last executing test programs: 2m20.755703555s ago: executing program 2 (id=242): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsmount(r2, 0x0, 0x0) socket$l2tp(0x2, 0x2, 0x73) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x800) sendto$unix(r4, &(0x7f0000000000)="96e1825a8935527e2e610c701cea2bb564c4f3345c6a44b804bc2842519c666846c34acc07959ab1775837fe47f7d71eb72ae94e20ca5d34dcc577b4bebc0efe60e6fcb7f0aa9cb21196ab6f65d5e43b36c44f8887a13103f665e9fd646b65e2f4a9ba21d5214c4a6c936bc78f2f59c7a1bf221a1171c6cd4881942dd7acb7803ad6a8f4b8841bc19b805d9ab9765bd220c0b6ac8b051815481268175ff7409d4b1bf71b36818e8bf3c1", 0xfffffffffffffd2e, 0x20044801, 0x0, 0x0) 2m15.393471456s ago: executing program 2 (id=257): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x400, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') open(&(0x7f00000005c0)='./bus\x00', 0x66843, 0x0) 2m15.135232s ago: executing program 2 (id=258): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000100)=[{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000340)="5bc9d51b0010853f8e645dc714b8815bff642957d7d2f849d7f5b80b5c8f94e03a62189065e8f4", 0x27}, {&(0x7f00000000c0)="99472fa420b36a4532aaafa4624703fb5e133e8e2b7441b3dddf30f1b4", 0x1d}, {&(0x7f0000000240)="6f156d21c41171", 0x7}], 0x3, 0x0, 0x0, 0x4040044}], 0x1, 0x0) 2m14.917614602s ago: executing program 2 (id=260): syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) r2 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000340)=0xc) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) ioctl$BLKZEROOUT(r2, 0x127f, &(0x7f00000000c0)={0x4000, 0x80600}) 2m13.743790758s ago: executing program 2 (id=265): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0xd, 0x0, 0x480c5}, 0x0) 2m13.303551814s ago: executing program 2 (id=266): setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6", 0xd) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x414902, 0x80) mount(0x0, 0x0, 0x0, 0x0, 0x0) fanotify_init(0x200, 0x0) pselect6(0x40, &(0x7f0000000680)={0x8, 0x7, 0x0, 0xfffffffffffffff9, 0x916, 0xae3, 0x7, 0x8}, 0x0, 0x0, &(0x7f0000000740), 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) recvmmsg(r4, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 1m57.550150744s ago: executing program 32 (id=266): setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6", 0xd) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x414902, 0x80) mount(0x0, 0x0, 0x0, 0x0, 0x0) fanotify_init(0x200, 0x0) pselect6(0x40, &(0x7f0000000680)={0x8, 0x7, 0x0, 0xfffffffffffffff9, 0x916, 0xae3, 0x7, 0x8}, 0x0, 0x0, &(0x7f0000000740), 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) recvmmsg(r4, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 14.544879717s ago: executing program 4 (id=569): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) r3 = socket$alg(0x26, 0x5, 0x0) r4 = accept4(r3, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f0000009500)=[{{0x0, 0x0, &(0x7f0000000180)}, 0x80001}], 0x1, 0x2100, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) syz_usbip_server_init(0x3) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 12.519934364s ago: executing program 4 (id=573): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x20241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r2) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x44, r5, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0xd6, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void}}]}, 0x44}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 12.376002355s ago: executing program 4 (id=574): r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000180)='./file1\x00', 0x4) renameat2(r0, 0x0, r0, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) 12.00553351s ago: executing program 4 (id=576): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1) 11.365973169s ago: executing program 4 (id=583): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) listen(r0, 0x90004) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r4, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) ioctl$USBDEVFS_GETDRIVER(r6, 0x41045508, &(0x7f0000000140)={0x0, "fc51620330dfc4536d7ae0257e5d07b15b112f495e1eb3291759e4e4ade8d52cb7d906f4da6e117989740a458a317c56f10755875efe7939ad7a23a8fd263c0885ebeae5910fc386bf61e776b00c983ed01bf9542b28ce546ebc56a05564b5705bbc884d64fbad597225093ce604ffa41783a9bc50e2c366938794f0fdd8da658784ecfac1ab9e7c2f6b8caaa11f3a1b799c9f227c57e07f4673f3119e1925b350b6e76ae1b001263a91e5f9b06ab664c976fbb11157382406f3793c2484c16989530b8becd66799e0376ca198a954ad29742c38af6af66da6da49ce52b07bb16508dabcdd5caa352d8dca7d6767a468ac1768dcc6cf4b91ba5f372bc32bce85"}) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c800a2da39224f3baa4eea92782600796574fd98f10f958f7aae2560e83167ee7b235d7deee99825d337a2857a43c2c67835054dbae1165b864ba0cbde062a12efa50bce6c71d3d10dcd58631c24ad7f931b478aeb08890d02488ef83ea736d1fde9d9dabcda35cd0f0fbd529d62b6491a83a942d4b607d09d34e441e7d5f4fea8891e7b27b7ec516910a9f61a731316b94b5415cf77952a9b6001d427284b923c38"], 0xa6) 8.225737381s ago: executing program 0 (id=587): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 7.57144073s ago: executing program 4 (id=588): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) fsmount(0xffffffffffffffff, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x800) sendto$unix(r3, &(0x7f0000000000)="96e1825a8935527e2e610c701cea2bb564c4f3345c6a44b804bc2842519c666846c34acc07959ab1775837fe47f7d71eb72ae94e20ca5d34dcc577b4bebc0efe60e6fcb7f0aa9cb21196ab6f65d5e43b36c44f8887a13103f665e9fd646b65e2f4a9ba21d5214c4a6c936bc78f2f59c7a1bf221a1171c6cd4881942dd7acb7803ad6a8f4b8841bc19b805d9ab9765bd220c0b6ac8b051815481268175ff7409d4b1bf71b36818e8bf3c1", 0xfffffffffffffd2e, 0x20044801, 0x0, 0x0) 7.4889615s ago: executing program 3 (id=590): close(0xffffffffffffffff) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000280)=[{&(0x7f00000005c0)}], 0x1) 7.312035543s ago: executing program 1 (id=591): open(&(0x7f0000000280)='.\x00', 0x0, 0x0) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000001c0)=""/3, 0x3, 0x0, 0x4, 0x0, 0x1, 0xc08}}, 0xfffffe7f) readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)=""/144, 0x9b}, {0x0, 0x3}], 0x2) 7.239802184s ago: executing program 3 (id=592): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x20241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r2) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x44, r5, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0xd6, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void}}]}, 0x44}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 7.174540015s ago: executing program 0 (id=593): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) r3 = socket$alg(0x26, 0x5, 0x0) r4 = accept4(r3, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f0000009500)=[{{0x0, 0x0, &(0x7f0000000180)}, 0x80001}], 0x1, 0x2100, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) syz_usbip_server_init(0x3) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 7.174396955s ago: executing program 1 (id=594): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x10000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000001c0)) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xfcff, &(0x7f00000004c0)="e0"}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x44, 0x0, &(0x7f00000002c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 6.941670048s ago: executing program 3 (id=595): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 5.639930995s ago: executing program 1 (id=596): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x8c0802, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6c000000}, 0x94) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) write$cgroup_int(r4, &(0x7f0000000100)=0x1, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='rdma.current\x00', 0x26e1, 0x0) close(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) ioctl$SIOCSIFHWADDR(r5, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_DEST(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd5000ffdbdf25060000001f000180080009005500000006000100020000007d8679cf47ab24e7d886a6c3962d026f87683d8df63c7311f652e6b7411ea8988160bd7767f90d484331d52f7fd883bbc39f949a02904745494a97ea6149cb5ac9b1e7b6057d30bbcac6fba1a8809c769d9bd393bd1f471b7d544965e5a2360b459b8a7d6d3edc5ae9943e4f361436e1584714e0"], 0x28}, 0x1, 0x0, 0x0, 0x8040}, 0x480c0) r7 = syz_io_uring_setup(0xef0, &(0x7f00000004c0)={0x0, 0x62f, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000140)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x43, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x4}, 0x1}) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) socket$tipc(0x1e, 0x2, 0x0) 5.387794219s ago: executing program 3 (id=597): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) listen(r0, 0x90004) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r4, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) accept4(r0, 0x0, 0x0, 0x0) r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) ioctl$USBDEVFS_GETDRIVER(r6, 0x41045508, &(0x7f0000000140)={0x0, "fc51620330dfc4536d7ae0257e5d07b15b112f495e1eb3291759e4e4ade8d52cb7d906f4da6e117989740a458a317c56f10755875efe7939ad7a23a8fd263c0885ebeae5910fc386bf61e776b00c983ed01bf9542b28ce546ebc56a05564b5705bbc884d64fbad597225093ce604ffa41783a9bc50e2c366938794f0fdd8da658784ecfac1ab9e7c2f6b8caaa11f3a1b799c9f227c57e07f4673f3119e1925b350b6e76ae1b001263a91e5f9b06ab664c976fbb11157382406f3793c2484c16989530b8becd66799e0376ca198a954ad29742c38af6af66da6da49ce52b07bb16508dabcdd5caa352d8dca7d6767a468ac1768dcc6cf4b91ba5f372bc32bce85"}) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c800a2da39224f3baa4eea92782600796574fd98f10f958f7aae2560e83167ee7b235d7deee99825d337a2857a43c2c67835054dbae1165b864ba0cbde062a12efa50bce6c71d3d10dcd58631c24ad7f931b478aeb08890d02488ef83ea736d1fde9d9dabcda35cd0f0fbd529d62b6491a83a942d4b607d09d34e441e7d5f4fea8891e7b27b7ec516910a9f61a731316b94b5415cf77952a9b6001d427284b923c38"], 0xa6) 5.144354992s ago: executing program 0 (id=598): r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r0, 0xc0045b0f, &(0x7f0000000040)) 4.119930935s ago: executing program 1 (id=599): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) 4.016002617s ago: executing program 0 (id=600): close(0xffffffffffffffff) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a0603a6ff80000007ff000000006302496b3a17b42e640094000500", 0x2c}], 0x1) 3.650094142s ago: executing program 1 (id=601): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 2.939302201s ago: executing program 0 (id=602): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r2, 0x0, 0x32) syz_open_dev$tty1(0xc, 0x4, 0x1) syz_usbip_server_init(0x3) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d4b64e6295701000f2ddb265547112c800000006e8072f654261b02c6b3c5a05a1db5a33d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRES8, @ANYBLOB]) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'dummy0\x00'}) openat$ubi_ctrl(0xffffff9c, &(0x7f0000000240), 0x22040, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r4, &(0x7f00000034c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xcac) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x2, 0x0) 2.807574763s ago: executing program 3 (id=603): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x20241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r2) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x44, r5, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0xd6, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void}}]}, 0x44}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 1.233025864s ago: executing program 1 (id=604): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) listen(r0, 0x90004) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r4, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) accept4(r0, 0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) 19.88811ms ago: executing program 0 (id=605): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 0s ago: executing program 3 (id=606): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) r4 = socket$alg(0x26, 0x5, 0x0) r5 = accept4(r4, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000009500)=[{{0x0, 0x0, &(0x7f0000000180)}, 0x80001}], 0x1, 0x2100, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) syz_usbip_server_init(0x3) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.236' (ED25519) to the list of known hosts. [ 74.340868][ T5773] cgroup: Unknown subsys name 'net' [ 74.480862][ T5773] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 76.193214][ T5773] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.888864][ T5790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.897801][ T5790] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.898433][ T5793] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.915105][ T5790] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.927153][ T5791] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.935429][ T5791] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.943519][ T5791] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.950494][ T5796] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.952564][ T5796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.959167][ T5791] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.968127][ T5796] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.977764][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.981412][ T5791] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.986842][ T5794] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.001373][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.009518][ T5799] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 78.017653][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.025638][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 78.033176][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.043124][ T5799] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.047463][ T5796] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.061408][ T5799] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.073218][ T5799] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.081757][ T5799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.540743][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 78.698222][ T5783] chnl_net:caif_netlink_parms(): no params data found [ 78.782732][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 78.800783][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.808401][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.816113][ T5788] bridge_slave_0: entered allmulticast mode [ 78.823856][ T5788] bridge_slave_0: entered promiscuous mode [ 78.833700][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.840934][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.848338][ T5788] bridge_slave_1: entered allmulticast mode [ 78.855500][ T5788] bridge_slave_1: entered promiscuous mode [ 78.884553][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 78.992003][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.022016][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.029336][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.036962][ T5783] bridge_slave_0: entered allmulticast mode [ 79.044420][ T5783] bridge_slave_0: entered promiscuous mode [ 79.052855][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.060040][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.067723][ T5783] bridge_slave_1: entered allmulticast mode [ 79.075133][ T5783] bridge_slave_1: entered promiscuous mode [ 79.084145][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.168463][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.176741][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.184674][ T5784] bridge_slave_0: entered allmulticast mode [ 79.192242][ T5784] bridge_slave_0: entered promiscuous mode [ 79.200641][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.208312][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.215572][ T5784] bridge_slave_1: entered allmulticast mode [ 79.223896][ T5784] bridge_slave_1: entered promiscuous mode [ 79.245802][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.259119][ T5788] team0: Port device team_slave_0 added [ 79.268024][ T5788] team0: Port device team_slave_1 added [ 79.307367][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.378507][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.386480][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.393968][ T5782] bridge_slave_0: entered allmulticast mode [ 79.401551][ T5782] bridge_slave_0: entered promiscuous mode [ 79.412489][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.438515][ T5783] team0: Port device team_slave_0 added [ 79.445835][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.453653][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.480032][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.499922][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.507365][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.515084][ T5782] bridge_slave_1: entered allmulticast mode [ 79.522287][ T5782] bridge_slave_1: entered promiscuous mode [ 79.531624][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.542724][ T5783] team0: Port device team_slave_1 added [ 79.549437][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.556524][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.582554][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.687449][ T5784] team0: Port device team_slave_0 added [ 79.723178][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.734394][ T5784] team0: Port device team_slave_1 added [ 79.742830][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.752597][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.759558][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.785816][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.802365][ T5788] hsr_slave_0: entered promiscuous mode [ 79.809392][ T5788] hsr_slave_1: entered promiscuous mode [ 79.855480][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.863142][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.889624][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.934885][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.942235][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.968743][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.985068][ T5782] team0: Port device team_slave_0 added [ 79.993679][ T5782] team0: Port device team_slave_1 added [ 80.033084][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.040079][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.066221][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.102388][ T5799] Bluetooth: hci3: command tx timeout [ 80.107972][ T5793] Bluetooth: hci1: command tx timeout [ 80.133942][ T5783] hsr_slave_0: entered promiscuous mode [ 80.140533][ T5783] hsr_slave_1: entered promiscuous mode [ 80.147320][ T5783] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.155539][ T5783] Cannot create hsr debugfs directory [ 80.181285][ T5799] Bluetooth: hci2: command tx timeout [ 80.187063][ T5799] Bluetooth: hci0: command tx timeout [ 80.202267][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.209262][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.235515][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.278646][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.286017][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.312552][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.376686][ T5784] hsr_slave_0: entered promiscuous mode [ 80.383634][ T5784] hsr_slave_1: entered promiscuous mode [ 80.389841][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.398452][ T5784] Cannot create hsr debugfs directory [ 80.513251][ T5782] hsr_slave_0: entered promiscuous mode [ 80.519761][ T5782] hsr_slave_1: entered promiscuous mode [ 80.526311][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.534396][ T5782] Cannot create hsr debugfs directory [ 80.734974][ T5788] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.747801][ T5788] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.794758][ T5788] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.852481][ T5788] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.914265][ T5783] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 80.939891][ T5783] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.951662][ T5783] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.964107][ T5783] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.081156][ T5784] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.106458][ T5784] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.137726][ T5784] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.148844][ T5784] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.209187][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.232096][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.253486][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.272361][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.279372][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.336937][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.377621][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.388140][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.395629][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.422112][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.429374][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.478364][ T5783] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.529486][ T2956] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.536661][ T2956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.576093][ T5788] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 81.586678][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.608112][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.615369][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.719254][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.754607][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.819612][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.833812][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.855970][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.863239][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.879297][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.886527][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.940770][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.948039][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.970315][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.977608][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.188860][ T5799] Bluetooth: hci3: command tx timeout [ 82.188872][ T5793] Bluetooth: hci1: command tx timeout [ 82.234014][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.271127][ T5799] Bluetooth: hci2: command tx timeout [ 82.272050][ T5793] Bluetooth: hci0: command tx timeout [ 82.437389][ T5788] veth0_vlan: entered promiscuous mode [ 82.478431][ T5788] veth1_vlan: entered promiscuous mode [ 82.539297][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.619121][ T5788] veth0_macvtap: entered promiscuous mode [ 82.682327][ T5788] veth1_macvtap: entered promiscuous mode [ 82.796666][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.859244][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.874281][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.886102][ T5783] veth0_vlan: entered promiscuous mode [ 82.903584][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.916652][ T5788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.928753][ T5788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.939745][ T5788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.948576][ T5788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.980108][ T5783] veth1_vlan: entered promiscuous mode [ 83.084854][ T5783] veth0_macvtap: entered promiscuous mode [ 83.099499][ T5783] veth1_macvtap: entered promiscuous mode [ 83.136351][ T5784] veth0_vlan: entered promiscuous mode [ 83.187548][ T5782] veth0_vlan: entered promiscuous mode [ 83.214674][ T5784] veth1_vlan: entered promiscuous mode [ 83.245777][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.258757][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.272338][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.285475][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.296906][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.304294][ T1076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.313488][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.328124][ T1076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.372522][ T5783] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.375724][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.384038][ T5783] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.398611][ T5783] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.401627][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.409472][ T5783] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.428806][ T5782] veth1_vlan: entered promiscuous mode [ 83.548128][ T5784] veth0_macvtap: entered promiscuous mode [ 83.567059][ T5784] veth1_macvtap: entered promiscuous mode [ 83.584504][ T5782] veth0_macvtap: entered promiscuous mode [ 83.633482][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.650709][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.661161][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.686563][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.713043][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.725064][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.738612][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.749108][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.759710][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.773359][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.784585][ T5782] veth1_macvtap: entered promiscuous mode [ 83.825016][ T1076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.850926][ T5784] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.851248][ T1076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.880790][ T5784] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.889661][ T5784] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.922085][ T5784] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.979843][ T5879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5'. [ 83.999956][ T5879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5'. [ 84.314816][ T5793] Bluetooth: hci1: command tx timeout [ 84.314920][ T5799] Bluetooth: hci3: command tx timeout [ 84.353043][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.378762][ T5101] Bluetooth: hci0: command tx timeout [ 84.385660][ T5101] Bluetooth: hci2: command tx timeout [ 84.402088][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.434858][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.469542][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.479792][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.503286][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.560056][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.039715][ T2956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.057655][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.071125][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.098259][ T2956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.120445][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.155580][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.176181][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.186922][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.216323][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.285984][ T5782] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.295776][ T5782] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.307499][ T5782] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.316349][ T5782] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.394232][ T2956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.407426][ T2956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.725154][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.794487][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.873901][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.913924][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.041647][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.050280][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 86.069286][ T1076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.093018][ T1076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.382655][ T5799] Bluetooth: hci3: command tx timeout [ 86.388236][ T5799] Bluetooth: hci1: command tx timeout [ 86.423888][ T5101] Bluetooth: hci2: command tx timeout [ 86.429568][ T5101] Bluetooth: hci0: command tx timeout [ 86.848095][ T787] cfg80211: failed to load regulatory.db [ 87.141292][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 87.217623][ T28] audit: type=1804 audit(1752195468.443:2): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.8" name="/newroot/3/bus/bus" dev="overlay" ino=42 res=1 errno=0 [ 87.242002][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 87.250926][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 87.295184][ T28] audit: type=1804 audit(1752195468.503:3): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.8" name="/newroot/3/bus/bus" dev="overlay" ino=42 res=1 errno=0 [ 87.484565][ T5922] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 87.765145][ T5922] netlink: 'syz.2.9': attribute type 30 has an invalid length. [ 88.759798][ T5925] ip6tnl1: entered promiscuous mode [ 88.781108][ T5925] ip6tnl1: entered allmulticast mode [ 89.115022][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.203332][ T5928] netlink: 'syz.3.11': attribute type 1 has an invalid length. [ 89.231619][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 89.261208][ T5928] bridge0: port 3(ip6gretap1) entered blocking state [ 89.295033][ T5928] bridge0: port 3(ip6gretap1) entered disabled state [ 89.335894][ T5928] ip6gretap1: entered allmulticast mode [ 89.422821][ T5928] ip6gretap1: entered promiscuous mode [ 89.701533][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 89.893592][ T5931] ip6gretap1: left allmulticast mode [ 89.899302][ T5931] ip6gretap1: left promiscuous mode [ 89.911887][ T5931] bridge0: port 3(ip6gretap1) entered disabled state [ 89.913698][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 90.410598][ T5936] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.527905][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 90.553695][ T5938] syz.2.13 uses obsolete (PF_INET,SOCK_PACKET) [ 91.249973][ T5931] bridge_slave_1: left allmulticast mode [ 91.257683][ T5931] bridge_slave_1: left promiscuous mode [ 91.263577][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.335039][ T5931] bridge_slave_0: left allmulticast mode [ 91.340801][ T5931] bridge_slave_0: left promiscuous mode [ 91.347486][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.669746][ T5931] syz.3.11 (5931) used greatest stack depth: 20776 bytes left [ 92.097805][ T5951] syz.2.15[5951]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 92.266828][ T5951] loop2: detected capacity change from 0 to 128 [ 92.503920][ T5952] ALSA: mixer_oss: invalid index 40000 [ 92.811195][ T5957] process 'syz.3.17' launched './file0' with NULL argv: empty string added [ 94.499949][ T5972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23'. [ 94.632586][ T5974] netlink: 'syz.0.22': attribute type 10 has an invalid length. [ 94.731253][ T5975] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 94.738063][ T5975] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 94.780307][ T5974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.793873][ T5975] vhci_hcd vhci_hcd.0: Device attached [ 94.810296][ T5974] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 94.829511][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.731891][ T5839] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 95.744195][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.754579][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.762295][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.801926][ T5976] bond0: (slave batadv0): Releasing backup interface [ 96.070673][ T5977] vhci_hcd: connection reset by peer [ 96.135919][ T59] vhci_hcd: stop threads [ 96.140595][ T59] vhci_hcd: release socket [ 96.160575][ T59] vhci_hcd: disconnect device [ 97.090308][ T6011] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 97.312790][ T6017] loop2: detected capacity change from 0 to 128 [ 97.330634][ T6010] syzkaller1: entered promiscuous mode [ 97.371182][ T6010] syzkaller1: entered allmulticast mode [ 98.416069][ T6020] syz.1.34 (6020) used greatest stack depth: 20304 bytes left [ 101.033184][ T5839] vhci_hcd: vhci_device speed not set [ 104.569560][ T6080] loop2: detected capacity change from 0 to 128 [ 106.143174][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b348c00: rx timeout, send abort [ 106.184610][ T6102] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 106.643970][ C0] vcan0: j1939_tp_rxtimer: 0xffff888026710c00: rx timeout, send abort [ 106.652439][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b348c00: abort rx timeout. Force session deactivation [ 106.985648][ T5889] Process accounting resumed [ 107.015304][ T6106] can0: slcan on pty22. [ 107.152335][ C0] vcan0: j1939_tp_rxtimer: 0xffff888026710c00: abort rx timeout. Force session deactivation [ 107.995523][ T6103] can0 (unregistered): slcan off pty22. [ 108.169572][ T6137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.66'. [ 108.580845][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805c5ba000: rx timeout, send abort [ 109.080993][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805c5ba800: rx timeout, send abort [ 109.089832][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805c5ba000: abort rx timeout. Force session deactivation [ 109.118573][ T6153] loop0: detected capacity change from 0 to 128 [ 109.424966][ T6160] ip6tnl1: entered promiscuous mode [ 109.430289][ T6160] ip6tnl1: entered allmulticast mode [ 109.589592][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805c5ba800: abort rx timeout. Force session deactivation [ 110.931182][ T5826] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 111.172132][ T5826] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 111.183404][ T5826] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 111.199937][ T5826] usb 2-1: New USB device found, idVendor=044f, idProduct=b320, bcdDevice= 0.00 [ 111.209295][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.239501][ T5826] usb 2-1: config 0 descriptor?? [ 111.310767][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805bcff400: rx timeout, send abort [ 111.478348][ T6177] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.562749][ T5826] usbhid 2-1:0.0: can't add hid device: -71 [ 111.569015][ T5826] usbhid: probe of 2-1:0.0 failed with error -71 [ 111.595046][ T5826] usb 2-1: USB disconnect, device number 2 [ 111.634468][ T28] audit: type=1326 audit(1752195492.863:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.0.69" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3db958e929 code=0x0 [ 111.810921][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805bcff000: rx timeout, send abort [ 111.819334][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805bcff400: abort rx timeout. Force session deactivation [ 112.319297][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805bcff000: abort rx timeout. Force session deactivation [ 113.455347][ T6195] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 113.462022][ T6195] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 113.496383][ T6195] vhci_hcd vhci_hcd.0: Device attached [ 113.502259][ T6199] vhci_hcd: connection closed [ 113.525120][ T59] vhci_hcd: stop threads [ 113.729324][ T59] vhci_hcd: release socket [ 113.743003][ T59] vhci_hcd: disconnect device [ 113.771230][ T787] vhci_hcd: vhci_device speed not set [ 114.438643][ T6220] loop2: detected capacity change from 0 to 128 [ 116.010651][ T6230] Zero length message leads to an empty skb [ 116.814723][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.91'. [ 118.299722][ T6254] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11) [ 118.306404][ T6254] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 118.314452][ T6254] vhci_hcd vhci_hcd.0: Device attached [ 119.156338][ T6255] vhci_hcd: connection closed [ 119.330353][ T42] vhci_hcd: stop threads [ 119.339743][ T42] vhci_hcd: release socket [ 119.376441][ T42] vhci_hcd: disconnect device [ 119.401101][ T5857] vhci_hcd: vhci_device speed not set [ 119.756747][ T28] audit: type=1800 audit(1752195500.983:5): pid=6265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.97" name="bus" dev="overlay" ino=148 res=0 errno=0 [ 120.352712][ T5101] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 120.361400][ T5101] Bluetooth: hci0: Injecting HCI hardware error event [ 120.369401][ T5799] Bluetooth: hci0: hardware error 0x00 [ 120.380509][ T6277] loop1: detected capacity change from 0 to 128 [ 121.999805][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.105'. [ 122.421197][ T5799] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 122.473136][ T6294] netlink: 8 bytes leftover after parsing attributes in process `syz.0.107'. [ 124.398993][ T6315] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 124.405678][ T6315] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 124.413562][ T6315] vhci_hcd vhci_hcd.0: Device attached [ 124.488355][ T6316] vhci_hcd: connection closed [ 124.534889][ T1087] vhci_hcd: stop threads [ 124.769166][ T1087] vhci_hcd: release socket [ 124.888476][ T1087] vhci_hcd: disconnect device [ 125.459329][ T6320] 9pnet: Could not find request transport: Kdæ)W [ 127.208995][ T6354] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.246653][ T6354] netlink: 52 bytes leftover after parsing attributes in process `syz.1.121'. [ 128.965194][ T6365] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 131.489865][ T6397] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 132.485350][ T6407] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 132.550512][ T6407] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 133.359142][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.809206][ T6413] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 137.245968][ T6432] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11) [ 137.252640][ T6432] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 137.467828][ T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 137.497977][ T6432] vhci_hcd vhci_hcd.0: Device attached [ 137.556763][ T6435] vhci_hcd: connection closed [ 137.720646][ T42] vhci_hcd: stop threads [ 137.730560][ T42] vhci_hcd: release socket [ 137.736260][ T42] vhci_hcd: disconnect device [ 137.935694][ T8] usb 4-1: config index 0 descriptor too short (expected 45, got 36) [ 138.199530][ T8] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 138.271410][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 138.325612][ T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 138.371577][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.397242][ T8] usb 4-1: config 0 descriptor?? [ 138.797057][ T6441] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 138.818072][ T8] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 142.603056][ T55] usb 4-1: USB disconnect, device number 2 [ 145.064131][ T6509] syz.2.161 (6509) used greatest stack depth: 20232 bytes left [ 145.880642][ T6528] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 145.887562][ T6528] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 145.902785][ T6528] vhci_hcd vhci_hcd.0: Device attached [ 147.028204][ T6531] vhci_hcd: connection closed [ 147.028552][ T48] vhci_hcd: stop threads [ 147.037936][ T8] usb 35-1: new high-speed USB device number 3 using vhci_hcd [ 147.045859][ T48] vhci_hcd: release socket [ 147.066727][ T48] vhci_hcd: disconnect device [ 150.288730][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.173'. [ 150.669913][ T6551] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 150.676674][ T6551] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 150.697514][ T6551] vhci_hcd vhci_hcd.0: Device attached [ 150.715344][ T6552] vhci_hcd: connection closed [ 150.725188][ T42] vhci_hcd: stop threads [ 150.792760][ T42] vhci_hcd: release socket [ 150.808921][ T6556] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 150.817630][ T42] vhci_hcd: disconnect device [ 152.391105][ T8] vhci_hcd: vhci_device speed not set [ 153.252817][ T6573] syz.1.177 (6573) used greatest stack depth: 20104 bytes left [ 155.306667][ T6605] syzkaller1: entered promiscuous mode [ 155.321073][ T6605] syzkaller1: entered allmulticast mode [ 155.409599][ T6602] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 155.466657][ T6602] kvm: pic: non byte read [ 155.491799][ T6602] kvm: pic: level sensitive irq not supported [ 155.491952][ T6602] kvm: pic: non byte read [ 155.537255][ T6602] kvm: pic: level sensitive irq not supported [ 155.537641][ T6602] kvm: pic: non byte read [ 155.611723][ T6602] kvm: pic: level sensitive irq not supported [ 155.611804][ T6602] kvm: pic: non byte read [ 156.456553][ T6623] random: crng reseeded on system resumption [ 157.947028][ T6635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.196'. [ 158.147769][ T6640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.198'. [ 158.181409][ T6642] netlink: 4 bytes leftover after parsing attributes in process `syz.3.199'. [ 160.357542][ T6662] hub 2-0:1.0: USB hub found [ 160.365036][ T6662] hub 2-0:1.0: 1 port detected [ 161.305626][ T6672] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 161.312317][ T6672] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 161.320249][ T6672] vhci_hcd vhci_hcd.0: Device attached [ 161.641970][ T6673] vhci_hcd: connection closed [ 161.693431][ T1087] vhci_hcd: stop threads [ 161.860660][ T1087] vhci_hcd: release socket [ 161.871323][ T8] usb 39-1: new high-speed USB device number 4 using vhci_hcd [ 162.223887][ T1087] vhci_hcd: disconnect device [ 162.510897][ T6672] 9pnet: Could not find request transport: Kdæ)W [ 162.802724][ T6684] netlink: 8 bytes leftover after parsing attributes in process `syz.2.208'. [ 165.358711][ T6717] siw: device registration error -23 [ 166.313029][ T6725] overlayfs: failed to resolve './file0': -2 [ 166.369904][ T6727] netlink: 4 bytes leftover after parsing attributes in process `syz.3.223'. [ 167.381212][ T8] vhci_hcd: vhci_device speed not set [ 167.468235][ T6756] overlayfs: failed to resolve './file0': -2 [ 167.510407][ T6757] netlink: 8 bytes leftover after parsing attributes in process `syz.3.235'. [ 167.781790][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.3.239'. [ 168.205631][ T6774] netlink: 28 bytes leftover after parsing attributes in process `syz.0.243'. [ 168.225763][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.243'. [ 170.191940][ T6792] overlayfs: failed to resolve './file1': -2 [ 170.557988][ T6794] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 173.600197][ T6821] overlayfs: failed to resolve './file1': -2 [ 176.239050][ T6857] overlayfs: failed to resolve './file1': -2 [ 176.589379][ T6861] netlink: zone id is out of range [ 176.594675][ T6861] netlink: zone id is out of range [ 176.599872][ T6861] netlink: zone id is out of range [ 176.605811][ T6861] netlink: zone id is out of range [ 176.611347][ T6861] netlink: zone id is out of range [ 176.616523][ T6861] netlink: zone id is out of range [ 176.622222][ T6861] netlink: zone id is out of range [ 176.627391][ T6861] netlink: zone id is out of range [ 176.633210][ T6861] netlink: zone id is out of range [ 176.638429][ T6861] netlink: zone id is out of range [ 178.131645][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.1.273'. [ 179.671630][ T6895] loop2: detected capacity change from 0 to 7 [ 179.714424][ T6895] Dev loop2: unable to read RDB block 7 [ 179.741599][ T6895] loop2: unable to read partition table [ 179.789817][ T6895] loop2: partition table beyond EOD, truncated [ 179.806558][ T6895] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 181.361460][ T6917] syzkaller1: entered promiscuous mode [ 181.377415][ T6917] syzkaller1: entered allmulticast mode [ 184.693559][ T6955] siw: device registration error -23 [ 185.499557][ T6958] netlink: 12 bytes leftover after parsing attributes in process `syz.0.301'. [ 185.532445][ T6958] netlink: 'syz.0.301': attribute type 15 has an invalid length. [ 186.956524][ T6964] 9pnet: Could not find request transport: Kdæ)W [ 187.037361][ T6958] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.046450][ T6958] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.055205][ T6958] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.064173][ T6958] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.202369][ T6958] vxlan0: entered promiscuous mode [ 187.648386][ T6977] overlayfs: failed to resolve './file1': -2 [ 187.997199][ T6985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.307'. [ 191.000940][ C0] sched: RT throttling activated [ 191.460239][ T7015] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 191.466908][ T7015] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 191.474827][ T7015] vhci_hcd vhci_hcd.0: Device attached [ 191.657649][ T7016] vhci_hcd: connection closed [ 191.740012][ T1087] vhci_hcd: stop threads [ 191.861129][ T5853] usb 35-1: new high-speed USB device number 4 using vhci_hcd [ 191.913809][ T1087] vhci_hcd: release socket [ 192.021086][ T1087] vhci_hcd: disconnect device [ 192.426775][ T7018] 9pnet: Could not find request transport: Kdæ)W [ 192.568099][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.317'. [ 192.985712][ T7033] loop2: detected capacity change from 0 to 7 [ 193.042091][ T7033] Dev loop2: unable to read RDB block 7 [ 193.101186][ T7033] loop2: unable to read partition table [ 193.107229][ T7033] loop2: partition table beyond EOD, truncated [ 193.157024][ T7033] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 194.345369][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.856702][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 194.866723][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 194.892507][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.904400][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 194.935542][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 194.946041][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 194.954499][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 195.473193][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.654564][ T7058] siw: device registration error -23 [ 196.486793][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.704037][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.141188][ T5853] vhci_hcd: vhci_device speed not set [ 197.141246][ T5101] Bluetooth: hci2: command tx timeout [ 198.310737][ T7083] siw: device registration error -23 [ 199.223015][ T5101] Bluetooth: hci2: command tx timeout [ 200.083175][ T7097] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 200.089845][ T7097] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 200.098432][ T7097] vhci_hcd vhci_hcd.0: Device attached [ 200.111758][ T7098] vhci_hcd: connection closed [ 200.149153][ T1076] vhci_hcd: stop threads [ 200.332231][ T1076] vhci_hcd: release socket [ 200.428095][ T1076] vhci_hcd: disconnect device [ 200.783704][ T7099] 9pnet: Could not find request transport: Kdæ)W [ 201.024403][ T7044] chnl_net:caif_netlink_parms(): no params data found [ 201.306192][ T5793] Bluetooth: hci2: command tx timeout [ 201.561436][ T5793] Bluetooth: hci3: command 0x0406 tx timeout [ 201.567819][ T5793] Bluetooth: hci1: command 0x0406 tx timeout [ 202.005526][ T7044] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.024350][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.046276][ T7044] bridge_slave_0: entered allmulticast mode [ 202.069518][ T7044] bridge_slave_0: entered promiscuous mode [ 202.165465][ T7044] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.192687][ T7044] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.211499][ T7044] bridge_slave_1: entered allmulticast mode [ 202.229163][ T7044] bridge_slave_1: entered promiscuous mode [ 202.531497][ T7137] netlink: 20 bytes leftover after parsing attributes in process `syz.0.344'. [ 203.163041][ T7044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.345111][ T7044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.354598][ T7136] warning: `syz.0.344' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 203.381122][ T5101] Bluetooth: hci2: command tx timeout [ 205.109651][ T7155] 9pnet: Could not find request transport: Kdæ)W [ 205.405650][ T7044] team0: Port device team_slave_0 added [ 205.446869][ T5101] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 205.458763][ T5101] CPU: 1 PID: 5101 Comm: kworker/u5:1 Not tainted 6.6.97-syzkaller #0 [ 205.467253][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 205.477516][ T5101] Workqueue: hci3 hci_rx_work [ 205.482243][ T5101] Call Trace: [ 205.485532][ T5101] [ 205.488473][ T5101] dump_stack_lvl+0x16c/0x230 [ 205.493172][ T5101] ? show_regs_print_info+0x20/0x20 [ 205.498384][ T5101] ? load_image+0x3b0/0x3b0 [ 205.502904][ T5101] sysfs_create_dir_ns+0x256/0x280 [ 205.508038][ T5101] ? hci_rx_work+0x43a/0xd80 [ 205.512679][ T5101] ? sysfs_warn_dup+0xa0/0xa0 [ 205.517500][ T5101] ? do_raw_spin_unlock+0x121/0x230 [ 205.522745][ T5101] kobject_add_internal+0x6b8/0xc70 [ 205.528004][ T5101] kobject_add+0x156/0x220 [ 205.532453][ T5101] ? __rwlock_init+0x150/0x150 [ 205.537252][ T5101] ? kobject_init+0x1e0/0x1e0 [ 205.541948][ T5101] ? _raw_spin_unlock+0x28/0x40 [ 205.546827][ T5101] ? get_device_parent+0x366/0x390 [ 205.551965][ T5101] device_add+0x408/0xc20 [ 205.556320][ T5101] hci_conn_add_sysfs+0xd5/0x1e0 [ 205.561284][ T5101] le_conn_complete_evt+0xc37/0x1220 [ 205.566593][ T5101] ? hci_event_packet+0x4a7/0x1210 [ 205.571732][ T5101] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 205.578008][ T5101] ? __copy_skb_header+0xa7/0x550 [ 205.583053][ T5101] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 205.588820][ T5101] ? skb_pull_data+0xfb/0x200 [ 205.593536][ T5101] hci_le_conn_complete_evt+0x187/0x440 [ 205.599114][ T5101] ? hci_remote_host_features_evt+0x160/0x160 [ 205.605200][ T5101] hci_event_packet+0x795/0x1210 [ 205.610181][ T5101] ? bis_list+0x290/0x290 [ 205.614605][ T5101] ? lockdep_hardirqs_on+0x98/0x150 [ 205.619856][ T5101] ? hci_send_to_monitor+0xd7/0x4f0 [ 205.625110][ T5101] hci_rx_work+0x43a/0xd80 [ 205.629582][ T5101] ? process_scheduled_works+0x957/0x15b0 [ 205.635332][ T5101] process_scheduled_works+0xa45/0x15b0 [ 205.640933][ T5101] ? assign_work+0x400/0x400 [ 205.645562][ T5101] ? assign_work+0x39e/0x400 [ 205.650180][ T5101] worker_thread+0xa55/0xfc0 [ 205.654832][ T5101] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 205.660772][ T5101] ? _raw_spin_unlock+0x40/0x40 [ 205.665653][ T5101] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 205.671596][ T5101] kthread+0x2fa/0x390 [ 205.675681][ T5101] ? pr_cont_work+0x560/0x560 [ 205.680386][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 205.684996][ T5101] ret_from_fork+0x48/0x80 [ 205.689430][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 205.694122][ T5101] ret_from_fork_asm+0x11/0x20 [ 205.698925][ T5101] [ 205.702597][ T5101] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 205.716870][ T5101] Bluetooth: hci3: failed to register connection device [ 205.990134][ T5101] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 206.693440][ T7044] team0: Port device team_slave_1 added [ 207.409083][ T7044] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.457035][ T7044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.504424][ T7044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.537226][ T7044] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.557117][ T7044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.675247][ T7044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.869998][ T11] hsr_slave_0: left promiscuous mode [ 207.915257][ T11] hsr_slave_1: left promiscuous mode [ 207.923270][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.930807][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.979084][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.989725][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.026134][ T11] bridge_slave_1: left allmulticast mode [ 208.038146][ T11] bridge_slave_1: left promiscuous mode [ 208.057325][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.084879][ T11] bridge_slave_0: left allmulticast mode [ 208.098349][ T11] bridge_slave_0: left promiscuous mode [ 208.107759][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.207578][ T11] veth1_macvtap: left promiscuous mode [ 208.220533][ T11] veth0_macvtap: left promiscuous mode [ 208.233159][ T11] veth1_vlan: left promiscuous mode [ 208.246057][ T11] veth0_vlan: left promiscuous mode [ 208.891625][ T7207] siw: device registration error -23 [ 209.250645][ T11] team0 (unregistering): Port device team_slave_1 removed [ 209.350673][ T11] team0 (unregistering): Port device team_slave_0 removed [ 209.436491][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 209.500876][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.510776][ T5857] infiniband syz1: ib_query_port failed (-19) [ 210.250021][ T11] bond0 (unregistering): Released all slaves [ 210.405934][ T7219] netlink: 4 bytes leftover after parsing attributes in process `syz.0.365'. [ 210.664565][ T7044] hsr_slave_0: entered promiscuous mode [ 210.693817][ T7044] hsr_slave_1: entered promiscuous mode [ 210.886492][ T7044] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 210.901366][ T7044] Cannot create hsr debugfs directory [ 211.605418][ T7233] loop2: detected capacity change from 0 to 7 [ 211.651208][ T6343] Dev loop2: unable to read RDB block 7 [ 211.685096][ T6343] loop2: unable to read partition table [ 211.698258][ T6343] loop2: partition table beyond EOD, truncated [ 211.709299][ T7236] overlayfs: failed to resolve './file0': -2 [ 211.724958][ T7233] Dev loop2: unable to read RDB block 7 [ 211.746284][ T7233] loop2: unable to read partition table [ 211.772241][ T7233] loop2: partition table beyond EOD, truncated [ 211.794935][ T7233] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 212.130103][ T7243] syzkaller1: entered promiscuous mode [ 212.198918][ T7243] syzkaller1: entered allmulticast mode [ 212.672224][ T5799] Bluetooth: hci3: command 0x0406 tx timeout [ 212.979252][ T7044] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 213.316249][ T7044] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 213.377380][ T7044] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 213.456727][ T7044] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 213.466030][ T7263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.373'. [ 213.600451][ T7275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.375'. [ 214.084300][ T7044] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.204231][ T7044] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.378242][ T1076] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.385453][ T1076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.424236][ T1076] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.431573][ T1076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.530616][ T7044] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.283955][ T7316] net_ratelimit: 12 callbacks suppressed [ 216.283996][ T7316] netlink: zone id is out of range [ 216.341467][ T7316] netlink: zone id is out of range [ 216.373382][ T7316] netlink: zone id is out of range [ 216.401872][ T7316] netlink: zone id is out of range [ 216.415189][ T7316] netlink: zone id is out of range [ 216.423192][ T7316] netlink: zone id is out of range [ 216.432311][ T7316] netlink: zone id is out of range [ 216.441944][ T7316] netlink: zone id is out of range [ 216.450844][ T7316] netlink: zone id is out of range [ 216.462863][ T7316] netlink: zone id is out of range [ 217.514280][ T7327] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 217.763021][ T7044] veth0_vlan: entered promiscuous mode [ 217.868860][ T7044] veth1_vlan: entered promiscuous mode [ 218.046944][ T7044] veth0_macvtap: entered promiscuous mode [ 218.105127][ T7044] veth1_macvtap: entered promiscuous mode [ 218.244406][ T7044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.280590][ T7044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.311029][ T7044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.360971][ T7044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.405143][ T7044] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.429658][ T7044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.482221][ T7044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.531068][ T7044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.560983][ T7044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.586884][ T7044] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.646759][ T7044] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.658221][ T7044] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.675525][ T7044] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.684819][ T7044] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.280663][ T1076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.288721][ T1076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.540207][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.571141][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.955397][ T7428] siw: device registration error -23 [ 224.365454][ T7437] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 224.372048][ T7437] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 224.379930][ T7437] vhci_hcd vhci_hcd.0: Device attached [ 225.089220][ T8] usb 35-1: new high-speed USB device number 5 using vhci_hcd [ 225.249287][ T7440] vhci_hcd: connection closed [ 225.451908][ T59] vhci_hcd: stop threads [ 225.560165][ T59] vhci_hcd: release socket [ 225.571829][ T59] vhci_hcd: disconnect device [ 225.603351][ T7447] netlink: 200 bytes leftover after parsing attributes in process `syz.0.407'. [ 226.218401][ T7456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.410'. [ 227.333177][ T7479] net_ratelimit: 12 callbacks suppressed [ 227.333219][ T7479] netlink: zone id is out of range [ 227.345595][ T7479] netlink: zone id is out of range [ 227.350804][ T7479] netlink: zone id is out of range [ 227.356533][ T7479] netlink: zone id is out of range [ 227.362064][ T7479] netlink: zone id is out of range [ 227.367362][ T7479] netlink: zone id is out of range [ 227.373199][ T7479] netlink: zone id is out of range [ 227.378654][ T7479] netlink: zone id is out of range [ 227.384616][ T7479] netlink: zone id is out of range [ 227.389880][ T7479] netlink: zone id is out of range [ 227.561521][ T5785] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 227.815422][ T5785] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 20 [ 227.854212][ T5785] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 228.025180][ T5785] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 228.124946][ T5785] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 229.398482][ T5785] usb 4-1: Product: syz [ 229.509436][ T5785] usb 4-1: Manufacturer: syz [ 229.585587][ T5785] usb 4-1: SerialNumber: syz [ 230.341339][ T8] vhci_hcd: vhci_device speed not set [ 230.523951][ T7495] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10) [ 230.530644][ T7495] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 230.549282][ T7495] vhci_hcd vhci_hcd.0: Device attached [ 230.688043][ T5785] usb 4-1: can't set config #1, error -71 [ 230.779455][ T5785] usb 4-1: USB disconnect, device number 3 [ 230.791188][ T7498] vhci_hcd: connection closed [ 230.803552][ T7496] vhci_hcd: stop threads [ 230.821308][ T5889] usb 41-1: new high-speed USB device number 2 using vhci_hcd [ 230.849744][ T7496] vhci_hcd: release socket [ 230.873363][ T7496] vhci_hcd: disconnect device [ 230.888126][ T5889] usb 41-1: enqueue for inactive port 0 [ 231.021351][ T5889] vhci_hcd: vhci_device speed not set [ 231.039399][ T7503] overlayfs: missing 'lowerdir' [ 232.604275][ T7536] netlink: 24 bytes leftover after parsing attributes in process `syz.3.428'. [ 235.212636][ T7548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.429'. [ 238.842561][ T7616] binder: 7607:7616 unknown command 1074553619 [ 238.861600][ T7616] binder: 7607:7616 ioctl c0306201 200000000540 returned -22 [ 240.068151][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.447'. [ 240.437632][ T7648] netlink: 20 bytes leftover after parsing attributes in process `syz.3.449'. [ 241.290260][ T7668] net_ratelimit: 12 callbacks suppressed [ 241.290298][ T7668] netlink: zone id is out of range [ 241.303206][ T7668] netlink: zone id is out of range [ 241.308530][ T7668] netlink: zone id is out of range [ 241.313953][ T7668] netlink: zone id is out of range [ 241.319256][ T7668] netlink: zone id is out of range [ 241.324930][ T7668] netlink: zone id is out of range [ 241.330204][ T7668] netlink: zone id is out of range [ 241.335625][ T7668] netlink: zone id is out of range [ 241.342863][ T7668] netlink: zone id is out of range [ 241.367981][ T7668] netlink: zone id is out of range [ 241.704278][ T5101] Bluetooth: hci1: unexpected cc 0x2039 length: 9 > 1 [ 241.711957][ T5101] Bluetooth: hci1: unexpected event for opcode 0x2039 [ 241.830235][ T7680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.456'. [ 243.019983][ T7692] overlayfs: failed to resolve './file1/file0': -2 [ 245.547782][ T7739] siw: device registration error -23 [ 246.683980][ T7745] overlayfs: failed to resolve './file1/file0': -2 [ 250.276363][ T7766] team0 (unregistering): Port device team_slave_0 removed [ 250.396536][ T7766] team0 (unregistering): Port device team_slave_1 removed [ 250.687522][ T7784] netlink: 44 bytes leftover after parsing attributes in process `syz.3.483'. [ 250.978768][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.484'. [ 252.931316][ T7832] netlink: 20 bytes leftover after parsing attributes in process `syz.1.492'. [ 255.802119][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.273784][ T7875] net_ratelimit: 12 callbacks suppressed [ 258.273879][ T7875] netlink: zone id is out of range [ 258.286427][ T7875] netlink: zone id is out of range [ 258.313872][ T7875] netlink: zone id is out of range [ 258.329856][ T7875] netlink: zone id is out of range [ 258.407725][ T7875] netlink: zone id is out of range [ 259.285311][ T7875] netlink: zone id is out of range [ 259.297182][ T7875] netlink: zone id is out of range [ 259.304222][ T7875] netlink: zone id is out of range [ 259.470072][ T7875] netlink: zone id is out of range [ 259.530081][ T7875] netlink: zone id is out of range [ 259.670265][ T5156] udevd[5156]: worker [6343] terminated by signal 33 (Unknown signal 33) [ 259.741176][ T5156] udevd[5156]: worker [6343] failed while handling '/devices/virtual/block/loop4' [ 260.786355][ T7901] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 260.793113][ T7901] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 260.801051][ T7901] vhci_hcd vhci_hcd.0: Device attached [ 261.274538][ T7903] vhci_hcd: connection closed [ 261.276209][ T7904] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 261.287564][ T7904] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 261.297180][ T48] vhci_hcd: stop threads [ 261.301966][ T7904] vhci_hcd vhci_hcd.0: Device attached [ 261.534720][ T7907] vhci_hcd: connection closed [ 261.600351][ T48] vhci_hcd: release socket [ 261.611181][ T8] usb 39-1: new high-speed USB device number 5 using vhci_hcd [ 261.641492][ T7906] 9pnet: Could not find request transport: Kdæ)W [ 261.661605][ T48] vhci_hcd: disconnect device [ 261.678118][ T48] vhci_hcd: stop threads [ 261.693976][ T48] vhci_hcd: release socket [ 261.713210][ T48] vhci_hcd: disconnect device [ 261.821076][ T55] vhci_hcd: vhci_device speed not set [ 262.033037][ T5785] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 262.072562][ T5785] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 262.080041][ T5785] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 262.270470][ T5785] hid-generic 0000:0004:0000.0001: hidraw0: HID v0.01 Device [syz1] on syz0 [ 263.085775][ T7928] fido_id[7928]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 264.042343][ T28] audit: type=1326 audit(1752195645.273:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 264.193896][ T28] audit: type=1326 audit(1752195645.273:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 264.681320][ T28] audit: type=1326 audit(1752195645.273:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 264.801377][ T28] audit: type=1326 audit(1752195645.273:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.082207][ T28] audit: type=1326 audit(1752195645.273:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.202510][ T28] audit: type=1326 audit(1752195645.273:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.308366][ T28] audit: type=1326 audit(1752195645.273:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.365535][ T28] audit: type=1326 audit(1752195645.273:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.450687][ T28] audit: type=1326 audit(1752195645.273:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.539316][ T28] audit: type=1326 audit(1752195645.273:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7924 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b9972ab19 code=0x7ffc0000 [ 265.721300][ T7972] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11) [ 265.727974][ T7972] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 265.741404][ T7972] vhci_hcd vhci_hcd.0: Device attached [ 266.013276][ T5785] usb 35-1: new high-speed USB device number 7 using vhci_hcd [ 266.785247][ T8] vhci_hcd: vhci_device speed not set [ 266.958096][ T7977] ======================================================= [ 266.958096][ T7977] WARNING: The mand mount option has been deprecated and [ 266.958096][ T7977] and is ignored by this kernel. Remove the mand [ 266.958096][ T7977] option from the mount to silence this warning. [ 266.958096][ T7977] ======================================================= [ 267.028288][ T7974] vhci_hcd: connection reset by peer [ 267.042652][ T1076] vhci_hcd: stop threads [ 267.047022][ T1076] vhci_hcd: release socket [ 267.077475][ T1076] vhci_hcd: disconnect device [ 267.666411][ T7991] net_ratelimit: 12 callbacks suppressed [ 267.666449][ T7991] netlink: zone id is out of range [ 267.690406][ T7991] netlink: zone id is out of range [ 267.696440][ T7991] netlink: zone id is out of range [ 267.702155][ T7991] netlink: zone id is out of range [ 267.707572][ T7991] netlink: zone id is out of range [ 267.713256][ T7991] netlink: zone id is out of range [ 267.718739][ T7991] netlink: zone id is out of range [ 267.743105][ T7991] netlink: zone id is out of range [ 267.767964][ T7991] netlink: zone id is out of range [ 267.789808][ T7991] netlink: zone id is out of range [ 269.415593][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.525'. [ 272.212488][ T5785] vhci_hcd: vhci_device speed not set [ 272.253483][ T8033] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12) [ 272.260150][ T8033] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 272.270587][ T8033] vhci_hcd vhci_hcd.0: Device attached [ 272.281945][ T8034] vhci_hcd: connection closed [ 272.307196][ T7104] vhci_hcd: stop threads [ 272.808597][ T7104] vhci_hcd: release socket [ 272.879395][ T7104] vhci_hcd: disconnect device [ 274.031870][ T8046] 9pnet: Could not find request transport: Kdæ)W [ 274.241320][ T8044] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 274.247996][ T8044] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 274.313174][ T8045] vhci_hcd: connection closed [ 274.314732][ T8044] vhci_hcd vhci_hcd.0: Device attached [ 274.390959][ T59] vhci_hcd: stop threads [ 274.421152][ T59] vhci_hcd: release socket [ 274.474808][ T59] vhci_hcd: disconnect device [ 274.521490][ T23] vhci_hcd: vhci_device speed not set [ 274.764978][ T8061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.535'. [ 274.854592][ T8062] siw: device registration error -23 [ 276.704136][ T8074] net_ratelimit: 12 callbacks suppressed [ 276.704177][ T8074] netlink: zone id is out of range [ 276.766937][ T8074] netlink: zone id is out of range [ 276.826711][ T8074] netlink: zone id is out of range [ 276.880438][ T8074] netlink: zone id is out of range [ 276.909194][ T8074] netlink: zone id is out of range [ 276.914912][ T8074] netlink: zone id is out of range [ 276.920248][ T8074] netlink: zone id is out of range [ 276.925875][ T8074] netlink: zone id is out of range [ 276.931700][ T8074] netlink: zone id is out of range [ 276.937093][ T8074] netlink: zone id is out of range [ 277.371765][ T8084] loop2: detected capacity change from 0 to 7 [ 277.431233][ T8084] Dev loop2: unable to read RDB block 7 [ 277.488761][ T8084] loop2: unable to read partition table [ 277.501522][ T8084] loop2: partition table beyond EOD, truncated [ 277.525990][ T8084] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 278.535488][ T8099] 9pnet: Could not find request transport: Kdæ)W [ 280.984220][ T8128] siw: device registration error -23 [ 282.131122][ T5826] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 282.350774][ T5826] usb 5-1: Using ep0 maxpacket: 8 [ 282.362808][ T5826] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 282.391306][ T5826] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 282.465370][ T5826] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 282.598595][ T5826] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 282.624864][ T5826] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 282.687860][ T5826] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 282.728019][ T5826] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.965778][ T5826] usb 5-1: usb_control_msg returned -32 [ 282.981613][ T5826] usbtmc 5-1:16.0: can't read capabilities [ 284.483691][ T5825] usb 5-1: USB disconnect, device number 2 [ 286.419611][ T8158] net_ratelimit: 12 callbacks suppressed [ 286.419627][ T8158] netlink: zone id is out of range [ 286.488813][ T8158] netlink: zone id is out of range [ 286.515253][ T8158] netlink: zone id is out of range [ 286.522158][ T8158] netlink: zone id is out of range [ 286.527576][ T8158] netlink: zone id is out of range [ 286.533219][ T8158] netlink: zone id is out of range [ 286.538674][ T8158] netlink: zone id is out of range [ 286.544071][ T8158] netlink: zone id is out of range [ 286.551123][ T8158] netlink: zone id is out of range [ 286.556269][ T8158] netlink: zone id is out of range [ 286.605901][ T8171] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 286.612572][ T8171] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 286.620547][ T8171] vhci_hcd vhci_hcd.0: Device attached [ 288.851047][ T5826] usb 35-1: new high-speed USB device number 8 using vhci_hcd [ 288.954499][ T8172] vhci_hcd: connection reset by peer [ 288.981181][ T1093] vhci_hcd: stop threads [ 288.985926][ T1093] vhci_hcd: release socket [ 289.007730][ T1093] vhci_hcd: disconnect device [ 289.292399][ T8185] siw: device registration error -23 [ 289.491565][ T5785] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 289.711124][ T5785] usb 4-1: Using ep0 maxpacket: 32 [ 289.764881][ T5785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 290.055871][ T5785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 290.188567][ T5785] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 290.261154][ T5785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.340262][ T5785] usb 4-1: config 0 descriptor?? [ 291.311671][ T5785] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 291.567788][ T23] usb 4-1: USB disconnect, device number 4 [ 292.023014][ T8205] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 292.029692][ T8205] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 292.037646][ T8205] vhci_hcd vhci_hcd.0: Device attached [ 292.147222][ T8206] vhci_hcd: connection closed [ 292.217356][ T7915] vhci_hcd: stop threads [ 292.344667][ T7915] vhci_hcd: release socket [ 292.406969][ T7915] vhci_hcd: disconnect device [ 293.663268][ C0] Unknown status report in ack skb [ 293.972983][ T8218] net_ratelimit: 12 callbacks suppressed [ 293.973032][ T8218] netlink: zone id is out of range [ 294.021079][ T5826] vhci_hcd: vhci_device speed not set [ 294.043684][ T8218] netlink: zone id is out of range [ 294.082828][ T8218] netlink: zone id is out of range [ 294.088158][ T8218] netlink: zone id is out of range [ 294.105626][ T28] kauditd_printk_skb: 58 callbacks suppressed [ 294.105641][ T28] audit: type=1800 audit(1752195675.333:74): pid=8220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.567" name="bus" dev="overlay" ino=297 res=0 errno=0 [ 294.141241][ T8218] netlink: zone id is out of range [ 294.168872][ T8218] netlink: zone id is out of range [ 294.176714][ T8218] netlink: zone id is out of range [ 294.182285][ T8218] netlink: zone id is out of range [ 294.187640][ T8218] netlink: zone id is out of range [ 294.195229][ T8218] netlink: zone id is out of range [ 295.687494][ T8231] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10) [ 295.694161][ T8231] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 295.702196][ T8231] vhci_hcd vhci_hcd.0: Device attached [ 296.116938][ T8232] vhci_hcd: connection closed [ 296.133094][ T48] vhci_hcd: stop threads [ 296.182446][ T48] vhci_hcd: release socket [ 296.191193][ T5826] usb 41-1: new high-speed USB device number 4 using vhci_hcd [ 296.205697][ T48] vhci_hcd: disconnect device [ 297.556710][ T8263] can0: slcan on pty22. [ 298.064829][ T8266] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 298.071522][ T8266] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 298.079551][ T8266] vhci_hcd vhci_hcd.0: Device attached [ 298.917081][ T8268] vhci_hcd: connection closed [ 298.918722][ T7916] vhci_hcd: stop threads [ 298.931243][ T7916] vhci_hcd: release socket [ 298.941011][ T7916] vhci_hcd: disconnect device [ 299.201554][ T5101] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 299.213670][ T5101] CPU: 0 PID: 5101 Comm: kworker/u5:1 Not tainted 6.6.97-syzkaller #0 [ 299.222508][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 299.232599][ T5101] Workqueue: hci2 hci_rx_work [ 299.237305][ T5101] Call Trace: [ 299.240594][ T5101] [ 299.243544][ T5101] dump_stack_lvl+0x16c/0x230 [ 299.248416][ T5101] ? show_regs_print_info+0x20/0x20 [ 299.253639][ T5101] ? load_image+0x3b0/0x3b0 [ 299.258163][ T5101] sysfs_create_dir_ns+0x256/0x280 [ 299.263373][ T5101] ? hci_rx_work+0x43a/0xd80 [ 299.268427][ T5101] ? sysfs_warn_dup+0xa0/0xa0 [ 299.273126][ T5101] ? do_raw_spin_unlock+0x121/0x230 [ 299.278344][ T5101] kobject_add_internal+0x6b8/0xc70 [ 299.283654][ T5101] kobject_add+0x156/0x220 [ 299.288080][ T5101] ? __rwlock_init+0x150/0x150 [ 299.292873][ T5101] ? kobject_init+0x1e0/0x1e0 [ 299.297561][ T5101] ? _raw_spin_unlock+0x28/0x40 [ 299.302426][ T5101] ? get_device_parent+0x366/0x390 [ 299.307552][ T5101] device_add+0x408/0xc20 [ 299.311903][ T5101] hci_conn_add_sysfs+0xd5/0x1e0 [ 299.316890][ T5101] le_conn_complete_evt+0xc37/0x1220 [ 299.322194][ T5101] ? hci_event_packet+0x4a7/0x1210 [ 299.327340][ T5101] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 299.333599][ T5101] ? __copy_skb_header+0xa7/0x550 [ 299.338650][ T5101] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 299.344333][ T5101] ? skb_pull_data+0xfb/0x200 [ 299.349028][ T5101] hci_le_conn_complete_evt+0x187/0x440 [ 299.354682][ T5101] ? hci_remote_host_features_evt+0x160/0x160 [ 299.360761][ T5101] hci_event_packet+0x795/0x1210 [ 299.365737][ T5101] ? bis_list+0x290/0x290 [ 299.370074][ T5101] ? lockdep_hardirqs_on+0x98/0x150 [ 299.375281][ T5101] ? hci_send_to_monitor+0xd7/0x4f0 [ 299.380495][ T5101] hci_rx_work+0x43a/0xd80 [ 299.384932][ T5101] ? process_scheduled_works+0x957/0x15b0 [ 299.390662][ T5101] process_scheduled_works+0xa45/0x15b0 [ 299.396244][ T5101] ? assign_work+0x400/0x400 [ 299.400852][ T5101] ? assign_work+0x39e/0x400 [ 299.405468][ T5101] worker_thread+0xa55/0xfc0 [ 299.410069][ T5101] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 299.416069][ T5101] ? _raw_spin_unlock+0x40/0x40 [ 299.421102][ T5101] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 299.427049][ T5101] kthread+0x2fa/0x390 [ 299.431136][ T5101] ? pr_cont_work+0x560/0x560 [ 299.435839][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 299.440431][ T5101] ret_from_fork+0x48/0x80 [ 299.444855][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 299.449453][ T5101] ret_from_fork_asm+0x11/0x20 [ 299.454261][ T5101] [ 299.470520][ T5101] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 299.490966][ T5101] Bluetooth: hci2: failed to register connection device [ 299.521706][ T5825] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 299.783776][ T5825] usb 4-1: Using ep0 maxpacket: 8 [ 299.871569][ T5825] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 299.921401][ T5825] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 299.932289][ T8255] can0 (unregistered): slcan off pty22. [ 299.956194][ T5825] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 300.004299][ T8287] binder: BINDER_SET_CONTEXT_MGR already set [ 300.010698][ T8287] binder: 8286:8287 ioctl 4018620d 2000000001c0 returned -16 [ 300.020857][ T5825] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 300.049049][ T5825] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 300.069496][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.469352][ T5825] usb 4-1: GET_CAPABILITIES returned 0 [ 300.482431][ T5825] usbtmc 4-1:16.0: can't read capabilities [ 300.731022][ T5825] usb 4-1: USB disconnect, device number 5 [ 300.821225][ T8300] netlink: 24 bytes leftover after parsing attributes in process `syz.0.587'. [ 301.311100][ T5826] vhci_hcd: vhci_device speed not set [ 303.207161][ T8325] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 303.213825][ T8325] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 303.225051][ T8325] vhci_hcd vhci_hcd.0: Device attached [ 303.291726][ T8327] vhci_hcd: connection closed [ 303.298460][ T7104] vhci_hcd: stop threads [ 303.321519][ T7104] vhci_hcd: release socket [ 303.326019][ T7104] vhci_hcd: disconnect device [ 305.385201][ T8355] netlink: 24 bytes leftover after parsing attributes in process `syz.1.601'. [ 305.711238][ T5799] Bluetooth: hci2: command 0x0406 tx timeout [ 306.265592][ T8359] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9) [ 306.272172][ T8359] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 306.280420][ T8359] vhci_hcd vhci_hcd.0: Device attached [ 307.487886][ T8359] 9pnet: Could not find request transport: Kdæ)W [ 307.581100][ T8360] vhci_hcd: connection closed [ 307.585310][ T1087] vhci_hcd: stop threads [ 307.870974][ T5785] usb 33-1: new high-speed USB device number 2 using vhci_hcd [ 308.376919][ T1087] vhci_hcd: release socket [ 308.391068][ T1087] vhci_hcd: disconnect device [ 309.027998][ T5101] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 309.038002][ T5101] CPU: 1 PID: 5101 Comm: kworker/u5:1 Not tainted 6.6.97-syzkaller #0 [ 309.046189][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.056261][ T5101] Workqueue: hci1 hci_rx_work [ 309.060991][ T5101] Call Trace: [ 309.064284][ T5101] [ 309.067225][ T5101] dump_stack_lvl+0x16c/0x230 [ 309.071929][ T5101] ? show_regs_print_info+0x20/0x20 [ 309.077148][ T5101] ? load_image+0x3b0/0x3b0 [ 309.081685][ T5101] sysfs_create_dir_ns+0x256/0x280 [ 309.086824][ T5101] ? hci_rx_work+0x43a/0xd80 [ 309.091437][ T5101] ? sysfs_warn_dup+0xa0/0xa0 [ 309.096223][ T5101] ? do_raw_spin_unlock+0x121/0x230 [ 309.101444][ T5101] kobject_add_internal+0x6b8/0xc70 [ 309.106665][ T5101] kobject_add+0x156/0x220 [ 309.111092][ T5101] ? __rwlock_init+0x150/0x150 [ 309.115873][ T5101] ? kobject_init+0x1e0/0x1e0 [ 309.120575][ T5101] ? _raw_spin_unlock+0x28/0x40 [ 309.125465][ T5101] ? get_device_parent+0x366/0x390 [ 309.130604][ T5101] device_add+0x408/0xc20 [ 309.134955][ T5101] hci_conn_add_sysfs+0xd5/0x1e0 [ 309.139911][ T5101] le_conn_complete_evt+0xc37/0x1220 [ 309.145221][ T5101] ? hci_event_packet+0x4a7/0x1210 [ 309.150356][ T5101] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 309.156635][ T5101] ? __copy_skb_header+0xa7/0x550 [ 309.161694][ T5101] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 309.167358][ T5101] ? skb_pull_data+0xfb/0x200 [ 309.172062][ T5101] hci_le_conn_complete_evt+0x187/0x440 [ 309.177646][ T5101] ? hci_remote_host_features_evt+0x160/0x160 [ 309.183741][ T5101] hci_event_packet+0x795/0x1210 [ 309.188709][ T5101] ? bis_list+0x290/0x290 [ 309.193062][ T5101] ? lockdep_hardirqs_on+0x98/0x150 [ 309.198296][ T5101] ? hci_send_to_monitor+0xd7/0x4f0 [ 309.203527][ T5101] hci_rx_work+0x43a/0xd80 [ 309.207976][ T5101] ? process_scheduled_works+0x957/0x15b0 [ 309.213721][ T5101] process_scheduled_works+0xa45/0x15b0 [ 309.219312][ T5101] ? assign_work+0x400/0x400 [ 309.223928][ T5101] ? assign_work+0x39e/0x400 [ 309.228539][ T5101] worker_thread+0xa55/0xfc0 [ 309.233149][ T5101] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 309.239062][ T5101] ? _raw_spin_unlock+0x40/0x40 [ 309.243932][ T5101] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 309.249869][ T5101] kthread+0x2fa/0x390 [ 309.253961][ T5101] ? pr_cont_work+0x560/0x560 [ 309.258669][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 309.263293][ T5101] ret_from_fork+0x48/0x80 [ 309.267741][ T5101] ? kthread_blkcg+0xd0/0xd0 [ 309.272367][ T5101] ret_from_fork_asm+0x11/0x20 [ 309.277179][ T5101] [ 309.281416][ T5101] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 309.295644][ T5101] Bluetooth: hci1: failed to register connection device [ 309.458976][ C1] ------------[ cut here ]------------ [ 309.464582][ C1] WARNING: CPU: 1 PID: 8369 at net/mac80211/tx.c:5021 __ieee80211_beacon_get+0x1233/0x1600 [ 309.474665][ C1] Modules linked in: [ 309.478610][ C1] CPU: 1 PID: 8369 Comm: syz.1.604 Not tainted 6.6.97-syzkaller #0 [ 309.486565][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.496688][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 309.503096][ C1] Code: 24 4c 89 e7 e8 4e 64 d5 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 29 d7 96 f7 0f 0b e9 f6 f7 ff ff e8 1d d7 96 f7 <0f> 0b e9 48 fb ff ff e8 11 d7 96 f7 48 c7 c7 40 0c 24 8e 4c 89 e6 [ 309.523494][ C1] RSP: 0000:ffffc900001f0a18 EFLAGS: 00010246 [ 309.529617][ C1] RAX: ffffffff89eebf53 RBX: ffffffff89eead56 RCX: ffff88802bed3c00 [ 309.537713][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 309.545750][ C1] RBP: 0000000000000000 R08: ffff88802bed3c00 R09: 0000000000000003 [ 309.553796][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805b5ee3c0 [ 309.561841][ C1] R13: dffffc0000000000 R14: ffff88805b5ee8b0 R15: ffff88805bace824 [ 309.569846][ C1] FS: 0000555580388500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 309.578854][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 309.585520][ C1] CR2: 0000001b2d4ffff8 CR3: 0000000064a6e000 CR4: 00000000003526e0 [ 309.593564][ C1] Call Trace: [ 309.596880][ C1] [ 309.599756][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 309.605471][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 309.611090][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 309.617908][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 309.623545][ C1] __iterate_interfaces+0x243/0x500 [ 309.628791][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 309.635107][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 309.642380][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 309.648664][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 309.655769][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 309.661042][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 309.666286][ C1] ? hw_scan_work+0x1060/0x1060 [ 309.671284][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 309.676516][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 309.682674][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 309.687824][ C1] handle_softirqs+0x280/0x820 [ 309.692663][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 309.697472][ C1] ? do_softirq+0x180/0x180 [ 309.702055][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 309.707292][ C1] __irq_exit_rcu+0xc7/0x190 [ 309.711947][ C1] ? irq_exit_rcu+0x20/0x20 [ 309.716488][ C1] irq_exit_rcu+0x9/0x20 [ 309.720753][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 309.726453][ C1] [ 309.729412][ C1] [ 309.732409][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 309.738431][ C1] RIP: 0010:finish_task_switch+0x26a/0x920 [ 309.744265][ C1] Code: 0f 84 37 01 00 00 48 85 db 0f 85 56 01 00 00 e9 f6 04 00 00 4c 8b 75 d0 4c 89 e7 e8 c0 eb 1b 09 e8 cb b4 2f 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 309.763901][ C1] RSP: 0000:ffffc9000fad7c58 EFLAGS: 00000282 [ 309.769974][ C1] RAX: ccf4be532d300c00 RBX: 0000000000000000 RCX: ccf4be532d300c00 [ 309.777971][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaab940 RDI: ffffffff8afc7880 [ 309.785979][ C1] RBP: ffffc9000fad7cb0 R08: ffffffff8e4a92ef R09: 1ffffffff1c9525d [ 309.794016][ C1] R10: dffffc0000000000 R11: fffffbfff1c9525e R12: ffff88802bed3c00 [ 309.802015][ C1] R13: dffffc0000000000 R14: ffff888079f28000 R15: ffff8880b8f3cf08 [ 309.810004][ C1] ? finish_task_switch+0x265/0x920 [ 309.815243][ C1] __schedule+0x14ea/0x4580 [ 309.819779][ C1] ? asan.module_dtor+0x20/0x20 [ 309.824739][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 309.830730][ C1] ? lock_chain_count+0x20/0x20 [ 309.835620][ C1] schedule+0xbd/0x170 [ 309.839700][ C1] exit_to_user_mode_loop+0x47/0x110 [ 309.845019][ C1] exit_to_user_mode_prepare+0xb1/0x140 [ 309.850604][ C1] irqentry_exit_to_user_mode+0x9/0x40 [ 309.856106][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 309.861624][ C1] RIP: 0033:0x7f85a504d9c3 [ 309.866063][ C1] Code: 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 52 46 35 00 89 f0 4c 8d 05 49 26 35 00 89 c2 81 e2 ff 1f 00 00 49 8b 0c d1 <48> 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 01 44 39 d0 [ 309.885723][ C1] RSP: 002b:00007ffef77d7d68 EFLAGS: 00000202 [ 309.891837][ C1] RAX: 0000000081b73752 RBX: 00007f85a5ee5720 RCX: ffffffff81b73752 [ 309.899819][ C1] RDX: 0000000000001752 RSI: ffffffff81b73752 RDI: 000000000000001b [ 309.907827][ C1] RBP: ffffffff81b73752 R08: 00007f85a53a0000 R09: 00007f85a53a2000 [ 309.915837][ C1] R10: 0000000081b73756 R11: 000000000000001b R12: 000000000000001b [ 309.923843][ C1] R13: 0000000000000171 R14: ffffffff81b73117 R15: 00000000000008b9 [ 309.931857][ C1] ? copy_from_kernel_nofault+0x1b7/0x320 [ 309.937601][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 309.943114][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 309.948584][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 309.954096][ C1] [ 309.957115][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 309.964393][ C1] CPU: 1 PID: 8369 Comm: syz.1.604 Not tainted 6.6.97-syzkaller #0 [ 309.972289][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.982352][ C1] Call Trace: [ 309.985637][ C1] [ 309.988486][ C1] dump_stack_lvl+0x16c/0x230 [ 309.993177][ C1] ? show_regs_print_info+0x20/0x20 [ 309.998390][ C1] ? load_image+0x3b0/0x3b0 [ 310.002907][ C1] panic+0x2c0/0x710 [ 310.006809][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 310.011314][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 310.016798][ C1] __warn+0x2e0/0x470 [ 310.020784][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.026509][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.032234][ C1] report_bug+0x2be/0x4f0 [ 310.036594][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.042329][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.048050][ C1] ? __ieee80211_beacon_get+0x1235/0x1600 [ 310.053769][ C1] handle_bug+0xcf/0x120 [ 310.058024][ C1] exc_invalid_op+0x1a/0x50 [ 310.062543][ C1] asm_exc_invalid_op+0x1a/0x20 [ 310.067415][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 310.073754][ C1] Code: 24 4c 89 e7 e8 4e 64 d5 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 29 d7 96 f7 0f 0b e9 f6 f7 ff ff e8 1d d7 96 f7 <0f> 0b e9 48 fb ff ff e8 11 d7 96 f7 48 c7 c7 40 0c 24 8e 4c 89 e6 [ 310.093894][ C1] RSP: 0000:ffffc900001f0a18 EFLAGS: 00010246 [ 310.099963][ C1] RAX: ffffffff89eebf53 RBX: ffffffff89eead56 RCX: ffff88802bed3c00 [ 310.107934][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 310.115907][ C1] RBP: 0000000000000000 R08: ffff88802bed3c00 R09: 0000000000000003 [ 310.123880][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805b5ee3c0 [ 310.131886][ C1] R13: dffffc0000000000 R14: ffff88805b5ee8b0 R15: ffff88805bace824 [ 310.139869][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 310.145426][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.151165][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 310.156888][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 310.162445][ C1] ieee80211_beacon_get_tim+0xb8/0x560 [ 310.167906][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 310.174695][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 310.180251][ C1] __iterate_interfaces+0x243/0x500 [ 310.185456][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 310.191719][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 310.198931][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 310.205178][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 310.212222][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 310.217445][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 310.222747][ C1] ? hw_scan_work+0x1060/0x1060 [ 310.227615][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 310.232729][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 310.238803][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 310.243923][ C1] handle_softirqs+0x280/0x820 [ 310.248690][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 310.253460][ C1] ? do_softirq+0x180/0x180 [ 310.257965][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 310.263165][ C1] __irq_exit_rcu+0xc7/0x190 [ 310.267754][ C1] ? irq_exit_rcu+0x20/0x20 [ 310.272257][ C1] irq_exit_rcu+0x9/0x20 [ 310.276500][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 310.282397][ C1] [ 310.285326][ C1] [ 310.288256][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 310.294240][ C1] RIP: 0010:finish_task_switch+0x26a/0x920 [ 310.300131][ C1] Code: 0f 84 37 01 00 00 48 85 db 0f 85 56 01 00 00 e9 f6 04 00 00 4c 8b 75 d0 4c 89 e7 e8 c0 eb 1b 09 e8 cb b4 2f 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 310.319737][ C1] RSP: 0000:ffffc9000fad7c58 EFLAGS: 00000282 [ 310.325801][ C1] RAX: ccf4be532d300c00 RBX: 0000000000000000 RCX: ccf4be532d300c00 [ 310.333769][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaab940 RDI: ffffffff8afc7880 [ 310.342019][ C1] RBP: ffffc9000fad7cb0 R08: ffffffff8e4a92ef R09: 1ffffffff1c9525d [ 310.349990][ C1] R10: dffffc0000000000 R11: fffffbfff1c9525e R12: ffff88802bed3c00 [ 310.357958][ C1] R13: dffffc0000000000 R14: ffff888079f28000 R15: ffff8880b8f3cf08 [ 310.365944][ C1] ? finish_task_switch+0x265/0x920 [ 310.371159][ C1] __schedule+0x14ea/0x4580 [ 310.375688][ C1] ? asan.module_dtor+0x20/0x20 [ 310.380564][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 310.386591][ C1] ? lock_chain_count+0x20/0x20 [ 310.391455][ C1] schedule+0xbd/0x170 [ 310.395705][ C1] exit_to_user_mode_loop+0x47/0x110 [ 310.400999][ C1] exit_to_user_mode_prepare+0xb1/0x140 [ 310.406552][ C1] irqentry_exit_to_user_mode+0x9/0x40 [ 310.412016][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 310.417480][ C1] RIP: 0033:0x7f85a504d9c3 [ 310.421896][ C1] Code: 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 52 46 35 00 89 f0 4c 8d 05 49 26 35 00 89 c2 81 e2 ff 1f 00 00 49 8b 0c d1 <48> 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 01 44 39 d0 [ 310.441522][ C1] RSP: 002b:00007ffef77d7d68 EFLAGS: 00000202 [ 310.447595][ C1] RAX: 0000000081b73752 RBX: 00007f85a5ee5720 RCX: ffffffff81b73752 [ 310.455592][ C1] RDX: 0000000000001752 RSI: ffffffff81b73752 RDI: 000000000000001b [ 310.463561][ C1] RBP: ffffffff81b73752 R08: 00007f85a53a0000 R09: 00007f85a53a2000 [ 310.471624][ C1] R10: 0000000081b73756 R11: 000000000000001b R12: 000000000000001b [ 310.479595][ C1] R13: 0000000000000171 R14: ffffffff81b73117 R15: 00000000000008b9 [ 310.487581][ C1] ? copy_from_kernel_nofault+0x1b7/0x320 [ 310.493322][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 310.498797][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 310.504263][ C1] ? copy_from_user_nofault+0xa2/0x140 [ 310.509736][ C1] [ 310.513028][ C1] Kernel Offset: disabled [ 310.517412][ C1] Rebooting in 86400 seconds..