridge_slave_1: left promiscuous mode [ 1415.305792][T10393] bridge0: port 2(bridge_slave_1) entered disabled state [ 1415.342535][T10393] bridge_slave_0: left allmulticast mode [ 1415.349739][T10393] bridge_slave_0: left promiscuous mode [ 1415.365745][T10393] bridge0: port 1(bridge_slave_0) entered disabled state [ 1415.402465][T16697] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 16: invalid block bitmap [ 1416.278382][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1416.602918][ T8803] Bluetooth: hci3: command tx timeout [ 1417.585537][T10393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1417.623526][T10393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1417.701885][T10393] bond0 (unregistering): Released all slaves [ 1417.736777][ T29] audit: type=1326 audit(1729024198.572:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1417.802428][ T29] audit: type=1326 audit(1729024198.612:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1417.858844][ T29] audit: type=1326 audit(1729024198.612:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1417.885749][T16639] bridge0: port 1(bridge_slave_0) entered blocking state [ 1417.897263][T16639] bridge0: port 1(bridge_slave_0) entered disabled state [ 1417.901479][T16718] loop2: detected capacity change from 0 to 512 [ 1417.905088][T16639] bridge_slave_0: entered allmulticast mode [ 1417.936524][ T29] audit: type=1326 audit(1729024198.612:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1417.961346][T16639] bridge_slave_0: entered promiscuous mode [ 1417.974822][T16718] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1417.986584][T16718] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 1417.996865][T16718] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.2062: Corrupt directory, running e2fsck is recommended [ 1418.036425][T16718] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 1418.048204][T16718] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.2062: corrupted in-inode xattr: invalid ea_ino [ 1418.062595][T16718] EXT4-fs (loop2): Remounting filesystem read-only [ 1418.070190][T16718] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1418.094344][T16639] bridge0: port 2(bridge_slave_1) entered blocking state [ 1418.101572][ T29] audit: type=1326 audit(1729024198.612:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.101601][T16639] bridge0: port 2(bridge_slave_1) entered disabled state [ 1418.132400][T16639] bridge_slave_1: entered allmulticast mode [ 1418.132942][T10392] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 1418.139581][T16639] bridge_slave_1: entered promiscuous mode [ 1418.166019][ T29] audit: type=1326 audit(1729024198.612:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.189311][ T29] audit: type=1326 audit(1729024198.612:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.211798][T12220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1418.219870][ T29] audit: type=1326 audit(1729024198.612:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.247876][ T29] audit: type=1326 audit(1729024198.612:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.312515][T10392] usb 5-1: Using ep0 maxpacket: 32 [ 1418.328200][ T29] audit: type=1326 audit(1729024198.612:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1418.337082][T10392] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1418.387252][T10392] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1418.406647][T10392] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1418.418946][T10392] usb 5-1: Product: syz [ 1418.438357][T10392] usb 5-1: Manufacturer: syz [ 1418.444444][T10392] usb 5-1: SerialNumber: syz [ 1418.450818][T16639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1418.454729][T10392] usb 5-1: config 0 descriptor?? [ 1418.484805][T16639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1418.522286][T10392] usb 5-1: bad CDC descriptors [ 1418.538051][T10392] usb 5-1: unsupported MDLM descriptors [ 1418.617601][T16726] program syz.2.2063 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1418.692305][ T8803] Bluetooth: hci3: command tx timeout [ 1418.755451][T16639] team0: Port device team_slave_0 added [ 1418.778885][ T47] usb 5-1: USB disconnect, device number 46 [ 1418.863899][T10393] hsr_slave_0: left promiscuous mode [ 1418.886196][T10393] hsr_slave_1: left promiscuous mode [ 1418.908939][T10393] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1418.930509][T10393] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1419.028611][T10393] veth1_macvtap: left promiscuous mode [ 1419.062138][T10393] veth0_macvtap: left promiscuous mode [ 1419.078423][T10393] veth1_vlan: left promiscuous mode [ 1419.084197][T10393] veth0_vlan: left promiscuous mode [ 1422.564343][T16761] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2067'. [ 1422.893523][T10393] team0 (unregistering): Port device team_slave_1 removed [ 1423.023655][T10393] team0 (unregistering): Port device team_slave_0 removed [ 1423.416126][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.425055][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.869466][T16639] team0: Port device team_slave_1 added [ 1424.017462][T16766] loop2: detected capacity change from 0 to 512 [ 1424.055872][T16766] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent [ 1424.101386][T16485] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1424.143711][T16485] 8021q: adding VLAN 0 to HW filter on device team0 [ 1424.192695][T16639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1424.209889][T16639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1424.316171][T16639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1424.640561][T16506] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1424.857439][T16506] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1424.939910][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 1424.947168][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1424.983216][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 1424.990734][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1425.114900][T16639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1425.136510][T16639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1425.212476][T16639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1425.228034][T16506] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1425.246579][T16506] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1425.390808][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 1425.390829][ T29] audit: type=1326 audit(1729024206.222:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.473269][ T29] audit: type=1326 audit(1729024206.262:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.559641][T16639] hsr_slave_0: entered promiscuous mode [ 1425.573462][ T29] audit: type=1326 audit(1729024206.262:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.620131][T16639] hsr_slave_1: entered promiscuous mode [ 1425.633281][T16639] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1425.637292][ T29] audit: type=1326 audit(1729024206.262:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.640901][T16639] Cannot create hsr debugfs directory [ 1425.724396][ T29] audit: type=1326 audit(1729024206.262:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.762345][ T8] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 1425.780398][ T29] audit: type=1326 audit(1729024206.262:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.870444][ T29] audit: type=1326 audit(1729024206.262:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1425.939522][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 1425.954013][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1425.975250][ T29] audit: type=1326 audit(1729024206.262:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1426.025503][ T8] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1426.040341][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1426.047757][T16506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1426.062584][ T8] usb 5-1: Product: syz [ 1426.079441][ T29] audit: type=1326 audit(1729024206.262:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1426.100917][T16506] 8021q: adding VLAN 0 to HW filter on device team0 [ 1426.112145][ T8] usb 5-1: Manufacturer: syz [ 1426.130445][ T8] usb 5-1: SerialNumber: syz [ 1426.166206][ T8] usb 5-1: config 0 descriptor?? [ 1426.180352][T16766] loop2: detected capacity change from 0 to 40427 [ 1426.198549][ T8] usb 5-1: bad CDC descriptors [ 1426.198744][ T29] audit: type=1326 audit(1729024206.262:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16776 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c8f57dff9 code=0x7ffc0000 [ 1426.212604][ T8] usb 5-1: unsupported MDLM descriptors [ 1426.261638][T16766] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 1426.280614][T16766] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1426.308248][T16766] F2FS-fs (loop2): Unrecognized mount option "lazytime" or missing value [ 1426.420972][ T8] usb 5-1: USB disconnect, device number 47 [ 1426.435651][T15203] bridge0: port 1(bridge_slave_0) entered blocking state [ 1426.442949][T15203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1426.476194][T15203] bridge0: port 2(bridge_slave_1) entered blocking state [ 1426.483430][T15203] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1426.551537][T16485] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1426.640661][T16506] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1426.651538][T16506] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1426.897292][T16485] veth0_vlan: entered promiscuous mode [ 1427.098319][T16485] veth1_vlan: entered promiscuous mode [ 1427.126462][T16639] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1427.137718][T16639] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1427.155617][T16639] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1427.318782][T16639] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1427.420817][T16506] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1428.390744][T16506] veth0_vlan: entered promiscuous mode [ 1428.400977][T16506] veth1_vlan: entered promiscuous mode [ 1428.554068][T16485] veth0_macvtap: entered promiscuous mode [ 1428.594832][T16485] veth1_macvtap: entered promiscuous mode [ 1428.641933][T16506] veth0_macvtap: entered promiscuous mode [ 1428.716347][T16506] veth1_macvtap: entered promiscuous mode [ 1428.760080][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1428.786848][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1428.804623][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1428.816347][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1428.827103][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1428.838026][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1428.850586][T16485] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1428.902407][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1428.935373][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1428.964613][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1428.986868][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.007281][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1429.029092][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.049439][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1429.070759][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.100004][T16506] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1429.164282][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.202183][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.218813][T16820] program syz.4.2075 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1429.232583][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.262752][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.282372][T16485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.293019][T16485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.304339][T16485] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1429.316650][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.327388][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.337655][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.348419][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.358686][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.369499][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.379802][T16506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1429.390625][T16506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1429.401958][T16506] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1429.413593][T16506] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.422557][T16506] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.431427][T16506] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.440317][T16506] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.500042][T16639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1429.546882][T16485] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.556687][T16485] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.568692][T16485] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.578703][T16485] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.684045][T16639] 8021q: adding VLAN 0 to HW filter on device team0 [ 1429.738770][T15203] bridge0: port 1(bridge_slave_0) entered blocking state [ 1429.746068][T15203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1429.854250][T14033] bridge0: port 2(bridge_slave_1) entered blocking state [ 1429.861406][T14033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1430.033893][T10393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1430.046070][T10393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1430.078858][T15203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1430.113291][T15203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1430.287234][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1430.316671][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1430.325332][ T6808] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1430.363245][ T6808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1430.387421][T16840] loop2: detected capacity change from 0 to 512 [ 1431.319158][T16846] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 1432.037442][T16855] loop0: detected capacity change from 0 to 128 [ 1433.409023][ T29] kauditd_printk_skb: 67 callbacks suppressed [ 1433.409045][ T29] audit: type=1326 audit(1729024214.232:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.438168][ T29] audit: type=1326 audit(1729024214.232:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.460760][ T29] audit: type=1326 audit(1729024214.242:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.483997][ T29] audit: type=1326 audit(1729024214.242:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.507211][ T29] audit: type=1326 audit(1729024214.242:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.529809][ T29] audit: type=1326 audit(1729024214.242:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.552303][ T29] audit: type=1326 audit(1729024214.242:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.574923][ T29] audit: type=1326 audit(1729024214.242:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.597754][ T29] audit: type=1326 audit(1729024214.242:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.620559][ T29] audit: type=1326 audit(1729024214.242:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16866 comm="syz.0.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2cb7dff9 code=0x7ffc0000 [ 1433.723722][T16639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1433.765729][T16639] veth0_vlan: entered promiscuous mode [ 1433.778959][T16639] veth1_vlan: entered promiscuous mode [ 1433.785015][T16870] loop4: detected capacity change from 0 to 512 [ 1433.823803][T16639] veth0_macvtap: entered promiscuous mode [ 1433.833425][T16639] veth1_macvtap: entered promiscuous mode [ 1433.847055][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1433.862203][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1433.872187][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1433.882806][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1433.893735][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1433.905002][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1433.915762][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1433.926484][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1433.936515][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1433.947034][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1433.958699][T16639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1434.013909][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1434.029230][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.042786][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1434.052293][T10338] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 1434.068224][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.088759][T16870] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1434.113824][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1434.136550][T16870] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1434.154319][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.177125][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1434.382094][T10338] usb 1-1: Using ep0 maxpacket: 32 [ 1434.647525][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.906408][T16639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1434.919402][T10338] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1434.940920][T16639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1434.964610][T10338] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1434.984378][T10338] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1434.994704][T16639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1435.032092][T10338] usb 1-1: Product: syz [ 1435.036345][T10338] usb 1-1: Manufacturer: syz [ 1435.071570][T10338] usb 1-1: SerialNumber: syz [ 1435.077558][T16881] netlink: 'syz.4.2082': attribute type 3 has an invalid length. [ 1435.086288][T16881] netlink: 'syz.4.2082': attribute type 3 has an invalid length. [ 1435.092914][T10338] usb 1-1: config 0 descriptor?? [ 1435.131410][T16639] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.142753][T16639] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.159760][T10338] usb 1-1: bad CDC descriptors [ 1435.190439][T10338] usb 1-1: unsupported MDLM descriptors [ 1435.202251][T16639] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.211059][T16639] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.263288][T14235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1435.355184][T10338] usb 1-1: USB disconnect, device number 33 [ 1435.495926][ T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1435.661513][ T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1435.701324][T14033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1435.720618][T14033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1435.792948][ T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1435.829578][T14033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1435.853812][T14033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1435.898887][ T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1436.101706][ T55] bridge_slave_1: left allmulticast mode [ 1436.124842][ T55] bridge_slave_1: left promiscuous mode [ 1436.131449][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 1436.148112][ T55] bridge_slave_0: left allmulticast mode [ 1436.154307][ T55] bridge_slave_0: left promiscuous mode [ 1436.160019][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 1436.988501][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1437.001430][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1437.013385][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1437.562103][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1437.912645][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1437.923028][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1438.594382][T16934] loop4: detected capacity change from 0 to 128 [ 1439.664626][T16936] program syz.3.2089 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1440.050967][ T8803] Bluetooth: hci2: command tx timeout [ 1440.066819][ T29] kauditd_printk_skb: 60 callbacks suppressed [ 1440.066840][ T29] audit: type=1326 audit(1729024220.902:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.152338][ T29] audit: type=1326 audit(1729024220.902:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.175136][ T29] audit: type=1326 audit(1729024220.902:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.249755][ T29] audit: type=1326 audit(1729024220.902:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.354451][ T29] audit: type=1326 audit(1729024220.902:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.432125][ T29] audit: type=1326 audit(1729024220.902:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.482201][T10420] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1440.510575][ T29] audit: type=1326 audit(1729024220.902:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.590678][ T29] audit: type=1326 audit(1729024220.902:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.662080][T10420] usb 3-1: Using ep0 maxpacket: 32 [ 1440.673925][T10420] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1440.732304][ T29] audit: type=1326 audit(1729024220.902:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.780614][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1440.801192][T10420] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1440.813442][T10420] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1440.821511][T10420] usb 3-1: Product: syz [ 1440.836002][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1440.844994][ T29] audit: type=1326 audit(1729024220.902:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.2.2092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f985b57dff9 code=0x7ffc0000 [ 1440.878272][ T55] bond0 (unregistering): Released all slaves [ 1440.902105][T10420] usb 3-1: Manufacturer: syz [ 1440.906863][T10420] usb 3-1: SerialNumber: syz [ 1440.948201][T10420] usb 3-1: config 0 descriptor?? [ 1440.964064][T10420] usb 3-1: bad CDC descriptors [ 1440.976610][T10420] usb 3-1: unsupported MDLM descriptors [ 1441.223870][ T5296] usb 3-1: USB disconnect, device number 38 [ 1441.273316][T16948] loop0: detected capacity change from 0 to 512 [ 1441.397645][T16948] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2093: bg 0: block 5: invalid block bitmap [ 1441.568733][T16948] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 1441.607747][T16948] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2093: invalid indirect mapped block 3 (level 2) [ 1441.698125][T16948] EXT4-fs (loop0): 1 orphan inode deleted [ 1441.719559][T16948] EXT4-fs (loop0): 1 truncate cleaned up [ 1441.771595][T16948] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1441.845427][T16948] EXT4-fs warning (device loop0): ext4_resize_begin:72: won't resize using backup superblock at 1 [ 1441.889961][T16956] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 1441.904026][T16956] syzkaller0: linktype set to 784 [ 1441.989506][T16485] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1442.134120][ T8803] Bluetooth: hci2: command tx timeout [ 1442.464126][T16975] loop4: detected capacity change from 0 to 2048 [ 1442.860887][ T55] hsr_slave_0: left promiscuous mode [ 1442.921548][ T55] hsr_slave_1: left promiscuous mode [ 1442.933286][T16975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1443.152538][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1443.182398][T16975] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1443.211183][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1443.283901][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1443.291397][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1443.399302][ T55] veth1_macvtap: left promiscuous mode [ 1443.421644][ T55] veth0_macvtap: left promiscuous mode [ 1443.450862][ T55] veth1_vlan: left promiscuous mode [ 1443.467053][ T55] veth0_vlan: left promiscuous mode [ 1443.517415][T14235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1443.624834][T16986] loop0: detected capacity change from 0 to 128 [ 1443.960826][T16991] loop4: detected capacity change from 0 to 1024 [ 1444.030698][T16991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0008-0000-000000000000 r/w without journal. Quota mode: none. [ 1444.586088][ T8803] Bluetooth: hci2: command tx timeout [ 1446.602246][ T8803] Bluetooth: hci2: command tx timeout [ 1446.695108][T14235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0008-0000-000000000000. [ 1457.861478][T10392] sched: DL replenish lagged too much [ 1461.005755][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1461.024180][ T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1461.034981][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1461.142454][T13309] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1461.150713][T13309] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1461.163781][T13309] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1461.171119][T13309] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1461.182751][T13309] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1461.189954][T13309] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1461.203191][ T8803] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1461.261768][T17018] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1461.269437][T17018] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1461.369995][ T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1461.446133][T17019] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1461.460199][T17019] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1461.487686][T17019] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1461.508139][T17019] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1461.517776][T17019] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1461.527364][T17019] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1461.535791][T17019] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1461.545641][T17019] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1461.567726][T17019] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1461.646462][T17019] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1461.659025][T17019] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1462.101372][ T55] team0 (unregistering): Port device team_slave_1 removed [ 1462.269418][ T55] team0 (unregistering): Port device team_slave_0 removed [ 1463.242159][T17019] Bluetooth: hci4: command tx timeout [ 1463.323581][T17019] Bluetooth: hci5: command tx timeout [ 1463.662261][T17019] Bluetooth: hci7: command tx timeout [ 1463.722962][T17019] Bluetooth: hci6: command tx timeout [ 1465.322313][T17019] Bluetooth: hci4: command tx timeout [ 1465.402142][T17019] Bluetooth: hci5: command tx timeout [ 1465.733842][T17019] Bluetooth: hci7: command tx timeout [ 1465.802373][T17019] Bluetooth: hci6: command tx timeout [ 1467.402251][T17019] Bluetooth: hci4: command tx timeout [ 1467.482247][T17019] Bluetooth: hci5: command tx timeout [ 1467.802137][T17019] Bluetooth: hci7: command tx timeout [ 1467.882401][T17019] Bluetooth: hci6: command tx timeout [ 1469.492993][T17019] Bluetooth: hci4: command tx timeout [ 1469.569239][T17019] Bluetooth: hci5: command tx timeout [ 1469.679188][T17003] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2106'. [ 1469.899996][T17019] Bluetooth: hci7: command tx timeout [ 1469.962297][T17019] Bluetooth: hci6: command tx timeout [ 1484.849281][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.860343][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1499.560120][T17018] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1499.583407][T17018] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1499.602207][T17018] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1499.614221][T17018] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1499.627734][T17018] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1499.637207][T17018] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1501.722352][T17018] Bluetooth: hci0: command tx timeout [ 1503.802213][T17018] Bluetooth: hci0: command tx timeout [ 1505.882246][T17018] Bluetooth: hci0: command tx timeout [ 1507.963836][T17018] Bluetooth: hci0: command tx timeout [ 1512.489389][T17073] chnl_net:caif_netlink_parms(): no params data found [ 1512.697568][T17073] bridge0: port 1(bridge_slave_0) entered blocking state [ 1512.710795][T17073] bridge0: port 1(bridge_slave_0) entered disabled state [ 1512.722474][T17073] bridge_slave_0: entered allmulticast mode [ 1512.731031][T17073] bridge_slave_0: entered promiscuous mode [ 1512.753540][T17073] bridge0: port 2(bridge_slave_1) entered blocking state [ 1512.789525][T17073] bridge0: port 2(bridge_slave_1) entered disabled state [ 1512.800084][T17073] bridge_slave_1: entered allmulticast mode [ 1512.816111][T17073] bridge_slave_1: entered promiscuous mode [ 1512.879926][T17073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1512.900459][T17073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1512.988481][T17073] team0: Port device team_slave_0 added [ 1513.011044][T17073] team0: Port device team_slave_1 added [ 1513.082430][T17073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1513.092142][T17073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1513.130028][T17073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1513.144868][T17073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1513.161090][T17073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1513.204983][T17073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1513.299200][T17073] hsr_slave_0: entered promiscuous mode [ 1513.319374][T17073] hsr_slave_1: entered promiscuous mode [ 1513.331640][T17073] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1513.350596][T17073] Cannot create hsr debugfs directory [ 1520.553442][T17019] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1520.570808][T17019] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1520.580162][T17019] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1520.588623][T17019] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1520.596844][T17019] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1520.610313][T17019] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1520.745801][T17018] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1520.763434][T17018] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1520.773043][T17018] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1520.792788][T17018] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1520.800592][T17018] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1520.808117][T17018] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1521.075246][T17018] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1521.090167][T17018] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1521.120545][T17018] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1521.131575][T17018] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1521.140505][T17018] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1521.152519][T17018] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1521.239555][T17019] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1521.250937][T17019] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1521.263019][T17019] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1521.271058][T17019] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1521.279197][T17019] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1521.287633][T17019] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1522.682248][T17019] Bluetooth: hci1: command tx timeout [ 1522.923587][T17019] Bluetooth: hci2: command tx timeout [ 1523.242346][T17019] Bluetooth: hci3: command tx timeout [ 1523.322379][T17019] Bluetooth: hci8: command tx timeout [ 1524.762212][T17019] Bluetooth: hci1: command tx timeout [ 1525.002277][T17019] Bluetooth: hci2: command tx timeout [ 1525.325827][T17019] Bluetooth: hci3: command tx timeout [ 1525.402305][T17019] Bluetooth: hci8: command tx timeout [ 1526.842145][T17019] Bluetooth: hci1: command tx timeout [ 1527.082589][T17019] Bluetooth: hci2: command tx timeout [ 1527.402246][T17019] Bluetooth: hci3: command tx timeout [ 1527.482226][T17019] Bluetooth: hci8: command tx timeout [ 1528.923782][T17019] Bluetooth: hci1: command tx timeout [ 1529.162384][T17019] Bluetooth: hci2: command tx timeout [ 1529.482178][T17019] Bluetooth: hci3: command tx timeout [ 1529.562433][T17019] Bluetooth: hci8: command tx timeout [ 1546.285369][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1546.291726][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1561.768073][T17018] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1561.786964][T17018] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1561.798149][T17018] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1561.806765][T17018] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1561.830248][T17018] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1561.838147][T17018] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1563.883199][T17019] Bluetooth: hci9: command tx timeout [ 1565.962248][T17019] Bluetooth: hci9: command tx timeout [ 1568.042376][T17019] Bluetooth: hci9: command tx timeout [ 1570.122391][T17019] Bluetooth: hci9: command tx timeout [ 1582.629310][T17115] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1582.648428][T17115] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1582.657475][T17115] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1582.674016][T17115] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1582.692193][T17115] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1582.701057][T17115] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 1582.708684][T17115] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1582.720253][T17118] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1582.731170][T17118] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1582.786809][ T8803] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1582.794853][ T8803] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1582.803426][ T8803] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1582.827572][T17109] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1582.866706][T17115] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1582.883543][T17115] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1582.892095][T17115] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1582.900389][T17115] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 1582.908666][T17115] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1583.034835][T17115] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1583.050701][T17115] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1583.067585][T17115] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1583.075805][T17115] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1583.085579][T17115] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 1583.103365][T17115] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1584.235211][ T8803] Bluetooth: hci4: command 0x0406 tx timeout [ 1584.241315][T17115] Bluetooth: hci5: command 0x0406 tx timeout [ 1584.253491][T17115] Bluetooth: hci7: command 0x0406 tx timeout [ 1584.259566][T17115] Bluetooth: hci6: command 0x0406 tx timeout [ 1584.842283][T13309] Bluetooth: hci11: command tx timeout [ 1584.922352][T13309] Bluetooth: hci10: command tx timeout [ 1585.002394][T13309] Bluetooth: hci12: command tx timeout [ 1585.162409][T13309] Bluetooth: hci13: command tx timeout [ 1586.926794][T13309] Bluetooth: hci11: command tx timeout [ 1587.006821][T13309] Bluetooth: hci10: command tx timeout [ 1587.082389][T13309] Bluetooth: hci12: command tx timeout [ 1587.242615][T13309] Bluetooth: hci13: command tx timeout [ 1589.002167][T13309] Bluetooth: hci11: command tx timeout [ 1589.082322][T13309] Bluetooth: hci10: command tx timeout [ 1589.164137][ T54] Bluetooth: hci12: command tx timeout [ 1589.322234][T13309] Bluetooth: hci13: command tx timeout [ 1591.082322][T13309] Bluetooth: hci11: command tx timeout [ 1591.163533][T13309] Bluetooth: hci10: command tx timeout [ 1591.242347][T13309] Bluetooth: hci12: command tx timeout [ 1591.402242][T13309] Bluetooth: hci13: command tx timeout [ 1607.727944][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.734541][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1623.413023][T17018] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 1623.437592][T17018] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 1623.448233][T17018] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 1623.457901][T17018] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 1623.467568][T17018] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 1623.479369][T17018] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 1625.175645][T17018] Bluetooth: hci0: command 0x0406 tx timeout [ 1625.562258][ T54] Bluetooth: hci14: command tx timeout [ 1627.642288][ T54] Bluetooth: hci14: command tx timeout [ 1629.722242][ T54] Bluetooth: hci14: command tx timeout [ 1631.802175][ T54] Bluetooth: hci14: command tx timeout [ 1641.428362][T17018] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 1641.440957][T17018] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 1641.450276][T17018] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 1641.463276][T17018] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 1641.472227][T17018] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 1641.493043][T17018] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 1641.938202][T17018] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 1641.959187][T17018] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 1641.969993][T17018] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 1641.978201][T17018] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 1641.995585][T17018] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 1642.007515][T17018] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 1642.766328][ T54] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 1642.782868][ T54] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 1642.798421][ T54] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 1642.806961][ T54] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 1642.815846][ T54] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 1642.823337][ T54] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 1642.896859][T17018] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 1642.911723][T17018] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 1642.921569][T17018] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 1642.931502][T17018] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 1642.943657][T17018] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 1642.951518][T17018] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 1643.578499][T13309] Bluetooth: hci15: command tx timeout [ 1644.042198][T17018] Bluetooth: hci16: command tx timeout [ 1644.922267][T17018] Bluetooth: hci17: command tx timeout [ 1645.002244][T17018] Bluetooth: hci18: command tx timeout [ 1645.672220][T17018] Bluetooth: hci8: command 0x0406 tx timeout [ 1645.685663][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 1645.691762][ T54] Bluetooth: hci15: command tx timeout [ 1645.697375][ T8803] Bluetooth: hci1: command 0x0406 tx timeout [ 1645.703561][T17118] Bluetooth: hci3: command 0x0406 tx timeout [ 1646.122117][T13309] Bluetooth: hci16: command tx timeout [ 1647.002110][T13309] Bluetooth: hci17: command tx timeout [ 1647.082398][T13309] Bluetooth: hci18: command tx timeout [ 1647.802300][T13309] Bluetooth: hci15: command tx timeout [ 1648.202252][T13309] Bluetooth: hci16: command tx timeout [ 1649.082139][T13309] Bluetooth: hci17: command tx timeout [ 1649.162449][T13309] Bluetooth: hci18: command tx timeout [ 1649.882507][T13309] Bluetooth: hci15: command tx timeout [ 1650.282107][T13309] Bluetooth: hci16: command tx timeout [ 1651.162352][T13309] Bluetooth: hci17: command tx timeout [ 1651.242255][T13309] Bluetooth: hci18: command tx timeout [ 1665.962318][ T30] INFO: task kworker/u8:3:55 blocked for more than 143 seconds. [ 1665.970045][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1666.012017][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1666.021022][ T30] task:kworker/u8:3 state:D stack:19056 pid:55 tgid:55 ppid:2 flags:0x00004000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1666.112085][ T30] Workqueue: netns cleanup_net [ 1666.116970][ T30] Call Trace: [ 1666.120376][ T30] [ 1666.242068][ T30] __schedule+0x18af/0x4bd0 [ 1666.246704][ T30] ? __pfx___schedule+0x10/0x10 [ 1666.251618][ T30] ? __pfx_lock_release+0x10/0x10 [ 1666.351980][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1666.357549][ T30] ? kthread_data+0x52/0xd0 [ 1666.391953][ T30] ? schedule+0x90/0x320 [ 1666.396392][ T30] ? wq_worker_sleeping+0x66/0x240 [ 1666.401560][ T30] ? schedule+0x90/0x320 [ 1666.472102][ T30] schedule+0x14b/0x320 [ 1666.476360][ T30] schedule_preempt_disabled+0x13/0x30 [ 1666.512172][ T30] __mutex_lock+0x6a7/0xd70 [ 1666.516764][ T30] ? __mutex_lock+0x52a/0xd70 [ 1666.521486][ T30] ? wg_destruct+0x25/0x2e0 [ 1666.582048][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1666.587166][ T30] ? __pfx_free_percpu+0x10/0x10 [ 1666.642069][ T30] ? kobject_put+0x272/0x480 [ 1666.660094][ T30] ? __pfx_wg_destruct+0x10/0x10 [ 1666.682257][ T30] wg_destruct+0x25/0x2e0 [ 1666.686676][ T30] ? __pfx_wg_destruct+0x10/0x10 [ 1666.691677][ T30] netdev_run_todo+0xe1a/0x1000 [ 1666.737950][ T30] ? __pfx_netdev_run_todo+0x10/0x10 [ 1666.771865][ T30] ? unregister_netdevice_queue+0x26b/0x370 [ 1666.777989][ T30] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1666.828950][ T30] default_device_exit_batch+0xa24/0xaa0 [ 1666.857447][ T30] ? __pfx___might_resched+0x10/0x10 [ 1666.878110][ T30] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1666.896940][ T30] ? __pfx_rdma_dev_exit_net+0x10/0x10 [ 1666.921959][ T30] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1666.927325][ T30] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1666.963834][ T30] cleanup_net+0x89d/0xcc0 [ 1666.968360][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 1667.016527][ T30] ? process_scheduled_works+0x976/0x1850 [ 1667.041282][ T30] process_scheduled_works+0xa63/0x1850 [ 1667.055766][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1667.061846][ T30] ? assign_work+0x364/0x3d0 [ 1667.081432][ T30] worker_thread+0x870/0xd30 [ 1667.096464][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1667.101716][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1667.122775][ T30] kthread+0x2f0/0x390 [ 1667.126929][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1667.150651][ T30] ? __pfx_kthread+0x10/0x10 [ 1667.170962][ T30] ret_from_fork+0x4b/0x80 [ 1667.175535][ T30] ? __pfx_kthread+0x10/0x10 [ 1667.180902][ T30] ret_from_fork_asm+0x1a/0x30 [ 1667.211144][ T30] [ 1667.222008][ T30] INFO: task kworker/u8:6:1101 blocked for more than 144 seconds. [ 1667.229885][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1667.280909][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1667.301528][ T30] task:kworker/u8:6 state:D stack:19520 pid:1101 tgid:1101 ppid:2 flags:0x00004000 [ 1667.330661][ T30] Workqueue: ipv6_addrconf addrconf_dad_work [ 1667.352746][ T30] Call Trace: [ 1667.356099][ T30] [ 1667.359068][ T30] __schedule+0x18af/0x4bd0 [ 1667.386635][ T30] ? __pfx___schedule+0x10/0x10 [ 1667.391595][ T30] ? __pfx_lock_release+0x10/0x10 [ 1667.421958][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1667.427510][ T30] ? kthread_data+0x52/0xd0 [ 1667.451319][ T30] ? schedule+0x90/0x320 [ 1667.467415][ T30] ? wq_worker_sleeping+0x66/0x240 [ 1667.481952][ T30] ? schedule+0x90/0x320 [ 1667.486281][ T30] schedule+0x14b/0x320 [ 1667.506037][ T30] schedule_preempt_disabled+0x13/0x30 [ 1667.511588][ T30] __mutex_lock+0x6a7/0xd70 [ 1667.537704][ T30] ? mark_lock+0x9a/0x360 [ 1667.548047][ T30] ? __mutex_lock+0x52a/0xd70 [ 1667.557855][ T30] ? addrconf_dad_work+0xd0/0x16f0 [ 1667.565729][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1667.580850][ T30] addrconf_dad_work+0xd0/0x16f0 [ 1667.588232][ T30] ? __pfx_addrconf_dad_work+0x10/0x10 [ 1667.601613][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1667.609634][ T30] ? process_scheduled_works+0x976/0x1850 [ 1667.622293][ T30] process_scheduled_works+0xa63/0x1850 [ 1667.627951][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1667.645821][ T30] ? assign_work+0x364/0x3d0 [ 1667.650503][ T30] worker_thread+0x870/0xd30 [ 1667.661965][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1667.667068][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1667.681579][ T30] kthread+0x2f0/0x390 [ 1667.686491][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1667.694361][ T30] ? __pfx_kthread+0x10/0x10 [ 1667.699021][ T30] ret_from_fork+0x4b/0x80 [ 1667.712355][ T30] ? __pfx_kthread+0x10/0x10 [ 1667.717018][ T30] ret_from_fork_asm+0x1a/0x30 [ 1667.721859][ T30] [ 1667.733569][ T30] INFO: task kworker/1:2:1849 blocked for more than 145 seconds. [ 1667.741353][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1667.762814][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1667.780675][ T30] task:kworker/1:2 state:D stack:19544 pid:1849 tgid:1849 ppid:2 flags:0x00004000 [ 1667.794430][ T30] Workqueue: events switchdev_deferred_process_work [ 1667.801109][ T30] Call Trace: [ 1667.811251][ T30] [ 1667.817006][ T30] __schedule+0x18af/0x4bd0 [ 1667.821601][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 1667.835499][ T30] ? schedule+0x90/0x320 [ 1667.839928][ T30] ? __pfx___schedule+0x10/0x10 [ 1667.849068][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1667.860361][ T30] ? __pfx_lock_release+0x10/0x10 [ 1667.870356][ T30] ? kick_pool+0x1bd/0x620 [ 1667.883221][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1667.888510][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 1667.902086][ T30] ? schedule+0x90/0x320 [ 1667.906421][ T30] schedule+0x14b/0x320 [ 1667.910648][ T30] schedule_preempt_disabled+0x13/0x30 [ 1667.927786][ T30] __mutex_lock+0x6a7/0xd70 [ 1667.937383][ T30] ? __mutex_lock+0x52a/0xd70 [ 1667.946301][ T30] ? switchdev_deferred_process_work+0xe/0x20 [ 1667.957512][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1667.966588][ T30] ? process_scheduled_works+0x976/0x1850 [ 1667.977444][ T30] switchdev_deferred_process_work+0xe/0x20 [ 1667.992066][ T30] process_scheduled_works+0xa63/0x1850 [ 1667.997732][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1668.013308][ T30] ? assign_work+0x364/0x3d0 [ 1668.017997][ T30] worker_thread+0x870/0xd30 [ 1668.030768][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1668.040584][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1668.052044][ T30] kthread+0x2f0/0x390 [ 1668.056282][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1668.061451][ T30] ? __pfx_kthread+0x10/0x10 [ 1668.074558][ T30] ret_from_fork+0x4b/0x80 [ 1668.080706][ T30] ? __pfx_kthread+0x10/0x10 [ 1668.091769][ T30] ret_from_fork_asm+0x1a/0x30 [ 1668.100071][ T30] [ 1668.106301][ T30] INFO: task dhcpcd:4906 blocked for more than 145 seconds. [ 1668.121437][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1668.130252][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1668.142223][ T30] task:dhcpcd state:D stack:20096 pid:4906 tgid:4906 ppid:4905 flags:0x00000002 [ 1668.160753][ T30] Call Trace: [ 1668.164717][ T30] [ 1668.167703][ T30] __schedule+0x18af/0x4bd0 [ 1668.182606][ T30] ? __pfx___schedule+0x10/0x10 [ 1668.187554][ T30] ? __pfx_lock_release+0x10/0x10 [ 1668.200815][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1668.207627][ T30] ? schedule+0x90/0x320 [ 1668.220899][ T30] schedule+0x14b/0x320 [ 1668.225724][ T30] schedule_preempt_disabled+0x13/0x30 [ 1668.231255][ T30] __mutex_lock+0x6a7/0xd70 [ 1668.246540][ T30] ? __mutex_lock+0x52a/0xd70 [ 1668.251292][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1668.263102][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1668.268214][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1668.281231][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1668.288555][ T30] ? __lock_acquire+0x1384/0x2050 [ 1668.303657][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1668.309773][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1668.321955][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1668.327505][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1668.342510][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1668.347790][ T30] netlink_unicast+0x7f6/0x990 [ 1668.363582][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1668.368944][ T30] ? __virt_addr_valid+0x183/0x530 [ 1668.387040][ T30] ? __check_object_size+0x48e/0x900 [ 1668.398026][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1668.405658][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1668.411033][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1668.427536][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1668.438047][ T30] __sock_sendmsg+0x221/0x270 [ 1668.450086][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 1668.460204][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1668.469450][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1668.483151][ T30] __sys_sendmsg+0x292/0x380 [ 1668.497305][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 1668.504956][ T30] ? netlink_bind+0xaeb/0xc90 [ 1668.509744][ T30] ? __pfx___sys_bind+0x10/0x10 [ 1668.521538][ T30] ? fd_install+0x35c/0x5d0 [ 1668.538758][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1668.548109][ T30] ? do_syscall_64+0x100/0x230 [ 1668.559099][ T30] ? do_syscall_64+0xb6/0x230 [ 1668.566558][ T30] do_syscall_64+0xf3/0x230 [ 1668.571132][ T30] ? clear_bhb_loop+0x35/0x90 [ 1668.582052][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1668.588018][ T30] RIP: 0033:0x7f0827f47a4b [ 1668.606790][ T30] RSP: 002b:00007ffd29623978 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1668.624708][ T30] RAX: ffffffffffffffda RBX: 00007f0827e6f6c0 RCX: 00007f0827f47a4b [ 1668.637934][ T30] RDX: 0000000000000000 RSI: 00007ffd29637b28 RDI: 0000000000000014 [ 1668.651945][ T30] RBP: 0000000000000014 R08: 0000000000000000 R09: 00007ffd29637b28 [ 1668.659987][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 1668.675669][ T30] R13: 00007ffd29637b28 R14: 0000000000000030 R15: 0000000000000001 [ 1668.690726][ T30] [ 1668.699240][ T30] INFO: task kworker/u8:10:5537 blocked for more than 146 seconds. [ 1668.712043][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1668.722288][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1668.739221][ T30] task:kworker/u8:10 state:D stack:20576 pid:5537 tgid:5537 ppid:2 flags:0x00004000 [ 1668.751185][ T30] Workqueue: events_unbound linkwatch_event [ 1668.765198][ T30] Call Trace: [ 1668.768538][ T30] [ 1668.771519][ T30] __schedule+0x18af/0x4bd0 [ 1668.786692][ T30] ? __pfx___schedule+0x10/0x10 [ 1668.791644][ T30] ? __pfx_lock_release+0x10/0x10 [ 1668.806960][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1668.816370][ T30] ? kthread_data+0x52/0xd0 [ 1668.821591][ T30] ? schedule+0x90/0x320 [ 1668.832084][ T30] ? wq_worker_sleeping+0x66/0x240 [ 1668.837369][ T30] ? schedule+0x90/0x320 [ 1668.841666][ T30] schedule+0x14b/0x320 [ 1668.854137][ T30] schedule_preempt_disabled+0x13/0x30 [ 1668.859676][ T30] __mutex_lock+0x6a7/0xd70 [ 1668.871465][ T30] ? __mutex_lock+0x52a/0xd70 [ 1668.879035][ T30] ? linkwatch_event+0xe/0x60 [ 1668.890043][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1668.896959][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1668.912329][ T30] ? process_scheduled_works+0x976/0x1850 [ 1668.918143][ T30] linkwatch_event+0xe/0x60 [ 1668.937235][ T30] process_scheduled_works+0xa63/0x1850 [ 1668.948002][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1668.958093][ T30] ? assign_work+0x364/0x3d0 [ 1668.969725][ T30] worker_thread+0x870/0xd30 [ 1668.978955][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1668.989141][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1668.998373][ T30] kthread+0x2f0/0x390 [ 1669.009030][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1669.019197][ T30] ? __pfx_kthread+0x10/0x10 [ 1669.028394][ T30] ret_from_fork+0x4b/0x80 [ 1669.039350][ T30] ? __pfx_kthread+0x10/0x10 [ 1669.046731][ T30] ret_from_fork_asm+0x1a/0x30 [ 1669.051581][ T30] [ 1669.061225][ T30] INFO: task syz-executor:16920 blocked for more than 146 seconds. [ 1669.071945][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1669.079105][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1669.098052][ T30] task:syz-executor state:D stack:21728 pid:16920 tgid:16920 ppid:1 flags:0x00004006 [ 1669.118527][ T30] Call Trace: [ 1669.121873][ T30] [ 1669.126389][ T30] __schedule+0x18af/0x4bd0 [ 1669.130989][ T30] ? __pfx___schedule+0x10/0x10 [ 1669.147723][ T30] ? __pfx_lock_release+0x10/0x10 [ 1669.157860][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1669.166525][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 1669.173117][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 1669.190367][ T30] ? schedule+0x90/0x320 [ 1669.195279][ T30] schedule+0x14b/0x320 [ 1669.199698][ T30] schedule_preempt_disabled+0x13/0x30 [ 1669.219797][ T30] __mutex_lock+0x6a7/0xd70 [ 1669.224976][ T30] ? __mutex_lock+0x52a/0xd70 [ 1669.230405][ T30] ? tun_chr_close+0x3b/0x1b0 [ 1669.242137][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1669.247248][ T30] ? __pfx_call_rcu+0x10/0x10 [ 1669.263572][ T30] tun_chr_close+0x3b/0x1b0 [ 1669.268168][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 1669.281838][ T30] __fput+0x23c/0xa50 [ 1669.286047][ T30] task_work_run+0x24f/0x310 [ 1669.290698][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 1669.302140][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1669.318082][ T30] ? do_exit+0xa2a/0x28e0 [ 1669.327404][ T30] ? kmem_cache_free+0x1a2/0x440 [ 1669.339349][ T30] ? do_exit+0xa2a/0x28e0 [ 1669.346493][ T30] do_exit+0xa2f/0x28e0 [ 1669.350719][ T30] ? __pfx_do_exit+0x10/0x10 [ 1669.361868][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1669.368405][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1669.385093][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1669.391584][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 1669.411111][ T30] do_group_exit+0x207/0x2c0 [ 1669.416292][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 1669.421565][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 1669.440124][ T30] get_signal+0x16a3/0x1740 [ 1669.446455][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1669.451550][ T30] ? __pfx_get_signal+0x10/0x10 [ 1669.461961][ T30] arch_do_signal_or_restart+0x96/0x860 [ 1669.467586][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1669.488563][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1669.502034][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 1669.507854][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 1669.523438][ T30] do_syscall_64+0x100/0x230 [ 1669.528104][ T30] ? clear_bhb_loop+0x35/0x90 [ 1669.541785][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1669.551623][ T30] RIP: 0033:0x7ff08157fe8c [ 1669.562206][ T30] RSP: 002b:00007ffeac5c61a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1669.570762][ T30] RAX: 000000000000003c RBX: 00007ff082264620 RCX: 00007ff08157fe8c [ 1669.589704][ T30] RDX: 000000000000003c RSI: 00007ff082264670 RDI: 0000000000000003 [ 1669.601691][ T30] RBP: 0000000000000000 R08: 00007ffeac5c61f4 R09: 000000000000000c [ 1669.615815][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1669.630967][ T30] R13: 0000000000000000 R14: 00007ff082264670 R15: 0000000000000000 [ 1669.641261][ T30] [ 1669.652434][ T30] INFO: task syz-executor:17014 blocked for more than 147 seconds. [ 1669.660391][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1669.677785][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1669.690416][ T30] task:syz-executor state:D stack:23568 pid:17014 tgid:17014 ppid:1 flags:0x00004006 [ 1669.706065][ T30] Call Trace: [ 1669.709420][ T30] [ 1669.719425][ T30] __schedule+0x18af/0x4bd0 [ 1669.737341][ T30] ? __pfx___schedule+0x10/0x10 [ 1669.748056][ T30] ? __pfx_lock_release+0x10/0x10 [ 1669.761592][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1669.772456][ T30] ? schedule+0x90/0x320 [ 1669.776785][ T30] schedule+0x14b/0x320 [ 1669.781000][ T30] schedule_preempt_disabled+0x13/0x30 [ 1669.791990][ T30] __mutex_lock+0x6a7/0xd70 [ 1669.796576][ T30] ? __mutex_lock+0x52a/0xd70 [ 1669.801302][ T30] ? register_nexthop_notifier+0x84/0x290 [ 1669.815353][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1669.822369][ T30] ? __asan_memset+0x23/0x50 [ 1669.827034][ T30] register_nexthop_notifier+0x84/0x290 [ 1669.842164][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1669.850892][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 1669.866661][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 1669.876765][ T30] ? __asan_memset+0x23/0x50 [ 1669.881428][ T30] ops_init+0x31e/0x590 [ 1669.890740][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1669.901135][ T30] setup_net+0x287/0x9e0 [ 1669.910613][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1669.920172][ T30] ? __pfx_setup_net+0x10/0x10 [ 1669.931834][ T30] copy_net_ns+0x33f/0x570 [ 1669.940454][ T30] create_new_namespaces+0x425/0x7b0 [ 1669.952119][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 1669.958078][ T30] ksys_unshare+0x57d/0xa70 [ 1669.972774][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1669.977886][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1669.992614][ T30] ? do_syscall_64+0x100/0x230 [ 1669.997480][ T30] __x64_sys_unshare+0x38/0x40 [ 1670.010779][ T30] do_syscall_64+0xf3/0x230 [ 1670.017056][ T30] ? clear_bhb_loop+0x35/0x90 [ 1670.021806][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1670.038216][ T30] RIP: 0033:0x7feef437f7f7 [ 1670.043218][ T30] RSP: 002b:00007fff21cb5808 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 1670.051705][ T30] RAX: ffffffffffffffda RBX: 00007feef4535f40 RCX: 00007feef437f7f7 [ 1670.075105][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 1670.091334][ T30] RBP: 00007feef4536a38 R08: 0000000000000000 R09: 0000000000000000 [ 1670.101106][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 1670.116539][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 1670.132073][ T30] [ 1670.139832][ T30] INFO: task syz-executor:17015 blocked for more than 147 seconds. [ 1670.151417][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1670.165067][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1670.180138][ T30] task:syz-executor state:D stack:24160 pid:17015 tgid:17015 ppid:1 flags:0x00004004 [ 1670.196317][ T30] Call Trace: [ 1670.199661][ T30] [ 1670.209773][ T30] __schedule+0x18af/0x4bd0 [ 1670.217117][ T30] ? __pfx___schedule+0x10/0x10 [ 1670.232118][ T30] ? __pfx_lock_release+0x10/0x10 [ 1670.237225][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1670.252289][ T30] ? schedule+0x90/0x320 [ 1670.256623][ T30] schedule+0x14b/0x320 [ 1670.260838][ T30] schedule_preempt_disabled+0x13/0x30 [ 1670.275957][ T30] __mutex_lock+0x6a7/0xd70 [ 1670.280544][ T30] ? __mutex_lock+0x52a/0xd70 [ 1670.300715][ T30] ? register_nexthop_notifier+0x84/0x290 [ 1670.306834][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1670.322030][ T30] ? __asan_memset+0x23/0x50 [ 1670.326709][ T30] register_nexthop_notifier+0x84/0x290 [ 1670.341514][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1670.347846][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 1670.362378][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 1670.368622][ T30] ? __asan_memset+0x23/0x50 [ 1670.388950][ T30] ops_init+0x31e/0x590 [ 1670.397125][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1670.408954][ T30] setup_net+0x287/0x9e0 [ 1670.415962][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1670.421590][ T30] ? __pfx_setup_net+0x10/0x10 [ 1670.435054][ T30] copy_net_ns+0x33f/0x570 [ 1670.439562][ T30] create_new_namespaces+0x425/0x7b0 [ 1670.457635][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 1670.472003][ T30] ksys_unshare+0x57d/0xa70 [ 1670.476599][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1670.481669][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1670.498816][ T30] ? do_syscall_64+0x100/0x230 [ 1670.509011][ T30] __x64_sys_unshare+0x38/0x40 [ 1670.518796][ T30] do_syscall_64+0xf3/0x230 [ 1670.526985][ T30] ? clear_bhb_loop+0x35/0x90 [ 1670.531737][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1670.551282][ T30] RIP: 0033:0x7fe17737f7f7 [ 1670.556097][ T30] RSP: 002b:00007ffee18d64a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 1670.572031][ T30] RAX: ffffffffffffffda RBX: 00007fe177535f40 RCX: 00007fe17737f7f7 [ 1670.580076][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 1670.598199][ T30] RBP: 00007fe177536a38 R08: 0000000000000000 R09: 0000000000000000 [ 1670.610521][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 1670.626170][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 1670.638207][ T30] [ 1670.648633][ T30] INFO: task syz-executor:17020 blocked for more than 148 seconds. [ 1670.661865][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1670.669612][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1670.687881][ T30] task:syz-executor state:D stack:24160 pid:17020 tgid:17020 ppid:1 flags:0x00004006 [ 1670.700933][ T30] Call Trace: [ 1670.710534][ T30] [ 1670.714888][ T30] __schedule+0x18af/0x4bd0 [ 1670.719494][ T30] ? __pfx___schedule+0x10/0x10 [ 1670.734643][ T30] ? __pfx_lock_release+0x10/0x10 [ 1670.739885][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1670.752860][ T30] ? schedule+0x90/0x320 [ 1670.757206][ T30] schedule+0x14b/0x320 [ 1670.761443][ T30] schedule_preempt_disabled+0x13/0x30 [ 1670.778706][ T30] __mutex_lock+0x6a7/0xd70 [ 1670.788384][ T30] ? __mutex_lock+0x52a/0xd70 [ 1670.797308][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 1670.807621][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1670.816756][ T30] ? read_word_at_a_time+0xe/0x20 [ 1670.821852][ T30] ? sized_strscpy+0x8d/0x220 [ 1670.832895][ T30] ip_tunnel_init_net+0x20e/0x720 [ 1670.838009][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 1670.856774][ T30] ops_init+0x31e/0x590 [ 1670.861112][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 1670.878546][ T30] setup_net+0x287/0x9e0 [ 1670.886864][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 1670.899198][ T30] ? __pfx_setup_net+0x10/0x10 [ 1670.908045][ T30] copy_net_ns+0x33f/0x570 [ 1670.917882][ T30] create_new_namespaces+0x425/0x7b0 [ 1670.927287][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 1670.938153][ T30] ksys_unshare+0x57d/0xa70 [ 1670.947061][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 1670.961045][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1670.969612][ T30] ? do_syscall_64+0x100/0x230 [ 1670.984094][ T30] __x64_sys_unshare+0x38/0x40 [ 1670.988941][ T30] do_syscall_64+0xf3/0x230 [ 1670.999802][ T30] ? clear_bhb_loop+0x35/0x90 [ 1671.008657][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1671.020942][ T30] RIP: 0033:0x7f53c517f7f7 [ 1671.025913][ T30] RSP: 002b:00007fffa4502bf8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110 [ 1671.042984][ T30] RAX: ffffffffffffffda RBX: 00007f53c5335f40 RCX: 00007f53c517f7f7 [ 1671.060617][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 1671.072234][ T30] RBP: 00007f53c5336a38 R08: 0000000000000000 R09: 0000000000000000 [ 1671.080282][ T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c [ 1671.099691][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 1671.109751][ T30] [ 1671.120469][ T30] INFO: task syz-executor:17022 blocked for more than 148 seconds. [ 1671.131319][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1671.145904][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1671.160131][ T30] task:syz-executor state:D stack:24160 pid:17022 tgid:17022 ppid:1 flags:0x00000004 [ 1671.184460][ T30] Call Trace: [ 1671.187807][ T30] [ 1671.190777][ T30] __schedule+0x18af/0x4bd0 [ 1671.204577][ T30] ? __pfx___schedule+0x10/0x10 [ 1671.209518][ T30] ? __pfx_lock_release+0x10/0x10 [ 1671.220925][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1671.229255][ T30] ? schedule+0x90/0x320 [ 1671.239773][ T30] schedule+0x14b/0x320 [ 1671.248693][ T30] schedule_preempt_disabled+0x13/0x30 [ 1671.262055][ T30] __mutex_lock+0x6a7/0xd70 [ 1671.266650][ T30] ? __mutex_lock+0x52a/0xd70 [ 1671.271380][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1671.285591][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1671.290754][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1671.307433][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1671.317648][ T30] ? __lock_acquire+0x1384/0x2050 [ 1671.326721][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1671.337467][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1671.346132][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1671.351670][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1671.369387][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1671.376336][ T30] netlink_unicast+0x7f6/0x990 [ 1671.381191][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1671.396572][ T30] ? __virt_addr_valid+0x183/0x530 [ 1671.401782][ T30] ? __check_object_size+0x48e/0x900 [ 1671.411737][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1671.422861][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.428233][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1671.442229][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.447599][ T30] __sock_sendmsg+0x221/0x270 [ 1671.459459][ T30] __sys_sendto+0x39b/0x4f0 [ 1671.466726][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1671.471852][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1671.492872][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1671.499322][ T30] __x64_sys_sendto+0xde/0x100 [ 1671.515298][ T30] do_syscall_64+0xf3/0x230 [ 1671.519872][ T30] ? clear_bhb_loop+0x35/0x90 [ 1671.533351][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1671.539318][ T30] RIP: 0033:0x7fa1a9d7fe8c [ 1671.552261][ T30] RSP: 002b:00007ffface01940 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1671.572026][ T30] RAX: ffffffffffffffda RBX: 00007fa1aaa64620 RCX: 00007fa1a9d7fe8c [ 1671.580117][ T30] RDX: 000000000000002c RSI: 00007fa1aaa64670 RDI: 0000000000000003 [ 1671.598637][ T30] RBP: 0000000000000000 R08: 00007ffface01994 R09: 000000000000000c [ 1671.611257][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1671.624681][ T30] R13: 0000000000000000 R14: 00007fa1aaa64670 R15: 0000000000000000 [ 1671.639389][ T30] [ 1671.646326][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1671.667167][ T30] INFO: task syz-executor:17089 blocked for more than 149 seconds. [ 1671.679076][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1671.695461][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1671.710912][ T30] task:syz-executor state:D stack:24160 pid:17089 tgid:17089 ppid:1 flags:0x00000004 [ 1671.725978][ T30] Call Trace: [ 1671.729324][ T30] [ 1671.741395][ T30] __schedule+0x18af/0x4bd0 [ 1671.751194][ T30] ? __pfx___schedule+0x10/0x10 [ 1671.761299][ T30] ? __pfx_lock_release+0x10/0x10 [ 1671.772106][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1671.777664][ T30] ? schedule+0x90/0x320 [ 1671.789986][ T30] schedule+0x14b/0x320 [ 1671.794709][ T30] schedule_preempt_disabled+0x13/0x30 [ 1671.800250][ T30] __mutex_lock+0x6a7/0xd70 [ 1671.812484][ T30] ? __mutex_lock+0x52a/0xd70 [ 1671.817244][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1671.831518][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1671.837777][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1671.851464][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1671.857534][ T30] ? __lock_acquire+0x1384/0x2050 [ 1671.872057][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1671.877613][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1671.891271][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1671.897861][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1671.911714][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1671.917391][ T30] netlink_unicast+0x7f6/0x990 [ 1671.930608][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1671.936420][ T30] ? __virt_addr_valid+0x183/0x530 [ 1671.941602][ T30] ? __check_object_size+0x48e/0x900 [ 1671.956615][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1671.961495][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.979626][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1671.986255][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.991613][ T30] __sock_sendmsg+0x221/0x270 [ 1672.005590][ T30] __sys_sendto+0x39b/0x4f0 [ 1672.010188][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1672.022126][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1672.028206][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1672.043024][ T30] ? exc_page_fault+0x590/0x8c0 [ 1672.047960][ T30] __x64_sys_sendto+0xde/0x100 [ 1672.064926][ T30] do_syscall_64+0xf3/0x230 [ 1672.069511][ T30] ? clear_bhb_loop+0x35/0x90 [ 1672.085721][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1672.091693][ T30] RIP: 0033:0x7f9dd697fe8c [ 1672.105623][ T30] RSP: 002b:00007fffcc83b0a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1672.120660][ T30] RAX: ffffffffffffffda RBX: 00007f9dd7664620 RCX: 00007f9dd697fe8c [ 1672.132281][ T30] RDX: 0000000000000028 RSI: 00007f9dd7664670 RDI: 0000000000000003 [ 1672.140320][ T30] RBP: 0000000000000000 R08: 00007fffcc83b0f4 R09: 000000000000000c [ 1672.160953][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1672.170389][ T30] R13: 0000000000000000 R14: 00007f9dd7664670 R15: 0000000000000000 [ 1672.191041][ T30] [ 1672.194341][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1672.212107][ T30] INFO: task syz-executor:17092 blocked for more than 149 seconds. [ 1672.220067][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1672.236652][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1672.249410][ T30] task:syz-executor state:D stack:24160 pid:17092 tgid:17092 ppid:1 flags:0x00000004 [ 1672.264946][ T30] Call Trace: [ 1672.268275][ T30] [ 1672.271243][ T30] __schedule+0x18af/0x4bd0 [ 1672.282445][ T30] ? __pfx___schedule+0x10/0x10 [ 1672.287380][ T30] ? __pfx_lock_release+0x10/0x10 [ 1672.304706][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1672.310932][ T30] ? schedule+0x90/0x320 [ 1672.320935][ T30] schedule+0x14b/0x320 [ 1672.328988][ T30] schedule_preempt_disabled+0x13/0x30 [ 1672.339568][ T30] __mutex_lock+0x6a7/0xd70 [ 1672.347993][ T30] ? __mutex_lock+0x52a/0xd70 [ 1672.359204][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1672.369019][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1672.380027][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1672.390194][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1672.400395][ T30] ? __lock_acquire+0x1384/0x2050 [ 1672.412090][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1672.417637][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1672.431605][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1672.437521][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1672.451398][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1672.456981][ T30] netlink_unicast+0x7f6/0x990 [ 1672.461813][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1672.471969][ T30] ? __virt_addr_valid+0x183/0x530 [ 1672.477148][ T30] ? __check_object_size+0x48e/0x900 [ 1672.494363][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1672.499237][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1672.514637][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1672.520100][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1672.532508][ T30] __sock_sendmsg+0x221/0x270 [ 1672.537265][ T30] __sys_sendto+0x39b/0x4f0 [ 1672.541827][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1672.557889][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1672.568942][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1672.579218][ T30] ? exc_page_fault+0x590/0x8c0 [ 1672.590665][ T30] __x64_sys_sendto+0xde/0x100 [ 1672.600533][ T30] do_syscall_64+0xf3/0x230 [ 1672.613206][ T30] ? clear_bhb_loop+0x35/0x90 [ 1672.617961][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1672.633241][ T30] RIP: 0033:0x7fec6bf7fe8c [ 1672.637720][ T30] RSP: 002b:00007ffe1f5158d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1672.656639][ T30] RAX: ffffffffffffffda RBX: 00007fec6cc64620 RCX: 00007fec6bf7fe8c [ 1672.668917][ T30] RDX: 0000000000000028 RSI: 00007fec6cc64670 RDI: 0000000000000003 [ 1672.682515][ T30] RBP: 0000000000000000 R08: 00007ffe1f515924 R09: 000000000000000c [ 1672.699736][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1672.710594][ T30] R13: 0000000000000000 R14: 00007fec6cc64670 R15: 0000000000000000 [ 1672.727958][ T30] [ 1672.731048][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1672.742699][ T30] INFO: task syz-executor:17096 blocked for more than 150 seconds. [ 1672.750686][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1672.763999][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1672.780905][ T30] task:syz-executor state:D stack:24160 pid:17096 tgid:17096 ppid:1 flags:0x00000004 [ 1672.793248][ T30] Call Trace: [ 1672.796582][ T30] [ 1672.799645][ T30] __schedule+0x18af/0x4bd0 [ 1672.812588][ T30] ? __pfx___schedule+0x10/0x10 [ 1672.818729][ T30] ? __pfx_lock_release+0x10/0x10 [ 1672.834018][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1672.839570][ T30] ? schedule+0x90/0x320 [ 1672.851980][ T30] schedule+0x14b/0x320 [ 1672.856231][ T30] schedule_preempt_disabled+0x13/0x30 [ 1672.861744][ T30] __mutex_lock+0x6a7/0xd70 [ 1672.877692][ T30] ? __mutex_lock+0x52a/0xd70 [ 1672.888908][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1672.899487][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1672.909838][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1672.918898][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1672.929836][ T30] ? __lock_acquire+0x1384/0x2050 [ 1672.939560][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1672.951805][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1672.961295][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1672.972063][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1672.977465][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1672.990980][ T30] netlink_unicast+0x7f6/0x990 [ 1672.997912][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1673.013041][ T30] ? __virt_addr_valid+0x183/0x530 [ 1673.018235][ T30] ? __check_object_size+0x48e/0x900 [ 1673.031714][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1673.036947][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1673.051483][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1673.056906][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1673.072012][ T30] __sock_sendmsg+0x221/0x270 [ 1673.076867][ T30] __sys_sendto+0x39b/0x4f0 [ 1673.081432][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1673.097596][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1673.108844][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1673.119169][ T30] ? exc_page_fault+0x590/0x8c0 [ 1673.131091][ T30] __x64_sys_sendto+0xde/0x100 [ 1673.139777][ T30] do_syscall_64+0xf3/0x230 [ 1673.149397][ T30] ? clear_bhb_loop+0x35/0x90 [ 1673.158725][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1673.171413][ T30] RIP: 0033:0x7f4520b7fe8c [ 1673.182181][ T30] RSP: 002b:00007ffd71261fc0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1673.190760][ T30] RAX: ffffffffffffffda RBX: 00007f4521864620 RCX: 00007f4520b7fe8c [ 1673.208751][ T30] RDX: 0000000000000028 RSI: 00007f4521864670 RDI: 0000000000000003 [ 1673.218914][ T30] RBP: 0000000000000000 R08: 00007ffd71262014 R09: 000000000000000c [ 1673.237543][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1673.250635][ T30] R13: 0000000000000000 R14: 00007f4521864670 R15: 0000000000000000 [ 1673.267969][ T30] [ 1673.271055][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1673.289648][ T30] INFO: task syz-executor:17098 blocked for more than 150 seconds. [ 1673.309777][ T30] Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1673.317604][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1673.336015][ T30] task:syz-executor state:D stack:24160 pid:17098 tgid:17098 ppid:1 flags:0x00000004 [ 1673.350256][ T30] Call Trace: [ 1673.360202][ T30] [ 1673.363652][ T30] __schedule+0x18af/0x4bd0 [ 1673.368343][ T30] ? __pfx___schedule+0x10/0x10 [ 1673.382666][ T30] ? __pfx_lock_release+0x10/0x10 [ 1673.387762][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1673.401609][ T30] ? schedule+0x90/0x320 [ 1673.409843][ T30] schedule+0x14b/0x320 [ 1673.421651][ T30] schedule_preempt_disabled+0x13/0x30 [ 1673.428829][ T30] __mutex_lock+0x6a7/0xd70 [ 1673.443326][ T30] ? __mutex_lock+0x52a/0xd70 [ 1673.448087][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1673.460689][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1673.467434][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1673.481320][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1673.490266][ T30] ? __lock_acquire+0x1384/0x2050 [ 1673.502845][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1673.518200][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1673.523483][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1673.529003][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1673.545942][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1673.551235][ T30] netlink_unicast+0x7f6/0x990 [ 1673.562350][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1673.567710][ T30] ? __virt_addr_valid+0x183/0x530 [ 1673.588268][ T30] ? __check_object_size+0x48e/0x900 [ 1673.598440][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1673.609427][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1673.619726][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 1673.628660][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1673.641046][ T30] __sock_sendmsg+0x221/0x270 [ 1673.662332][ T30] __sys_sendto+0x39b/0x4f0 [ 1673.666930][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1673.679992][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1673.686486][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1673.702812][ T30] ? exc_page_fault+0x590/0x8c0 [ 1673.707756][ T30] __x64_sys_sendto+0xde/0x100 [ 1673.724564][ T30] do_syscall_64+0xf3/0x230 [ 1673.729413][ T30] ? clear_bhb_loop+0x35/0x90 [ 1673.742463][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1673.748438][ T30] RIP: 0033:0x7f3520d7fe8c [ 1673.762151][ T30] RSP: 002b:00007ffe64aa9ac0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1673.770660][ T30] RAX: ffffffffffffffda RBX: 00007f3521a64620 RCX: 00007f3520d7fe8c [ 1673.788151][ T30] RDX: 0000000000000028 RSI: 00007f3521a64670 RDI: 0000000000000003 [ 1673.799242][ T30] RBP: 0000000000000000 R08: 00007ffe64aa9b14 R09: 000000000000000c [ 1673.814629][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1673.832159][ T30] R13: 0000000000000000 R14: 00007f3521a64670 R15: 0000000000000000 [ 1673.840858][ T30] [ 1673.853203][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1673.871877][ T30] [ 1673.871877][ T30] Showing all locks held in the system: [ 1673.880161][ T30] 1 lock held by khungtaskd/30: [ 1673.892309][ T30] #0: ffffffff8e939e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1673.910357][ T30] 4 locks held by kworker/u8:3/55: [ 1673.917464][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1673.937400][ T30] #1: ffffc90000bf7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1673.956971][ T30] #2: ffffffff8fccf910 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1673.972405][ T30] #3: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: wg_destruct+0x25/0x2e0 [ 1673.981338][ T30] 3 locks held by kworker/u8:4/62: [ 1673.997951][ T30] #0: ffff8880b873e698 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1674.016717][ T30] #1: ffff8880b8728948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0 [ 1674.037460][ T30] #2: ffff8880b872a718 (&base->lock){-.-.}-{2:2}, at: cfg80211_wiphy_work+0xd9/0x490 [ 1674.056955][ T30] 3 locks held by kworker/u8:6/1101: [ 1674.070470][ T30] #0: ffff88802d53d148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1674.091380][ T30] #1: ffffc90003fd7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1674.111998][ T30] #2: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 1674.132432][ T30] 3 locks held by kworker/1:2/1849: [ 1674.137698][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1674.158101][ T30] #1: ffffc9000490fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1674.172142][ T30] #2: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 1674.192945][ T30] 1 lock held by dhcpcd/4906: [ 1674.197691][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.211982][ T30] 2 locks held by getty/4998: [ 1674.216721][ T30] #0: ffff8880324790a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1674.237431][ T30] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 1674.258832][ T30] 3 locks held by kworker/u8:10/5537: [ 1674.267111][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1674.285890][ T30] #1: ffffc90004a77d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1674.308886][ T30] #2: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1674.325619][ T30] 3 locks held by kworker/0:2/10338: [ 1674.330973][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1674.353960][ T30] #1: ffffc90002f3fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1674.375293][ T30] #2: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 1674.392145][ T30] 7 locks held by kworker/0:5/10392: [ 1674.397524][ T30] 1 lock held by syz-executor/16920: [ 1674.410788][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1674.428772][ T30] 2 locks held by syz-executor/17014: [ 1674.438596][ T30] #0: ffffffff8fccf910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 1674.453060][ T30] #1: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 1674.471399][ T30] 2 locks held by syz-executor/17015: [ 1674.480010][ T30] #0: ffffffff8fccf910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 1674.497103][ T30] #1: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 1674.510892][ T30] 2 locks held by syz-executor/17020: [ 1674.522889][ T30] #0: ffffffff8fccf910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 1674.543962][ T30] #1: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 1674.562819][ T30] 1 lock held by syz-executor/17022: [ 1674.568469][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.582073][ T30] 8 locks held by syz-executor/17073: [ 1674.587502][ T30] #0: ffff888032708420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 1674.614546][ T30] #1: ffff8880520de088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 1674.637188][ T30] #2: ffff888027512b48 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 1674.656747][ T30] #3: ffffffff8f577de8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1674.671132][ T30] #4: ffff88806c7590e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1674.691953][ T30] #5: ffff88806c75d250 (&devlink->lock_key#50){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1674.712991][ T30] #6: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1674.731296][ T30] #7: ffffffff8e7d3e10 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 1674.751992][ T30] 1 lock held by syz-executor/17089: [ 1674.758239][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.778306][ T30] 1 lock held by syz-executor/17092: [ 1674.787678][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.802106][ T30] 1 lock held by syz-executor/17096: [ 1674.807461][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.826677][ T30] 1 lock held by syz-executor/17098: [ 1674.839665][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.853750][ T30] 1 lock held by syz-executor/17101: [ 1674.859838][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.876579][ T30] 1 lock held by syz-executor/17110: [ 1674.886451][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.902630][ T30] 1 lock held by syz-executor/17111: [ 1674.907972][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.927956][ T30] 1 lock held by syz-executor/17116: [ 1674.938278][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.962282][ T30] 1 lock held by syz-executor/17121: [ 1674.967648][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1674.987251][ T30] 1 lock held by syz-executor/17126: [ 1674.995365][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1675.012463][ T30] 1 lock held by syz-executor/17134: [ 1675.017810][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1675.034924][ T30] 1 lock held by syz-executor/17137: [ 1675.040262][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1675.057899][ T30] 1 lock held by syz-executor/17141: [ 1675.068804][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1675.087994][ T30] 1 lock held by syz-executor/17143: [ 1675.096159][ T30] #0: ffffffff8fcdc488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1675.112068][ T30] [ 1675.114447][ T30] ============================================= [ 1675.114447][ T30] [ 1675.132816][ T30] NMI backtrace for cpu 1 [ 1675.137202][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1675.147224][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1675.157319][ T30] Call Trace: [ 1675.160638][ T30] [ 1675.163602][ T30] dump_stack_lvl+0x241/0x360 [ 1675.168327][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1675.173572][ T30] ? __pfx__printk+0x10/0x10 [ 1675.178227][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 1675.183222][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1675.188731][ T30] ? _printk+0xd5/0x120 [ 1675.192936][ T30] ? __pfx__printk+0x10/0x10 [ 1675.197588][ T30] ? __wake_up_klogd+0xcc/0x110 [ 1675.202487][ T30] ? __pfx__printk+0x10/0x10 [ 1675.207312][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 1675.212392][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1675.218424][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 1675.224449][ T30] watchdog+0xff4/0x1040 [ 1675.228745][ T30] ? watchdog+0x1ea/0x1040 [ 1675.233217][ T30] ? __pfx_watchdog+0x10/0x10 [ 1675.237941][ T30] kthread+0x2f0/0x390 [ 1675.242048][ T30] ? __pfx_watchdog+0x10/0x10 [ 1675.246772][ T30] ? __pfx_kthread+0x10/0x10 [ 1675.251406][ T30] ret_from_fork+0x4b/0x80 [ 1675.255858][ T30] ? __pfx_kthread+0x10/0x10 [ 1675.260484][ T30] ret_from_fork_asm+0x1a/0x30 [ 1675.265349][ T30] [ 1675.269367][ T30] Sending NMI from CPU 1 to CPUs 0: [ 1675.275176][ C0] NMI backtrace for cpu 0 [ 1675.275190][ C0] CPU: 0 UID: 0 PID: 10392 Comm: kworker/0:5 Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1675.275212][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1675.275225][ C0] Workqueue: events nsim_dev_trap_report_work [ 1675.275255][ C0] RIP: 0010:stack_trace_consume_entry+0x0/0x280 [ 1675.275282][ C0] Code: 21 7e 00 e9 6a ff ff ff e8 4d 4e 4b 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 fb 48 [ 1675.275298][ C0] RSP: 0018:ffffc90000007998 EFLAGS: 00000282 [ 1675.275314][ C0] RAX: ffffffff81360c9b RBX: ffffc900000079a0 RCX: ffffffff917cd000 [ 1675.275329][ C0] RDX: ffffffff9197be01 RSI: ffffffff81360c9b RDI: ffffc90000007a80 [ 1675.275343][ C0] RBP: ffffc90000007a30 R08: ffffc900044f7f20 R09: 0000000000000000 [ 1675.275357][ C0] R10: ffffc900000079f0 R11: ffffffff81809390 R12: ffff88806f7c5a00 [ 1675.275371][ C0] R13: ffffffff81809390 R14: ffffc90000007a80 R15: 0000000000000000 [ 1675.275385][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1675.275401][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1675.275414][ C0] CR2: 00005555825c8808 CR3: 000000000e736000 CR4: 00000000003526f0 [ 1675.275430][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1675.275442][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1675.275454][ C0] Call Trace: [ 1675.275460][ C0] [ 1675.275469][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1675.275492][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1675.275511][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1675.275532][ C0] ? nmi_handle+0x2a/0x5a0 [ 1675.275560][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1675.275586][ C0] ? nmi_handle+0x14f/0x5a0 [ 1675.275605][ C0] ? nmi_handle+0x2a/0x5a0 [ 1675.275625][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275649][ C0] ? default_do_nmi+0x63/0x160 [ 1675.275671][ C0] ? exc_nmi+0x123/0x1f0 [ 1675.275692][ C0] ? end_repeat_nmi+0xf/0x53 [ 1675.275713][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275736][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275760][ C0] ? ret_from_fork+0x4b/0x80 [ 1675.275775][ C0] ? __init_begin+0x41000/0x41000 [ 1675.275798][ C0] ? use_tsc_delay+0x1/0x30 [ 1675.275816][ C0] ? ret_from_fork+0x4b/0x80 [ 1675.275832][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275856][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275880][ C0] ? use_tsc_delay+0x1/0x30 [ 1675.275898][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1675.275930][ C0] [ 1675.275937][ C0] [ 1675.275943][ C0] arch_stack_walk+0x10e/0x150 [ 1675.275966][ C0] ? ret_from_fork+0x4b/0x80 [ 1675.275985][ C0] stack_trace_save+0x118/0x1d0 [ 1675.276009][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1675.276038][ C0] ref_tracker_free+0x105/0x7e0 [ 1675.276059][ C0] ? __pfx_ref_tracker_free+0x10/0x10 [ 1675.276077][ C0] ? dst_destroy+0x105/0x360 [ 1675.276102][ C0] ? rcu_core+0xaaa/0x17a0 [ 1675.276120][ C0] ? handle_softirqs+0x2c5/0x980 [ 1675.276144][ C0] ? do_softirq+0x11b/0x1e0 [ 1675.276167][ C0] ? __local_bh_enable_ip+0x1bb/0x200 [ 1675.276192][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 1675.276215][ C0] ? process_scheduled_works+0xa63/0x1850 [ 1675.276241][ C0] ? worker_thread+0x870/0xd30 [ 1675.276266][ C0] ? kthread+0x2f0/0x390 [ 1675.276290][ C0] ? __pfx_ipv4_dst_destroy+0x10/0x10 [ 1675.276317][ C0] dst_destroy+0x105/0x360 [ 1675.276342][ C0] ? rcu_core+0xa37/0x17a0 [ 1675.276361][ C0] ? __pfx_dst_destroy_rcu+0x10/0x10 [ 1675.276386][ C0] rcu_core+0xaaa/0x17a0 [ 1675.276413][ C0] ? __pfx_rcu_core+0x10/0x10 [ 1675.276435][ C0] ? rcu_is_watching+0x15/0xb0 [ 1675.276458][ C0] ? tasklet_action_common+0x42c/0x4d0 [ 1675.276488][ C0] ? __pfx_tasklet_action_common+0x10/0x10 [ 1675.276523][ C0] handle_softirqs+0x2c5/0x980 [ 1675.276551][ C0] ? do_softirq+0x11b/0x1e0 [ 1675.276577][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1675.276607][ C0] do_softirq+0x11b/0x1e0 [ 1675.276630][ C0] [ 1675.276637][ C0] [ 1675.276644][ C0] ? __pfx_do_softirq+0x10/0x10 [ 1675.276669][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 1675.276699][ C0] ? rcu_is_watching+0x15/0xb0 [ 1675.276721][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 1675.276747][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 1675.276771][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1675.276796][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1675.276821][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 1675.276849][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 1675.276882][ C0] ? process_scheduled_works+0x976/0x1850 [ 1675.276914][ C0] process_scheduled_works+0xa63/0x1850 [ 1675.276954][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1675.276985][ C0] ? assign_work+0x364/0x3d0 [ 1675.277012][ C0] worker_thread+0x870/0xd30 [ 1675.277046][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1675.277075][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1675.277101][ C0] kthread+0x2f0/0x390 [ 1675.277119][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1675.277145][ C0] ? __pfx_kthread+0x10/0x10 [ 1675.277165][ C0] ret_from_fork+0x4b/0x80 [ 1675.277181][ C0] ? __pfx_kthread+0x10/0x10 [ 1675.277199][ C0] ret_from_fork_asm+0x1a/0x30 [ 1675.277233][ C0] [ 1675.834893][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1675.841805][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-next-20241015-syzkaller #0 [ 1675.851822][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1675.861912][ T30] Call Trace: [ 1675.865221][ T30] [ 1675.868183][ T30] dump_stack_lvl+0x241/0x360 [ 1675.872905][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1675.878143][ T30] ? __pfx__printk+0x10/0x10 [ 1675.882872][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1675.888918][ T30] ? vscnprintf+0x5d/0x90 [ 1675.893293][ T30] panic+0x349/0x880 [ 1675.897237][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1675.903431][ T30] ? __pfx_panic+0x10/0x10 [ 1675.907970][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 1675.913395][ T30] ? __irq_work_queue_local+0x137/0x410 [ 1675.918993][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1675.924410][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1675.930610][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 1675.936823][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 1675.943037][ T30] watchdog+0x1033/0x1040 [ 1675.947449][ T30] ? watchdog+0x1ea/0x1040 [ 1675.951931][ T30] ? __pfx_watchdog+0x10/0x10 [ 1675.956664][ T30] kthread+0x2f0/0x390 [ 1675.960773][ T30] ? __pfx_watchdog+0x10/0x10 [ 1675.965498][ T30] ? __pfx_kthread+0x10/0x10 [ 1675.970128][ T30] ret_from_fork+0x4b/0x80 [ 1675.974577][ T30] ? __pfx_kthread+0x10/0x10 [ 1675.979209][ T30] ret_from_fork_asm+0x1a/0x30