last executing test programs: 10.991485678s ago: executing program 3 (id=532): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_wake_idle_without_ipi\x00', r0}, 0x10) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_RMID(r1, 0x0) mlockall(0x1) mlockall(0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0) 10.616173006s ago: executing program 4 (id=536): socket$packet(0x11, 0x0, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES64], 0x18}, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) connect$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 9.325089731s ago: executing program 4 (id=540): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io$hid(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000440), 0x36, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r4, &(0x7f0000000200)=ANY=[], 0x15) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) write(0xffffffffffffffff, &(0x7f0000000040)="1c00000016009b8a14e5f40700426e2400000000ff00000000000000", 0x23) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0x0, "f81d36c1"}, @main, @local]}}, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000280)={0x0, 0x0, 0x2, 'u,'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 6.900037749s ago: executing program 2 (id=548): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) io_submit(0x0, 0x0, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, 0x0, 0x48) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) 6.840272696s ago: executing program 1 (id=549): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x4) r1 = accept(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x9, 0x790f, 0x80, 0x7f, 0x6}, 0x14) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x1, @loopback}, 0x1c) 6.446591691s ago: executing program 0 (id=551): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000005cd800000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_io_uring_setup(0x20f8, &(0x7f0000000300)={0x0, 0x0, 0x200}, &(0x7f0000000100), &(0x7f0000000080)) socket$inet6_sctp(0xa, 0x801, 0x84) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0}) r3 = timerfd_create(0x0, 0x0) timerfd_gettime(r3, &(0x7f0000000040)) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0) 6.30419068s ago: executing program 3 (id=552): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="c00e00007200911fdabcf8b30771a54a07"], 0xfe33) 6.274197454s ago: executing program 1 (id=553): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5c0000000a0605000000000000000000000000000900020073797a31000000000500040000000000050005000200000005000100060000000c000780"], 0x5c}}, 0x0) 6.02140801s ago: executing program 0 (id=554): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90324fc60100c044002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 5.191274098s ago: executing program 3 (id=555): sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r3) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={0x0}}, 0x20000000) syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r3, 0x104, 0x4, 0x0, &(0x7f0000000140)) preadv(r3, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003400)=@ipv4_newroute={0x1c, 0x1a, 0x1}, 0x1c}}, 0x0) r6 = accept4(r4, 0x0, 0x0, 0x0) bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0), 0x10) sendto$l2tp(0xffffffffffffffff, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendfile(r6, 0xffffffffffffffff, 0x0, 0x8a000) fspick(r3, &(0x7f0000000480)='./file0\x00', 0x0) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000200)={r7, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ecfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "f7a78adde4baffaed544f59b58ae3151b9dd0fe9ca443e8ae600"}}) close_range(r0, 0xffffffffffffffff, 0x0) 5.123272748s ago: executing program 1 (id=556): socketpair(0x28, 0x5, 0x28, &(0x7f0000000280)) 4.889650393s ago: executing program 3 (id=557): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdirat$binderfs(0xffffffffffffff9c, 0x0, 0x1ff) mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 4.844077072s ago: executing program 1 (id=558): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000580)="fb", 0x1}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/44, 0x2c}], 0x1}, 0x40fd) 4.843748235s ago: executing program 0 (id=559): socketpair(0x10, 0x2, 0x23c, &(0x7f0000000000)) 4.360164836s ago: executing program 0 (id=560): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000500)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140643000000000e000a001000000086419820dd618929d4d850f84660c4b6", 0x38}], 0x1}, 0x0) 3.726340276s ago: executing program 1 (id=561): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0) 3.549982486s ago: executing program 1 (id=562): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_wake_idle_without_ipi\x00', r0}, 0x10) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_RMID(r1, 0x0) mlockall(0x1) mlockall(0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0) 3.539311676s ago: executing program 3 (id=563): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x4) r1 = accept(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x9, 0x790f, 0x80, 0x7f, 0x6}, 0x14) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x1, @loopback}, 0x1c) 3.43894254s ago: executing program 4 (id=564): r0 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x36, &(0x7f0000000100), 0x120) 3.215843147s ago: executing program 0 (id=565): syz_open_dev$sndctrl(&(0x7f0000000640), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x5) socket$alg(0x26, 0x5, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) r7 = openat$cgroup_procs(r5, 0x0, 0x2, 0x0) sendfile(r7, r6, 0x0, 0x4) sendmsg$nl_xfrm(r4, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000580)=ANY=[@ANYBLOB="4c010000100001000000000000000000ac1414aa000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414bb00001a000000000000000000000000006c000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c61746500"/228], 0x14c}}, 0x0) quotactl$Q_QUOTAOFF(0xffffffff80000300, &(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, r3, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="67498000080000008520000000"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x68, &(0x7f0000000200)=""/104, 0x41100, 0x31, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0x7, 0x7, 0x4f7}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000300)=[r8], &(0x7f0000000480)=[{0x0, 0x1, 0x8, 0x1}, {0x5, 0x3, 0x7, 0xb}, {0x2, 0x5, 0x8}, {0x5, 0x3, 0x0, 0x8}, {0x5, 0x4, 0x4, 0x1}, {0x4, 0x4, 0xb, 0xc}, {0x3, 0x3, 0xa, 0x2}, {0x0, 0x1, 0x5, 0x5}, {0x1, 0x5, 0x5, 0x1}], 0x10, 0xa8}, 0x90) socket$inet_icmp_raw(0x2, 0x3, 0x1) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r9 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$update(0x2, r9, &(0x7f0000000080)="fd", 0x1) 3.215311311s ago: executing program 4 (id=566): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b904020000", 0x13}], 0x1}, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0) 3.178160297s ago: executing program 2 (id=567): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000440)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop, @rr={0x7, 0x3, 0x9e}]}}}], 0x18}, 0x0) 3.072127169s ago: executing program 2 (id=568): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r5 = open(0x0, 0x0, 0x0) getdents(r5, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x8, 0xffff133a, 0x1], [{0x35, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3cf7}], 0xc}) 2.992131743s ago: executing program 4 (id=569): sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r3) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={0x0}}, 0x20000000) syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r3, 0x104, 0x4, 0x0, &(0x7f0000000140)) preadv(r3, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003400)=@ipv4_newroute={0x1c, 0x1a, 0x1}, 0x1c}}, 0x0) r6 = accept4(r4, 0x0, 0x0, 0x0) bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0), 0x10) sendto$l2tp(0xffffffffffffffff, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendfile(r6, 0xffffffffffffffff, 0x0, 0x8a000) fspick(r3, &(0x7f0000000480)='./file0\x00', 0x0) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000200)={r7, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ecfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "f7a78adde4baffaed544f59b58ae3151b9dd0fe9ca443e8ae600"}}) close_range(r0, 0xffffffffffffffff, 0x0) 1.496011761s ago: executing program 2 (id=570): setreuid(0x0, 0xee01) r0 = shmget$private(0x0, 0x3000, 0x386, &(0x7f0000ffa000/0x3000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x140}, 0x0, 0x0, 0x0, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, 0x0, 0xfffffecc) shmctl$IPC_RMID(r0, 0x0) 1.181165377s ago: executing program 0 (id=571): bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$unix(r0, 0x0, 0x0) sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22) 1.175023258s ago: executing program 3 (id=572): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0) 1.122715514s ago: executing program 2 (id=573): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdirat$binderfs(0xffffffffffffff9c, 0x0, 0x1ff) mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 44.06555ms ago: executing program 2 (id=574): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000010c0)=ANY=[@ANYBLOB="b40800000000000073113600000000008510000002000000b5000000000000009500b500645ea6fc9500ea120000000045032ded6483045ca60caaf9ef3940688ef86cdbef6bb37c95b38938b9ebef5c6a1de52f2fa6e0"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70) 0s ago: executing program 4 (id=575): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io$hid(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000440), 0x36, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r4, &(0x7f0000000200)=ANY=[], 0x15) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) r5 = socket(0x10, 0x2, 0x0) write(r5, &(0x7f0000000040)="1c00000016009b8a14e5f40700426e2400000000ff00000000000000", 0x23) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0x0, "f81d36c1"}, @main, @local]}}, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000280)={0x0, 0x0, 0x2, 'u,'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.55' (ED25519) to the list of known hosts. [ 73.364058][ T5211] cgroup: Unknown subsys name 'net' [ 73.598165][ T5211] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.329143][ T5211] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.994755][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.006770][ T5231] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.025644][ T5232] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.033529][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.042559][ T5232] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.051792][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.060222][ T5232] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.069230][ T5232] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.077629][ T5232] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.085763][ T5232] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.093431][ T5232] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.101425][ T5232] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.109818][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.117358][ T5232] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.127470][ T5232] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.134929][ T5232] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.138496][ T5240] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.150964][ T5241] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 78.157830][ T5243] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 78.159744][ T5240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.174937][ T5240] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.182220][ T5243] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.189539][ T5240] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.198789][ T5240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 78.240839][ T5226] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 78.248030][ T5240] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 78.256527][ T5240] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.257974][ T5243] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 78.278534][ T5243] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 78.286874][ T5243] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 78.905021][ T5224] chnl_net:caif_netlink_parms(): no params data found [ 78.969928][ T5222] chnl_net:caif_netlink_parms(): no params data found [ 78.981766][ T5221] chnl_net:caif_netlink_parms(): no params data found [ 79.120075][ T5238] chnl_net:caif_netlink_parms(): no params data found [ 79.136516][ T5223] chnl_net:caif_netlink_parms(): no params data found [ 79.265049][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.272376][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.280615][ T5222] bridge_slave_0: entered allmulticast mode [ 79.288689][ T5222] bridge_slave_0: entered promiscuous mode [ 79.368478][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.375664][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.383041][ T5222] bridge_slave_1: entered allmulticast mode [ 79.390992][ T5222] bridge_slave_1: entered promiscuous mode [ 79.398501][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.405641][ T5224] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.413454][ T5224] bridge_slave_0: entered allmulticast mode [ 79.422159][ T5224] bridge_slave_0: entered promiscuous mode [ 79.447772][ T5221] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.454939][ T5221] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.462595][ T5221] bridge_slave_0: entered allmulticast mode [ 79.470632][ T5221] bridge_slave_0: entered promiscuous mode [ 79.503150][ T5224] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.510537][ T5224] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.518438][ T5224] bridge_slave_1: entered allmulticast mode [ 79.525528][ T5224] bridge_slave_1: entered promiscuous mode [ 79.541459][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.548819][ T5221] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.556134][ T5221] bridge_slave_1: entered allmulticast mode [ 79.563703][ T5221] bridge_slave_1: entered promiscuous mode [ 79.583309][ T5223] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.590876][ T5223] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.598564][ T5223] bridge_slave_0: entered allmulticast mode [ 79.605610][ T5223] bridge_slave_0: entered promiscuous mode [ 79.669558][ T5223] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.676734][ T5223] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.684982][ T5223] bridge_slave_1: entered allmulticast mode [ 79.693216][ T5223] bridge_slave_1: entered promiscuous mode [ 79.703685][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.716743][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.730092][ T5224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.754178][ T5221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.794245][ T5224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.832226][ T5221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.876601][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.887347][ T5238] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.894561][ T5238] bridge_slave_0: entered allmulticast mode [ 79.903328][ T5238] bridge_slave_0: entered promiscuous mode [ 79.937845][ T5223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.951069][ T5222] team0: Port device team_slave_0 added [ 79.959986][ T5222] team0: Port device team_slave_1 added [ 79.970165][ T5224] team0: Port device team_slave_0 added [ 79.976540][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.983932][ T5238] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.991618][ T5238] bridge_slave_1: entered allmulticast mode [ 79.999212][ T5238] bridge_slave_1: entered promiscuous mode [ 80.010204][ T5221] team0: Port device team_slave_0 added [ 80.019886][ T5221] team0: Port device team_slave_1 added [ 80.029261][ T5223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.072486][ T5224] team0: Port device team_slave_1 added [ 80.181630][ T5223] team0: Port device team_slave_0 added [ 80.191629][ T5223] team0: Port device team_slave_1 added [ 80.198803][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.205774][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.233317][ T5222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.238780][ T5243] Bluetooth: hci2: command tx timeout [ 80.243928][ T5237] Bluetooth: hci3: command tx timeout [ 80.258445][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.265420][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.291526][ T5222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.304218][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.307331][ T5237] Bluetooth: hci0: command tx timeout [ 80.311732][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.342942][ T5224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.356912][ T5238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.367999][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.374989][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.401121][ T5237] Bluetooth: hci4: command tx timeout [ 80.401450][ T5237] Bluetooth: hci1: command tx timeout [ 80.406710][ T5221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.426972][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.434080][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.460272][ T5221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.491784][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.498904][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.524923][ T5224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.539547][ T5238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.593776][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.601004][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.627337][ T5223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.654893][ T5238] team0: Port device team_slave_0 added [ 80.685775][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.693004][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.719048][ T5223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.767852][ T5238] team0: Port device team_slave_1 added [ 80.779644][ T5222] hsr_slave_0: entered promiscuous mode [ 80.786284][ T5222] hsr_slave_1: entered promiscuous mode [ 80.888573][ T5224] hsr_slave_0: entered promiscuous mode [ 80.895164][ T5224] hsr_slave_1: entered promiscuous mode [ 80.901616][ T5224] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.909623][ T5224] Cannot create hsr debugfs directory [ 80.921413][ T5221] hsr_slave_0: entered promiscuous mode [ 80.928355][ T5221] hsr_slave_1: entered promiscuous mode [ 80.934736][ T5221] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.942478][ T5221] Cannot create hsr debugfs directory [ 80.964355][ T5238] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.971420][ T5238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.997617][ T5238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.021601][ T5223] hsr_slave_0: entered promiscuous mode [ 81.029279][ T5223] hsr_slave_1: entered promiscuous mode [ 81.035590][ T5223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.043274][ T5223] Cannot create hsr debugfs directory [ 81.101544][ T5238] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.114129][ T5238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.141337][ T5238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.401212][ T5238] hsr_slave_0: entered promiscuous mode [ 81.409086][ T5238] hsr_slave_1: entered promiscuous mode [ 81.416847][ T5238] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.425545][ T5238] Cannot create hsr debugfs directory [ 81.778020][ T5224] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.794447][ T5224] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.816515][ T5224] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.835746][ T5224] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.895095][ T5222] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 81.933829][ T5222] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 81.950525][ T5222] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 81.984761][ T5222] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 82.056578][ T5221] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 82.092911][ T5221] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 82.140390][ T5221] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 82.176043][ T5221] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 82.307425][ T5237] Bluetooth: hci3: command tx timeout [ 82.308224][ T5243] Bluetooth: hci2: command tx timeout [ 82.333716][ T5223] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.345291][ T5223] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.387515][ T5243] Bluetooth: hci0: command tx timeout [ 82.404706][ T5223] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.423459][ T5223] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.450637][ T5224] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.467426][ T5243] Bluetooth: hci1: command tx timeout [ 82.467548][ T5237] Bluetooth: hci4: command tx timeout [ 82.611174][ T5224] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.673934][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.682551][ T5238] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.698344][ T970] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.705764][ T970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.738503][ T5238] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.768307][ T5238] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.786277][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.793714][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.822515][ T5238] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.845276][ T5222] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.899277][ T5221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.944619][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.951979][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.966954][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.974119][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.034191][ T5221] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.076595][ T1122] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.083837][ T1122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.116695][ T5223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.165565][ T970] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.172804][ T970] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.215968][ T5223] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.292368][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.299615][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.321988][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.329825][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.498982][ T5224] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.601816][ T5238] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.721717][ T5238] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.744389][ T5222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.755426][ T5224] veth0_vlan: entered promiscuous mode [ 83.773593][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.780855][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.856320][ T5224] veth1_vlan: entered promiscuous mode [ 83.899470][ T2531] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.906669][ T2531] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.012984][ T5224] veth0_macvtap: entered promiscuous mode [ 84.050613][ T5224] veth1_macvtap: entered promiscuous mode [ 84.166733][ T5223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.203645][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.262250][ T5221] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.278750][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.346646][ T5224] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.355920][ T5224] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.367250][ T5224] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.376002][ T5224] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.387269][ T5237] Bluetooth: hci3: command tx timeout [ 84.389673][ T5243] Bluetooth: hci2: command tx timeout [ 84.478057][ T5243] Bluetooth: hci0: command tx timeout [ 84.547509][ T5243] Bluetooth: hci4: command tx timeout [ 84.557597][ T5243] Bluetooth: hci1: command tx timeout [ 84.570412][ T5222] veth0_vlan: entered promiscuous mode [ 84.585909][ T5221] veth0_vlan: entered promiscuous mode [ 84.622893][ T5222] veth1_vlan: entered promiscuous mode [ 84.686058][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.702074][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.715227][ T5221] veth1_vlan: entered promiscuous mode [ 84.733036][ T5223] veth0_vlan: entered promiscuous mode [ 84.768207][ T970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.776099][ T970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.778445][ T5238] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.813105][ T5223] veth1_vlan: entered promiscuous mode [ 84.923996][ T5222] veth0_macvtap: entered promiscuous mode [ 84.934218][ T5221] veth0_macvtap: entered promiscuous mode [ 84.944139][ T5223] veth0_macvtap: entered promiscuous mode [ 84.970887][ T5222] veth1_macvtap: entered promiscuous mode [ 84.985780][ T5221] veth1_macvtap: entered promiscuous mode [ 85.056143][ T5223] veth1_macvtap: entered promiscuous mode [ 85.097093][ T5238] veth0_vlan: entered promiscuous mode [ 85.123630][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.135972][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.148261][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.162464][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.173318][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.185634][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.215487][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.233235][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.243794][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.261007][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.289391][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.333865][ T5222] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.344876][ T5222] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.362313][ T5222] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.371332][ T5222] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.397905][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.411136][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.422554][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.433489][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.443739][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.454827][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.468008][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.489589][ T5238] veth1_vlan: entered promiscuous mode [ 85.500637][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.516836][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.528984][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.540170][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.552302][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.590643][ T5221] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.606165][ T5221] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.615701][ T5221] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.626030][ T5221] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.643394][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.656118][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.670462][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.682257][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.692607][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.703493][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.716039][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.778942][ T5223] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.801369][ T5223] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.813630][ T5223] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.826319][ T5223] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.106499][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.110797][ T5238] veth0_macvtap: entered promiscuous mode [ 86.124099][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.166499][ T5238] veth1_macvtap: entered promiscuous mode [ 86.279307][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.295576][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.317579][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.334293][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.346036][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.356854][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.368414][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.378958][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.391304][ T5238] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.409498][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.425709][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.443289][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.461365][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.471638][ T5243] Bluetooth: hci3: command tx timeout [ 86.477701][ T5243] Bluetooth: hci2: command tx timeout [ 86.487239][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.503786][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.514144][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.532607][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.543244][ T5238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.557233][ T5243] Bluetooth: hci0: command tx timeout [ 86.558833][ T5238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.577446][ T5238] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.591811][ T5238] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.606988][ T5238] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.615957][ T5238] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.626202][ T5238] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.636148][ T5243] Bluetooth: hci1: command tx timeout [ 86.636283][ T5237] Bluetooth: hci4: command tx timeout [ 86.667686][ T970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.689753][ T970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.784100][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.799522][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.836290][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.868561][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.997232][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.008005][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.214243][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.239611][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.425860][ T970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.469420][ T970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.771127][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 91.092296][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:172.20.20.170]:2. Sending cookies. [ 91.777773][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.162984][ T1172] cfg80211: failed to load regulatory.db [ 93.153902][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 96.230400][ T1172] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 96.437335][ T1172] usb 4-1: Using ep0 maxpacket: 16 [ 96.461935][ T1172] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 96.489495][ T1172] usb 4-1: can't read configurations, error -61 [ 96.670960][ T1172] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 96.889656][ T1172] usb 4-1: Using ep0 maxpacket: 16 [ 96.901574][ T1172] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 96.919631][ T1172] usb 4-1: can't read configurations, error -61 [ 96.937724][ T1172] usb usb4-port1: attempt power cycle [ 97.377257][ T1172] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 97.427944][ T1172] usb 4-1: Using ep0 maxpacket: 16 [ 97.448460][ T1172] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 97.466379][ T1172] usb 4-1: can't read configurations, error -61 [ 97.630966][ T1172] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 97.727521][ T1172] usb 4-1: Using ep0 maxpacket: 16 [ 97.741014][ T1172] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 97.776174][ T1172] usb 4-1: can't read configurations, error -61 [ 97.797586][ T1172] usb usb4-port1: unable to enumerate USB device [ 103.988575][ T5490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.62'. [ 105.846510][ T5503] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 105.862195][ T5503] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 106.811708][ T5503] syz.3.73 (5503) used greatest stack depth: 19152 bytes left [ 107.329167][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.78'. [ 107.536428][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 107.638920][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 108.216504][ T5527] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 110.282397][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies. [ 111.650777][ T5555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.90'. [ 112.513876][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 114.710905][ T5605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.103'. [ 115.191197][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 115.200948][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.356143][ T5638] sctp: [Deprecated]: syz.1.109 (pid 5638) Use of int in maxseg socket option. [ 117.356143][ T5638] Use struct sctp_assoc_value instead [ 117.457150][ T1172] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 117.710189][ T1172] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 117.756226][ T1172] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 117.817260][ T1172] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 117.852896][ T1172] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.919966][ T1172] usb 5-1: config 0 descriptor?? [ 118.154398][ T5649] xt_CT: No such helper "pptp" [ 119.124126][ T5666] bridge0: port 3(hsr_slave_1) entered blocking state [ 119.150871][ T5666] bridge0: port 3(hsr_slave_1) entered disabled state [ 119.169539][ T5666] hsr_slave_1: entered allmulticast mode [ 119.192969][ T5666] hsr_slave_1: left allmulticast mode [ 119.693997][ T5675] pim6reg1: entered promiscuous mode [ 119.700180][ T5675] pim6reg1: entered allmulticast mode [ 120.439420][ T5688] netlink: 60 bytes leftover after parsing attributes in process `syz.3.124'. [ 121.450066][ T1172] usb 5-1: USB disconnect, device number 2 [ 121.549518][ T5691] tipc: Started in network mode [ 121.554801][ T5278] IPVS: starting estimator thread 0... [ 121.579409][ T5691] tipc: Node identity ac1414aa, cluster identity 4711 [ 121.598606][ T5691] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 121.617518][ T5691] tipc: Enabled bearer , priority 10 [ 121.632867][ T5694] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 121.669933][ T5694] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 121.681009][ T5695] IPVS: using max 17 ests per chain, 40800 per kthread [ 121.739957][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 121.865617][ T5702] pimreg: entered allmulticast mode [ 121.875188][ T5704] binder: 5701:5704 ioctl 40046205 0 returned -22 [ 121.887616][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 121.892102][ T5704] binder: 5701:5704 ioctl c0306201 0 returned -14 [ 121.908585][ T5698] pimreg: left allmulticast mode [ 122.027321][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 122.167449][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 122.307282][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 122.340362][ T5717] program syz.2.135 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 122.447403][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 122.587217][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 122.595860][ T5720] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.738855][ T5230] tipc: Node number set to 2886997162 [ 122.766515][ T5726] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.887256][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 123.167251][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 124.637502][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 124.745826][ T5747] bridge0: port 3(hsr_slave_1) entered blocking state [ 124.808568][ T5747] bridge0: port 3(hsr_slave_1) entered disabled state [ 124.880099][ T5747] hsr_slave_1: entered allmulticast mode [ 124.896242][ T5747] hsr_slave_1: left allmulticast mode [ 125.257189][ T1172] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 125.388006][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 125.468807][ T5766] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 125.498306][ T1172] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.524194][ T1172] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.568130][ T1172] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 125.607284][ T1172] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.756700][ T1172] usb 1-1: config 0 descriptor?? [ 126.797305][ C1] net_ratelimit: 3 callbacks suppressed [ 126.797326][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 126.890689][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 127.062405][ T1172] arvo 0003:1E7D:30D4.0001: unknown main item tag 0x0 [ 127.098376][ T5781] o2cb: This node has not been configured. [ 127.108013][ T1172] arvo 0003:1E7D:30D4.0001: unknown main item tag 0x0 [ 127.115580][ T5781] o2cb: Cluster check failed. Fix errors before retrying. [ 127.132881][ T5781] (syz.1.155,5781,0):user_dlm_register:674 ERROR: status = -22 [ 127.143482][ T1172] arvo 0003:1E7D:30D4.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.0-1/input0 [ 127.157701][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 127.169153][ T5781] (syz.1.155,5781,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus" [ 127.288926][ T1172] arvo 0003:1E7D:30D4.0001: couldn't init struct arvo_device [ 127.319834][ T1172] arvo 0003:1E7D:30D4.0001: couldn't install keyboard [ 127.504105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 127.826265][ T1172] arvo 0003:1E7D:30D4.0001: probe with driver arvo failed with error -71 [ 127.837209][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 128.020265][ T1172] usb 1-1: USB disconnect, device number 2 [ 128.258660][ T5799] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 128.291527][ T5230] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 128.314121][ T5799] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 128.407898][ T29] audit: type=1326 audit(1725511985.634:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5801 comm="syz.1.162" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d9237cef9 code=0x0 [ 128.539245][ T5230] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.556497][ T5230] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.662891][ T5811] sch_fq: defrate 0 ignored. [ 128.829416][ T5230] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 128.845226][ T5230] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 128.854805][ T5230] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.866380][ T5230] usb 4-1: config 0 descriptor?? [ 128.871558][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 129.537479][ T5230] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 129.598451][ T5230] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 129.742980][ T5230] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 129.817069][ T5822] netlink: 'syz.2.168': attribute type 15 has an invalid length. [ 129.917368][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 130.069633][ T5791] usb 4-1: string descriptor 0 read error: -71 [ 130.084445][ T1172] usb 4-1: USB disconnect, device number 6 [ 130.092120][ T5824] plantronics 0003:047F:FFFF.0002: usb_submit_urb(ctrl) failed: -19 [ 130.947222][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 131.793141][ T5837] tty tty23: ldisc open failed (-12), clearing slot 22 [ 131.987220][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 132.068797][ T5843] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 132.140633][ T5843] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 133.037191][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 133.116146][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.123224][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.418221][ T5868] ======================================================= [ 133.418221][ T5868] WARNING: The mand mount option has been deprecated and [ 133.418221][ T5868] and is ignored by this kernel. Remove the mand [ 133.418221][ T5868] option from the mount to silence this warning. [ 133.418221][ T5868] ======================================================= [ 133.655674][ T5868] hugetlbfs: Bad value 'A' for mount option 'nr_inodes' [ 133.655674][ T5868] [ 134.077245][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 135.107244][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 136.147241][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 136.550367][ T5888] mmap: syz.2.189 (5888) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 136.659129][ T5890] hugetlbfs: Bad value 'A' for mount option 'nr_inodes' [ 136.659129][ T5890] [ 137.187471][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 137.381793][ T5900] netlink: 8 bytes leftover after parsing attributes in process `syz.4.191'. [ 137.589085][ T5237] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 137.598218][ T5237] Bluetooth: hci0: Injecting HCI hardware error event [ 137.606450][ T5237] Bluetooth: hci0: hardware error 0x00 [ 138.232903][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 138.927180][ T5225] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 139.128185][ T5225] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 139.181040][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.193967][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.210049][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.245402][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.267236][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 139.270426][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.323067][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.332285][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.343491][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.436003][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.468562][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.493374][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.519887][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.531297][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.551237][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.562597][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.579351][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.590342][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.606443][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.616296][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.632795][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.644141][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.654256][ T5225] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.667522][ T5237] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 139.675982][ T5225] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.687434][ T5225] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.698879][ T5225] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 139.708019][ T5225] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 139.717303][ T5225] usb 2-1: Product: syz [ 139.721718][ T5225] usb 2-1: Manufacturer: syz [ 139.726535][ T5225] usb 2-1: SerialNumber: syz [ 139.748515][ T5225] usb 2-1: config 0 descriptor?? [ 139.777706][ T5225] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 140.307208][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 140.489360][ T5816] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.662015][ C0] usb 2-1: yurex_control_callback - control failed: -71 [ 140.662640][ T5230] usb 2-1: USB disconnect, device number 2 [ 140.704217][ T5230] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 140.976627][ T5816] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.224364][ T5816] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.357190][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 141.571307][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 141.581377][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 141.590090][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 141.598162][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 141.606488][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 141.620709][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 141.916217][ T5816] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.940401][ T5237] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 141.952630][ T5237] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 141.963121][ T5237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 141.975069][ T5237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 141.994700][ T5237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 142.003163][ T5237] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 142.387209][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 142.407351][ T5816] bridge_slave_1: left allmulticast mode [ 142.428412][ T5816] bridge_slave_1: left promiscuous mode [ 142.447075][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.635765][ T5816] bridge_slave_0: left allmulticast mode [ 142.674815][ T5816] bridge_slave_0: left promiscuous mode [ 142.740125][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.427209][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 143.748472][ T5237] Bluetooth: hci2: command tx timeout [ 144.077615][ T5237] Bluetooth: hci4: command tx timeout [ 144.473965][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 144.641181][ T5225] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 144.675137][ T5816] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 144.722781][ T5816] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 144.765231][ T5816] bond0 (unregistering): Released all slaves [ 144.844909][ T5225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.886475][ T5225] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 144.926742][ T5225] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.970966][ T5225] usb 2-1: config 0 descriptor?? [ 145.358688][ T5312] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 145.429225][ T5225] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor [ 145.477674][ T5225] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0003/input/input6 [ 145.507267][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 145.594098][ T5312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.683899][ T5312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 145.744717][ T5312] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 145.763263][ T5312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.800009][ T5225] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 145.816758][ T5930] chnl_net:caif_netlink_parms(): no params data found [ 145.828011][ T5237] Bluetooth: hci2: command tx timeout [ 145.870754][ T5312] usb 4-1: config 0 descriptor?? [ 145.908599][ T5816] hsr_slave_0: left promiscuous mode [ 145.947403][ T5816] hsr_slave_1: left promiscuous mode [ 145.982943][ T5816] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.007866][ T5816] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.036371][ T5816] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.048067][ T1172] usb 2-1: USB disconnect, device number 3 [ 146.060963][ T5816] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.121637][ T5816] veth1_macvtap: left promiscuous mode [ 146.128740][ T5816] veth0_macvtap: left promiscuous mode [ 146.134547][ T5816] veth1_vlan: left promiscuous mode [ 146.147714][ T5237] Bluetooth: hci4: command tx timeout [ 146.154895][ T5816] veth0_vlan: left promiscuous mode [ 146.549127][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 147.390455][ T5312] arvo 0003:1E7D:30D4.0004: unknown main item tag 0x0 [ 147.405061][ T5312] arvo 0003:1E7D:30D4.0004: unknown main item tag 0x0 [ 147.417245][ T5312] arvo 0003:1E7D:30D4.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 147.587291][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 147.851638][ T5816] team0 (unregistering): Port device team_slave_1 removed [ 147.917926][ T5237] Bluetooth: hci2: command tx timeout [ 147.958492][ T5816] team0 (unregistering): Port device team_slave_0 removed [ 148.238107][ T5237] Bluetooth: hci4: command tx timeout [ 148.627250][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 149.188995][ T5997] Bluetooth: MGMT ver 1.23 [ 149.669770][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 149.941232][ T5230] usb 4-1: USB disconnect, device number 7 [ 150.026228][ T5237] Bluetooth: hci2: command tx timeout [ 150.294278][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 150.307687][ T5237] Bluetooth: hci4: command tx timeout [ 150.707626][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 150.859093][ T5930] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.879520][ T5930] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.092748][ T5930] bridge_slave_0: entered allmulticast mode [ 151.128989][ T5930] bridge_slave_0: entered promiscuous mode [ 151.747607][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 151.915986][ T5930] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.943913][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.962618][ T5930] bridge_slave_1: entered allmulticast mode [ 151.970752][ T5930] bridge_slave_1: entered promiscuous mode [ 152.009011][ T6030] process 'syz.1.224' launched './file0' with NULL argv: empty string added [ 152.087312][ T6032] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 152.153821][ T5930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 152.249309][ T5930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 152.744687][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.753686][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.766132][ T5932] bridge_slave_0: entered allmulticast mode [ 152.787228][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 152.813653][ T5932] bridge_slave_0: entered promiscuous mode [ 153.055408][ T5930] team0: Port device team_slave_0 added [ 153.067231][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.089247][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.096536][ T5932] bridge_slave_1: entered allmulticast mode [ 153.138470][ T5932] bridge_slave_1: entered promiscuous mode [ 153.243569][ T5237] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 153.449755][ T1105] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.827225][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 153.927947][ T5930] team0: Port device team_slave_1 added [ 154.139077][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.251045][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 154.305726][ T1105] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.473919][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.506511][ T6063] warning: `syz.4.231' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 154.868142][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 155.267703][ T5237] Bluetooth: hci3: command tx timeout [ 155.482702][ T1105] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.587987][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.639647][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.712002][ T5930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.907213][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 156.820431][ T1105] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.907784][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.914786][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.947185][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 156.999579][ T5930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 157.068741][ T5932] team0: Port device team_slave_0 added [ 157.118785][ T5932] team0: Port device team_slave_1 added [ 157.483526][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 157.523166][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.600492][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 157.714067][ T5930] hsr_slave_0: entered promiscuous mode [ 157.744368][ T29] audit: type=1326 audit(1725512014.964:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 157.779758][ T5930] hsr_slave_1: entered promiscuous mode [ 157.820331][ T5930] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 157.847722][ T29] audit: type=1326 audit(1725512014.964:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 157.879420][ T5930] Cannot create hsr debugfs directory [ 157.918587][ T29] audit: type=1326 audit(1725512014.994:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 157.974016][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 157.980830][ T29] audit: type=1326 audit(1725512014.994:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.002579][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 158.007373][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.035570][ T29] audit: type=1326 audit(1725512014.994:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.079084][ T29] audit: type=1326 audit(1725512015.004:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.101012][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.172363][ T29] audit: type=1326 audit(1725512015.004:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.287200][ T29] audit: type=1326 audit(1725512015.004:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6087 comm="syz.4.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.335991][ T29] audit: type=1326 audit(1725512015.204:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6093 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.397542][ T29] audit: type=1326 audit(1725512015.204:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6093 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 158.599108][ T5932] hsr_slave_0: entered promiscuous mode [ 158.653108][ T5932] hsr_slave_1: entered promiscuous mode [ 158.734987][ T6107] rm (6107) used greatest stack depth: 18928 bytes left [ 158.929400][ T5932] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.027348][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 159.493874][ T5932] Cannot create hsr debugfs directory [ 159.593996][ T1105] bridge_slave_1: left allmulticast mode [ 159.615285][ T1105] bridge_slave_1: left promiscuous mode [ 159.643760][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.758683][ T1105] bridge_slave_0: left allmulticast mode [ 159.767316][ T1105] bridge_slave_0: left promiscuous mode [ 159.774427][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.067530][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 160.997462][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.023180][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.036100][ T1105] bond0 (unregistering): Released all slaves [ 161.107258][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 162.147219][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 163.136377][ T1105] hsr_slave_0: left promiscuous mode [ 163.151350][ T1105] hsr_slave_1: left promiscuous mode [ 163.171119][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.187241][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 163.188520][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.217833][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.231381][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.298659][ T1105] veth1_macvtap: left promiscuous mode [ 163.310772][ T1105] veth0_macvtap: left promiscuous mode [ 163.317448][ T1105] veth1_vlan: left promiscuous mode [ 163.323143][ T1105] veth0_vlan: left promiscuous mode [ 163.972129][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 164.025639][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 164.227254][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 165.267216][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 166.307197][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 167.347192][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 168.387194][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 169.305028][ T6178] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 169.341584][ T58] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 169.349666][ T6178] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 169.427232][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 169.557388][ T58] usb 5-1: Using ep0 maxpacket: 32 [ 169.605096][ T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.642544][ T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.653303][ T58] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 169.687168][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.738195][ T58] usb 5-1: config 0 descriptor?? [ 169.758761][ T58] hub 5-1:0.0: USB hub found [ 170.027354][ T58] hub 5-1:0.0: 1 port detected [ 170.059900][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 170.059920][ T29] audit: type=1326 audit(1725512027.294:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6196 comm="syz.1.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9237cef9 code=0x7ffc0000 [ 170.134860][ T29] audit: type=1326 audit(1725512027.324:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6196 comm="syz.1.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f6d9237cef9 code=0x7ffc0000 [ 170.175739][ T29] audit: type=1326 audit(1725512027.324:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6196 comm="syz.1.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9237cef9 code=0x7ffc0000 [ 170.215202][ T58] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 170.239305][ T58] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 170.254383][ T5930] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 170.276616][ T29] audit: type=1326 audit(1725512027.324:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6196 comm="syz.1.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d9237cef9 code=0x7ffc0000 [ 170.343089][ T5930] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 170.403890][ T5930] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 170.467194][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 170.478843][ T5930] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 170.548242][ T58] usbhid 5-1:0.0: can't add hid device: -71 [ 170.555115][ T58] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 170.973917][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 170.978727][ T58] usb 5-1: USB disconnect, device number 3 [ 171.015193][ T6210] binder: 6209:6210 ioctl 4018620d 0 returned -22 [ 171.022685][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 171.095873][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x1 [ 171.125275][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.135396][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.194724][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.219835][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 171.241488][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.262758][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.286663][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.309957][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.312945][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 171.324706][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.342481][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.361507][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x4 [ 171.421348][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.491304][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.507179][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 171.530195][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x2 [ 171.602376][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.652181][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.704206][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.744784][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.762739][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.774708][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.785717][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.796312][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.804238][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.815710][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.824123][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.828784][ T5930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.904550][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.944210][ T5930] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.958542][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 171.982656][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.015757][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.039672][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.053206][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.060386][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.070749][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.079801][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.091885][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.100058][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.109638][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.118840][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.130008][ T5225] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 172.140273][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.147478][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.183910][ T5225] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 172.235447][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.408556][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.533376][ T1126] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.540638][ T1126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.547238][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 172.616413][ T1126] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.623688][ T1126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.804072][ T6231] netlink: 244 bytes leftover after parsing attributes in process `syz.3.273'. [ 173.149638][ T6238] netlink: 256 bytes leftover after parsing attributes in process `syz.3.274'. [ 173.587220][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 173.844826][ T5930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.421961][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.509607][ T5930] veth0_vlan: entered promiscuous mode [ 174.535809][ T6259] xt_CT: No such helper "pptp" [ 174.627250][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 174.792874][ T5930] veth1_vlan: entered promiscuous mode [ 174.844444][ T5932] veth0_vlan: entered promiscuous mode [ 174.893821][ T6271] trusted_key: encrypted_key: insufficient parameters specified [ 175.026150][ T5932] veth1_vlan: entered promiscuous mode [ 175.103898][ T29] audit: type=1326 audit(1725512032.334:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6272 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 175.189515][ T5930] veth0_macvtap: entered promiscuous mode [ 175.224180][ T29] audit: type=1326 audit(1725512032.354:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6272 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 175.278513][ T5930] veth1_macvtap: entered promiscuous mode [ 175.303215][ T29] audit: type=1326 audit(1725512032.374:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6272 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 175.340689][ T5932] veth0_macvtap: entered promiscuous mode [ 175.367394][ T29] audit: type=1326 audit(1725512032.374:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6272 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 175.428275][ T5932] veth1_macvtap: entered promiscuous mode [ 175.450210][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.467090][ T29] audit: type=1326 audit(1725512032.374:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6272 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 175.496983][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.532901][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.554757][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.564794][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.589756][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.610274][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.667254][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 176.139963][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.155384][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.165802][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.176556][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.186634][ T5930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.454110][ T5930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.507764][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 176.554366][ T5930] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.635715][ T5930] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.681844][ T5930] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.707220][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 176.727121][ T5930] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.013859][ T6294] binder: BINDER_SET_CONTEXT_MGR already set [ 177.042855][ T6294] binder: 6293:6294 ioctl 4018620d 20000040 returned -16 [ 177.122412][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.163609][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.193481][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.233450][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.264527][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.297112][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.325170][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.370232][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.440822][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 177.532068][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.595459][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.645575][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.692149][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.721082][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.747307][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 177.751180][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.807108][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.840953][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.866837][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.183222][ T5932] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.787250][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 178.907348][ T5932] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.111811][ T6330] input: syz0 as /devices/virtual/input/input8 [ 179.423920][ T5932] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.483994][ T5932] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.827191][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 179.916451][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 179.958287][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.181701][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.210552][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.338833][ T5948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.381516][ T5948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.623186][ T6350] xt_CT: No such helper "pptp" [ 180.867201][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 181.272566][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.272637][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.907201][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 182.947205][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 183.987217][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 184.912760][ T29] audit: type=1326 audit(1725512042.134:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 184.993509][ T29] audit: type=1326 audit(1725512042.134:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.027217][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 185.084726][ T29] audit: type=1326 audit(1725512042.134:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.192311][ T29] audit: type=1326 audit(1725512042.134:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.276198][ T29] audit: type=1326 audit(1725512042.134:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.307710][ T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 185.362040][ T29] audit: type=1326 audit(1725512042.144:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.432124][ T29] audit: type=1326 audit(1725512042.144:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.570532][ T29] audit: type=1326 audit(1725512042.144:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.739599][ T29] audit: type=1326 audit(1725512042.144:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.871066][ T29] audit: type=1326 audit(1725512042.144:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6420 comm="syz.4.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 185.972036][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.007685][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 186.031885][ T8] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 186.056301][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.067201][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 186.172238][ T8] usb 1-1: config 0 descriptor?? [ 187.107239][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 187.531615][ T6451] binder: 6448:6451 ioctl c0306201 0 returned -14 [ 187.803674][ T6451] syz.2.320 (6451): drop_caches: 2 [ 188.147587][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 188.417476][ T5225] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 188.436954][ T8] usbhid 1-1:0.0: can't add hid device: -71 [ 188.462683][ T8] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 188.488990][ T8] usb 1-1: USB disconnect, device number 3 [ 188.624246][ T5225] usb 4-1: Using ep0 maxpacket: 32 [ 188.647372][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 188.674733][ T5225] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 188.703774][ T5225] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 188.725001][ T5225] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.747890][ T5225] hub 4-1:4.0: bad descriptor, ignoring hub [ 188.753962][ T5225] hub 4-1:4.0: probe with driver hub failed with error -5 [ 188.847312][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 188.884013][ T25] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 188.917948][ T25] usb 2-1: config 0 has no interface number 0 [ 188.938331][ T25] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.971581][ T25] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.002129][ T25] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 189.187178][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 189.281107][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.339183][ T25] usb 2-1: config 0 descriptor?? [ 190.227248][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 190.515705][ T25] uclogic 0003:28BD:0094.0006: pen parameters not found [ 190.554840][ T25] uclogic 0003:28BD:0094.0006: interface is invalid, ignoring [ 190.755111][ T25] usb 2-1: USB disconnect, device number 4 [ 190.868475][ T5237] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 191.267187][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 192.307252][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 193.078216][ T6532] binder: 6523:6532 ioctl c0306201 0 returned -14 [ 193.348212][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 194.254781][ T5225] usb 4-1: USB disconnect, device number 8 [ 194.387225][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 194.399048][ T6535] syz.0.334 (6535): drop_caches: 2 [ 194.512915][ T6547] bridge0: port 3(syz_tun) entered blocking state [ 194.537797][ T6547] bridge0: port 3(syz_tun) entered disabled state [ 194.553246][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.559879][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.582401][ T6547] syz_tun: entered allmulticast mode [ 194.606678][ T6547] syz_tun: entered promiscuous mode [ 194.631432][ T6547] bridge0: port 3(syz_tun) entered blocking state [ 194.638470][ T6547] bridge0: port 3(syz_tun) entered forwarding state [ 195.427207][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 196.467187][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 197.507349][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 198.366934][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:172.20.20.170]:2. Sending cookies. [ 198.547206][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 198.580754][ T6590] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 198.639194][ T6590] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 198.683694][ T6593] binder: 6592:6593 ioctl c00c620f 20000740 returned -22 [ 198.874451][ T6589] kvm: emulating exchange as write [ 198.927495][ T5280] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 198.938297][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 198.938316][ T29] audit: type=1326 audit(1725512056.174:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.025077][ T29] audit: type=1326 audit(1725512056.174:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.125326][ T29] audit: type=1326 audit(1725512056.204:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.189302][ T29] audit: type=1326 audit(1725512056.204:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.217116][ T5280] usb 2-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 199.217294][ T29] audit: type=1326 audit(1725512056.204:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.255953][ T29] audit: type=1326 audit(1725512056.204:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.297147][ T5280] usb 2-1: config 1 interface 0 has no altsetting 0 [ 199.329866][ T29] audit: type=1326 audit(1725512056.214:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.357443][ T5280] usb 2-1: New USB device found, idVendor=04b3, idProduct=3103, bcdDevice= 0.40 [ 199.376926][ T5280] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.385159][ T5280] usb 2-1: Product: f扟ꓑ᩟뮽䩍䙲ꮮ갪ퟥ戮렳⋻犥↪桥ꋼ뚾⸾Ҩ▭堙䣌遡࿹ꃝ쎇⭐裡ꑁ觵 [ 199.410249][ T29] audit: type=1326 audit(1725512056.214:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.432209][ T5280] usb 2-1: Manufacturer: ဇ [ 199.436874][ T5280] usb 2-1: SerialNumber: ည [ 199.443654][ T29] audit: type=1326 audit(1725512056.214:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.505952][ T29] audit: type=1326 audit(1725512056.214:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6597 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84b057cef9 code=0x7ffc0000 [ 199.587208][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 199.707479][ T6591] netlink: 'syz.1.349': attribute type 27 has an invalid length. [ 200.050877][ T6617] netlink: 48 bytes leftover after parsing attributes in process `syz.3.357'. [ 200.627347][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 201.062705][ T6591] bridge0: port 3(syz_tun) entered disabled state [ 201.143761][ T6591] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.152970][ T6591] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.680517][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 201.748861][ T5240] Bluetooth: hci1: command 0x0406 tx timeout [ 201.756096][ T54] Bluetooth: hci3: command 0x0406 tx timeout [ 202.707360][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 203.747349][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 204.673095][ T6591] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 204.790831][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 205.095486][ T5280] usbhid 2-1:1.0: can't add hid device: -32 [ 205.502701][ T5280] usbhid 2-1:1.0: probe with driver usbhid failed with error -32 [ 205.588379][ T6591] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 205.827257][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 206.131477][ T6676] netlink: 20 bytes leftover after parsing attributes in process `syz.0.369'. [ 206.867271][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 207.907152][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 208.486709][ T6591] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.539945][ T6591] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.591607][ T6591] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.627922][ T6591] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.947367][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 208.990505][ T6611] bridge0: port 3(syz_tun) entered blocking state [ 208.997260][ T6611] bridge0: port 3(syz_tun) entered forwarding state [ 209.027944][ T6611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.036401][ T6611] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.059057][ T5243] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 209.068888][ T5243] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 209.078384][ T5243] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 209.086326][ T6611] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 209.121573][ T5243] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 209.134541][ T5243] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 209.142973][ T5243] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 209.987318][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 210.169319][ T6700] netlink: 256 bytes leftover after parsing attributes in process `syz.3.379'. [ 210.526668][ T6612] bridge0: port 3(syz_tun) entered disabled state [ 210.681511][ T6612] syz_tun (unregistering): left allmulticast mode [ 210.703503][ T6612] syz_tun (unregistering): left promiscuous mode [ 210.719233][ T6612] bridge0: port 3(syz_tun) entered disabled state [ 210.821215][ T5308] usb 2-1: USB disconnect, device number 5 [ 210.935891][ T5243] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.946469][ T5243] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.971223][ T5243] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 211.000279][ T5243] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 211.017416][ T5243] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 211.025132][ T5243] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 211.032444][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 211.207602][ T5237] Bluetooth: hci5: command tx timeout [ 211.312681][ T6683] chnl_net:caif_netlink_parms(): no params data found [ 211.601652][ T6712] syz.3.380 (6712) used greatest stack depth: 18392 bytes left [ 211.617653][ T6722] sctp: [Deprecated]: syz.3.380 (pid 6722) Use of int in max_burst socket option deprecated. [ 211.617653][ T6722] Use struct sctp_assoc_value instead [ 212.068689][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 212.278274][ T6683] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.287611][ T6683] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.312885][ T6683] bridge_slave_0: entered allmulticast mode [ 212.334522][ T6683] bridge_slave_0: entered promiscuous mode [ 212.445817][ T6683] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.474205][ T6683] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.486100][ T6683] bridge_slave_1: entered allmulticast mode [ 212.505052][ T6683] bridge_slave_1: entered promiscuous mode [ 212.634029][ T6683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.698203][ T6683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.956496][ T6683] team0: Port device team_slave_0 added [ 213.107319][ T5237] Bluetooth: hci0: command tx timeout [ 213.107719][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 213.124215][ T6683] team0: Port device team_slave_1 added [ 213.199167][ T6575] bridge_slave_1: left allmulticast mode [ 213.205200][ T6575] bridge_slave_1: left promiscuous mode [ 213.211259][ T6575] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.229701][ T6575] bridge_slave_0: left allmulticast mode [ 213.235492][ T6575] bridge_slave_0: left promiscuous mode [ 213.242020][ T6575] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.277141][ T5243] Bluetooth: hci5: command tx timeout [ 213.803052][ T6575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.813606][ T6575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 213.832266][ T6575] bond0 (unregistering): Released all slaves [ 213.939774][ T6683] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.946826][ T6683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.005254][ T6683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.035579][ T6756] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.043527][ T6756] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.093253][ T6756] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.101280][ T6756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.109892][ T6756] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.117195][ T6756] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.147269][ C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 214.175203][ T6756] team0: Port device bridge0 added [ 214.187977][ T6575] tipc: Disabling bearer [ 214.195840][ T6575] tipc: Left network mode [ 214.204991][ T6716] chnl_net:caif_netlink_parms(): no params data found [ 214.241990][ T6683] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.253794][ T6683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.347204][ T6683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.016389][ T6683] hsr_slave_0: entered promiscuous mode [ 215.079414][ T6683] hsr_slave_1: entered promiscuous mode [ 215.147240][ T6683] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 215.154872][ T6683] Cannot create hsr debugfs directory [ 215.189559][ T5243] Bluetooth: hci0: command tx timeout [ 215.347350][ T5243] Bluetooth: hci5: command tx timeout [ 215.711511][ T6575] hsr_slave_0: left promiscuous mode [ 215.739496][ T6575] hsr_slave_1: left promiscuous mode [ 215.749591][ T6575] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.783635][ T6575] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 216.299812][ T6575] team0 (unregistering): Port device team_slave_1 removed [ 216.349748][ T6575] team0 (unregistering): Port device team_slave_0 removed [ 217.065925][ T6716] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.083617][ T6716] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.105149][ T6716] bridge_slave_0: entered allmulticast mode [ 217.116291][ T6716] bridge_slave_0: entered promiscuous mode [ 217.128815][ T6716] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.136191][ T6716] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.149716][ T6716] bridge_slave_1: entered allmulticast mode [ 217.163893][ T6716] bridge_slave_1: entered promiscuous mode [ 217.173581][ T6817] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 217.198795][ T6817] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 217.277924][ T5243] Bluetooth: hci0: command tx timeout [ 217.415331][ T6716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.427918][ T5243] Bluetooth: hci5: command tx timeout [ 217.538971][ T6716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.885663][ T6716] team0: Port device team_slave_0 added [ 217.964765][ T6716] team0: Port device team_slave_1 added [ 218.170738][ T6716] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.201053][ T6716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.244530][ T6716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.351822][ T6716] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.371527][ T6575] IPVS: stop unused estimator thread 0... [ 218.386306][ T6716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.445452][ T6716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.466664][ T6858] pim6reg1: entered promiscuous mode [ 218.491930][ T6858] pim6reg1: entered allmulticast mode [ 218.876974][ T6868] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 218.898630][ T6868] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 219.030366][ T6716] hsr_slave_0: entered promiscuous mode [ 219.065685][ T6716] hsr_slave_1: entered promiscuous mode [ 219.082959][ T6716] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.103301][ T6716] Cannot create hsr debugfs directory [ 219.207866][ T6575] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.293431][ T6876] kvm: apic: phys broadcast and lowest prio [ 219.351663][ T6575] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.355294][ T5243] Bluetooth: hci0: command tx timeout [ 219.703649][ T6575] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.905092][ T6575] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.002255][ T6683] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 220.027373][ T6894] xt_CT: No such helper "pptp" [ 220.098412][ T6683] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 220.176676][ T6683] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 220.213336][ T6683] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 220.490126][ T6575] bridge_slave_1: left allmulticast mode [ 220.499651][ T6575] bridge_slave_1: left promiscuous mode [ 220.505588][ T6575] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.525959][ T6575] bridge_slave_0: left allmulticast mode [ 220.541120][ T6575] bridge_slave_0: left promiscuous mode [ 220.548188][ T6575] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.440060][ T6919] netlink: 48 bytes leftover after parsing attributes in process `syz.0.433'. [ 222.719361][ T6575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.734008][ T6575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.756068][ T6575] bond0 (unregistering): Released all slaves [ 223.521166][ T6575] hsr_slave_0: left promiscuous mode [ 223.532601][ T6575] hsr_slave_1: left promiscuous mode [ 223.545299][ T6575] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.556869][ T6575] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.580641][ T6575] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.606796][ T6575] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.692088][ T6575] veth1_macvtap: left promiscuous mode [ 223.712808][ T6575] veth0_macvtap: left promiscuous mode [ 223.732356][ T6575] veth1_vlan: left promiscuous mode [ 223.753271][ T6575] veth0_vlan: left promiscuous mode [ 224.017598][ T6948] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 225.751659][ T5243] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 225.761322][ T5243] Bluetooth: hci2: Injecting HCI hardware error event [ 225.770087][ T5237] Bluetooth: hci2: hardware error 0x00 [ 226.144452][ T6575] team0 (unregistering): Port device team_slave_1 removed [ 226.194530][ T6575] team0 (unregistering): Port device team_slave_0 removed [ 226.420325][ T7001] capability: warning: `syz.2.443' uses deprecated v2 capabilities in a way that may be insecure [ 226.947256][ T7001] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 226.968600][ T7001] bond0: (slave lo): Error: Device can not be enslaved while up [ 227.596367][ T6716] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 227.828173][ T5237] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 228.080707][ T6683] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.347167][ T6716] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 228.394424][ T6716] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 229.063654][ T6716] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 229.243494][ T6683] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.338917][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.346118][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.451576][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.458853][ T5816] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.616699][ T7029] netlink: 20 bytes leftover after parsing attributes in process `syz.2.452'. [ 229.648220][ T7029] trusted_key: encrypted_key: insufficient parameters specified [ 230.646608][ T6716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.767949][ T6716] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.807262][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.814509][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.875112][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.882380][ T5816] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.826254][ T6716] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 231.866726][ T6716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.055384][ T6683] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.229582][ T7050] 9pnet: Could not find request transport: f [ 232.311670][ T6683] veth0_vlan: entered promiscuous mode [ 232.358845][ T6683] veth1_vlan: entered promiscuous mode [ 232.394637][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 232.394655][ T29] audit: type=1326 audit(1725512089.624:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.497144][ T29] audit: type=1326 audit(1725512089.624:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.504135][ T6683] veth0_macvtap: entered promiscuous mode [ 232.564226][ T29] audit: type=1326 audit(1725512089.664:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.625103][ T6683] veth1_macvtap: entered promiscuous mode [ 232.686953][ T29] audit: type=1326 audit(1725512089.664:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.723331][ T6716] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.768446][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.781214][ T29] audit: type=1326 audit(1725512089.664:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.806140][ T29] audit: type=1326 audit(1725512089.674:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.812673][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.828385][ T29] audit: type=1326 audit(1725512089.684:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.866966][ T29] audit: type=1326 audit(1725512089.684:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7058 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 232.898344][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.912770][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.941404][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.960659][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.981079][ T6683] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.013632][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.025124][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.037110][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.054579][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.066562][ T6683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.090179][ T6683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.144069][ T6683] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.208432][ T6683] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.219507][ T6683] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.233173][ T6683] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.245576][ T6683] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.550863][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.565037][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.779690][ T6575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.821047][ T6575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.845329][ T6716] veth0_vlan: entered promiscuous mode [ 233.846904][ T29] audit: type=1326 audit(1725512091.064:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7083 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 233.895169][ T29] audit: type=1326 audit(1725512091.064:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7083 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 233.941878][ T6716] veth1_vlan: entered promiscuous mode [ 234.045782][ T6716] veth0_macvtap: entered promiscuous mode [ 234.110839][ T6716] veth1_macvtap: entered promiscuous mode [ 234.155057][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.215841][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.253329][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.295768][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.325486][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.349951][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.360844][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.385063][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.405575][ T6716] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.172448][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.280552][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.307594][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.337053][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.346928][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.382700][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.411824][ T6716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.443629][ T6716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.498131][ T6716] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.660333][ T7105] binder: 7103:7105 ioctl c0306201 0 returned -14 [ 235.681509][ T6716] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.767346][ T6716] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.892898][ T6716] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.993371][ T6716] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.056639][ T7114] tipc: Started in network mode [ 236.111886][ T7114] tipc: Node identity a26ab0ee5705, cluster identity 4711 [ 236.249254][ T7117] syz.3.478[7117] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.249431][ T7117] syz.3.478[7117] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.254520][ T7114] tipc: Enabled bearer , priority 0 [ 236.681889][ T7102] tipc: Disabling bearer [ 237.022199][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.055042][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 237.149269][ T7111] syz.2.476 (7111): drop_caches: 2 [ 237.154463][ T1126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.154491][ T1126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.826788][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 238.826810][ T29] audit: type=1326 audit(1725512096.054:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 238.922500][ T29] audit: type=1326 audit(1725512096.064:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.026778][ T29] audit: type=1326 audit(1725512096.064:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.112299][ T29] audit: type=1326 audit(1725512096.074:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.149657][ T29] audit: type=1326 audit(1725512096.074:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.277485][ T29] audit: type=1326 audit(1725512096.074:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.404370][ T29] audit: type=1326 audit(1725512096.074:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.499476][ T29] audit: type=1326 audit(1725512096.084:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.625208][ T29] audit: type=1326 audit(1725512096.124:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.671264][ T29] audit: type=1326 audit(1725512096.124:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7145 comm="syz.2.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b4257cef9 code=0x7ffc0000 [ 239.748242][ T7166] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 239.796123][ T7166] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 241.175237][ T7174] Bluetooth: MGMT ver 1.23 [ 242.028324][ T7179] netlink: 408 bytes leftover after parsing attributes in process `syz.0.503'. [ 242.389185][ T7190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.508'. [ 242.730331][ T7196] tipc: Started in network mode [ 242.735279][ T7196] tipc: Node identity cab2f45cf34a, cluster identity 4711 [ 242.812292][ T7196] tipc: Enabled bearer , priority 0 [ 243.515430][ T7184] tipc: Disabling bearer [ 243.858621][ T7211] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 244.737193][ T6625] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 244.871972][ T7221] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 244.919979][ T7221] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 245.031992][ T6625] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 245.077066][ T6625] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 245.127384][ T6625] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 245.158888][ T6625] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.189512][ T7227] netlink: 188 bytes leftover after parsing attributes in process `syz.3.519'. [ 245.208324][ T6625] usb 1-1: config 0 descriptor?? [ 246.409541][ T6625] arvo 0003:1E7D:30D4.0007: unknown main item tag 0x0 [ 246.671604][ T6625] arvo 0003:1E7D:30D4.0007: unknown main item tag 0x0 [ 246.832116][ T7235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 246.897770][ T6625] arvo 0003:1E7D:30D4.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.0-1/input0 [ 248.904861][ T5278] usb 1-1: USB disconnect, device number 4 [ 249.758188][ T7269] netlink: 48 bytes leftover after parsing attributes in process `syz.1.528'. [ 251.098530][ T7264] Zero length message leads to an empty skb [ 252.641360][ T7285] bridge_slave_1: left allmulticast mode [ 252.664766][ T7285] bridge_slave_1: left promiscuous mode [ 252.681005][ T7285] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.721734][ T7285] bridge_slave_0: left allmulticast mode [ 252.760458][ T7285] bridge_slave_0: left promiscuous mode [ 252.772285][ T7285] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.057242][ T5308] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 255.029086][ T5308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.038533][ T7307] netlink: 'syz.1.545': attribute type 22 has an invalid length. [ 255.057375][ T5308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.077128][ T5308] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 255.095656][ T5308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.114368][ T5308] usb 5-1: config 0 descriptor?? [ 255.746063][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 255.746087][ T29] audit: type=1326 audit(1725512112.964:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 255.928129][ T29] audit: type=1326 audit(1725512113.004:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 255.990085][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.996867][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.167713][ T7323] netlink: 3752 bytes leftover after parsing attributes in process `syz.3.552'. [ 256.247835][ T5308] arvo 0003:1E7D:30D4.0008: unknown main item tag 0x0 [ 256.278727][ T7324] netlink: 24 bytes leftover after parsing attributes in process `syz.1.553'. [ 256.485315][ T29] audit: type=1326 audit(1725512113.034:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.517744][ T5308] arvo 0003:1E7D:30D4.0008: unknown main item tag 0x0 [ 256.662018][ T29] audit: type=1326 audit(1725512113.044:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.679419][ T5308] arvo 0003:1E7D:30D4.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0 [ 256.683698][ T29] audit: type=1326 audit(1725512113.044:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.716210][ T29] audit: type=1326 audit(1725512113.054:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.756008][ T29] audit: type=1326 audit(1725512113.054:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.779899][ T29] audit: type=1326 audit(1725512113.064:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.802678][ T29] audit: type=1326 audit(1725512113.064:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.847577][ T29] audit: type=1326 audit(1725512113.064:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7319 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4f97cef9 code=0x7ffc0000 [ 256.876735][ T7328] netlink: 'syz.0.554': attribute type 4 has an invalid length. [ 256.932033][ T7328] netlink: 'syz.0.554': attribute type 7 has an invalid length. [ 256.959160][ T7328] netlink: 198180 bytes leftover after parsing attributes in process `syz.0.554'. [ 258.304711][ T7344] netlink: 'syz.0.560': attribute type 10 has an invalid length. [ 258.522465][ T7344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.561481][ T6623] usb 5-1: USB disconnect, device number 4 [ 258.593475][ T7344] team0: Port device batadv0 added [ 258.886522][ T7357] netlink: 176 bytes leftover after parsing attributes in process `syz.4.566'. [ 260.040848][ T7367] netlink: 20 bytes leftover after parsing attributes in process `syz.0.565'. [ 260.055024][ T7367] trusted_key: encrypted_key: insufficient parameters specified [ 262.041143][ T5237] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 [ 262.051339][ T5237] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5237, name: kworker/u9:5 [ 262.062511][ T5237] preempt_count: 0, expected: 0 [ 262.068764][ T5237] RCU nest depth: 1, expected: 0 [ 262.073771][ T5237] 4 locks held by kworker/u9:5/5237: [ 262.079702][ T5237] #0: ffff88807177e148 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 262.091282][ T5237] #1: ffffc900036a7d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 262.107986][ T5237] #2: ffff888033384078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 262.119116][ T5237] #3: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 262.133957][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: kworker/u9:5 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 262.144904][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 262.155006][ T5237] Workqueue: hci4 hci_rx_work [ 262.159748][ T5237] Call Trace: [ 262.163050][ T5237] [ 262.166035][ T5237] dump_stack_lvl+0x241/0x360 [ 262.170746][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 262.175965][ T5237] ? __pfx__printk+0x10/0x10 [ 262.180582][ T5237] __might_resched+0x5d4/0x780 [ 262.185365][ T5237] ? __mutex_lock+0x112/0xd70 [ 262.190056][ T5237] ? __pfx___might_resched+0x10/0x10 [ 262.195372][ T5237] __mutex_lock+0xc1/0xd70 [ 262.199810][ T5237] ? __pfx_lock_acquire+0x10/0x10 [ 262.204853][ T5237] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.211116][ T5237] ? __pfx_lock_release+0x10/0x10 [ 262.216162][ T5237] ? __pfx___mutex_lock+0x10/0x10 [ 262.221204][ T5237] ? trace_contention_end+0x3c/0x120 [ 262.226499][ T5237] ? skb_pull_data+0x112/0x230 [ 262.231284][ T5237] ? hci_conn_set_handle+0x9a/0x270 [ 262.236530][ T5237] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.242625][ T5237] ? __copy_skb_header+0x437/0x5b0 [ 262.247759][ T5237] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 262.253935][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.260548][ T5237] ? hci_le_meta_evt+0x366/0x580 [ 262.265550][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.272174][ T5237] hci_event_packet+0xa55/0x1540 [ 262.277144][ T5237] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 262.282453][ T5237] ? __pfx_hci_event_packet+0x10/0x10 [ 262.287840][ T5237] ? do_raw_spin_unlock+0x13c/0x8b0 [ 262.293060][ T5237] ? hci_send_to_monitor+0xd8/0x7f0 [ 262.298279][ T5237] ? kcov_remote_start+0x97/0x7d0 [ 262.303323][ T5237] hci_rx_work+0x3e8/0xca0 [ 262.307768][ T5237] ? process_scheduled_works+0x945/0x1830 [ 262.313504][ T5237] process_scheduled_works+0xa2c/0x1830 [ 262.319095][ T5237] ? __pfx_process_scheduled_works+0x10/0x10 [ 262.325099][ T5237] ? assign_work+0x364/0x3d0 [ 262.329711][ T5237] worker_thread+0x86d/0xd10 [ 262.334333][ T5237] ? __kthread_parkme+0x169/0x1d0 [ 262.339380][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 262.344505][ T5237] kthread+0x2f0/0x390 [ 262.348595][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 262.353720][ T5237] ? __pfx_kthread+0x10/0x10 [ 262.358336][ T5237] ret_from_fork+0x4b/0x80 [ 262.362771][ T5237] ? __pfx_kthread+0x10/0x10 [ 262.367390][ T5237] ret_from_fork_asm+0x1a/0x30 [ 262.372205][ T5237] [ 262.381000][ T5237] [ 262.383383][ T5237] ============================= [ 262.388247][ T5237] [ BUG: Invalid wait context ] [ 262.393123][ T5237] 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 Tainted: G W [ 262.401733][ T5237] ----------------------------- [ 262.406602][ T5237] kworker/u9:5/5237 is trying to lock: [ 262.412085][ T5237] ffffffff8fbe5328 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.422769][ T5237] other info that might help us debug this: [ 262.428680][ T5237] context-{4:4} [ 262.432168][ T5237] 4 locks held by kworker/u9:5/5237: [ 262.437478][ T5237] #0: ffff88807177e148 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 262.448522][ T5237] #1: ffffc900036a7d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 262.460645][ T5237] #2: ffff888033384078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 262.471262][ T5237] #3: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 262.482575][ T5237] stack backtrace: [ 262.486326][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: kworker/u9:5 Tainted: G W 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 262.498692][ T5237] Tainted: [W]=WARN [ 262.502518][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 262.512603][ T5237] Workqueue: hci4 hci_rx_work [ 262.517415][ T5237] Call Trace: [ 262.520730][ T5237] [ 262.523690][ T5237] dump_stack_lvl+0x241/0x360 [ 262.528401][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 262.533610][ T5237] ? __pfx__printk+0x10/0x10 [ 262.538239][ T5237] __lock_acquire+0x153b/0x2040 [ 262.543141][ T5237] lock_acquire+0x1ed/0x550 [ 262.547674][ T5237] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.553940][ T5237] ? __pfx_lock_acquire+0x10/0x10 [ 262.558977][ T5237] ? __mutex_lock+0x112/0xd70 [ 262.563661][ T5237] ? __pfx___might_resched+0x10/0x10 [ 262.568969][ T5237] __mutex_lock+0x136/0xd70 [ 262.573484][ T5237] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.579783][ T5237] ? __pfx_lock_acquire+0x10/0x10 [ 262.584829][ T5237] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.591088][ T5237] ? __pfx_lock_release+0x10/0x10 [ 262.596130][ T5237] ? __pfx___mutex_lock+0x10/0x10 [ 262.601179][ T5237] ? trace_contention_end+0x3c/0x120 [ 262.606472][ T5237] ? skb_pull_data+0x112/0x230 [ 262.611252][ T5237] ? hci_conn_set_handle+0x9a/0x270 [ 262.616458][ T5237] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 262.622669][ T5237] ? __copy_skb_header+0x437/0x5b0 [ 262.627808][ T5237] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 262.633982][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.640586][ T5237] ? hci_le_meta_evt+0x366/0x580 [ 262.645565][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.652199][ T5237] hci_event_packet+0xa55/0x1540 [ 262.657162][ T5237] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 262.662463][ T5237] ? __pfx_hci_event_packet+0x10/0x10 [ 262.667843][ T5237] ? do_raw_spin_unlock+0x13c/0x8b0 [ 262.673056][ T5237] ? hci_send_to_monitor+0xd8/0x7f0 [ 262.678278][ T5237] ? kcov_remote_start+0x97/0x7d0 [ 262.683319][ T5237] hci_rx_work+0x3e8/0xca0 [ 262.687755][ T5237] ? process_scheduled_works+0x945/0x1830 [ 262.693484][ T5237] process_scheduled_works+0xa2c/0x1830 [ 262.699057][ T5237] ? __pfx_process_scheduled_works+0x10/0x10 [ 262.705085][ T5237] ? assign_work+0x364/0x3d0 [ 262.709747][ T5237] worker_thread+0x86d/0xd10 [ 262.714390][ T5237] ? __kthread_parkme+0x169/0x1d0 [ 262.719435][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 262.724560][ T5237] kthread+0x2f0/0x390 [ 262.728650][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 262.733805][ T5237] ? __pfx_kthread+0x10/0x10 [ 262.738429][ T5237] ret_from_fork+0x4b/0x80 [ 262.742868][ T5237] ? __pfx_kthread+0x10/0x10 [ 262.747478][ T5237] ret_from_fork_asm+0x1a/0x30 [ 262.752267][ T5237] [ 262.765161][ T5237] ================================================================== [ 262.773286][ T5237] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0 [ 262.782454][ T5237] Read of size 8 at addr ffff888032900000 by task kworker/u9:5/5237 [ 262.790470][ T5237] [ 262.792828][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: kworker/u9:5 Tainted: G W 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 262.805236][ T5237] Tainted: [W]=WARN [ 262.809071][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 262.819159][ T5237] Workqueue: hci4 hci_rx_work [ 262.823894][ T5237] Call Trace: [ 262.827226][ T5237] [ 262.830211][ T5237] dump_stack_lvl+0x241/0x360 [ 262.834902][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 262.840113][ T5237] ? __pfx__printk+0x10/0x10 [ 262.844710][ T5237] ? _printk+0xd5/0x120 [ 262.848878][ T5237] ? __virt_addr_valid+0x183/0x530 [ 262.854005][ T5237] ? __virt_addr_valid+0x183/0x530 [ 262.859221][ T5237] print_report+0x169/0x550 [ 262.863747][ T5237] ? __virt_addr_valid+0x183/0x530 [ 262.868970][ T5237] ? __virt_addr_valid+0x183/0x530 [ 262.874118][ T5237] ? __virt_addr_valid+0x45f/0x530 [ 262.879261][ T5237] ? __phys_addr+0xba/0x170 [ 262.883877][ T5237] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 262.890146][ T5237] kasan_report+0x143/0x180 [ 262.894675][ T5237] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 262.900943][ T5237] hci_le_create_big_complete_evt+0x383/0xae0 [ 262.907033][ T5237] ? __copy_skb_header+0x437/0x5b0 [ 262.912172][ T5237] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 262.918386][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.925024][ T5237] ? hci_le_meta_evt+0x366/0x580 [ 262.929984][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 262.936610][ T5237] hci_event_packet+0xa55/0x1540 [ 262.941571][ T5237] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 262.946874][ T5237] ? __pfx_hci_event_packet+0x10/0x10 [ 262.952283][ T5237] ? do_raw_spin_unlock+0x13c/0x8b0 [ 262.957505][ T5237] ? hci_send_to_monitor+0xd8/0x7f0 [ 262.962760][ T5237] ? kcov_remote_start+0x97/0x7d0 [ 262.967896][ T5237] hci_rx_work+0x3e8/0xca0 [ 262.972359][ T5237] ? process_scheduled_works+0x945/0x1830 [ 262.978110][ T5237] process_scheduled_works+0xa2c/0x1830 [ 262.983810][ T5237] ? __pfx_process_scheduled_works+0x10/0x10 [ 262.990003][ T5237] ? assign_work+0x364/0x3d0 [ 262.994638][ T5237] worker_thread+0x86d/0xd10 [ 262.999283][ T5237] ? __kthread_parkme+0x169/0x1d0 [ 263.004345][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 263.009468][ T5237] kthread+0x2f0/0x390 [ 263.013639][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 263.018777][ T5237] ? __pfx_kthread+0x10/0x10 [ 263.023405][ T5237] ret_from_fork+0x4b/0x80 [ 263.027849][ T5237] ? __pfx_kthread+0x10/0x10 [ 263.032486][ T5237] ret_from_fork_asm+0x1a/0x30 [ 263.037307][ T5237] [ 263.040340][ T5237] [ 263.042663][ T5237] Allocated by task 5237: [ 263.047003][ T5237] kasan_save_track+0x3f/0x80 [ 263.051701][ T5237] __kasan_kmalloc+0x98/0xb0 [ 263.056297][ T5237] __kmalloc_cache_noprof+0x19c/0x2c0 [ 263.061682][ T5237] __hci_conn_add+0x2f9/0x1850 [ 263.066448][ T5237] hci_le_big_sync_established_evt+0x414/0xc20 [ 263.072635][ T5237] hci_event_packet+0xa55/0x1540 [ 263.077606][ T5237] hci_rx_work+0x3e8/0xca0 [ 263.082068][ T5237] process_scheduled_works+0xa2c/0x1830 [ 263.087667][ T5237] worker_thread+0x86d/0xd10 [ 263.092321][ T5237] kthread+0x2f0/0x390 [ 263.096404][ T5237] ret_from_fork+0x4b/0x80 [ 263.100836][ T5237] ret_from_fork_asm+0x1a/0x30 [ 263.105629][ T5237] [ 263.107974][ T5237] Freed by task 5237: [ 263.111961][ T5237] kasan_save_track+0x3f/0x80 [ 263.116753][ T5237] kasan_save_free_info+0x40/0x50 [ 263.121803][ T5237] poison_slab_object+0xe0/0x150 [ 263.126767][ T5237] __kasan_slab_free+0x37/0x60 [ 263.131532][ T5237] kfree+0x149/0x360 [ 263.135432][ T5237] device_release+0x99/0x1c0 [ 263.140030][ T5237] kobject_put+0x22f/0x480 [ 263.144451][ T5237] hci_conn_del+0x8c4/0xc40 [ 263.148957][ T5237] hci_le_create_big_complete_evt+0x619/0xae0 [ 263.155037][ T5237] hci_event_packet+0xa55/0x1540 [ 263.159983][ T5237] hci_rx_work+0x3e8/0xca0 [ 263.164420][ T5237] process_scheduled_works+0xa2c/0x1830 [ 263.169975][ T5237] worker_thread+0x86d/0xd10 [ 263.174579][ T5237] kthread+0x2f0/0x390 [ 263.178778][ T5237] ret_from_fork+0x4b/0x80 [ 263.183219][ T5237] ret_from_fork_asm+0x1a/0x30 [ 263.188344][ T5237] [ 263.190677][ T5237] The buggy address belongs to the object at ffff888032900000 [ 263.190677][ T5237] which belongs to the cache kmalloc-8k of size 8192 [ 263.204766][ T5237] The buggy address is located 0 bytes inside of [ 263.204766][ T5237] freed 8192-byte region [ffff888032900000, ffff888032902000) [ 263.218583][ T5237] [ 263.220927][ T5237] The buggy address belongs to the physical page: [ 263.227348][ T5237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32900 [ 263.236122][ T5237] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 263.244635][ T5237] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 263.252559][ T5237] page_type: 0xfdffffff(slab) [ 263.257264][ T5237] raw: 00fff00000000040 ffff88801a842280 ffffea0000a54400 dead000000000003 [ 263.265894][ T5237] raw: 0000000000000000 0000000080020002 00000001fdffffff 0000000000000000 [ 263.274511][ T5237] head: 00fff00000000040 ffff88801a842280 ffffea0000a54400 dead000000000003 [ 263.283204][ T5237] head: 0000000000000000 0000000080020002 00000001fdffffff 0000000000000000 [ 263.291884][ T5237] head: 00fff00000000003 ffffea0000ca4001 ffffffffffffffff 0000000000000000 [ 263.300563][ T5237] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 263.309247][ T5237] page dumped because: kasan: bad access detected [ 263.315684][ T5237] page_owner tracks the page as allocated [ 263.321398][ T5237] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4895, tgid 4895 (dhcpcd-run-hook), ts 48245512982, free_ts 48234913122 [ 263.342277][ T5237] post_alloc_hook+0x1f3/0x230 [ 263.347087][ T5237] get_page_from_freelist+0x2e4c/0x2f10 [ 263.352664][ T5237] __alloc_pages_noprof+0x256/0x6c0 [ 263.357881][ T5237] alloc_slab_page+0x5f/0x120 [ 263.362603][ T5237] allocate_slab+0x5a/0x2f0 [ 263.367127][ T5237] ___slab_alloc+0xcd1/0x14b0 [ 263.371826][ T5237] __slab_alloc+0x58/0xa0 [ 263.376178][ T5237] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 263.381601][ T5237] tomoyo_init_log+0x11ce/0x2050 [ 263.386553][ T5237] tomoyo_supervisor+0x38a/0x11f0 [ 263.391599][ T5237] tomoyo_env_perm+0x178/0x210 [ 263.396378][ T5237] tomoyo_find_next_domain+0x1384/0x1cf0 [ 263.402015][ T5237] tomoyo_bprm_check_security+0x115/0x180 [ 263.407743][ T5237] security_bprm_check+0x65/0x90 [ 263.412706][ T5237] bprm_execve+0xa56/0x1770 [ 263.417524][ T5237] do_execveat_common+0x55f/0x6f0 [ 263.422615][ T5237] page last free pid 4894 tgid 4894 stack trace: [ 263.428957][ T5237] free_unref_page+0xd19/0xea0 [ 263.433730][ T5237] __slab_free+0x31b/0x3d0 [ 263.438162][ T5237] qlist_free_all+0x9e/0x140 [ 263.442796][ T5237] kasan_quarantine_reduce+0x14f/0x170 [ 263.448258][ T5237] __kasan_slab_alloc+0x23/0x80 [ 263.453111][ T5237] kmem_cache_alloc_noprof+0x135/0x2a0 [ 263.458613][ T5237] getname_flags+0xb7/0x540 [ 263.463243][ T5237] vfs_fstatat+0x12c/0x190 [ 263.467662][ T5237] __x64_sys_newfstatat+0x11d/0x1a0 [ 263.472874][ T5237] do_syscall_64+0xf3/0x230 [ 263.477392][ T5237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.483335][ T5237] [ 263.485679][ T5237] Memory state around the buggy address: [ 263.491313][ T5237] ffff8880328fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 263.499405][ T5237] ffff8880328fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 263.507475][ T5237] >ffff888032900000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.515543][ T5237] ^ [ 263.519637][ T5237] ffff888032900080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.527717][ T5237] ffff888032900100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 263.535794][ T5237] ================================================================== [ 263.549700][ T5237] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 263.556956][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: kworker/u9:5 Tainted: G W 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 263.569459][ T5237] Tainted: [W]=WARN [ 263.573376][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 263.583440][ T5237] Workqueue: hci4 hci_rx_work [ 263.588297][ T5237] Call Trace: [ 263.591598][ T5237] [ 263.594547][ T5237] dump_stack_lvl+0x241/0x360 [ 263.599260][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 263.604489][ T5237] ? __pfx__printk+0x10/0x10 [ 263.609168][ T5237] ? rcu_is_watching+0x15/0xb0 [ 263.613943][ T5237] ? preempt_schedule+0xe1/0xf0 [ 263.618805][ T5237] ? vscnprintf+0x5d/0x90 [ 263.623145][ T5237] panic+0x349/0x860 [ 263.627048][ T5237] ? check_panic_on_warn+0x21/0xb0 [ 263.632176][ T5237] ? __pfx_panic+0x10/0x10 [ 263.636627][ T5237] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 263.642623][ T5237] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 263.648975][ T5237] ? print_report+0x502/0x550 [ 263.653703][ T5237] check_panic_on_warn+0x86/0xb0 [ 263.658651][ T5237] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 263.664932][ T5237] end_report+0x77/0x160 [ 263.669192][ T5237] kasan_report+0x154/0x180 [ 263.673710][ T5237] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 263.680061][ T5237] hci_le_create_big_complete_evt+0x383/0xae0 [ 263.686174][ T5237] ? __copy_skb_header+0x437/0x5b0 [ 263.691299][ T5237] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 263.697497][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 263.704138][ T5237] ? hci_le_meta_evt+0x366/0x580 [ 263.709102][ T5237] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 263.715710][ T5237] hci_event_packet+0xa55/0x1540 [ 263.720664][ T5237] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 263.725965][ T5237] ? __pfx_hci_event_packet+0x10/0x10 [ 263.731365][ T5237] ? do_raw_spin_unlock+0x13c/0x8b0 [ 263.736575][ T5237] ? hci_send_to_monitor+0xd8/0x7f0 [ 263.741811][ T5237] ? kcov_remote_start+0x97/0x7d0 [ 263.746938][ T5237] hci_rx_work+0x3e8/0xca0 [ 263.751459][ T5237] ? process_scheduled_works+0x945/0x1830 [ 263.757201][ T5237] process_scheduled_works+0xa2c/0x1830 [ 263.762785][ T5237] ? __pfx_process_scheduled_works+0x10/0x10 [ 263.768782][ T5237] ? assign_work+0x364/0x3d0 [ 263.773389][ T5237] worker_thread+0x86d/0xd10 [ 263.778001][ T5237] ? __kthread_parkme+0x169/0x1d0 [ 263.783067][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 263.788190][ T5237] kthread+0x2f0/0x390 [ 263.792273][ T5237] ? __pfx_worker_thread+0x10/0x10 [ 263.797396][ T5237] ? __pfx_kthread+0x10/0x10 [ 263.802002][ T5237] ret_from_fork+0x4b/0x80 [ 263.806430][ T5237] ? __pfx_kthread+0x10/0x10 [ 263.811036][ T5237] ret_from_fork_asm+0x1a/0x30 [ 263.815824][ T5237] [ 263.819139][ T5237] Kernel Offset: disabled [ 263.823463][ T5237] Rebooting in 86400 seconds..