last executing test programs: 2m8.584205459s ago: executing program 4 (id=100): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400}) 2m5.790116848s ago: executing program 4 (id=112): r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) lseek(r1, 0x0, 0x1) 2m4.721532925s ago: executing program 4 (id=115): syz_open_dev$usbfs(0x0, 0x76, 0x160341) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) lseek(r0, 0x7fff, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x7, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20) syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, &(0x7f00000004c0)=""/237, &(0x7f00000005c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40885}, 0x42000) close(0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000040000020f00000005002e000100000005002f000000000008000300", @ANYRES32=r7], 0x2c}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) 2m3.222172049s ago: executing program 4 (id=122): r0 = socket$kcm(0x29, 0x5, 0x0) write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef) sendmmsg(r0, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)="1a", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)='R', 0x1}], 0x1}}], 0x2, 0x8000) 2m1.024560551s ago: executing program 4 (id=130): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x2) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 2m0.693408977s ago: executing program 4 (id=133): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1) 1m45.302990739s ago: executing program 32 (id=133): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1) 1m25.740961909s ago: executing program 1 (id=204): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_dev$ndb(&(0x7f0000000340), 0x0, 0xc8040) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', 0x0}) sendmsg$can_raw(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r4}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0) 1m22.705636929s ago: executing program 1 (id=207): r0 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) lseek(r2, 0x0, 0x1) 1m22.557419042s ago: executing program 2 (id=209): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_open_dev$vbi(0x0, 0x2, 0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000009c0)={&(0x7f00000001c0)='xprtrdma_err_unrecognized\x00'}, 0x18) r5 = userfaultfd(0x80001) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x1c}) read(r5, &(0x7f0000000080)=""/129, 0x20) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1}) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8) ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r1, 0x4, 0x4002) r6 = io_uring_setup(0x2e2d, &(0x7f00000003c0)={0x0, 0xcd81, 0x8000, 0x0, 0x1e}) io_uring_register$IORING_REGISTER_RING_FDS(r6, 0x14, 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000008400004803c0001800a0001006d617463680000002c0002800d000100636f6e6e6d61726b0000000010000300a62a1a4094b2c56d78942e9708000240000000010900020073797a32000000000900010073797a30"], 0x94}}, 0x0) 1m22.372582506s ago: executing program 1 (id=210): write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1, 0x12) 1m22.144698318s ago: executing program 1 (id=212): socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8) r2 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r2}, &(0x7f0000000080)) read$FUSE(r1, &(0x7f00000008c0)={0x2020}, 0xfffffef0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1m22.005181019s ago: executing program 2 (id=214): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c6966616365"], 0x60}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000030601a9d5d5c50000000000000000000500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1m21.350427245s ago: executing program 2 (id=217): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) socket$nl_generic(0x10, 0x3, 0x10) openat$mixer(0xffffffffffffff9c, 0x0, 0x101403, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = dup(r2) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@private=0xa0000fd, @loopback}, 0xc) r5 = socket$netlink(0x10, 0x3, 0x0) writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) setsockopt$inet_mreqsrc(r4, 0x0, 0x24, 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="c4319105666c3b376685e88a5dcd6381b02b4d18c6fb1adf76423ff785a63db956a4026ec5678bf430d8fa3beb759b7d7d778eaae07c9c1b197ca6b80d9f561d1a084554a5d33a01a7017f33769bc6a7a839fdcb51b4ae49cb53363b1e9afd6cb1fe3225de47da24e20bede034219c4bae42b687a9c470415be2b7abf3a221e4bd28ef706314ba9180c63419088c484f"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={0x0, 0xfffffffffffffff3}, 0x1, 0x0, 0x0, 0x8005}, 0x20000800) r7 = userfaultfd(0x80001) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, 0x0) ioctl$UFFDIO_CONTINUE(r7, 0xc020aa08, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace$poke(0x5, r8, &(0x7f0000000080), 0x0) 1m18.953109211s ago: executing program 2 (id=219): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000340)=@framed={{0x18, 0x2}, [@alu={0x7, 0x1, 0xb, 0x0, 0x0, 0x1, 0x1}]}, &(0x7f0000000280)='syzkaller\x00'}, 0x90) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1) 1m17.178893157s ago: executing program 2 (id=226): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x87}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x1c1002) setrlimit(0xa, &(0x7f0000000140)={0x9, 0x1ff}) writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2) r1 = gettid() timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x2182) ioctl$CEC_RECEIVE(r2, 0xc0386106, &(0x7f0000000000)={0x0, 0x7, 0x1, 0x81, 0x0, 0x9, "2600000000000023cf82641daf0625c9", 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0xe}) 1m16.811469849s ago: executing program 1 (id=228): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r3}, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800) 1m16.246326276s ago: executing program 2 (id=229): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) 1m15.831096363s ago: executing program 1 (id=230): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r2}, 0x18) r3 = socket$netlink(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) socket$kcm(0x10, 0x2, 0x0) r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x121081, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)) r9 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) sendfile(r9, r9, 0x0, 0x4800000009) 1m0.841092326s ago: executing program 33 (id=229): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) 1m0.699974755s ago: executing program 34 (id=230): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r2}, 0x18) r3 = socket$netlink(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) socket$kcm(0x10, 0x2, 0x0) r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x121081, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)) r9 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) sendfile(r9, r9, 0x0, 0x4800000009) 33.180082403s ago: executing program 0 (id=319): r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000002000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e6174"], 0x25c}}, 0x0) 32.876668218s ago: executing program 0 (id=322): setresgid(0xee00, 0xee01, 0x0) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) 30.120975008s ago: executing program 0 (id=327): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, r2, 0x7, 0x2, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '@{/.-\x00'}]}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x8040) 29.790634211s ago: executing program 0 (id=330): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x404c0c6, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10) close(0x3) 29.480555395s ago: executing program 0 (id=332): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file1\x00', 0x1c100, 0x10) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) 29.21042923s ago: executing program 0 (id=334): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x14) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r1, 0xffffffffffffffff, 0x200000000000000) 25.37251641s ago: executing program 3 (id=340): socket$nl_generic(0x10, 0x3, 0x10) openat$iommufd(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, 0x0) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f00000003c0)={0x48}) 16.621482308s ago: executing program 3 (id=341): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file1\x00', 0x1c100, 0x10) ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0) 16.180040381s ago: executing program 3 (id=342): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800) 15.989143466s ago: executing program 3 (id=343): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x2}, 0x18) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'wg1\x00', 0x2}, 0x18) 15.679578944s ago: executing program 3 (id=344): writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000240)="390000fa461ad7e48489bffa56020013f811186809fc071200000f0000ff3f21396963d43e89b0ee000000170a001700e0da8979d2fc6ca957beec11251d35fec7", 0x41}], 0x1) r0 = syz_open_dev$sg(0x0, 0x0, 0x0) setreuid(0x0, 0xee00) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0]) 15.544400916s ago: executing program 3 (id=345): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) socket$unix(0x1, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 13.675541421s ago: executing program 35 (id=334): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x14) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r1, 0xffffffffffffffff, 0x200000000000000) 0s ago: executing program 36 (id=345): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) socket$unix(0x1, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) kernel console output (not intermixed with test programs): [ 87.053316][ T10] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.14' (ED25519) to the list of known hosts. [ 90.666509][ T5824] cgroup: Unknown subsys name 'net' [ 90.904978][ T5824] cgroup: Unknown subsys name 'cpuset' [ 90.960111][ T5824] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 92.960915][ T5824] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 98.041965][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 98.057881][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 98.066668][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 98.068440][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 98.079472][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.240709][ T5154] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 98.246832][ T5154] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 98.248845][ T5154] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 98.257178][ T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.262192][ T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.263023][ T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.264344][ T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.265430][ T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 98.313250][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 98.314155][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 98.345636][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 98.363348][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 98.364423][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 98.366315][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 98.367633][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 98.457972][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 98.463168][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 98.464052][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 98.465650][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 98.466682][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 99.361764][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 99.373154][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 99.580984][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 99.736608][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 100.171557][ T5847] Bluetooth: hci0: command tx timeout [ 100.297247][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.297485][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.297985][ T5844] bridge_slave_0: entered allmulticast mode [ 100.301590][ T5844] bridge_slave_0: entered promiscuous mode [ 100.308830][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 100.330501][ T5847] Bluetooth: hci2: command tx timeout [ 100.358536][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.358663][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.358981][ T5838] bridge_slave_0: entered allmulticast mode [ 100.381916][ T5838] bridge_slave_0: entered promiscuous mode [ 100.384616][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.384773][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.384969][ T5844] bridge_slave_1: entered allmulticast mode [ 100.387155][ T5844] bridge_slave_1: entered promiscuous mode [ 100.409565][ T5847] Bluetooth: hci3: command tx timeout [ 100.409742][ T5847] Bluetooth: hci1: command tx timeout [ 100.530638][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.530804][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.530923][ T5838] bridge_slave_1: entered allmulticast mode [ 100.532659][ T5838] bridge_slave_1: entered promiscuous mode [ 100.569618][ T5849] Bluetooth: hci4: command tx timeout [ 101.031230][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.031452][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.031832][ T5843] bridge_slave_0: entered allmulticast mode [ 101.035350][ T5843] bridge_slave_0: entered promiscuous mode [ 101.136805][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.238386][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.238573][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.238776][ T5843] bridge_slave_1: entered allmulticast mode [ 101.243279][ T5843] bridge_slave_1: entered promiscuous mode [ 101.260895][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.265656][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.296126][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.296247][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.296398][ T5845] bridge_slave_0: entered allmulticast mode [ 101.298124][ T5845] bridge_slave_0: entered promiscuous mode [ 101.362992][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.453150][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.453390][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.454058][ T5845] bridge_slave_1: entered allmulticast mode [ 101.458098][ T5845] bridge_slave_1: entered promiscuous mode [ 101.964380][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.043967][ T5844] team0: Port device team_slave_0 added [ 102.188053][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.192561][ T5838] team0: Port device team_slave_0 added [ 102.196598][ T5844] team0: Port device team_slave_1 added [ 102.197311][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.197744][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.197918][ T5854] bridge_slave_0: entered allmulticast mode [ 102.202229][ T5854] bridge_slave_0: entered promiscuous mode [ 102.212693][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.249710][ T5849] Bluetooth: hci0: command tx timeout [ 102.284145][ T5838] team0: Port device team_slave_1 added [ 102.361247][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.361460][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.361662][ T5854] bridge_slave_1: entered allmulticast mode [ 102.365030][ T5854] bridge_slave_1: entered promiscuous mode [ 102.371232][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.409550][ T5847] Bluetooth: hci2: command tx timeout [ 102.490863][ T5847] Bluetooth: hci3: command tx timeout [ 102.490971][ T5849] Bluetooth: hci1: command tx timeout [ 102.649467][ T5849] Bluetooth: hci4: command tx timeout [ 102.787475][ T5843] team0: Port device team_slave_0 added [ 102.893669][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.893691][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.893719][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.197880][ T5843] team0: Port device team_slave_1 added [ 103.198876][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.198887][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.198903][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.212573][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.212591][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.212618][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.272650][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.287960][ T5845] team0: Port device team_slave_0 added [ 103.388771][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.388785][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.388801][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.416229][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.418650][ T5845] team0: Port device team_slave_1 added [ 103.694126][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.694141][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.694167][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.844565][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.844584][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.844613][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.944195][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.944213][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.944242][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.948851][ T5854] team0: Port device team_slave_0 added [ 104.124766][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.124785][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.124813][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.127052][ T5854] team0: Port device team_slave_1 added [ 104.142034][ T5844] hsr_slave_0: entered promiscuous mode [ 104.145275][ T5844] hsr_slave_1: entered promiscuous mode [ 104.339582][ T5849] Bluetooth: hci0: command tx timeout [ 104.489557][ T5849] Bluetooth: hci2: command tx timeout [ 104.547165][ T5838] hsr_slave_0: entered promiscuous mode [ 104.548111][ T5838] hsr_slave_1: entered promiscuous mode [ 104.548809][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 104.548884][ T5838] Cannot create hsr debugfs directory [ 104.562263][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.562278][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.562302][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.571164][ T5849] Bluetooth: hci1: command tx timeout [ 104.571196][ T5849] Bluetooth: hci3: command tx timeout [ 104.729766][ T5847] Bluetooth: hci4: command tx timeout [ 104.833316][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.833336][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.833359][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.853307][ T5843] hsr_slave_0: entered promiscuous mode [ 104.854738][ T5843] hsr_slave_1: entered promiscuous mode [ 104.855640][ T5843] debugfs: 'hsr0' already exists in 'hsr' [ 104.855665][ T5843] Cannot create hsr debugfs directory [ 105.233743][ T5845] hsr_slave_0: entered promiscuous mode [ 105.235133][ T5845] hsr_slave_1: entered promiscuous mode [ 105.235770][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 105.235791][ T5845] Cannot create hsr debugfs directory [ 105.858962][ T5854] hsr_slave_0: entered promiscuous mode [ 105.867905][ T5854] hsr_slave_1: entered promiscuous mode [ 105.868972][ T5854] debugfs: 'hsr0' already exists in 'hsr' [ 105.868999][ T5854] Cannot create hsr debugfs directory [ 106.409512][ T5847] Bluetooth: hci0: command tx timeout [ 106.569748][ T5847] Bluetooth: hci2: command tx timeout [ 106.650542][ T5847] Bluetooth: hci3: command tx timeout [ 106.650584][ T5847] Bluetooth: hci1: command tx timeout [ 106.812402][ T5849] Bluetooth: hci4: command tx timeout [ 107.176318][ T5844] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 107.216245][ T5844] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 107.258802][ T5844] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 107.318343][ T5844] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 107.476170][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.517429][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.557920][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.605731][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.764898][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.825484][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.874850][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.928240][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 108.166259][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 108.208864][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 108.280724][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 108.339032][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 108.546461][ T5854] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 108.601300][ T5854] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 108.632981][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.638220][ T5854] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 108.675428][ T5854] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 108.825404][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.862503][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.907024][ T3598] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.907638][ T3598] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.955461][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.955857][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.007424][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.062668][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.073891][ T160] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.074178][ T160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.139207][ T160] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.140931][ T160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.246249][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.283826][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.309196][ T1354] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.309504][ T1354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.383443][ T1354] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.383623][ T1354] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.524681][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.585407][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.609016][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.609606][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.689098][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.689610][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.832878][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.897437][ T160] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.899598][ T160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.992189][ T160] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.992412][ T160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.176594][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.367065][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.774038][ T5838] veth0_vlan: entered promiscuous mode [ 110.865390][ T5838] veth1_vlan: entered promiscuous mode [ 110.885881][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.172392][ T5838] veth0_macvtap: entered promiscuous mode [ 111.212094][ T5838] veth1_macvtap: entered promiscuous mode [ 111.216366][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.269051][ T5843] veth0_vlan: entered promiscuous mode [ 111.313597][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.327520][ T5844] veth0_vlan: entered promiscuous mode [ 111.354828][ T5843] veth1_vlan: entered promiscuous mode [ 111.365469][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.408428][ T5844] veth1_vlan: entered promiscuous mode [ 111.416578][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.478347][ T3706] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.499017][ T3706] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.528137][ T3706] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.546553][ T3706] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.675658][ T5845] veth0_vlan: entered promiscuous mode [ 111.741480][ T5843] veth0_macvtap: entered promiscuous mode [ 111.865605][ T5843] veth1_macvtap: entered promiscuous mode [ 111.880505][ T5854] veth0_vlan: entered promiscuous mode [ 111.882485][ T5845] veth1_vlan: entered promiscuous mode [ 111.896284][ T5844] veth0_macvtap: entered promiscuous mode [ 111.971587][ T5844] veth1_macvtap: entered promiscuous mode [ 112.011571][ T5854] veth1_vlan: entered promiscuous mode [ 112.031211][ T3706] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.031233][ T3706] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.094963][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.158129][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.190973][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.194775][ T1015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.194795][ T1015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.238544][ T3706] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.252109][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.259150][ T3706] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.281738][ T3706] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.307508][ T5845] veth0_macvtap: entered promiscuous mode [ 112.321896][ T3706] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.353904][ T3706] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.367235][ T3706] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.406777][ T5845] veth1_macvtap: entered promiscuous mode [ 112.433064][ T3706] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.442710][ T3706] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.445619][ T5854] veth0_macvtap: entered promiscuous mode [ 112.590229][ T5854] veth1_macvtap: entered promiscuous mode [ 113.703843][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.092013][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.096786][ T5958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.096810][ T5958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.123068][ T37] audit: type=1326 audit(1757327587.406:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.126887][ T37] audit: type=1326 audit(1757327587.406:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.126943][ T37] audit: type=1326 audit(1757327587.406:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.126991][ T37] audit: type=1326 audit(1757327587.406:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.131840][ T37] audit: type=1326 audit(1757327587.406:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.131890][ T37] audit: type=1326 audit(1757327587.416:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.131931][ T37] audit: type=1326 audit(1757327587.416:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.132459][ T37] audit: type=1326 audit(1757327587.416:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.132502][ T37] audit: type=1326 audit(1757327587.416:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.132543][ T37] audit: type=1326 audit(1757327587.416:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5961 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557a45ebe9 code=0x7ffc0000 [ 114.166957][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.313855][ T1354] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.328180][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.382420][ T1354] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.396217][ T1354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.396237][ T1354] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.410987][ T1366] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.449015][ T1366] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.485721][ T1366] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.494065][ T1366] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.496108][ T1366] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.536857][ T1366] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.618687][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.618711][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.634973][ T1029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.634995][ T1029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.398803][ T1366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.398824][ T1366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.580420][ T5958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.580444][ T5958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.761252][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.761275][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.914212][ T3706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.914235][ T3706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.128944][ T5988] mmap: syz.0.13 (5988) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 124.229261][ T6048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.29'. [ 124.788991][ T6054] random: crng reseeded on system resumption [ 124.891052][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.891465][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.892101][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.892638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.894289][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.895402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.895500][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.896452][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.896624][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.897490][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 128.306214][ T6087] netlink: 24 bytes leftover after parsing attributes in process `syz.1.42'. [ 129.470488][ T6099] input: syz0 as /devices/virtual/input/input5 [ 132.343894][ T6143] input: syz0 as /devices/virtual/input/input6 [ 133.159840][ T6145] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 133.573340][ T6155] netlink: 'syz.2.64': attribute type 13 has an invalid length. [ 133.662235][ T6155] gretap0: refused to change device tx_queue_len [ 133.674810][ T6155] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 135.811175][ T6180] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.695667][ T6173] syz.3.71 (6173) used greatest stack depth: 16760 bytes left [ 138.341338][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.341459][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.718753][ T6195] program syz.0.79 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 141.190278][ T5975] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 141.452958][ T5975] usb 1-1: Using ep0 maxpacket: 8 [ 141.503016][ T5975] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 141.595936][ T5975] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 141.595973][ T5975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.595994][ T5975] usb 1-1: Product: syz [ 141.596009][ T5975] usb 1-1: Manufacturer: syz [ 141.596025][ T5975] usb 1-1: SerialNumber: syz [ 142.027949][ T5975] usb 1-1: config 0 descriptor?? [ 144.585358][ T31] usb 1-1: USB disconnect, device number 2 [ 144.981575][ T6252] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 145.169385][ T6245] Driver unsupported XDP return value 0 on prog (id 36) dev N/A, expect packet loss! [ 146.081802][ T6270] program syz.1.103 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 147.695989][ T6287] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 148.545081][ T6297] hfsplus: unable to find HFS+ superblock [ 149.710889][ T6312] program syz.0.116 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.104411][ T6317] netlink: 12 bytes leftover after parsing attributes in process `syz.2.119'. [ 150.314522][ T6320] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 150.452132][ T6323] capability: warning: `syz.2.119' uses 32-bit capabilities (legacy support in use) [ 150.513473][ T6316] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 150.728081][ T37] kauditd_printk_skb: 45 callbacks suppressed [ 150.728098][ T37] audit: type=1326 audit(1757327624.006:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.759647][ T37] audit: type=1326 audit(1757327624.036:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.765157][ T37] audit: type=1326 audit(1757327624.046:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.765413][ T37] audit: type=1326 audit(1757327624.046:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.767809][ T37] audit: type=1326 audit(1757327624.046:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.859083][ T37] audit: type=1326 audit(1757327624.046:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.903647][ T37] audit: type=1326 audit(1757327624.136:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.903709][ T37] audit: type=1326 audit(1757327624.176:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.903775][ T37] audit: type=1326 audit(1757327624.176:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 150.906030][ T37] audit: type=1326 audit(1757327624.186:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44e624ebe9 code=0x7ffc0000 [ 151.357279][ T6332] IPv4: Oversized IP packet from 127.202.26.0 [ 151.361159][ T6326] ipvlan2: entered promiscuous mode [ 151.365426][ T6326] bridge0: port 3(ipvlan2) entered blocking state [ 151.428637][ T6326] bridge0: port 3(ipvlan2) entered disabled state [ 151.429000][ T6326] ipvlan2: entered allmulticast mode [ 151.429019][ T6326] bridge0: entered allmulticast mode [ 151.529970][ T6326] ipvlan2: left allmulticast mode [ 151.529997][ T6326] bridge0: left allmulticast mode [ 152.844218][ C0] vkms_vblank_simulate: vblank timer overrun [ 152.979477][ T50] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 153.109468][ T50] usb 1-1: device descriptor read/64, error -71 [ 153.473811][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.529495][ T50] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 153.669487][ T50] usb 1-1: device descriptor read/64, error -71 [ 153.782267][ T50] usb usb1-port1: attempt power cycle [ 154.177260][ T6366] tipc: Started in network mode [ 154.177284][ T6366] tipc: Node identity 6e2655490372, cluster identity 4711 [ 154.177938][ T6366] tipc: Enabled bearer , priority 0 [ 154.399419][ T50] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 154.432835][ T50] usb 1-1: device descriptor read/8, error -71 [ 154.459939][ T6361] tipc: Resetting bearer [ 154.681066][ T50] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 155.031384][ T50] usb 1-1: device descriptor read/8, error -71 [ 155.156716][ T6382] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 155.192349][ T50] usb usb1-port1: unable to enumerate USB device [ 155.324965][ T5920] tipc: Node number set to 1834243401 [ 156.823609][ T6396] netlink: 8 bytes leftover after parsing attributes in process `syz.0.138'. [ 156.823629][ T6396] netlink: 8 bytes leftover after parsing attributes in process `syz.0.138'. [ 159.249256][ T37] kauditd_printk_skb: 23 callbacks suppressed [ 159.256150][ T37] audit: type=1326 audit(1757327632.526:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6413 comm="syz.2.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1445a9ebe9 code=0x7ffc0000 [ 159.256216][ T37] audit: type=1326 audit(1757327632.526:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6413 comm="syz.2.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f1445a9ebe9 code=0x7ffc0000 [ 159.256263][ T37] audit: type=1326 audit(1757327632.526:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6413 comm="syz.2.142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1445a9ebe9 code=0x7ffc0000 [ 159.727214][ T6420] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 159.939517][ T6428] syz.3.147 uses obsolete (PF_INET,SOCK_PACKET) [ 160.108449][ T6432] netlink: 12 bytes leftover after parsing attributes in process `syz.2.149'. [ 169.379098][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 169.387218][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 169.388707][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 169.412433][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 169.413535][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 170.005621][ T6361] tipc: Disabling bearer [ 171.031620][ T37] audit: type=1326 audit(1757327644.306:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.031681][ T37] audit: type=1326 audit(1757327644.316:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.032779][ T37] audit: type=1326 audit(1757327644.316:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.033125][ T37] audit: type=1326 audit(1757327644.316:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.034922][ T37] audit: type=1326 audit(1757327644.316:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.064925][ T37] audit: type=1326 audit(1757327644.336:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.064996][ T37] audit: type=1326 audit(1757327644.336:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.065054][ T37] audit: type=1326 audit(1757327644.336:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.065112][ T37] audit: type=1326 audit(1757327644.346:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.065170][ T37] audit: type=1326 audit(1757327644.346:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6448 comm="syz.3.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 171.861621][ T5847] Bluetooth: hci5: command tx timeout [ 172.645121][ T6463] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 174.463550][ T5847] Bluetooth: hci5: command tx timeout [ 174.619792][ T6473] netlink: 'syz.0.162': attribute type 39 has an invalid length. [ 175.583866][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.664442][ T6439] chnl_net:caif_netlink_parms(): no params data found [ 175.685491][ T6489] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 176.061753][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.490779][ T5847] Bluetooth: hci5: command tx timeout [ 176.556142][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.172'. [ 176.556172][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.172'. [ 177.683430][ T6513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.175'. [ 178.039952][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.193592][ T6500] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 178.571935][ T5847] Bluetooth: hci5: command tx timeout [ 178.576934][ T6530] netlink: 'syz.1.178': attribute type 4 has an invalid length. [ 178.779379][ T6240] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 178.846375][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.917721][ T6240] usb 4-1: device descriptor read/64, error -71 [ 179.149560][ T6240] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 179.218654][ T6513] syz.0.175 (6513) used greatest stack depth: 16248 bytes left [ 179.279505][ T6240] usb 4-1: device descriptor read/64, error -71 [ 179.391291][ T6240] usb usb4-port1: attempt power cycle [ 179.460417][ T6439] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.460509][ T6439] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.460702][ T6439] bridge_slave_0: entered allmulticast mode [ 179.466172][ T6439] bridge_slave_0: entered promiscuous mode [ 179.492589][ T6542] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 179.508041][ T6439] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.532014][ T6439] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.532309][ T6439] bridge_slave_1: entered allmulticast mode [ 179.535631][ T6439] bridge_slave_1: entered promiscuous mode [ 179.739726][ T6240] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 179.760476][ T6240] usb 4-1: device descriptor read/8, error -71 [ 179.837451][ T6439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.867842][ T6439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 180.069110][ T6240] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 180.094423][ T6240] usb 4-1: device descriptor read/8, error -71 [ 180.121815][ T6544] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 180.202356][ T6240] usb usb4-port1: unable to enumerate USB device [ 180.466395][ T6548] netlink: 132 bytes leftover after parsing attributes in process `syz.2.187'. [ 180.496242][ T6439] team0: Port device team_slave_0 added [ 182.050343][ T6439] team0: Port device team_slave_1 added [ 185.619193][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 185.619211][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.619241][ T6439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 185.788464][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 185.788479][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.788496][ T6439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 185.956959][ T13] bridge_slave_1: left allmulticast mode [ 185.957313][ T13] bridge_slave_1: left promiscuous mode [ 185.960386][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.193656][ T13] bridge_slave_0: left allmulticast mode [ 186.193684][ T13] bridge_slave_0: left promiscuous mode [ 186.193894][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.328044][ T6579] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 186.343782][ T6585] netlink: 'syz.0.196': attribute type 4 has an invalid length. [ 187.399446][ T6240] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 187.530596][ T6240] usb 4-1: device descriptor read/64, error -71 [ 187.877258][ T6240] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 188.024477][ T6240] usb 4-1: device descriptor read/64, error -71 [ 188.130532][ T6240] usb usb4-port1: attempt power cycle [ 188.431861][ T6600] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 188.469508][ T6240] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 188.490542][ T6240] usb 4-1: device descriptor read/8, error -71 [ 188.592897][ T6604] netlink: 'syz.2.205': attribute type 13 has an invalid length. [ 188.738553][ T6240] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 188.900749][ T6240] usb 4-1: device descriptor read/8, error -71 [ 189.022810][ T6240] usb usb4-port1: unable to enumerate USB device [ 191.148732][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.200695][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 191.244700][ T13] bond0 (unregistering): Released all slaves [ 191.546145][ T6604] gretap0: refused to change device tx_queue_len [ 191.546768][ T6604] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 191.908894][ T13] tipc: Left network mode [ 192.351328][ T6626] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 192.463012][ T6628] netlink: 48 bytes leftover after parsing attributes in process `syz.2.214'. [ 194.295035][ T5975] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 194.368339][ T6439] hsr_slave_0: entered promiscuous mode [ 194.380240][ T6439] hsr_slave_1: entered promiscuous mode [ 194.381448][ T6439] debugfs: 'hsr0' already exists in 'hsr' [ 194.381477][ T6439] Cannot create hsr debugfs directory [ 194.413349][ T6644] netlink: 'syz.2.217': attribute type 4 has an invalid length. [ 194.640779][ T5975] usb 1-1: no configurations [ 194.640802][ T5975] usb 1-1: can't read configurations, error -22 [ 194.779476][ T5975] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 194.843312][ T6650] netlink: 'syz.3.218': attribute type 13 has an invalid length. [ 194.945903][ T5975] usb 1-1: no configurations [ 194.945927][ T5975] usb 1-1: can't read configurations, error -22 [ 194.946347][ T5975] usb usb1-port1: attempt power cycle [ 195.213208][ T6650] gretap0: refused to change device tx_queue_len [ 195.213577][ T6650] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 195.401467][ T5975] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 195.421339][ T5975] usb 1-1: no configurations [ 195.421358][ T5975] usb 1-1: can't read configurations, error -22 [ 195.559567][ T5975] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 195.805307][ T5975] usb 1-1: device descriptor read/8, error -71 [ 195.910063][ T5975] usb usb1-port1: unable to enumerate USB device [ 196.101299][ T6664] program syz.0.221 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.921538][ T6676] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 197.379435][ T13] hsr_slave_0: left promiscuous mode [ 197.419516][ T13] hsr_slave_1: left promiscuous mode [ 197.420997][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.421091][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.482845][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 197.482883][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.276937][ T13] veth1_macvtap: left promiscuous mode [ 198.277134][ T13] veth0_macvtap: left promiscuous mode [ 198.277337][ T13] veth1_vlan: left promiscuous mode [ 198.280354][ T13] veth0_vlan: left promiscuous mode [ 199.695123][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.695180][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.901391][ T6709] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 203.852447][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 203.852468][ T37] audit: type=1326 audit(1757327677.136:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.856464][ T37] audit: type=1326 audit(1757327677.136:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.863489][ T37] audit: type=1326 audit(1757327677.136:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.863782][ T37] audit: type=1326 audit(1757327677.146:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.873415][ T37] audit: type=1326 audit(1757327677.156:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.873835][ T37] audit: type=1326 audit(1757327677.156:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.874365][ T37] audit: type=1326 audit(1757327677.156:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.875700][ T37] audit: type=1326 audit(1757327677.156:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 203.877676][ T37] audit: type=1326 audit(1757327677.156:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6718 comm="syz.3.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 205.991876][ T13] team0 (unregistering): Port device team_slave_1 removed [ 206.529679][ T13] team0 (unregistering): Port device team_slave_0 removed [ 208.103312][ T6742] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 208.303127][ T6746] netlink: 20 bytes leftover after parsing attributes in process `syz.0.248'. [ 210.094048][ T6758] netlink: 20 bytes leftover after parsing attributes in process `syz.0.251'. [ 213.487061][ T6690] smc: net device bond0 applied user defined pnetid SYZ0 [ 213.846800][ T6773] program syz.3.257 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 214.280207][ T6775] netlink: 20 bytes leftover after parsing attributes in process `syz.3.258'. [ 215.101513][ T6439] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 215.185748][ T6439] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 215.360376][ T6439] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 215.386925][ T6439] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 215.454090][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 215.470936][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 215.475987][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 215.483365][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 215.489943][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 215.702989][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 215.720995][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 215.737740][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 215.789864][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 215.792634][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 217.690879][ T5849] Bluetooth: hci2: command tx timeout [ 217.850687][ T5849] Bluetooth: hci6: command tx timeout [ 219.420677][ T3598] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.772322][ T5849] Bluetooth: hci2: command tx timeout [ 219.929607][ T5849] Bluetooth: hci6: command tx timeout [ 219.959461][ T37] audit: type=1326 audit(1757327693.236:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.3.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 219.959528][ T37] audit: type=1326 audit(1757327693.236:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.3.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 219.959577][ T37] audit: type=1326 audit(1757327693.236:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.3.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14892ebe9 code=0x7ffc0000 [ 220.078337][ T3598] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.613528][ T3598] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.789424][ T6239] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 220.940984][ T6239] usb 4-1: too many configurations: 79, using maximum allowed: 8 [ 220.943303][ T6239] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 220.943344][ T6239] usb 4-1: can't read configurations, error -61 [ 221.069511][ T6239] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 221.112496][ T3598] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.223687][ T6239] usb 4-1: too many configurations: 79, using maximum allowed: 8 [ 221.251609][ T6239] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 221.251653][ T6239] usb 4-1: can't read configurations, error -61 [ 221.253380][ T6239] usb usb4-port1: attempt power cycle [ 221.589559][ T6239] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 221.617671][ T6239] usb 4-1: too many configurations: 79, using maximum allowed: 8 [ 221.620058][ T6239] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 221.620098][ T6239] usb 4-1: can't read configurations, error -61 [ 221.771918][ T6239] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 221.790970][ T6239] usb 4-1: too many configurations: 79, using maximum allowed: 8 [ 221.793249][ T6239] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 221.793288][ T6239] usb 4-1: can't read configurations, error -61 [ 221.793825][ T6239] usb usb4-port1: unable to enumerate USB device [ 221.853445][ T5849] Bluetooth: hci2: command tx timeout [ 222.009792][ T5849] Bluetooth: hci6: command tx timeout [ 222.087388][ T6439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.187712][ T6783] chnl_net:caif_netlink_parms(): no params data found [ 222.255480][ T5849] Bluetooth: hci3: command 0x0406 tx timeout [ 222.255527][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 222.577162][ T6789] chnl_net:caif_netlink_parms(): no params data found [ 223.936485][ T5847] Bluetooth: hci2: command tx timeout [ 224.089578][ T5847] Bluetooth: hci6: command tx timeout [ 224.308064][ T3598] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.905044][ T3598] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.053338][ T6439] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.478334][ T6890] program syz.0.280 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.733500][ T3598] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.832242][ T6783] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.835495][ T6783] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.835683][ T6783] bridge_slave_0: entered allmulticast mode [ 225.865024][ T6783] bridge_slave_0: entered promiscuous mode [ 226.011435][ T6783] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.011563][ T6783] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.011715][ T6783] bridge_slave_1: entered allmulticast mode [ 226.017694][ T6783] bridge_slave_1: entered promiscuous mode [ 226.047352][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.047952][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.069926][ T6789] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.070023][ T6789] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.070193][ T6789] bridge_slave_0: entered allmulticast mode [ 226.074502][ T6789] bridge_slave_0: entered promiscuous mode [ 226.263658][ T3598] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.772069][ T6897] syz.3.282 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 227.864150][ T6789] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.864321][ T6789] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.864583][ T6789] bridge_slave_1: entered allmulticast mode [ 227.929888][ T6789] bridge_slave_1: entered promiscuous mode [ 228.164543][ T6902] random: crng reseeded on system resumption [ 228.406174][ T6783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 228.673852][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.674198][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.695209][ T6783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 228.823610][ T6789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 229.422807][ T6789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 230.350993][ T6783] team0: Port device team_slave_0 added [ 230.519552][ T31] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 230.571559][ T6783] team0: Port device team_slave_1 added [ 230.576750][ T6789] team0: Port device team_slave_0 added [ 230.672175][ T31] usb 4-1: Using ep0 maxpacket: 8 [ 230.680394][ T31] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 230.691759][ T31] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 230.691789][ T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.691808][ T31] usb 4-1: Product: syz [ 230.691822][ T31] usb 4-1: Manufacturer: syz [ 230.691835][ T31] usb 4-1: SerialNumber: syz [ 230.812354][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 230.833944][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 230.847780][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 230.855352][ T31] usb 4-1: config 0 descriptor?? [ 230.877976][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 230.891481][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 231.113409][ T6789] team0: Port device team_slave_1 added [ 231.580595][ T6783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.580615][ T6783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.580642][ T6783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.733030][ T6783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 231.733050][ T6783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.733079][ T6783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.742722][ T6789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.742739][ T6789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.742763][ T6789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.863075][ T6789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 231.863094][ T6789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.863124][ T6789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 232.082632][ T3598] bridge_slave_1: left allmulticast mode [ 232.082671][ T3598] bridge_slave_1: left promiscuous mode [ 232.084739][ T3598] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.176386][ T3598] bridge_slave_0: left allmulticast mode [ 232.176426][ T3598] bridge_slave_0: left promiscuous mode [ 232.178133][ T3598] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.256501][ T3598] bridge_slave_1: left allmulticast mode [ 232.256540][ T3598] bridge_slave_1: left promiscuous mode [ 232.256847][ T3598] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.321671][ T3598] bridge_slave_0: left allmulticast mode [ 232.321711][ T3598] bridge_slave_0: left promiscuous mode [ 232.322033][ T3598] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.049677][ T5839] Bluetooth: hci1: command tx timeout [ 233.272971][ T6931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.292'. [ 233.319064][ T5975] usb 4-1: USB disconnect, device number 14 [ 234.132760][ T6935] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 235.129464][ T5839] Bluetooth: hci1: command tx timeout [ 235.638110][ T6950] autofs: Unknown parameter 'fd0x0000000000000000' [ 236.589608][ T5975] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 236.614820][ T6957] Zero length message leads to an empty skb [ 236.739556][ T5975] usb 4-1: Using ep0 maxpacket: 8 [ 236.742228][ T5975] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 236.745338][ T5975] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 236.745367][ T5975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.745389][ T5975] usb 4-1: Product: syz [ 236.745404][ T5975] usb 4-1: Manufacturer: syz [ 236.745419][ T5975] usb 4-1: SerialNumber: syz [ 236.839685][ T5975] usb 4-1: config 0 descriptor?? [ 237.057253][ T6959] hfsplus: unable to find HFS+ superblock [ 237.219898][ T5839] Bluetooth: hci1: command tx timeout [ 237.382251][ T3598] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.453255][ T3598] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 237.513440][ T3598] bond0 (unregistering): Released all slaves [ 239.152412][ T3598] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 239.210804][ T3598] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 239.236825][ T3598] bond0 (unregistering): Released all slaves [ 239.289700][ T5839] Bluetooth: hci1: command tx timeout [ 239.356734][ T5975] usb 4-1: USB disconnect, device number 15 [ 239.622524][ T6973] autofs: Unknown parameter 'fd0x0000000000000000' [ 239.779634][ T6976] input: syz0 as /devices/virtual/input/input7 [ 239.807210][ T6783] hsr_slave_0: entered promiscuous mode [ 239.820218][ T6783] hsr_slave_1: entered promiscuous mode [ 240.199171][ T6985] program syz.3.312 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 240.780275][ T6789] hsr_slave_0: entered promiscuous mode [ 240.783177][ T6789] hsr_slave_1: entered promiscuous mode [ 240.785585][ T6789] debugfs: 'hsr0' already exists in 'hsr' [ 240.785613][ T6789] Cannot create hsr debugfs directory [ 240.900753][ T7000] input: syz0 as /devices/virtual/input/input8 [ 241.160338][ T7003] program syz.3.320 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.451547][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 243.481612][ T5920] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 243.481726][ T5920] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 244.229965][ T7027] program syz.3.328 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 244.684254][ T6917] chnl_net:caif_netlink_parms(): no params data found [ 245.308437][ T6783] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 245.405823][ T6783] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 245.914128][ T6783] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 246.449322][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 246.449676][ T5920] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 246.449694][ T5920] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 246.966906][ T7071] program syz.3.336 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 247.055208][ T6783] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 247.632336][ T7077] hfsplus: unable to find HFS+ superblock [ 248.597434][ T6917] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.597609][ T6917] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.597866][ T6917] bridge_slave_0: entered allmulticast mode [ 248.622327][ T6917] bridge_slave_0: entered promiscuous mode [ 248.931657][ T6917] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.931889][ T6917] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.932158][ T6917] bridge_slave_1: entered allmulticast mode [ 249.354272][ T6917] bridge_slave_1: entered promiscuous mode [ 250.365134][ T6917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.533872][ T6917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.534316][ T6789] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 250.775416][ T6789] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 250.905300][ T6789] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 251.037912][ T6917] team0: Port device team_slave_0 added [ 251.040923][ T6789] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 251.071353][ T6917] team0: Port device team_slave_1 added [ 251.282791][ T6917] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.282810][ T6917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.282838][ T6917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.291149][ T6917] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.291165][ T6917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.291189][ T6917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.572265][ T6917] hsr_slave_0: entered promiscuous mode [ 251.574015][ T6917] hsr_slave_1: entered promiscuous mode [ 251.575250][ T6917] debugfs: 'hsr0' already exists in 'hsr' [ 251.575278][ T6917] Cannot create hsr debugfs directory [ 252.596653][ T6783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 252.731219][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 252.732138][ T5920] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 252.732160][ T5920] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 253.142134][ T6789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.153540][ T6783] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.208622][ T6735] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.208865][ T6735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.492453][ T1268] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.492730][ T1268] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.538142][ T6789] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.594666][ T1354] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.594970][ T1354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.662424][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.662670][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.377177][ T6917] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 254.451244][ T6917] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 254.524643][ T6917] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 254.578436][ T6917] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 254.780487][ T6783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.889663][ T5839] Bluetooth: hci6: command 0x0c1a tx timeout [ 254.890262][ T5920] Bluetooth: hci6: Opcode 0x0c1a failed: -110 [ 254.890282][ T5920] Bluetooth: hci6: Error when powering off device on rfkill (-110) [ 255.003400][ T6789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.337949][ T6917] 8021q: adding VLAN 0 to HW filter on device bond0 [ 255.423294][ T6917] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.487537][ T1268] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.487793][ T1268] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.544614][ T1268] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.544829][ T1268] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.317791][ T6783] veth0_vlan: entered promiscuous mode [ 256.373886][ T6783] veth1_vlan: entered promiscuous mode [ 256.416351][ T6789] veth0_vlan: entered promiscuous mode [ 256.506055][ T6789] veth1_vlan: entered promiscuous mode [ 256.566441][ T6917] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 256.594590][ T6783] veth0_macvtap: entered promiscuous mode [ 256.626483][ T6783] veth1_macvtap: entered promiscuous mode [ 256.777854][ T6783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 256.797151][ T6789] veth0_macvtap: entered promiscuous mode [ 256.822148][ T6783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.848751][ T6789] veth1_macvtap: entered promiscuous mode [ 256.891521][ T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.920131][ T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.939728][ T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.958448][ T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.141983][ T6789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 257.187721][ T6789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 257.209579][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 257.210210][ T5920] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 257.210231][ T5920] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 257.344650][ T6735] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.344920][ T6735] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.345595][ T6735] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.345937][ T6735] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.392432][ T6917] veth0_vlan: entered promiscuous mode [ 258.424507][ T7188] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 258.440713][ T7187] IPVS: stopping master sync thread 7188 ... [ 258.481394][ T6917] veth1_vlan: entered promiscuous mode [ 258.679170][ T6917] veth0_macvtap: entered promiscuous mode [ 258.694742][ T6917] veth1_macvtap: entered promiscuous mode [ 258.788419][ T6917] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 258.826309][ T6917] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 258.877929][ T1354] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.895169][ T1354] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.918028][ T1354] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.918371][ T1354] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.142911][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.143014][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.579482][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.579573][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.034493][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.034582][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 417.929592][ T38] INFO: task kworker/1:2:992 blocked for more than 143 seconds. [ 417.929620][ T38] Not tainted syzkaller #0 [ 417.929631][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.929641][ T38] task:kworker/1:2 state:D stack:20808 pid:992 tgid:992 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 417.929719][ [ 417.929719][ T38] Workqueue: events rfkill_sync_work [ 417.929778][ T38] Call Trace: [ 417.929786][ T38] [ 417.929801][ T38] __schedule+0x16f3/0x4c20 [ 417.929854][ T38] ? ktime_get+0x3e/0x1f0 [ 417.929899][ T38] ? __pfx___schedule+0x10/0x10 [ 417.929977][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.930025][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.930054][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.930109][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 417.930179][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.930228][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.930262][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.930327][ T38] ? rfkill_sync_work+0x2e/0x200 [ 417.930370][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.930410][ T38] rfkill_sync_work+0x2e/0x200 [ 417.930439][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.930470][ T38] process_scheduled_works+0xade/0x17b0 [ 417.930533][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 417.930583][ T38] worker_thread+0x8a0/0xda0 [ 417.930628][ T38] ? __kthread_parkme+0x7b/0x200 [ 417.930670][ T38] kthread+0x70e/0x8a0 [ 417.930707][ T38] ? __pfx_worker_thread+0x10/0x10 [ 417.930736][ T38] ? __pfx_kthread+0x10/0x10 [ 417.930776][ T38] ? __pfx_kthread+0x10/0x10 [ 417.930810][ T38] ret_from_fork+0x3f9/0x770 [ 417.930842][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.930878][ T38] ? __switch_to_asm+0x39/0x70 [ 417.930899][ T38] ? __switch_to_asm+0x33/0x70 [ 417.930918][ T38] ? __pfx_kthread+0x10/0x10 [ 417.930953][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.930994][ T38] [ 417.931054][ T38] INFO: task kworker/u8:11:3598 blocked for more than 143 seconds. [ 417.931076][ T38] Not tainted syzkaller #0 [ 417.931087][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.931096][ T38] task:kworker/u8:11 state:D stack:21512 pid:3598 tgid:3598 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 417.931157][ T38] Workqueue: netns cleanup_net [ 417.931187][ T38] Call Trace: [ 417.931194][ T38] [ 417.931208][ T38] __schedule+0x16f3/0x4c20 [ 417.931253][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.931297][ T38] ? __pfx___schedule+0x10/0x10 [ 417.931350][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.931386][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.931408][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.931434][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.931481][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.931509][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.931537][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.931594][ T38] ? rfkill_unregister+0xd1/0x230 [ 417.931624][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.931672][ T38] rfkill_unregister+0xd1/0x230 [ 417.931708][ T38] wiphy_unregister+0x238/0xae0 [ 417.931742][ T38] ? __pfx_wiphy_unregister+0x10/0x10 [ 417.931770][ T38] ? kasan_quarantine_put+0xdd/0x220 [ 417.931796][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.931831][ T38] ? ieee80211_unregister_hw+0x144/0x2c0 [ 417.931859][ T38] ? kfree+0x195/0x550 [ 417.931893][ T38] ieee80211_unregister_hw+0x1e2/0x2c0 [ 417.931922][ T38] mac80211_hwsim_del_radio+0x275/0x460 [ 417.931957][ T38] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 417.932000][ T38] hwsim_exit_net+0x59e/0x660 [ 417.932029][ T38] ? __pfx_hwsim_exit_net+0x10/0x10 [ 417.932059][ T38] ? __ip_vs_dev_cleanup_batch+0x238/0x260 [ 417.932103][ T38] ops_undo_list+0x497/0x990 [ 417.932143][ T38] ? __pfx_ops_undo_list+0x10/0x10 [ 417.932188][ T38] cleanup_net+0x4cb/0x800 [ 417.932223][ T38] ? __pfx_cleanup_net+0x10/0x10 [ 417.932257][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.932288][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.932314][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.932344][ T38] process_scheduled_works+0xade/0x17b0 [ 417.932408][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 417.932457][ T38] worker_thread+0x8a0/0xda0 [ 417.932488][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 417.932532][ T38] ? __kthread_parkme+0x7b/0x200 [ 417.932574][ T38] kthread+0x70e/0x8a0 [ 417.932612][ T38] ? __pfx_worker_thread+0x10/0x10 [ 417.932639][ T38] ? __pfx_kthread+0x10/0x10 [ 417.932679][ T38] ? __pfx_kthread+0x10/0x10 [ 417.932714][ T38] ret_from_fork+0x3f9/0x770 [ 417.932745][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.932781][ T38] ? __switch_to_asm+0x39/0x70 [ 417.932800][ T38] ? __switch_to_asm+0x33/0x70 [ 417.932817][ T38] ? __pfx_kthread+0x10/0x10 [ 417.932848][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.932889][ T38] [ 417.932900][ T38] INFO: task kworker/0:2:5166 blocked for more than 143 seconds. [ 417.932914][ T38] Not tainted syzkaller #0 [ 417.932924][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.932933][ T38] task:kworker/0:2 state:D stack:20872 pid:5166 tgid:5166 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 417.933000][ T38] Workqueue: events rfkill_global_led_trigger_worker [ 417.933034][ T38] Call Trace: [ 417.933040][ T38] [ 417.933054][ T38] __schedule+0x16f3/0x4c20 [ 417.933122][ T38] ? __pfx___schedule+0x10/0x10 [ 417.933175][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.933210][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.933231][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.933257][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.933305][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.933334][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.933361][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.933401][ T38] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 417.933454][ T38] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 417.933487][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.933513][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.933544][ T38] rfkill_global_led_trigger_worker+0x27/0xd0 [ 417.933578][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.933606][ T38] process_scheduled_works+0xade/0x17b0 [ 417.933670][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 417.933719][ T38] worker_thread+0x8a0/0xda0 [ 417.933780][ T38] kthread+0x70e/0x8a0 [ 417.933816][ T38] ? __pfx_worker_thread+0x10/0x10 [ 417.933849][ T38] ? __pfx_kthread+0x10/0x10 [ 417.933896][ T38] ? __pfx_kthread+0x10/0x10 [ 417.933931][ T38] ret_from_fork+0x3f9/0x770 [ 417.933963][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.934000][ T38] ? __switch_to_asm+0x39/0x70 [ 417.934020][ T38] ? __switch_to_asm+0x33/0x70 [ 417.934039][ T38] ? __pfx_kthread+0x10/0x10 [ 417.934079][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.934122][ T38] [ 417.934140][ T38] INFO: task syz-executor:5838 blocked for more than 143 seconds. [ 417.934154][ T38] Not tainted syzkaller #0 [ 417.934164][ T38] Blocked by coredump. [ 417.934170][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.934179][ T38] task:syz-executor state:D stack:21832 pid:5838 tgid:5838 ppid:1 task_flags:0x40054c flags:0x00004006 [ 417.934238][ T38] Call Trace: [ 417.934245][ T38] [ 417.934259][ T38] __schedule+0x16f3/0x4c20 [ 417.934293][ T38] ? preempt_schedule_common+0x83/0xd0 [ 417.934331][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.934373][ T38] ? __pfx___schedule+0x10/0x10 [ 417.934426][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.934462][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.934484][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.934510][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.934558][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.934587][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.934615][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.934640][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.934681][ T38] ? rfkill_unregister+0xd1/0x230 [ 417.934730][ T38] ? rfkill_unregister+0xd1/0x230 [ 417.934759][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.934793][ T38] rfkill_unregister+0xd1/0x230 [ 417.934827][ T38] hci_unregister_dev+0x374/0x510 [ 417.934860][ T38] vhci_release+0x155/0x1b0 [ 417.934889][ T38] ? __pfx_vhci_release+0x10/0x10 [ 417.934917][ T38] __fput+0x45b/0xa80 [ 417.934953][ T38] task_work_run+0x1d4/0x260 [ 417.934980][ T38] ? __pfx_task_work_run+0x10/0x10 [ 417.935004][ T38] ? do_exit+0x6b0/0x2300 [ 417.935023][ T38] ? kmem_cache_free+0x195/0x510 [ 417.935060][ T38] do_exit+0x6b5/0x2300 [ 417.935088][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 417.935128][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.935161][ T38] ? __pfx_do_exit+0x10/0x10 [ 417.935179][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.935209][ T38] ? rt_spin_lock+0x1bb/0x2c0 [ 417.935248][ T38] do_group_exit+0x21c/0x2d0 [ 417.935276][ T38] get_signal+0x125e/0x1310 [ 417.935331][ T38] arch_do_signal_or_restart+0x9a/0x750 [ 417.935359][ T38] ? __pfx___x64_sys_wait4+0x10/0x10 [ 417.935387][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 417.935441][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 417.935476][ T38] exit_to_user_mode_loop+0x75/0x110 [ 417.935506][ T38] do_syscall_64+0x2bd/0x3b0 [ 417.935526][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.935557][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.935580][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.935607][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.935628][ T38] RIP: 0033:0x7f557a454e57 [ 417.935647][ T38] RSP: 002b:00007ffe794e6f80 EFLAGS: 00000293 ORIG_RAX: 000000000000003d [ 417.935666][ T38] RAX: fffffffffffffe00 RBX: 0000000000000141 RCX: 00007f557a454e57 [ 417.935682][ T38] RDX: 0000000040000000 RSI: 00007ffe794e6fec RDI: 00000000ffffffff [ 417.935697][ T38] RBP: 00007ffe794e6fec R08: 0000000000000000 R09: 0000000000000000 [ 417.935711][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000071 [ 417.935724][ T38] R13: 0000555562342590 R14: 000000000003c16c R15: 00007ffe794e7040 [ 417.935760][ T38] [ 417.935781][ T38] INFO: task kworker/0:5:5920 blocked for more than 143 seconds. [ 417.935794][ T38] Not tainted syzkaller #0 [ 417.935804][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.935813][ T38] task:kworker/0:5 state:D stack:20808 pid:5920 tgid:5920 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 417.935885][ T38] Workqueue: events rfkill_op_handler [ 417.935904][ T38] Call Trace: [ 417.935911][ T38] [ 417.935924][ T38] __schedule+0x16f3/0x4c20 [ 417.935964][ T38] ? sched_clock+0x3f/0x60 [ 417.935990][ T38] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 417.936028][ T38] ? __pfx___schedule+0x10/0x10 [ 417.936095][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.936115][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.936157][ T38] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 417.936188][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.936218][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.936245][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.936284][ T38] ? nfc_rfkill_set_block+0x50/0x2e0 [ 417.936318][ T38] ? rt_spin_lock+0x1bb/0x2c0 [ 417.936348][ T38] ? nfc_rfkill_set_block+0x50/0x2e0 [ 417.936369][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.936397][ T38] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 417.936423][ T38] nfc_rfkill_set_block+0x50/0x2e0 [ 417.936447][ T38] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 417.936484][ T38] rfkill_set_block+0x1e2/0x450 [ 417.936520][ T38] rfkill_epo+0x7e/0x180 [ 417.936549][ T38] rfkill_op_handler+0x84/0x240 [ 417.936569][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 417.936595][ T38] process_scheduled_works+0xade/0x17b0 [ 417.936659][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 417.936709][ T38] worker_thread+0x8a0/0xda0 [ 417.936769][ T38] kthread+0x70e/0x8a0 [ 417.936807][ T38] ? __pfx_worker_thread+0x10/0x10 [ 417.936834][ T38] ? __pfx_kthread+0x10/0x10 [ 417.936874][ T38] ? __pfx_kthread+0x10/0x10 [ 417.936909][ T38] ret_from_fork+0x3f9/0x770 [ 417.936941][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.936978][ T38] ? __switch_to_asm+0x39/0x70 [ 417.936997][ T38] ? __switch_to_asm+0x33/0x70 [ 417.937017][ T38] ? __pfx_kthread+0x10/0x10 [ 417.937050][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.937099][ T38] [ 417.937116][ T38] INFO: task syz-executor:6783 blocked for more than 143 seconds. [ 417.937130][ T38] Not tainted syzkaller #0 [ 417.937140][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.937150][ T38] task:syz-executor state:D stack:20376 pid:6783 tgid:6783 ppid:1 task_flags:0x400140 flags:0x00004004 [ 417.937206][ T38] Call Trace: [ 417.937213][ T38] [ 417.937227][ T38] __schedule+0x16f3/0x4c20 [ 417.937286][ T38] ? __pfx___schedule+0x10/0x10 [ 417.937334][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.937369][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.937390][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.937416][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.937463][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.937492][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.937520][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.937576][ T38] ? rfkill_fop_open+0x138/0x820 [ 417.937595][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.937618][ T38] ? __init_waitqueue_head+0xae/0x160 [ 417.937652][ T38] rfkill_fop_open+0x138/0x820 [ 417.937679][ T38] ? mutex_lock_nested+0x16a/0x1d0 [ 417.937709][ T38] ? __pfx_rfkill_fop_open+0x10/0x10 [ 417.937729][ T38] misc_open+0x2c2/0x340 [ 417.937765][ T38] chrdev_open+0x4cf/0x5e0 [ 417.937800][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.937843][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.937881][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.937912][ T38] do_dentry_open+0x9ae/0x1350 [ 417.937949][ T38] vfs_open+0x3b/0x350 [ 417.937966][ T38] ? path_openat+0x2ed9/0x3840 [ 417.937995][ T38] path_openat+0x2ef1/0x3840 [ 417.938029][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.938101][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.938127][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.938166][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.938199][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.938232][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.938274][ T38] do_filp_open+0x1fa/0x410 [ 417.938304][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.938326][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.938383][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.938429][ T38] do_sys_openat2+0x121/0x1c0 [ 417.938455][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.938475][ T38] ? fput_close_sync+0x119/0x200 [ 417.938501][ T38] ? __pfx_fput_close_sync+0x10/0x10 [ 417.938525][ T38] ? rt_spin_unlock+0x65/0x80 [ 417.938556][ T38] __x64_sys_openat+0x138/0x170 [ 417.938585][ T38] do_syscall_64+0xfa/0x3b0 [ 417.938602][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.938631][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.938652][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.938679][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.938700][ T38] RIP: 0033:0x7f8d8f31d550 [ 417.938717][ T38] RSP: 002b:00007ffc56bc65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 417.938738][ T38] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f8d8f31d550 [ 417.938753][ T38] RDX: 0000000000000002 RSI: 00007f8d8f3a28cd RDI: 00000000ffffff9c [ 417.938767][ T38] RBP: 00007f8d8f3a28cd R08: 0000000000000000 R09: 0000000000000000 [ 417.938781][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 417.938793][ T38] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 417.938826][ T38] [ 417.938835][ T38] INFO: task syz-executor:6789 blocked for more than 143 seconds. [ 417.938849][ T38] Not tainted syzkaller #0 [ 417.938859][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.938868][ T38] task:syz-executor state:D stack:21320 pid:6789 tgid:6789 ppid:1 task_flags:0x400140 flags:0x00004004 [ 417.938925][ T38] Call Trace: [ 417.938932][ T38] [ 417.938945][ T38] __schedule+0x16f3/0x4c20 [ 417.938990][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.939032][ T38] ? __pfx___schedule+0x10/0x10 [ 417.939098][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.939119][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.943949][ T38] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 417.943990][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.944016][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.944040][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.944067][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.944105][ T38] ? misc_open+0x51/0x340 [ 417.944134][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.944158][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.944191][ T38] ? misc_open+0x51/0x340 [ 417.944212][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.944241][ T38] misc_open+0x51/0x340 [ 417.944270][ T38] chrdev_open+0x4cf/0x5e0 [ 417.944300][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.944338][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.944370][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.944396][ T38] do_dentry_open+0x9ae/0x1350 [ 417.944429][ T38] vfs_open+0x3b/0x350 [ 417.944444][ T38] ? path_openat+0x2ed9/0x3840 [ 417.944469][ T38] path_openat+0x2ef1/0x3840 [ 417.944499][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.944559][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.944582][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.944615][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.944642][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.944672][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.944713][ T38] do_filp_open+0x1fa/0x410 [ 417.944747][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.944786][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.944842][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.944889][ T38] do_sys_openat2+0x121/0x1c0 [ 417.944912][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.944929][ T38] ? fput_close_sync+0x119/0x200 [ 417.944951][ T38] ? __pfx_fput_close_sync+0x10/0x10 [ 417.944972][ T38] ? rt_spin_unlock+0x65/0x80 [ 417.944999][ T38] __x64_sys_openat+0x138/0x170 [ 417.945025][ T38] do_syscall_64+0xfa/0x3b0 [ 417.945042][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.945075][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.945094][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.945117][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.945135][ T38] RIP: 0033:0x7f9f1954d550 [ 417.945151][ T38] RSP: 002b:00007ffcbe1e1270 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 417.945171][ T38] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9f1954d550 [ 417.945184][ T38] RDX: 0000000000000002 RSI: 00007f9f195d28cd RDI: 00000000ffffff9c [ 417.945197][ T38] RBP: 00007f9f195d28cd R08: 0000000000000000 R09: 0000000000000000 [ 417.945209][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 417.945220][ T38] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 417.945250][ T38] [ 417.945263][ T38] INFO: task syz-executor:6917 blocked for more than 143 seconds. [ 417.945277][ T38] Not tainted syzkaller #0 [ 417.945286][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.945294][ T38] task:syz-executor state:D stack:21832 pid:6917 tgid:6917 ppid:1 task_flags:0x400140 flags:0x00004004 [ 417.945349][ T38] Call Trace: [ 417.945355][ T38] [ 417.945367][ T38] __schedule+0x16f3/0x4c20 [ 417.945407][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.945443][ T38] ? __pfx___schedule+0x10/0x10 [ 417.945496][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.945526][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.945545][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.945581][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.945640][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.945666][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.945689][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.945710][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.945746][ T38] ? misc_open+0x51/0x340 [ 417.945773][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.945797][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.945830][ T38] ? misc_open+0x51/0x340 [ 417.945851][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.945879][ T38] misc_open+0x51/0x340 [ 417.945907][ T38] chrdev_open+0x4cf/0x5e0 [ 417.945937][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.945966][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.945997][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.946023][ T38] do_dentry_open+0x9ae/0x1350 [ 417.946055][ T38] vfs_open+0x3b/0x350 [ 417.946077][ T38] ? path_openat+0x2ed9/0x3840 [ 417.946102][ T38] path_openat+0x2ef1/0x3840 [ 417.946131][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.946183][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.946206][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.946238][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.946266][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.946294][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.946328][ T38] do_filp_open+0x1fa/0x410 [ 417.946353][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.946373][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.946422][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.946460][ T38] do_sys_openat2+0x121/0x1c0 [ 417.946483][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.946500][ T38] ? fput_close_sync+0x119/0x200 [ 417.946521][ T38] ? __pfx_fput_close_sync+0x10/0x10 [ 417.946541][ T38] ? rt_spin_unlock+0x65/0x80 [ 417.946569][ T38] __x64_sys_openat+0x138/0x170 [ 417.946595][ T38] do_syscall_64+0xfa/0x3b0 [ 417.946614][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.946631][ T38] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 417.946650][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.946674][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.946692][ T38] RIP: 0033:0x7fb1e8e5d550 [ 417.946707][ T38] RSP: 002b:00007fffa3375940 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 417.946724][ T38] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb1e8e5d550 [ 417.946738][ T38] RDX: 0000000000000002 RSI: 00007fb1e8ee28cd RDI: 00000000ffffff9c [ 417.946750][ T38] RBP: 00007fb1e8ee28cd R08: 0000000000000000 R09: 0000000000000000 [ 417.946762][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 417.946774][ T38] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 417.946804][ T38] [ 417.946812][ T38] INFO: task +}[@:7047 blocked for more than 143 seconds. [ 417.946824][ T38] Not tainted syzkaller #0 [ 417.946833][ T38] Blocked by coredump. [ 417.946839][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.946847][ T38] task:+}[@ state:D stack:25608 pid:7047 tgid:7046 ppid:5838 task_flags:0x40054c flags:0x00004002 [ 417.946900][ T38] Call Trace: [ 417.946906][ T38] [ 417.946918][ T38] __schedule+0x16f3/0x4c20 [ 417.946968][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.946993][ T38] ? __pfx___schedule+0x10/0x10 [ 417.947037][ T38] ? schedule+0x91/0x360 [ 417.947073][ T38] schedule+0x165/0x360 [ 417.947101][ T38] schedule_timeout+0x9a/0x270 [ 417.947126][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 417.947166][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.947194][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.947218][ T38] ? wait_for_completion+0x267/0x5d0 [ 417.947248][ T38] wait_for_completion+0x2bf/0x5d0 [ 417.947288][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 417.947322][ T38] ? __flush_work+0xd2/0xbe0 [ 417.947350][ T38] ? __flush_work+0xd2/0xbe0 [ 417.947376][ T38] __flush_work+0x9b9/0xbe0 [ 417.947407][ T38] ? __flush_work+0xd2/0xbe0 [ 417.947437][ T38] ? __pfx___flush_work+0x10/0x10 [ 417.947465][ T38] ? __pfx_wq_barrier_func+0x10/0x10 [ 417.947505][ T38] ? __pfx___cancel_work+0x10/0x10 [ 417.947531][ T38] ? nfc_genl_device_removed+0x23c/0x330 [ 417.947562][ T38] __cancel_work_sync+0xbe/0x110 [ 417.947591][ T38] rfkill_unregister+0x95/0x230 [ 417.947623][ T38] nfc_unregister_device+0x96/0x2a0 [ 417.947645][ T38] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 417.947668][ T38] virtual_ncidev_close+0x59/0x90 [ 417.947689][ T38] __fput+0x45b/0xa80 [ 417.947721][ T38] task_work_run+0x1d4/0x260 [ 417.947744][ T38] ? __pfx_task_work_run+0x10/0x10 [ 417.947775][ T38] do_exit+0x6b5/0x2300 [ 417.947794][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 417.947827][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.947855][ T38] ? __pfx_do_exit+0x10/0x10 [ 417.947870][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.947897][ T38] ? rt_spin_lock+0x1bb/0x2c0 [ 417.947937][ T38] do_group_exit+0x21c/0x2d0 [ 417.947971][ T38] get_signal+0x125e/0x1310 [ 417.948039][ T38] arch_do_signal_or_restart+0x9a/0x750 [ 417.948083][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 417.948130][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 417.948160][ T38] exit_to_user_mode_loop+0x75/0x110 [ 417.948192][ T38] do_syscall_64+0x2bd/0x3b0 [ 417.948209][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.948236][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.948255][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.948279][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.948297][ T38] RIP: 0033:0x7f557a45ebe9 [ 417.948312][ T38] RSP: 002b:00007f55786be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.948330][ T38] RAX: 0000000000000003 RBX: 00007f557a695fa0 RCX: 00007f557a45ebe9 [ 417.948343][ T38] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 417.948356][ T38] RBP: 00007f557a4e1e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.948368][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.948380][ T38] R13: 00007f557a696038 R14: 00007f557a695fa0 R15: 00007ffe794e6c28 [ 417.948412][ T38] [ 417.948427][ T38] INFO: task syz.3.345:7192 blocked for more than 143 seconds. [ 417.948439][ T38] Not tainted syzkaller #0 [ 417.948449][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.948456][ T38] task:syz.3.345 state:D stack:28264 pid:7192 tgid:7191 ppid:5845 task_flags:0x400040 flags:0x00004004 [ 417.948512][ T38] Call Trace: [ 417.948518][ T38] [ 417.948530][ T38] __schedule+0x16f3/0x4c20 [ 417.948568][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.948604][ T38] ? __pfx___schedule+0x10/0x10 [ 417.948649][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.948679][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.948697][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.948719][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.948760][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.948786][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.948817][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.948837][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.948873][ T38] ? misc_open+0x51/0x340 [ 417.948901][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.948924][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.948958][ T38] ? misc_open+0x51/0x340 [ 417.948979][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.949007][ T38] misc_open+0x51/0x340 [ 417.949036][ T38] chrdev_open+0x4cf/0x5e0 [ 417.949072][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.949101][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.949133][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.949158][ T38] do_dentry_open+0x9ae/0x1350 [ 417.954262][ T38] vfs_open+0x3b/0x350 [ 417.954288][ T38] ? path_openat+0x2ed9/0x3840 [ 417.954313][ T38] path_openat+0x2ef1/0x3840 [ 417.954343][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.954397][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.954419][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.954453][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.954481][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.954509][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.954544][ T38] do_filp_open+0x1fa/0x410 [ 417.954569][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.954588][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.954637][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.954675][ T38] do_sys_openat2+0x121/0x1c0 [ 417.954698][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.954718][ T38] ? exc_page_fault+0x76/0xf0 [ 417.954749][ T38] ? do_user_addr_fault+0xc8a/0x1390 [ 417.954776][ T38] __x64_sys_openat+0x138/0x170 [ 417.954802][ T38] do_syscall_64+0xfa/0x3b0 [ 417.954819][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.954845][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.954865][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.954889][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.954908][ T38] RIP: 0033:0x7fa14892ebe9 [ 417.954923][ T38] RSP: 002b:00007fa146b8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.954943][ T38] RAX: ffffffffffffffda RBX: 00007fa148b65fa0 RCX: 00007fa14892ebe9 [ 417.954957][ T38] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 417.954969][ T38] RBP: 00007fa1489b1e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.954981][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.954993][ T38] R13: 00007fa148b66038 R14: 00007fa148b65fa0 R15: 00007ffd0305ae48 [ 417.955024][ T38] [ 417.955031][ T38] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 417.955041][ T38] INFO: task syz.3.345:7194 blocked for more than 143 seconds. [ 417.955054][ T38] Not tainted syzkaller #0 [ 417.955071][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.955079][ T38] task:syz.3.345 state:D stack:27672 pid:7194 tgid:7191 ppid:5845 task_flags:0x400040 flags:0x00004004 [ 417.955135][ T38] Call Trace: [ 417.955141][ T38] [ 417.955154][ T38] __schedule+0x16f3/0x4c20 [ 417.955192][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.955229][ T38] ? __pfx___schedule+0x10/0x10 [ 417.955274][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.955304][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.955323][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.955346][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.955387][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.955412][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.955436][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.955457][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.955493][ T38] ? misc_open+0x51/0x340 [ 417.955520][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.955544][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.955577][ T38] ? misc_open+0x51/0x340 [ 417.955599][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.955628][ T38] misc_open+0x51/0x340 [ 417.955657][ T38] chrdev_open+0x4cf/0x5e0 [ 417.955687][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.955716][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.955749][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.955774][ T38] do_dentry_open+0x9ae/0x1350 [ 417.955806][ T38] vfs_open+0x3b/0x350 [ 417.955821][ T38] ? path_openat+0x2ed9/0x3840 [ 417.955845][ T38] path_openat+0x2ef1/0x3840 [ 417.955874][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.955927][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.955949][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.955982][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.956010][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.956038][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.956080][ T38] do_filp_open+0x1fa/0x410 [ 417.956104][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.956123][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.956172][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.956210][ T38] do_sys_openat2+0x121/0x1c0 [ 417.956229][ T38] ? __se_sys_futex+0x36f/0x400 [ 417.956253][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.956280][ T38] ? rcu_is_watching+0x15/0xb0 [ 417.956313][ T38] __x64_sys_openat+0x138/0x170 [ 417.956339][ T38] do_syscall_64+0xfa/0x3b0 [ 417.956355][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.956381][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.956400][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.956423][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.956441][ T38] RIP: 0033:0x7fa14892ebe9 [ 417.956456][ T38] RSP: 002b:00007fa146b6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.956474][ T38] RAX: ffffffffffffffda RBX: 00007fa148b66090 RCX: 00007fa14892ebe9 [ 417.956488][ T38] RDX: 0000000000000000 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 417.956501][ T38] RBP: 00007fa1489b1e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.956513][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.956524][ T38] R13: 00007fa148b66128 R14: 00007fa148b66090 R15: 00007ffd0305ae48 [ 417.956556][ T38] [ 417.956562][ T38] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 417.956570][ T38] INFO: task syz.3.345:7195 blocked for more than 143 seconds. [ 417.956583][ T38] Not tainted syzkaller #0 [ 417.956591][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.956599][ T38] task:syz.3.345 state:D stack:26984 pid:7195 tgid:7191 ppid:5845 task_flags:0x400040 flags:0x00004004 [ 417.956652][ T38] Call Trace: [ 417.956658][ T38] [ 417.956670][ T38] __schedule+0x16f3/0x4c20 [ 417.956708][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.956745][ T38] ? __pfx___schedule+0x10/0x10 [ 417.956790][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.956820][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.956838][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.956860][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.956901][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.956927][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.956950][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.956970][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.957006][ T38] ? misc_open+0x51/0x340 [ 417.957033][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.957057][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.957099][ T38] ? misc_open+0x51/0x340 [ 417.957120][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.957148][ T38] misc_open+0x51/0x340 [ 417.957177][ T38] chrdev_open+0x4cf/0x5e0 [ 417.957206][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.957235][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.957267][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.957293][ T38] do_dentry_open+0x9ae/0x1350 [ 417.957325][ T38] vfs_open+0x3b/0x350 [ 417.957340][ T38] ? path_openat+0x2ed9/0x3840 [ 417.957365][ T38] path_openat+0x2ef1/0x3840 [ 417.957393][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.957453][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.957476][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.957509][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.957551][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.957579][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.957614][ T38] do_filp_open+0x1fa/0x410 [ 417.957639][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.957658][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.957707][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.957745][ T38] do_sys_openat2+0x121/0x1c0 [ 417.957764][ T38] ? __se_sys_futex+0x36f/0x400 [ 417.957786][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.957813][ T38] ? rcu_is_watching+0x15/0xb0 [ 417.957845][ T38] __x64_sys_openat+0x138/0x170 [ 417.957870][ T38] do_syscall_64+0xfa/0x3b0 [ 417.957886][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.957912][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.957931][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.957955][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.957973][ T38] RIP: 0033:0x7fa14892ebe9 [ 417.957987][ T38] RSP: 002b:00007fa146b4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.958005][ T38] RAX: ffffffffffffffda RBX: 00007fa148b66180 RCX: 00007fa14892ebe9 [ 417.958018][ T38] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 417.958031][ T38] RBP: 00007fa1489b1e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.958043][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.958054][ T38] R13: 00007fa148b66218 R14: 00007fa148b66180 R15: 00007ffd0305ae48 [ 417.958132][ T38] [ 417.958139][ T38] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 417.958154][ T38] INFO: task syz-executor:7232 blocked for more than 143 seconds. [ 417.958166][ T38] Not tainted syzkaller #0 [ 417.958183][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 417.958191][ T38] task:syz-executor state:D stack:25880 pid:7232 tgid:7232 ppid:1 task_flags:0x400040 flags:0x00004000 [ 417.958250][ T38] Call Trace: [ 417.958256][ T38] [ 417.958268][ T38] __schedule+0x16f3/0x4c20 [ 417.958313][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.958350][ T38] ? __pfx___schedule+0x10/0x10 [ 417.958395][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 417.958426][ T38] rt_mutex_schedule+0x77/0xf0 [ 417.958445][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 417.958467][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 417.958508][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 417.958533][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 417.958557][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 417.958577][ T38] ? __lock_acquire+0xab9/0xd20 [ 417.958613][ T38] ? misc_open+0x51/0x340 [ 417.958640][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.958664][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 417.958697][ T38] ? misc_open+0x51/0x340 [ 417.958718][ T38] mutex_lock_nested+0x16a/0x1d0 [ 417.958747][ T38] misc_open+0x51/0x340 [ 417.958776][ T38] chrdev_open+0x4cf/0x5e0 [ 417.958806][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.958835][ T38] ? fsnotify_open_perm_and_set_mode+0x116/0x620 [ 417.958867][ T38] ? __pfx_chrdev_open+0x10/0x10 [ 417.958892][ T38] do_dentry_open+0x9ae/0x1350 [ 417.958924][ T38] vfs_open+0x3b/0x350 [ 417.958939][ T38] ? path_openat+0x2ed9/0x3840 [ 417.958964][ T38] path_openat+0x2ef1/0x3840 [ 417.958993][ T38] ? try_to_take_rt_mutex+0x840/0xb00 [ 417.959045][ T38] ? __pfx_path_openat+0x10/0x10 [ 417.959074][ T38] ? do_raw_spin_lock+0x121/0x290 [ 417.959107][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 417.959135][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.964289][ T38] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 417.964334][ T38] do_filp_open+0x1fa/0x410 [ 417.964361][ T38] ? __pfx_do_filp_open+0x10/0x10 [ 417.964381][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 417.964430][ T38] ? alloc_fd+0x64f/0x6c0 [ 417.964469][ T38] do_sys_openat2+0x121/0x1c0 [ 417.964492][ T38] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.964513][ T38] ? fd_install+0x9a/0x550 [ 417.964537][ T38] ? fd_install+0x313/0x550 [ 417.964569][ T38] __x64_sys_openat+0x138/0x170 [ 417.964596][ T38] do_syscall_64+0xfa/0x3b0 [ 417.964612][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 417.964639][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.964658][ T38] ? clear_bhb_loop+0x60/0xb0 [ 417.964682][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.964700][ T38] RIP: 0033:0x7f894459d4d1 [ 417.964716][ T38] RSP: 002b:00007ffe232252f0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 417.964736][ T38] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f894459d4d1 [ 417.964749][ T38] RDX: 0000000000000002 RSI: 00007f8944622822 RDI: 00000000ffffff9c [ 417.964762][ T38] RBP: 00007f8944622822 R08: 0000000000000000 R09: 00007f894530d6c0 [ 417.964775][ T38] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008 [ 417.964786][ T38] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 417.964816][ T38] [ 417.964823][ T38] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 417.964852][ T38] [ 417.964852][ T38] Showing all locks held in the system: [ 417.964861][ T38] 4 locks held by pr/legacy/17: [ 417.964875][ T38] 1 lock held by khungtaskd/38: [ 417.964884][ T38] #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 417.964938][ T38] 3 locks held by kworker/1:2/992: [ 417.964956][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 417.965070][ T38] #1: ffffc900043f7bc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 417.965119][ T38] #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200 [ 417.965192][ T38] 4 locks held by kworker/u8:11/3598: [ 417.965205][ T38] #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 417.965255][ T38] #1: ffffc9000d0b7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 417.965304][ T38] #2: ffffffff8ecc6280 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 417.965408][ T38] #3: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xd1/0x230 [ 417.965469][ T38] 3 locks held by kworker/0:2/5166: [ 417.965481][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 417.965529][ T38] #1: ffffc9000f85fbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 417.965577][ T38] #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 417.965630][ T38] 1 lock held by syslogd/5188: [ 417.965641][ T38] #0: ffff8880252b65d8 (&ei->socket.wq.wait){+.+.}-{3:3}, at: finish_wait+0xbf/0x1f0 [ 417.965687][ T38] 3 locks held by klogd/5195: [ 417.965699][ T38] 2 locks held by getty/5596: [ 417.965709][ T38] #0: ffff88823bf6a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 417.965763][ T38] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 417.965892][ T38] 1 lock held by syz-executor/5838: [ 417.965903][ T38] #0: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xd1/0x230 [ 417.965961][ T38] 4 locks held by kworker/0:5/5920: [ 417.965972][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 417.966018][ T38] #1: ffffc900058efbc0 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 417.966066][ T38] #2: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x4c/0x180 [ 417.966114][ T38] #3: ffff88804a6150f0 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 417.966162][ T38] 2 locks held by kworker/u8:15/6735: [ 417.966173][ T38] 2 locks held by syz-executor/6783: [ 417.966184][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966233][ T38] #1: ffffffff8efb1938 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x138/0x820 [ 417.966284][ T38] 1 lock held by syz-executor/6789: [ 417.966295][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966344][ T38] 1 lock held by syz-executor/6917: [ 417.966355][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966403][ T38] 1 lock held by +}[@/7047: [ 417.966413][ T38] #0: ffff88804a6150f0 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0 [ 417.966461][ T38] 1 lock held by syz.3.345/7192: [ 417.966472][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966521][ T38] 1 lock held by syz.3.345/7194: [ 417.966531][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966578][ T38] 1 lock held by syz.3.345/7195: [ 417.966588][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966635][ T38] 1 lock held by syz-executor/7232: [ 417.966646][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966694][ T38] 1 lock held by syz-executor/7394: [ 417.966705][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966752][ T38] 1 lock held by syz-executor/7395: [ 417.966762][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966818][ T38] 1 lock held by syz-executor/7396: [ 417.966828][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966878][ T38] 1 lock held by syz-executor/7561: [ 417.966888][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966936][ T38] 1 lock held by syz-executor/7563: [ 417.966947][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.966993][ T38] 1 lock held by syz-executor/7569: [ 417.967004][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967051][ T38] 1 lock held by syz-executor/7572: [ 417.967061][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967107][ T38] 1 lock held by syz-executor/7573: [ 417.967117][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967164][ T38] 1 lock held by syz-executor/7575: [ 417.967174][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967222][ T38] 1 lock held by syz-executor/7577: [ 417.967233][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967280][ T38] 1 lock held by syz-executor/7583: [ 417.967291][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967339][ T38] 1 lock held by syz-executor/7586: [ 417.967349][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967395][ T38] 1 lock held by syz-executor/7587: [ 417.967406][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967453][ T38] 1 lock held by syz-executor/7589: [ 417.967464][ T38] #0: ffffffff8e217618 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x340 [ 417.967511][ T38] [ 417.967516][ T38] ============================================= [ 417.967516][ T38] [ 417.967524][ T38] NMI backtrace for cpu 1 [ 417.967540][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 417.967561][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 417.967571][ T38] Call Trace: [ 417.967580][ T38] [ 417.967589][ T38] dump_stack_lvl+0x189/0x250 [ 417.967620][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 417.967647][ T38] ? __pfx__printk+0x10/0x10 [ 417.967681][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 417.967708][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 417.967734][ T38] ? __pfx__printk+0x10/0x10 [ 417.967759][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 417.967786][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 417.967822][ T38] watchdog+0xf93/0xfe0 [ 417.967853][ T38] ? watchdog+0x1de/0xfe0 [ 417.967882][ T38] kthread+0x70e/0x8a0 [ 417.967913][ T38] ? __pfx_watchdog+0x10/0x10 [ 417.967935][ T38] ? __pfx_kthread+0x10/0x10 [ 417.967967][ T38] ? __pfx_kthread+0x10/0x10 [ 417.967996][ T38] ret_from_fork+0x3f9/0x770 [ 417.968023][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.968053][ T38] ? __switch_to_asm+0x39/0x70 [ 417.968070][ T38] ? __switch_to_asm+0x33/0x70 [ 417.968087][ T38] ? __pfx_kthread+0x10/0x10 [ 417.968115][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.968149][ T38] [ 417.968157][ T38] Sending NMI from CPU 1 to CPUs 0: [ 417.968182][ C0] NMI backtrace for cpu 0 [ 417.968199][ C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 417.968218][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 417.968237][ C0] RIP: 0010:io_serial_in+0x77/0xc0 [ 417.968259][ C0] Code: e8 2e 83 7f fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 4f bd de fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f c3 cc cc cc cc cc 44 89 f9 80 e1 07 [ 417.968273][ C0] RSP: 0018:ffffc90000167890 EFLAGS: 00000202 [ 417.968288][ C0] RAX: 1ffffffff3275600 RBX: 00000000000003fd RCX: 0000000000000000 [ 417.968300][ C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000 [ 417.968310][ C0] RBP: ffffffff993ab850 R08: 0000000000000000 R09: 0000000000000000 [ 417.968321][ C0] R10: dffffc0000000000 R11: ffffffff853edc20 R12: dffffc0000000000 [ 417.968333][ C0] R13: 0000000000000000 R14: ffffffff993ab5c0 R15: 0000000000000000 [ 417.968344][ C0] FS: 0000000000000000(0000) GS:ffff8881268bf000(0000) knlGS:0000000000000000 [ 417.968357][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 417.968369][ C0] CR2: 00007f982a0d94fb CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 417.968385][ C0] Call Trace: [ 417.968391][ C0] [ 417.968399][ C0] wait_for_lsr+0x1aa/0x2f0 [ 417.968424][ C0] serial8250_console_write+0x11bd/0x1b40 [ 417.968449][ C0] ? __pfx_serial8250_console_write+0x10/0x10 [ 417.968467][ C0] ? console_flush_all+0x13a/0xcd0 [ 417.968487][ C0] ? console_flush_all+0x476/0xcd0 [ 417.968507][ C0] console_flush_all+0x695/0xcd0 [ 417.968527][ C0] ? console_flush_all+0x13a/0xcd0 [ 417.968546][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 417.968565][ C0] ? __lock_acquire+0xab9/0xd20 [ 417.968592][ C0] __console_flush_and_unlock+0xa4/0x240 [ 417.968612][ C0] ? __pfx___console_flush_and_unlock+0x10/0x10 [ 417.968635][ C0] legacy_kthread_func+0x13b/0x1a0 [ 417.968655][ C0] ? __pfx_legacy_kthread_func+0x10/0x10 [ 417.968675][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 417.968695][ C0] ? __kthread_parkme+0x7b/0x200 [ 417.968716][ C0] ? __kthread_parkme+0x1a1/0x200 [ 417.968740][ C0] kthread+0x70e/0x8a0 [ 417.968764][ C0] ? __pfx_legacy_kthread_func+0x10/0x10 [ 417.968784][ C0] ? __pfx_kthread+0x10/0x10 [ 417.968809][ C0] ? __pfx_kthread+0x10/0x10 [ 417.968833][ C0] ret_from_fork+0x3f9/0x770 [ 417.968854][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 417.968876][ C0] ? __switch_to_asm+0x39/0x70 [ 417.968891][ C0] ? __switch_to_asm+0x33/0x70 [ 417.968906][ C0] ? __pfx_kthread+0x10/0x10 [ 417.968930][ C0] ret_from_fork_asm+0x1a/0x30 [ 417.968953][ C0] [ 417.974112][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 417.974131][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 417.974153][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 417.974164][ T38] Call Trace: [ 417.974172][ T38] [ 417.974180][ T38] dump_stack_lvl+0x99/0x250 [ 417.974210][ T38] ? __asan_memcpy+0x40/0x70 [ 417.974231][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 417.974258][ T38] ? __pfx__printk+0x10/0x10 [ 417.974291][ T38] vpanic+0x281/0x750 [ 417.974321][ T38] ? __pfx_vpanic+0x10/0x10 [ 417.974347][ T38] ? preempt_schedule+0xae/0xc0 [ 417.974375][ T38] ? preempt_schedule_common+0x83/0xd0 [ 417.974407][ T38] panic+0xb9/0xc0 [ 417.974433][ T38] ? __pfx_panic+0x10/0x10 [ 417.974460][ T38] ? preempt_schedule_thunk+0x16/0x30 [ 417.974488][ T38] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 417.974514][ T38] watchdog+0xfd2/0xfe0 [ 417.974543][ T38] ? watchdog+0x1de/0xfe0 [ 417.974572][ T38] kthread+0x70e/0x8a0 [ 417.974603][ T38] ? __pfx_watchdog+0x10/0x10 [ 417.974625][ T38] ? __pfx_kthread+0x10/0x10 [ 417.974658][ T38] ? __pfx_kthread+0x10/0x10 [ 417.974686][ T38] ret_from_fork+0x3f9/0x770 [ 417.974713][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 417.974743][ T38] ? __switch_to_asm+0x39/0x70 [ 417.974760][ T38] ? __switch_to_asm+0x33/0x70 [ 417.974776][ T38] ? __pfx_kthread+0x10/0x10 [ 417.974804][ T38] ret_from_fork_asm+0x1a/0x30 [ 417.974845][ T38] [ 417.975162][ T38] Kernel Offset: disabled