last executing test programs: 4.664537073s ago: executing program 4 (id=493): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x78, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x42, 0xe, {{{}, {}, @broadcast, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1, 0x8c}, @void, @val={0x6, 0x2}, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0x0, 0xffffffffffffffff}}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15b8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x0) 4.330980792s ago: executing program 4 (id=496): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000002cc0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r1}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x48}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0) 3.64288924s ago: executing program 4 (id=504): unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 3.091726581s ago: executing program 2 (id=510): r0 = socket(0x2, 0x80805, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x11, &(0x7f0000000280), 0x8) 2.887736637s ago: executing program 2 (id=512): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newlink={0x38, 0x10, 0x437, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5, 0x4, 0x7}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4c050}, 0x4000804) 2.835929663s ago: executing program 3 (id=513): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c7573746572000000f3ffffff00000000000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000004493000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000"]}, 0x260) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(0xffffffffffffffff, 0x111, 0x3, 0x20000000, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x2f9, 0xffffca88, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 2.563839567s ago: executing program 3 (id=516): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ibss_ssid, 0xb, 0x0) 2.563565572s ago: executing program 2 (id=517): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, 0x0, 0x24000080) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="070000000400000000000200000014000180060001000200000008000300ac1414aae752df098ff9e4f517576d3c832d2b83a55673c3"], 0x28}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 2.179114325s ago: executing program 0 (id=520): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r3, 0x1, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) 2.176886824s ago: executing program 2 (id=521): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @remote}}}}}}, 0x0) 2.09603769s ago: executing program 3 (id=522): r0 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000280)={0x2}, 0x8) 1.896726788s ago: executing program 0 (id=524): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.888563706s ago: executing program 4 (id=525): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x1}}}}}}, 0x0) 1.862534713s ago: executing program 2 (id=526): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xf, 0x9}}}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {}, {0x4, 0xfff3}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}]}, 0x3c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.831057837s ago: executing program 3 (id=527): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20004040) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8) 1.647047855s ago: executing program 2 (id=528): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000080)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x3, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x5fe, 0x0, 0x1c, {[@window={0xb, 0x3}, @timestamp={0x5, 0xa}, @generic={0x0, 0x8, "d58838068b91"}]}}}}}}, 0x4e) 1.606538031s ago: executing program 3 (id=529): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000580)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x30000080}, 0x0) 1.531923285s ago: executing program 0 (id=530): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d0000be7ba9bd"], 0x1c}}, 0x0) recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000001d00)=""/206, 0xce}, {&(0x7f00000001c0)=""/148, 0x94}, {&(0x7f0000000280)=""/47, 0x2f}], 0x4}}], 0x1, 0x0, 0x0) 1.449966335s ago: executing program 4 (id=532): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ibss_ssid, 0xb, 0x0) 1.208388618s ago: executing program 1 (id=533): getpid() sched_setaffinity(0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000c40), 0x12) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[], 0x6) 1.091160302s ago: executing program 4 (id=534): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r3, 0x1, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) 947.112549ms ago: executing program 0 (id=535): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000280)=ANY=[], 0x8) 892.441321ms ago: executing program 1 (id=536): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000007c0)="87", 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) shutdown(r0, 0x1) 865.587552ms ago: executing program 3 (id=537): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x10, 0xfff1}}}, 0x24}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffff}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 583.018749ms ago: executing program 0 (id=538): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x41}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) close(r2) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) socket$inet(0x2, 0x3, 0x8) syz_emit_ethernet(0x22, &(0x7f0000000000)={@local, @random="48ed16350a46", @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x0, 0x14, 0x65, 0x0, 0x2, 0x8, 0x0, @rand_addr=0x64010100, @broadcast}}}}}, 0x0) 572.88068ms ago: executing program 1 (id=539): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000200)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b041e7dff102c6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a0120d1b4e671487a7b018d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69ecce", 0xe8}, {&(0x7f0000000100)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435ae156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd58c572f714f6852063afc8358fb33ccb8a90500b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d980ddfa9098d327d9559e82fceb2b1b1ca4b45c9e22b2de", 0xe3}, {&(0x7f0000000380)="c58cf2a0f0f863621a483b19e7ecfce0d34e53fbf2959272146847c314ac0cdfd79dc1815274c3ee57068b3793c243bc98585fab48eb353478689f452328afb023f75f93227bbe5a4aa3fea049ec0862c493e14eb44aacf27f9060bc2c826383c904750402dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e6", 0x87}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125971357630b6f3eb4fb4064c42c2b2519a1c77824df6f0653fb116149fcb5c7e46fce32b1de7f511951d4b1ae47781250afdb11680684c1d2854810a90dbe10016823346663fdf1df6200a0dc3cafe8ec225fda47", 0xff}, {&(0x7f0000000800)="3a0846cacd7448e2015cc9a09c5f5608265e1e0fe02aa9077d7ddd960ba112fe1c64f57cba71e7ad8bbdc06a3299398e39498fc459bc1745e3d21a7ca987a4f4b774fe331d20dab2e846a721ff43b0491dc4cb32e16330e0d7d520f4887da0d6f356f8ef230b9b2374095ca6f14a6d13e03375c7029e28592c419bfb8957ac024ba8dc90ab15427410b870f303", 0x8d}, {&(0x7f0000000500)="8700144add194dc92e62bfdc1de91e98227f67410fae0aa2958eeb11856055f582d7ed3b9ca5bf48d2e97becf8673e1532a8", 0x32}, {&(0x7f0000000c00)="6aa7e221ef79afca996dde651fad6b8f1085c4567b3af29b90b3221f98f93ce76bc702717f1e682edb4976f8d32156d842e64f2dd8e9b969c22d076b5dbfb714449b00410975c35de7c30e2ad597b691c6483ccd5a245aaa8e77ab0392a8ade9f2106cdeb9aa1c7930b9efefe0cc9f17f500c80d8ea8058a4ced831913d183eae9e62409274def3c7007b6", 0x8b}], 0x8, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @loopback}}}], 0x20}, 0x0) 368.847225ms ago: executing program 0 (id=540): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f0000000200)=""/166}, 0x1c) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, &(0x7f00000005c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'team_slave_0\x00', @random="2b0100004ec6"}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='sched_switch\x00', r4, 0x0, 0x20000000000000}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f00", @ANYRES32], 0x48) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)={0x7c, r3, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) setpgid(0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) ioctl(r1, 0x4, &(0x7f0000000600)="9d436649e94def13ab304e9da898d923167d03427ee1badfd3193267651aa70f91f409fb922bebda45be5c1673604a4959530418c031a8d9d96fb0bfa2692d51f09bc193a6cc04b3e54739943e57") pipe(&(0x7f00000006c0)={0xffffffffffffffff}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x5, 0x10001, 0x9, 0x8421, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @value=r6, @void, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 287.02603ms ago: executing program 1 (id=541): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 145.679257ms ago: executing program 1 (id=542): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a074edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4", 0xc7}], 0x1, 0x0, 0x0, 0x7400}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f00000002c0)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10) pivot_root(0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x2, 0x13, 0x0, 0x8, 0x2}, 0x10}}, 0x10) sendmsg$inet(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)}], 0x1}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10) symlinkat(0x0, 0xffffffffffffff9c, 0x0) 0s ago: executing program 1 (id=543): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, 0x0, 0x24000080) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="070000000400000000000200000014000180060001000200000008000300ac1414aae752df098ff9e4f517576d3c832d2b83a55673c3"], 0x28}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x0) kernel console output (not intermixed with test programs): 98][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.477201][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.496244][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.514435][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.537411][ T5250] veth1_macvtap: entered promiscuous mode [ 69.561641][ T5247] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.576137][ T5247] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.585125][ T5247] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.593870][ T5247] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.660092][ T5294] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 69.684163][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.695722][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.711737][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.722331][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.732383][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.742967][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.754808][ T5250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.769114][ T5251] veth0_macvtap: entered promiscuous mode [ 69.797934][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.812123][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.830936][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.845967][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.856849][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.867659][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.879002][ T5250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.889298][ T5250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.898196][ T5250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.906981][ T5250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.916325][ T5250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.950931][ T2941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.965146][ T2941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.995675][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.003552][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.017191][ T5251] veth1_macvtap: entered promiscuous mode [ 70.060909][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.072235][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.104064][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.114770][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.130515][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.163110][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.173490][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.190272][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.202297][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.276279][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.298724][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.310448][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.322055][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.332279][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.343439][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.353739][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.364875][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.383138][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.420645][ T5251] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.430124][ T5251] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.439438][ T5251] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.461442][ T5251] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.528724][ T5306] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 70.537849][ T5306] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 70.546684][ T5306] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 70.555651][ T54] Bluetooth: hci0: command tx timeout [ 70.555700][ T54] Bluetooth: hci2: command tx timeout [ 70.555735][ T54] Bluetooth: hci1: command tx timeout [ 70.565159][ T5242] Bluetooth: hci3: command tx timeout [ 70.566694][ T5306] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 70.572571][ T54] Bluetooth: hci4: command tx timeout [ 70.581617][ T5306] vxlan0: entered promiscuous mode [ 70.597403][ T5306] vxlan0: entered allmulticast mode [ 70.607825][ T5306] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 70.616899][ T5306] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 70.625907][ T5306] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 70.634799][ T5306] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 70.660480][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.668562][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.730575][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.739534][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.798362][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.824427][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.879579][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.899921][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.937176][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.964831][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.026363][ T2938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.038164][ T2938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.598595][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.610692][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.660854][ T5327] input: syz1 as /devices/virtual/input/input5 [ 71.691062][ T5325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18'. [ 71.870472][ T5330] capability: warning: `syz.2.19' uses deprecated v2 capabilities in a way that may be insecure [ 71.882367][ T29] audit: type=1326 audit(1727894287.426:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 71.927639][ T5325] bridge0: port 3(gretap0) entered blocking state [ 71.939572][ T5325] bridge0: port 3(gretap0) entered disabled state [ 71.948941][ T5325] gretap0: entered allmulticast mode [ 71.959947][ T5325] gretap0: entered promiscuous mode [ 71.967417][ T29] audit: type=1326 audit(1727894287.426:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 71.988985][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.001894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 72.013200][ T5325] bridge0: port 3(gretap0) entered blocking state [ 72.019954][ T5325] bridge0: port 3(gretap0) entered forwarding state [ 72.057182][ T29] audit: type=1326 audit(1727894287.426:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 72.093666][ T5342] syz.1.23 uses obsolete (PF_INET,SOCK_PACKET) [ 72.161295][ T29] audit: type=1326 audit(1727894287.426:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 72.201565][ T29] audit: type=1326 audit(1727894287.426:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=184 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 72.233999][ T29] audit: type=1326 audit(1727894287.506:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 72.255610][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.299325][ T29] audit: type=1326 audit(1727894287.506:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 72.321172][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.636093][ T54] Bluetooth: hci4: command tx timeout [ 72.648290][ T54] Bluetooth: hci3: command tx timeout [ 72.654491][ T54] Bluetooth: hci1: command tx timeout [ 72.662922][ T54] Bluetooth: hci0: command tx timeout [ 72.809034][ T5355] capability: warning: `syz.3.28' uses 32-bit capabilities (legacy support in use) [ 73.091614][ T5363] netlink: 32 bytes leftover after parsing attributes in process `syz.0.32'. [ 73.219646][ T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.290018][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.305339][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.316471][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.324742][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.333174][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.340853][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.360578][ T5369] netlink: 36 bytes leftover after parsing attributes in process `syz.3.33'. [ 73.369972][ T5369] netlink: 16 bytes leftover after parsing attributes in process `syz.3.33'. [ 73.372963][ T5367] syzkaller1: entered promiscuous mode [ 73.385102][ T5367] syzkaller1: entered allmulticast mode [ 73.397289][ T5369] netlink: 36 bytes leftover after parsing attributes in process `syz.3.33'. [ 73.408076][ T5369] netlink: 36 bytes leftover after parsing attributes in process `syz.3.33'. [ 73.654581][ T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.680109][ T5376] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 73.861110][ T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.118039][ T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.254846][ T5387] wireguard0: entered promiscuous mode [ 74.287888][ T5387] wireguard0: entered allmulticast mode [ 74.523700][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 74.630240][ T5405] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'. [ 74.640570][ T5405] netlink: 16 bytes leftover after parsing attributes in process `syz.0.46'. [ 74.649563][ T5405] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'. [ 74.658599][ T5405] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'. [ 74.778802][ T52] bridge_slave_1: left allmulticast mode [ 74.784707][ T52] bridge_slave_1: left promiscuous mode [ 74.811215][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.858951][ T52] bridge_slave_0: left allmulticast mode [ 74.864683][ T52] bridge_slave_0: left promiscuous mode [ 74.878775][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.407405][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.422395][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 75.435528][ T5242] Bluetooth: hci0: command tx timeout [ 75.444432][ T52] bond0 (unregistering): Released all slaves [ 75.514502][ T5420] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.522906][ T5420] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.566650][ T5422] bridge_slave_1: left allmulticast mode [ 75.599457][ T5422] bridge_slave_1: left promiscuous mode [ 75.619739][ T5422] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.658342][ T5422] bridge_slave_0: left allmulticast mode [ 75.665670][ T5422] bridge_slave_0: left promiscuous mode [ 75.671597][ T5422] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.047704][ T5371] chnl_net:caif_netlink_parms(): no params data found [ 76.413376][ T5453] program syz.4.59 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.481121][ T5242] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 76.493269][ T5242] Bluetooth: hci2: Injecting HCI hardware error event [ 76.503947][ T5242] Bluetooth: hci2: hardware error 0x00 [ 76.636391][ T5458] syzkaller1: entered promiscuous mode [ 76.642042][ T5458] syzkaller1: entered allmulticast mode [ 76.651657][ T5371] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.683321][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.698090][ T5371] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.705471][ T5371] bridge_slave_0: entered allmulticast mode [ 76.714115][ T5371] bridge_slave_0: entered promiscuous mode [ 76.717756][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.723267][ T5371] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.728314][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.734142][ T5371] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.743700][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.750212][ T5371] bridge_slave_1: entered allmulticast mode [ 76.758204][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 76.762388][ T5371] bridge_slave_1: entered promiscuous mode [ 76.768694][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 76.792406][ T5455] __nla_validate_parse: 1 callbacks suppressed [ 76.792421][ T5455] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'. [ 76.835211][ T5455] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'. [ 76.875425][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 77.026806][ T5371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.093769][ T52] hsr_slave_0: left promiscuous mode [ 77.119043][ T52] hsr_slave_1: left promiscuous mode [ 77.129930][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.148169][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.186499][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.193993][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.283000][ T52] veth1_macvtap: left promiscuous mode [ 77.304791][ T52] veth0_macvtap: left promiscuous mode [ 77.332620][ T52] veth1_vlan: left promiscuous mode [ 77.345323][ T52] veth0_vlan: left promiscuous mode [ 77.516765][ T5232] Bluetooth: hci0: command tx timeout [ 77.528445][ T5482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.63'. [ 77.538272][ T5482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.63'. [ 78.141930][ T52] team0 (unregistering): Port device team_slave_1 removed [ 78.189576][ T52] team0 (unregistering): Port device team_slave_0 removed [ 78.580812][ T5371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.639600][ T5232] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 78.648292][ T5232] Bluetooth: hci3: Injecting HCI hardware error event [ 78.655384][ T5242] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 78.664582][ T5232] Bluetooth: hci3: hardware error 0x00 [ 78.795526][ T54] Bluetooth: hci4: command tx timeout [ 78.820908][ T5371] team0: Port device team_slave_0 added [ 78.874865][ T5371] team0: Port device team_slave_1 added [ 78.978243][ T5371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.990656][ T5371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.024773][ T5371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.040088][ T5371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.047431][ T5371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.073437][ C0] vkms_vblank_simulate: vblank timer overrun [ 79.083043][ T5371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.348688][ T5371] hsr_slave_0: entered promiscuous mode [ 79.365079][ T5371] hsr_slave_1: entered promiscuous mode [ 79.518778][ T5242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.528274][ T5242] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.536904][ T5242] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.603894][ T5242] Bluetooth: hci0: command tx timeout [ 79.609780][ T5242] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.623126][ T5242] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 79.631092][ T5242] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.914073][ T52] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.117292][ T52] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.292384][ T52] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.437156][ T52] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.715324][ T5232] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 80.885093][ T5232] Bluetooth: hci4: command tx timeout [ 80.994349][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.023196][ T5465] chnl_net:caif_netlink_parms(): no params data found [ 81.207608][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.258604][ T5522] chnl_net:caif_netlink_parms(): no params data found [ 81.445961][ T5242] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.462007][ T5242] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.471203][ T5242] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.482060][ T5242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.489879][ T5242] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.507228][ T5242] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.517631][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.655511][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 81.677843][ T5242] Bluetooth: hci0: command tx timeout [ 81.726644][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.755368][ T5242] Bluetooth: hci1: command tx timeout [ 81.801231][ T5465] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.809090][ T5465] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.816840][ T5465] bridge_slave_0: entered allmulticast mode [ 81.824600][ T5465] bridge_slave_0: entered promiscuous mode [ 81.833881][ T5465] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.842598][ T5465] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.854307][ T5465] bridge_slave_1: entered allmulticast mode [ 81.862386][ T5465] bridge_slave_1: entered promiscuous mode [ 81.870572][ T25] usb 2-1: config 0 has no interfaces? [ 81.876624][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 81.893798][ T5522] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.902081][ T5522] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.903757][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.910183][ T5522] bridge_slave_0: entered allmulticast mode [ 81.930445][ T5522] bridge_slave_0: entered promiscuous mode [ 81.956860][ T25] usb 2-1: config 0 descriptor?? [ 82.018215][ T5522] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.039366][ T5522] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.056315][ T5522] bridge_slave_1: entered allmulticast mode [ 82.063665][ T5522] bridge_slave_1: entered promiscuous mode [ 82.131407][ T5465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.163999][ T5522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.187166][ T5522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.208826][ T5371] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 82.225467][ T5285] usb 2-1: USB disconnect, device number 2 [ 82.256641][ T5371] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 82.297180][ T5465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.349440][ T5371] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 82.371238][ T5465] team0: Port device team_slave_0 added [ 82.382637][ T5465] team0: Port device team_slave_1 added [ 82.412731][ T5371] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 82.517599][ T5522] team0: Port device team_slave_0 added [ 82.561991][ T52] bridge_slave_1: left allmulticast mode [ 82.586395][ T52] bridge_slave_1: left promiscuous mode [ 82.594109][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.603961][ T52] bridge_slave_0: left allmulticast mode [ 82.612457][ T52] bridge_slave_0: left promiscuous mode [ 82.618625][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.631042][ T52] gretap0: left allmulticast mode [ 82.636395][ T52] gretap0: left promiscuous mode [ 82.641581][ T52] bridge0: port 3(gretap0) entered disabled state [ 82.652204][ T52] bridge_slave_1: left allmulticast mode [ 82.658055][ T52] bridge_slave_1: left promiscuous mode [ 82.663823][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.673916][ T52] bridge_slave_0: left allmulticast mode [ 82.679973][ T52] bridge_slave_0: left promiscuous mode [ 82.686515][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.955119][ T5242] Bluetooth: hci4: command tx timeout [ 83.468103][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.481632][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.494059][ T52] bond0 (unregistering): Released all slaves [ 83.587696][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.595522][ T5242] Bluetooth: hci3: command tx timeout [ 83.607035][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.617905][ T52] bond0 (unregistering): Released all slaves [ 83.631317][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.638578][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.664469][ C0] vkms_vblank_simulate: vblank timer overrun [ 83.676670][ T5465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.690153][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.699126][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.725797][ T5465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.741651][ T5522] team0: Port device team_slave_1 added [ 83.837739][ T5242] Bluetooth: hci1: command tx timeout [ 83.948041][ T5522] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.955609][ T5522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.983212][ T5522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.000070][ T5522] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.008214][ T5522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.035229][ T5522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.132809][ T5561] chnl_net:caif_netlink_parms(): no params data found [ 84.147938][ T5465] hsr_slave_0: entered promiscuous mode [ 84.155252][ T5465] hsr_slave_1: entered promiscuous mode [ 84.161752][ T5465] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 84.175025][ T5465] Cannot create hsr debugfs directory [ 84.321191][ T5522] hsr_slave_0: entered promiscuous mode [ 84.340161][ T5522] hsr_slave_1: entered promiscuous mode [ 84.347150][ T5522] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 84.354761][ T5522] Cannot create hsr debugfs directory [ 84.478157][ T5232] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.487665][ T5232] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.497189][ T5232] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.505602][ T5232] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.514158][ T5232] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.521984][ T5232] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.722342][ T5371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.742651][ T5561] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.755326][ T5561] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.762641][ T5561] bridge_slave_0: entered allmulticast mode [ 84.770071][ T5561] bridge_slave_0: entered promiscuous mode [ 84.780199][ T5561] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.787450][ T5561] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.794750][ T5561] bridge_slave_1: entered allmulticast mode [ 84.803277][ T5561] bridge_slave_1: entered promiscuous mode [ 84.901263][ T52] hsr_slave_0: left promiscuous mode [ 84.907863][ T52] hsr_slave_1: left promiscuous mode [ 84.913903][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.921724][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.933578][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.941631][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 84.952810][ T52] hsr_slave_0: left promiscuous mode [ 84.962730][ T52] hsr_slave_1: left promiscuous mode [ 84.969415][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.977131][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.985670][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.993610][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.024596][ T52] veth1_macvtap: left promiscuous mode [ 85.031077][ T52] veth0_macvtap: left promiscuous mode [ 85.039588][ T5232] Bluetooth: hci4: command tx timeout [ 85.040739][ T52] veth1_vlan: left promiscuous mode [ 85.050592][ T52] veth0_vlan: left promiscuous mode [ 85.057514][ T52] veth1_macvtap: left promiscuous mode [ 85.063127][ T52] veth0_macvtap: left promiscuous mode [ 85.069718][ T52] veth1_vlan: left promiscuous mode [ 85.075540][ T52] veth0_vlan: left promiscuous mode [ 85.598476][ T52] team0 (unregistering): Port device team_slave_1 removed [ 85.641105][ T52] team0 (unregistering): Port device team_slave_0 removed [ 85.677627][ T5232] Bluetooth: hci3: command tx timeout [ 85.916617][ T5232] Bluetooth: hci1: command tx timeout [ 86.316775][ T52] team0 (unregistering): Port device team_slave_1 removed [ 86.357204][ T52] team0 (unregistering): Port device team_slave_0 removed [ 86.557399][ T5232] Bluetooth: hci2: command tx timeout [ 86.748923][ T5371] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.759377][ T5561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.803423][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.810700][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.852614][ T5561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.948793][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.955987][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.958014][ T940] cfg80211: failed to load regulatory.db [ 87.173384][ T5561] team0: Port device team_slave_0 added [ 87.212830][ T5561] team0: Port device team_slave_1 added [ 87.242155][ T5371] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 87.269475][ T5583] chnl_net:caif_netlink_parms(): no params data found [ 87.371278][ T5561] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.379781][ T5561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.408148][ T5561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.466215][ T5561] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.473246][ T5561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.502580][ T5561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.660055][ T5583] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.668711][ T5583] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.677903][ T5583] bridge_slave_0: entered allmulticast mode [ 87.684829][ T5583] bridge_slave_0: entered promiscuous mode [ 87.712788][ T5561] hsr_slave_0: entered promiscuous mode [ 87.737705][ T5561] hsr_slave_1: entered promiscuous mode [ 87.744254][ T5561] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.752138][ T5561] Cannot create hsr debugfs directory [ 87.755426][ T5232] Bluetooth: hci3: command tx timeout [ 87.772307][ T5371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.781041][ T5583] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.793410][ T5583] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.800933][ T5583] bridge_slave_1: entered allmulticast mode [ 87.809386][ T5583] bridge_slave_1: entered promiscuous mode [ 87.913567][ T5583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.938313][ T5583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.995343][ T5232] Bluetooth: hci1: command tx timeout [ 88.043031][ T5583] team0: Port device team_slave_0 added [ 88.091761][ T5583] team0: Port device team_slave_1 added [ 88.174227][ T5371] veth0_vlan: entered promiscuous mode [ 88.206975][ T5583] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.213985][ T5583] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.242535][ T5583] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.257714][ T5583] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.275139][ T5583] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.302715][ T5583] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.319636][ T5371] veth1_vlan: entered promiscuous mode [ 88.451561][ T52] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.572231][ T52] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.618694][ T5583] hsr_slave_0: entered promiscuous mode [ 88.626982][ T5583] hsr_slave_1: entered promiscuous mode [ 88.633421][ T5583] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.641485][ T5232] Bluetooth: hci2: command tx timeout [ 88.647586][ T5583] Cannot create hsr debugfs directory [ 88.669163][ T52] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.683280][ T5522] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 88.693854][ T5522] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 88.726075][ T5522] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 88.751927][ T52] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.775535][ T5522] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 88.943255][ T5371] veth0_macvtap: entered promiscuous mode [ 88.997859][ T5465] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.029755][ T5371] veth1_macvtap: entered promiscuous mode [ 89.083212][ T5561] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.131971][ T5465] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.216665][ T5465] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.227489][ T5465] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.251997][ T5561] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.336992][ T5561] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.357508][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.368695][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.385095][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.404992][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.417172][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.452417][ T5561] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.476681][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.488490][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.499432][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.510308][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.522590][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.555839][ T5371] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.564659][ T5371] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.579331][ T5371] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.588351][ T5371] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.678710][ T52] bridge_slave_1: left allmulticast mode [ 89.684648][ T52] bridge_slave_1: left promiscuous mode [ 89.692479][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.703546][ T52] bridge_slave_0: left allmulticast mode [ 89.713064][ T52] bridge_slave_0: left promiscuous mode [ 89.725316][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.836112][ T5232] Bluetooth: hci3: command tx timeout [ 90.370993][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.383214][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.394640][ T52] bond0 (unregistering): Released all slaves [ 90.484301][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.499641][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.511264][ T52] bond0 (unregistering): Released all slaves [ 90.683273][ T5522] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.715937][ T5232] Bluetooth: hci2: command tx timeout [ 90.855704][ T5522] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.930572][ T5561] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.018918][ T2941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.032620][ T5561] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.053245][ T2941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.065555][ T5561] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.109006][ T2967] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.116235][ T2967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.127903][ T2967] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.135193][ T2967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.179905][ T5561] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.307288][ T5465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.384049][ T2967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.409896][ T2967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.421021][ T5465] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.549450][ T5522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.589300][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.596701][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.627736][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.634999][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.716781][ T52] hsr_slave_0: left promiscuous mode [ 91.746032][ T52] hsr_slave_1: left promiscuous mode [ 91.785122][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.792634][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.814740][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.835478][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.889407][ T52] hsr_slave_0: left promiscuous mode [ 91.903709][ T52] hsr_slave_1: left promiscuous mode [ 91.917114][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.935090][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.944846][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.952832][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 92.024304][ T52] veth1_macvtap: left promiscuous mode [ 92.045106][ T52] veth0_macvtap: left promiscuous mode [ 92.053150][ T52] veth1_vlan: left promiscuous mode [ 92.065326][ T52] veth0_vlan: left promiscuous mode [ 92.094623][ T52] veth1_macvtap: left promiscuous mode [ 92.100389][ T52] veth0_macvtap: left promiscuous mode [ 92.125362][ T52] veth1_vlan: left promiscuous mode [ 92.130854][ T52] veth0_vlan: left promiscuous mode [ 92.795186][ T5232] Bluetooth: hci2: command tx timeout [ 93.194352][ T52] team0 (unregistering): Port device team_slave_1 removed [ 93.279047][ T52] team0 (unregistering): Port device team_slave_0 removed [ 94.044870][ T5714] netlink: 12 bytes leftover after parsing attributes in process `syz.2.91'. [ 94.356259][ T52] team0 (unregistering): Port device team_slave_1 removed [ 94.412704][ T52] team0 (unregistering): Port device team_slave_0 removed [ 94.906214][ T5583] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.960272][ T5465] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.991444][ T5583] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.014054][ T5522] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.034605][ T5583] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.046308][ T5583] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.137650][ T5465] veth0_vlan: entered promiscuous mode [ 95.151777][ T5561] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.209930][ T5465] veth1_vlan: entered promiscuous mode [ 95.288785][ T5561] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.354403][ T5465] veth0_macvtap: entered promiscuous mode [ 95.383027][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.390292][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.409271][ T5522] veth0_vlan: entered promiscuous mode [ 95.431743][ T5465] veth1_macvtap: entered promiscuous mode [ 95.468321][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.475592][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.576165][ T5522] veth1_vlan: entered promiscuous mode [ 95.698797][ T5465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.735076][ T5465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.756532][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.854077][ T5583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.876717][ T5465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.918347][ T5465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.952775][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.961804][ T5522] veth0_macvtap: entered promiscuous mode [ 95.998635][ T5242] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.007849][ T5242] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.022340][ T5242] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.039845][ T5242] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.053497][ T5522] veth1_macvtap: entered promiscuous mode [ 96.061184][ T5242] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 96.070079][ T5242] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.073537][ T5465] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.105109][ T5465] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.114713][ T5465] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.130914][ T5465] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.168484][ T5583] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.268058][ T5522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.286535][ T5522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.302703][ T5522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.314832][ T5522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.334816][ T5522] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.416860][ T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.447304][ T5522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.464845][ T5522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.482693][ T5522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.493689][ T5522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.512224][ T5522] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.559399][ T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.579344][ T2967] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.586541][ T2967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.603527][ T5522] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.612623][ T5522] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.623732][ T5522] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.633117][ T5522] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.667470][ T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.721863][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.729123][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.774214][ T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.841207][ T5561] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.873603][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.896211][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.109625][ T5734] chnl_net:caif_netlink_parms(): no params data found [ 97.159814][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.170108][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.221452][ T52] bridge_slave_1: left allmulticast mode [ 97.233472][ T52] bridge_slave_1: left promiscuous mode [ 97.239991][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.250420][ T52] bridge_slave_0: left allmulticast mode [ 97.256440][ T52] bridge_slave_0: left promiscuous mode [ 97.262216][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.566184][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 97.578404][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 97.590556][ T52] bond0 (unregistering): Released all slaves [ 97.613419][ T5583] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 97.746723][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.762068][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.841161][ T5768] autofs4:pid:5768:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 97.935220][ T29] audit: type=1326 audit(1727894313.486:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 97.950970][ T5583] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.974152][ T29] audit: type=1326 audit(1727894313.486:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 97.976686][ T5561] veth0_vlan: entered promiscuous mode [ 97.999078][ T29] audit: type=1326 audit(1727894313.516:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.047605][ T29] audit: type=1326 audit(1727894313.516:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.070382][ T29] audit: type=1326 audit(1727894313.516:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.104806][ T29] audit: type=1326 audit(1727894313.516:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.137105][ T29] audit: type=1326 audit(1727894313.516:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.159326][ T5232] Bluetooth: hci0: command tx timeout [ 98.161212][ T29] audit: type=1326 audit(1727894313.516:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.197377][ T29] audit: type=1326 audit(1727894313.516:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.231006][ T29] audit: type=1326 audit(1727894313.516:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.0.97" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 98.261427][ T5561] veth1_vlan: entered promiscuous mode [ 98.304787][ T5734] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.312451][ T5734] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.329165][ T5734] bridge_slave_0: entered allmulticast mode [ 98.336397][ T5734] bridge_slave_0: entered promiscuous mode [ 98.346465][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.366052][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.394137][ T52] hsr_slave_0: left promiscuous mode [ 98.404064][ T52] hsr_slave_1: left promiscuous mode [ 98.411004][ T5779] netlink: 20 bytes leftover after parsing attributes in process `syz.0.99'. [ 98.421647][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.439010][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.450138][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.462690][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.497112][ T52] veth1_macvtap: left promiscuous mode [ 98.502725][ T52] veth0_macvtap: left promiscuous mode [ 98.525173][ T52] veth1_vlan: left promiscuous mode [ 98.530594][ T52] veth0_vlan: left promiscuous mode [ 99.215281][ T52] team0 (unregistering): Port device team_slave_1 removed [ 99.257115][ T52] team0 (unregistering): Port device team_slave_0 removed [ 99.639407][ T5734] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.650748][ T5734] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.668670][ T5734] bridge_slave_1: entered allmulticast mode [ 99.676306][ T5734] bridge_slave_1: entered promiscuous mode [ 99.763764][ T5734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.862256][ T5734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.988504][ T5734] team0: Port device team_slave_0 added [ 100.005891][ T5561] veth0_macvtap: entered promiscuous mode [ 100.016280][ T5561] veth1_macvtap: entered promiscuous mode [ 100.046242][ T5734] team0: Port device team_slave_1 added [ 100.146953][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.170477][ T5807] input: syz0 as /devices/virtual/input/input6 [ 100.174425][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.214795][ T5734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.235501][ T5232] Bluetooth: hci0: command tx timeout [ 100.255115][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.265679][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.370855][ T5734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.441726][ T5561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.453715][ T5561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.475652][ T5561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.505019][ T5561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.522755][ T5561] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.672391][ T5583] veth0_vlan: entered promiscuous mode [ 100.741834][ T5734] hsr_slave_0: entered promiscuous mode [ 100.791611][ T5734] hsr_slave_1: entered promiscuous mode [ 100.813021][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.836943][ T5561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.851305][ T5561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.872713][ T5561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.891342][ T5561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.903900][ T5561] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.958064][ T5583] veth1_vlan: entered promiscuous mode [ 101.004491][ T5561] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.013619][ T5561] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.023250][ T5561] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.032504][ T5561] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.126829][ T5233] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 101.305649][ T5233] usb 5-1: Using ep0 maxpacket: 32 [ 101.314859][ T5233] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 101.337829][ T5233] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 101.347394][ T5233] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 101.368490][ T5233] usb 5-1: Product: syz [ 101.372741][ T5233] usb 5-1: Manufacturer: syz [ 101.385594][ T5233] usb 5-1: SerialNumber: syz [ 101.395801][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.403799][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.415288][ T5233] usb 5-1: config 0 descriptor?? [ 101.422253][ T5834] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 101.466287][ T5583] veth0_macvtap: entered promiscuous mode [ 101.592948][ T5583] veth1_macvtap: entered promiscuous mode [ 101.636034][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.672212][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.748515][ T5829] netlink: 8 bytes leftover after parsing attributes in process `syz.4.109'. [ 101.780873][ T5852] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.813850][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.838037][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 101.896610][ T5852] netlink: 20 bytes leftover after parsing attributes in process `syz.0.114'. [ 101.947636][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.968482][ T5287] usb 5-1: USB disconnect, device number 2 [ 102.092031][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.121380][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.170933][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.206008][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.223815][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.280885][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.300630][ T5583] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.315727][ T5232] Bluetooth: hci0: command tx timeout [ 102.353555][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.372232][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.425521][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.450761][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.497121][ T5583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.521674][ T5583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.553649][ T5583] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.588012][ T5583] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.635134][ T5583] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.655007][ T5583] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.663770][ T5583] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.076149][ T5734] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 103.113794][ T5734] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 103.146021][ T5734] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 103.297948][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.333868][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.495818][ T5734] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 103.566494][ T2938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.606708][ T2938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.934820][ T5734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.054275][ T5734] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.116887][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.125606][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.208826][ T5734] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 104.220254][ T5734] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 104.250268][ T5734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.306623][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.313799][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.336574][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.343823][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.435459][ T5901] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.447560][ T5232] Bluetooth: hci0: command tx timeout [ 104.646683][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.767333][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.938190][ T5734] veth0_vlan: entered promiscuous mode [ 105.028700][ T5734] veth1_vlan: entered promiscuous mode [ 105.066338][ T5925] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.112363][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.120200][ T5925] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.260620][ T5734] veth0_macvtap: entered promiscuous mode [ 105.309202][ T5734] veth1_macvtap: entered promiscuous mode [ 105.472166][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.542153][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.581430][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.645681][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.688862][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.725544][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.751257][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.805497][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.859127][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.058543][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.069593][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.097989][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.111400][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.148501][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.210219][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.248185][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.310531][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.323839][ T5734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.336237][ T5734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.376200][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.479569][ T5734] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.543896][ T5734] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.579595][ T5734] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.627926][ T5734] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.737192][ T5232] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 106.745961][ T5232] Bluetooth: hci4: Injecting HCI hardware error event [ 106.755570][ T5242] Bluetooth: hci4: hardware error 0x00 [ 106.940568][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.971401][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.093420][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.117960][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.149137][ T5990] wireguard0: entered promiscuous mode [ 107.170592][ T5990] wireguard0: entered allmulticast mode [ 108.307924][ T6023] input: syz0 as /devices/virtual/input/input7 [ 108.756115][ T6039] binder_alloc: 6038: binder_alloc_buf, no vma [ 108.795030][ T5242] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 110.116541][ T6053] syzkaller0: entered promiscuous mode [ 110.135298][ T6053] syzkaller0: entered allmulticast mode [ 110.375058][ T5338] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 110.737705][ T5338] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.826461][ T5338] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.843697][ T5338] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 110.853580][ T5338] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.919680][ T5338] usb 1-1: config 0 descriptor?? [ 111.456324][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.509044][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.519908][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.605554][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.624592][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.633282][ T937] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 111.725027][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.756608][ T5338] steelseries 0003:1038:12B6.0001: unknown main item tag 0x0 [ 111.798269][ T5338] steelseries 0003:1038:12B6.0001: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.0-1/input0 [ 111.857471][ T937] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 111.871530][ T937] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 111.903613][ T937] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 111.941458][ T937] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 111.969174][ T937] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 112.008585][ T937] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 112.023442][ T937] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 112.046876][ T937] usb 4-1: Product: syz [ 112.055838][ T937] usb 4-1: Manufacturer: syz [ 112.085595][ T937] cdc_wdm 4-1:1.0: skipping garbage [ 112.100810][ T937] cdc_wdm 4-1:1.0: skipping garbage [ 112.130138][ T937] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 112.159636][ T937] cdc_wdm 4-1:1.0: Unknown control protocol [ 112.296040][ T937] usb 4-1: USB disconnect, device number 2 [ 112.451068][ T5287] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 112.675460][ T5287] usb 5-1: Using ep0 maxpacket: 8 [ 112.702109][ T5287] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 112.744433][ T5287] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 112.762534][ T5287] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 112.801077][ T5287] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 112.832966][ T5287] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 112.844148][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.894643][ T5287] hub 5-1:1.0: bad descriptor, ignoring hub [ 112.940648][ T5287] hub 5-1:1.0: probe with driver hub failed with error -5 [ 112.979536][ T5287] cdc_wdm 5-1:1.0: skipping garbage [ 112.984821][ T5287] cdc_wdm 5-1:1.0: skipping garbage [ 113.023824][ T5338] steelseries 0003:1038:12B6.0001: hid_hw_raw_request() failed with -71 [ 113.047305][ T5287] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 113.057949][ T5287] cdc_wdm 5-1:1.0: Unknown control protocol [ 113.097704][ T5338] usb 1-1: USB disconnect, device number 2 [ 113.115582][ T6076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.173954][ T6076] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.615254][ T940] usb 5-1: USB disconnect, device number 3 [ 117.539037][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.213'. [ 119.423298][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.446292][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.741124][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 119.741144][ T29] audit: type=1326 audit(1727894335.296:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.4.229" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x0 [ 120.377118][ T6240] wireguard0: entered promiscuous mode [ 120.408059][ T6240] wireguard0: entered allmulticast mode [ 121.637980][ T6282] wireguard0: entered promiscuous mode [ 121.646973][ T6282] wireguard0: entered allmulticast mode [ 122.994207][ T29] audit: type=1326 audit(1727894338.546:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.2.261" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x0 [ 123.318576][ T6313] input: syz0 as /devices/virtual/input/input12 [ 123.712471][ T6328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.271'. [ 123.757004][ T6325] wireguard0: entered promiscuous mode [ 123.762551][ T6325] wireguard0: entered allmulticast mode [ 124.184107][ T6341] netlink: 60 bytes leftover after parsing attributes in process `syz.1.275'. [ 124.220654][ T6341] netlink: 12 bytes leftover after parsing attributes in process `syz.1.275'. [ 124.270643][ T6341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.275'. [ 124.625061][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.279'. [ 125.816855][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.060181][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.266541][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.489562][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.532544][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 126.541768][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 126.550235][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 126.560508][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 126.568890][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 126.576504][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 126.865435][ T35] bridge_slave_1: left allmulticast mode [ 126.881380][ T35] bridge_slave_1: left promiscuous mode [ 126.891682][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.936224][ T35] bridge_slave_0: left allmulticast mode [ 126.941928][ T35] bridge_slave_0: left promiscuous mode [ 126.975210][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.567747][ T6399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'. [ 127.675360][ T5242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 127.696396][ T5242] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 127.703886][ T6401] netlink: 48 bytes leftover after parsing attributes in process `syz.3.297'. [ 127.714702][ T5242] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 127.736815][ T5242] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 127.745433][ T5242] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 127.752769][ T5242] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 128.362812][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.388261][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.421238][ T35] bond0 (unregistering): Released all slaves [ 128.558032][ T6407] wireguard0: entered promiscuous mode [ 128.565334][ T6407] wireguard0: entered allmulticast mode [ 128.636032][ T5242] Bluetooth: hci4: command tx timeout [ 128.767226][ T6412] netlink: 24 bytes leftover after parsing attributes in process `syz.1.301'. [ 129.464292][ T35] hsr_slave_0: left promiscuous mode [ 129.490282][ T35] hsr_slave_1: left promiscuous mode [ 129.510823][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.531696][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.561130][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.575024][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.633494][ T35] veth1_macvtap: left promiscuous mode [ 129.643254][ T35] veth0_macvtap: left promiscuous mode [ 129.656532][ T35] veth1_vlan: left promiscuous mode [ 129.661869][ T35] veth0_vlan: left promiscuous mode [ 129.790049][ T6447] input: syz0 as /devices/virtual/input/input14 [ 129.837026][ T5242] Bluetooth: hci1: command tx timeout [ 130.031253][ T6451] netlink: 12 bytes leftover after parsing attributes in process `syz.2.308'. [ 130.483574][ T5287] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 130.581241][ T35] team0 (unregistering): Port device team_slave_1 removed [ 130.648790][ T35] team0 (unregistering): Port device team_slave_0 removed [ 130.675524][ T5287] usb 3-1: Using ep0 maxpacket: 16 [ 130.703962][ T5287] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 130.715025][ T5242] Bluetooth: hci4: command tx timeout [ 130.719974][ T5287] usb 3-1: config 0 has no interface number 0 [ 130.729007][ T5287] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.750860][ T5287] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 130.793733][ T5287] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 130.815584][ T5287] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 130.825240][ T5287] usb 3-1: Product: syz [ 130.845060][ T5287] usb 3-1: SerialNumber: syz [ 130.852298][ T5287] usb 3-1: config 0 descriptor?? [ 130.893481][ T5287] cm109 3-1:0.8: invalid payload size 0, expected 4 [ 130.902797][ T5287] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input15 [ 131.103960][ T5339] usb 3-1: USB disconnect, device number 2 [ 131.109601][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 131.117133][ C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 131.135726][ T5339] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 131.500622][ T6403] chnl_net:caif_netlink_parms(): no params data found [ 131.539365][ T6389] chnl_net:caif_netlink_parms(): no params data found [ 131.915010][ T5242] Bluetooth: hci1: command tx timeout [ 131.955510][ T6389] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.987866][ T6389] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.017799][ T6389] bridge_slave_0: entered allmulticast mode [ 132.032525][ T6389] bridge_slave_0: entered promiscuous mode [ 132.047473][ T6403] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.065101][ T6403] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.072627][ T6403] bridge_slave_0: entered allmulticast mode [ 132.087392][ T6403] bridge_slave_0: entered promiscuous mode [ 132.103221][ T6403] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.113202][ T6403] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.122043][ T6403] bridge_slave_1: entered allmulticast mode [ 132.130143][ T6403] bridge_slave_1: entered promiscuous mode [ 132.146505][ T6389] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.157772][ T6389] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.173374][ T6389] bridge_slave_1: entered allmulticast mode [ 132.204167][ T6389] bridge_slave_1: entered promiscuous mode [ 132.375996][ T6403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.489137][ T6389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.502993][ T6389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.550182][ T6492] netlink: 12 bytes leftover after parsing attributes in process `syz.2.317'. [ 132.596270][ T6403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.640581][ T6487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.316'. [ 132.795073][ T5242] Bluetooth: hci4: command tx timeout [ 132.861412][ T6403] team0: Port device team_slave_0 added [ 132.933414][ T6403] team0: Port device team_slave_1 added [ 133.038134][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.046680][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.106623][ T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.164808][ T6389] team0: Port device team_slave_0 added [ 133.257508][ T6389] team0: Port device team_slave_1 added [ 133.357299][ T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.396466][ T6403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.403455][ T6403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.478656][ T6403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.507601][ T6403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.525731][ T6403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.584047][ T6403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.713284][ T6389] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.721204][ T6389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.748829][ T6389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.783296][ T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.804139][ T6389] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.811307][ T6389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.858888][ T6389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.958295][ T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.995029][ T5242] Bluetooth: hci1: command tx timeout [ 134.158562][ T6403] hsr_slave_0: entered promiscuous mode [ 134.212382][ T6403] hsr_slave_1: entered promiscuous mode [ 134.228400][ T6403] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.245013][ T6403] Cannot create hsr debugfs directory [ 134.352633][ T6389] hsr_slave_0: entered promiscuous mode [ 134.373272][ T6389] hsr_slave_1: entered promiscuous mode [ 134.384213][ T6389] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.411695][ T6389] Cannot create hsr debugfs directory [ 134.857193][ T35] bridge_slave_1: left allmulticast mode [ 134.873308][ T35] bridge_slave_1: left promiscuous mode [ 134.895618][ T5242] Bluetooth: hci4: command tx timeout [ 134.905392][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.926569][ T35] bridge_slave_0: left allmulticast mode [ 134.932288][ T35] bridge_slave_0: left promiscuous mode [ 134.953524][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.530381][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 135.543041][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 135.554618][ T35] bond0 (unregistering): Released all slaves [ 135.604260][ T940] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 135.773353][ T6544] netlink: 12 bytes leftover after parsing attributes in process `syz.1.326'. [ 135.790983][ T940] usb 4-1: Using ep0 maxpacket: 16 [ 135.804352][ T940] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 135.822101][ T940] usb 4-1: config 0 has no interface number 0 [ 135.845374][ T940] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 135.874976][ T940] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 135.890230][ T940] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 135.906527][ T940] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 135.915328][ T940] usb 4-1: Product: syz [ 135.919525][ T940] usb 4-1: SerialNumber: syz [ 135.926537][ T940] usb 4-1: config 0 descriptor?? [ 135.946196][ T940] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 135.969104][ T940] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input17 [ 136.076349][ T5242] Bluetooth: hci1: command tx timeout [ 136.173418][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.181991][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.189495][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.196718][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.204013][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.212666][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.220366][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.227749][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.235565][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.243890][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 136.252153][ T940] usb 4-1: USB disconnect, device number 3 [ 136.258078][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 136.353567][ T940] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 136.587555][ T35] hsr_slave_0: left promiscuous mode [ 136.593898][ T35] hsr_slave_1: left promiscuous mode [ 136.618914][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 136.675592][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 136.710651][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 136.720339][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 136.798915][ T35] veth1_macvtap: left promiscuous mode [ 136.804509][ T35] veth0_macvtap: left promiscuous mode [ 136.844741][ T35] veth1_vlan: left promiscuous mode [ 136.855321][ T35] veth0_vlan: left promiscuous mode [ 137.866490][ T35] team0 (unregistering): Port device team_slave_1 removed [ 137.926906][ T35] team0 (unregistering): Port device team_slave_0 removed [ 138.557928][ T6403] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 138.773827][ T6403] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 138.854990][ T6594] netlink: 12 bytes leftover after parsing attributes in process `syz.1.336'. [ 138.863104][ T6403] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 138.875685][ T6403] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 139.481610][ T6403] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.506812][ T6403] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.532409][ T6403] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 139.543031][ T6403] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 139.566942][ T6403] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.592259][ T6403] veth0_vlan: entered promiscuous mode [ 139.602821][ T6403] veth1_vlan: entered promiscuous mode [ 139.620843][ T6403] veth0_macvtap: entered promiscuous mode [ 139.629290][ T6403] veth1_macvtap: entered promiscuous mode [ 139.642515][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.652994][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.663088][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.673539][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.683452][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.694283][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.705519][ T6403] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 139.714489][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 139.725238][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.735114][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 139.745621][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.755821][ T6403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 139.766290][ T6403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.778208][ T6403] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 139.788073][ T6403] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.797001][ T6403] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.805861][ T6403] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.814542][ T6403] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.846872][ T5288] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 139.919021][ T2941] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.926188][ T2941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.941438][ T2941] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.948633][ T2941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.035713][ T5288] usb 2-1: Using ep0 maxpacket: 16 [ 140.071848][ T5288] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 140.092073][ T5288] usb 2-1: config 0 has no interface number 0 [ 140.138483][ T5288] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 140.162030][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.173823][ T6389] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 140.184096][ T5288] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 140.194558][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.206870][ T6389] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 140.216870][ T5288] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 140.228531][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 140.248288][ T6389] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 140.263489][ T5288] usb 2-1: Product: syz [ 140.272163][ T6389] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 140.279162][ T5288] usb 2-1: SerialNumber: syz [ 140.291793][ T5288] usb 2-1: config 0 descriptor?? [ 140.320085][ T5288] cm109 2-1:0.8: invalid payload size 0, expected 4 [ 140.339449][ T5288] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input18 [ 140.344423][ T2941] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.363660][ T2941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.595876][ T6389] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.616843][ T6389] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.654204][ T6389] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 140.654234][ T6389] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 140.670380][ T2967] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.670485][ T2967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.672374][ T2967] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.672445][ T2967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.767983][ T6389] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 140.860892][ T6389] veth0_vlan: entered promiscuous mode [ 140.872980][ T6389] veth1_vlan: entered promiscuous mode [ 140.914935][ T937] usb 2-1: USB disconnect, device number 3 [ 140.915039][ C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 140.933374][ T6621] input: syz0 as /devices/virtual/input/input19 [ 140.945808][ T6622] netlink: 12 bytes leftover after parsing attributes in process `syz.4.345'. [ 140.986290][ T937] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 141.013951][ T6389] veth0_macvtap: entered promiscuous mode [ 141.037211][ T6389] veth1_macvtap: entered promiscuous mode [ 141.129268][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.143527][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.170104][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.200615][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.220899][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.248477][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.278340][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.305384][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.324036][ T6389] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.382013][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.398306][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.422083][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.444430][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.454844][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.492244][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 141.501395][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.537652][ T6389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.562599][ T6389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.574422][ T6389] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.624997][ T6389] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.648519][ T6389] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.668937][ T6389] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.700980][ T6389] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.887616][ T6654] warning: `syz.3.355' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 141.991629][ T2967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.010367][ T2967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.029614][ T6661] netlink: 12 bytes leftover after parsing attributes in process `syz.4.357'. [ 142.074635][ T2967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.113489][ T2967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.639056][ T5232] Bluetooth: hci1: command tx timeout [ 142.895544][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 142.925169][ T5288] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 143.095509][ T5288] usb 1-1: Using ep0 maxpacket: 16 [ 143.129857][ T5288] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 143.159416][ T5288] usb 1-1: config 0 has no interface number 0 [ 143.193164][ T6703] batadv_slave_1: entered promiscuous mode [ 143.201169][ T5288] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 143.232988][ T29] audit: type=1326 audit(1727894358.786:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.266336][ T6703] Zero length message leads to an empty skb [ 143.293338][ T5288] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 143.320771][ T6700] batadv_slave_1: left promiscuous mode [ 143.327041][ T29] audit: type=1326 audit(1727894358.786:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.375603][ T6712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.368'. [ 143.385530][ T5288] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 143.394711][ T5288] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 143.434017][ T5288] usb 1-1: Product: syz [ 143.440743][ T29] audit: type=1326 audit(1727894358.786:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.501549][ T5288] usb 1-1: SerialNumber: syz [ 143.514496][ T5288] usb 1-1: config 0 descriptor?? [ 143.543957][ T5288] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 143.573009][ T29] audit: type=1326 audit(1727894358.786:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.590639][ T5288] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input20 [ 143.679486][ T29] audit: type=1326 audit(1727894358.786:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.818016][ T29] audit: type=1326 audit(1727894358.786:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.818064][ T29] audit: type=1326 audit(1727894358.786:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.818103][ T29] audit: type=1326 audit(1727894358.786:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.818142][ T29] audit: type=1326 audit(1727894358.786:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.818183][ T29] audit: type=1326 audit(1727894359.046:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6670 comm="syz.4.359" exe="/root/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7f9f579 code=0x7ffc0000 [ 143.903208][ T6723] wireguard0: entered promiscuous mode [ 143.903239][ T6723] wireguard0: entered allmulticast mode [ 144.605507][ C1] cm109_urb_ctl_callback: 76 callbacks suppressed [ 144.605532][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 144.606016][ T5233] usb 1-1: USB disconnect, device number 3 [ 144.612119][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 144.702143][ T5233] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 145.807283][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 145.903046][ T6765] netlink: 12 bytes leftover after parsing attributes in process `syz.1.380'. [ 146.625152][ T5233] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 146.795635][ T5233] usb 1-1: Using ep0 maxpacket: 16 [ 146.807053][ T5233] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 146.829486][ T5233] usb 1-1: config 0 has no interface number 0 [ 146.858757][ T5233] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 146.904667][ T5233] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 146.946764][ T5233] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 146.976192][ T5233] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 147.006080][ T5233] usb 1-1: Product: syz [ 147.013780][ T5233] usb 1-1: SerialNumber: syz [ 147.039087][ T5233] usb 1-1: config 0 descriptor?? [ 147.071175][ T5233] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 147.106307][ T5233] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input21 [ 147.396434][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 147.397200][ T25] usb 1-1: USB disconnect, device number 4 [ 147.403462][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 147.476297][ T25] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 147.873635][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 148.126174][ T6825] wireguard0: entered promiscuous mode [ 148.156406][ T6825] wireguard0: entered allmulticast mode [ 148.990300][ T2967] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.219794][ T2967] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.471033][ T2967] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.630872][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 149.680213][ T2967] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.966336][ T2967] bridge_slave_1: left allmulticast mode [ 149.994639][ T2967] bridge_slave_1: left promiscuous mode [ 150.015954][ T2967] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.031256][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.042126][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.050929][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.067925][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.077372][ T2967] bridge_slave_0: left allmulticast mode [ 150.083321][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.091021][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.125302][ T5287] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 150.133856][ T2967] bridge_slave_0: left promiscuous mode [ 150.165173][ T2967] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.335321][ T5287] usb 5-1: Using ep0 maxpacket: 16 [ 150.346432][ T5287] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 150.360388][ T5287] usb 5-1: config 0 has no interface number 0 [ 150.367451][ T5287] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 150.387154][ T5287] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 150.409201][ T5287] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 150.431139][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 150.458161][ T5287] usb 5-1: Product: syz [ 150.462383][ T5287] usb 5-1: SerialNumber: syz [ 150.504153][ T5287] usb 5-1: config 0 descriptor?? [ 150.527946][ T5287] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 150.552718][ T5287] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input22 [ 150.850577][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.851355][ T5233] usb 5-1: USB disconnect, device number 4 [ 150.857592][ C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 150.920124][ T5233] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 151.444811][ T2967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 151.461403][ T2967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 151.485892][ T2967] bond0 (unregistering): Released all slaves [ 152.061897][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 152.155734][ T5232] Bluetooth: hci4: command tx timeout [ 152.589749][ T2967] hsr_slave_0: left promiscuous mode [ 152.630196][ T2967] hsr_slave_1: left promiscuous mode [ 152.641896][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 152.658288][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 152.696069][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 152.703607][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 152.836755][ T2967] veth1_macvtap: left promiscuous mode [ 152.862894][ T2967] veth0_macvtap: left promiscuous mode [ 152.873009][ T2967] veth1_vlan: left promiscuous mode [ 152.893246][ T2967] veth0_vlan: left promiscuous mode [ 153.808350][ T2967] team0 (unregistering): Port device team_slave_1 removed [ 153.865586][ T2967] team0 (unregistering): Port device team_slave_0 removed [ 154.238171][ T5232] Bluetooth: hci4: command tx timeout [ 154.455934][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 154.531891][ T6956] netlink: 12 bytes leftover after parsing attributes in process `syz.4.426'. [ 154.847692][ T6962] netlink: 'syz.4.428': attribute type 4 has an invalid length. [ 154.921233][ T6962] netlink: 'syz.4.428': attribute type 4 has an invalid length. [ 155.053713][ T6880] chnl_net:caif_netlink_parms(): no params data found [ 155.359591][ T6880] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.391375][ T6880] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.404525][ T6880] bridge_slave_0: entered allmulticast mode [ 155.438775][ T6880] bridge_slave_0: entered promiscuous mode [ 155.500848][ T6880] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.521270][ T6880] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.548644][ T6880] bridge_slave_1: entered allmulticast mode [ 155.558445][ T6880] bridge_slave_1: entered promiscuous mode [ 155.717346][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 155.771048][ T6995] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20003 - 0 [ 155.795425][ T6995] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20003 - 0 [ 155.804292][ T6995] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20003 - 0 [ 155.831967][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.436'. [ 155.851850][ T6995] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20003 - 0 [ 155.915371][ T6995] geneve2: entered promiscuous mode [ 155.920653][ T6995] geneve2: entered allmulticast mode [ 155.952072][ T6880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.008900][ T6880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.148385][ T6880] team0: Port device team_slave_0 added [ 156.150602][ T6880] team0: Port device team_slave_1 added [ 156.192679][ T7016] netlink: 'syz.3.443': attribute type 1 has an invalid length. [ 156.192722][ T7016] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.443'. [ 156.287387][ T6880] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.294646][ T6880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.325339][ T5232] Bluetooth: hci4: command tx timeout [ 156.387272][ T6880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.465812][ T6880] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.472811][ T6880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.640232][ T6880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.985691][ T6880] hsr_slave_0: entered promiscuous mode [ 157.035092][ T6880] hsr_slave_1: entered promiscuous mode [ 157.048817][ T6880] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 157.073008][ T6880] Cannot create hsr debugfs directory [ 157.258828][ T7048] netlink: 24 bytes leftover after parsing attributes in process `syz.1.453'. [ 157.296286][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 157.477510][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.4.458'. [ 158.086084][ T7082] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'. [ 158.286522][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 158.411371][ T5232] Bluetooth: hci4: command tx timeout [ 158.423109][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.446145][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.792121][ T6880] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 158.970098][ T6880] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 158.987684][ T6880] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 159.010472][ T6880] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 159.207110][ T6880] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.224802][ T6880] 8021q: adding VLAN 0 to HW filter on device team0 [ 159.263713][ T6880] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 159.274587][ T6880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 159.292203][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.299456][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.336031][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 159.352495][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 159.408597][ T7132] netlink: 88 bytes leftover after parsing attributes in process `syz.2.482'. [ 159.433371][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.440643][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.593907][ T6880] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 159.758121][ T6880] veth0_vlan: entered promiscuous mode [ 159.789565][ T6880] veth1_vlan: entered promiscuous mode [ 159.936211][ T6880] veth0_macvtap: entered promiscuous mode [ 160.006520][ T6880] veth1_macvtap: entered promiscuous mode [ 160.084223][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.100713][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.110757][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.121412][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.131931][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.142717][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.152922][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.164053][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.175985][ T6880] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.314400][ T7155] wireguard0: entered promiscuous mode [ 160.323036][ T7155] wireguard0: entered allmulticast mode [ 160.373032][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 160.415407][ T7166] netlink: 88 bytes leftover after parsing attributes in process `syz.2.492'. [ 160.441085][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.465365][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.486878][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.522273][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.544367][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.571841][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.608353][ T6880] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.630592][ T6880] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.657205][ T6880] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.811646][ T6880] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.875652][ T6880] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.896499][ T6880] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.937639][ T6880] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.075472][ T7185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.496'. [ 161.105038][ T7185] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.131782][ T7185] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.173556][ T7185] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.188330][ T7185] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.502682][ T2941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.541273][ T2941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.583147][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 161.653632][ T2941] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.655615][ T7208] netlink: 88 bytes leftover after parsing attributes in process `syz.2.503'. [ 161.696694][ T2941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.530458][ T7248] netlink: 'syz.1.515': attribute type 18 has an invalid length. [ 162.576970][ T7248] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 162.585951][ T7248] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 162.594696][ T7248] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 162.603638][ T7248] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 162.751991][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 162.793468][ T7255] netlink: 52 bytes leftover after parsing attributes in process `syz.2.517'. [ 162.842308][ T7255] netlink: 16 bytes leftover after parsing attributes in process `syz.2.517'. [ 162.884819][ T7255] netlink: 52 bytes leftover after parsing attributes in process `syz.2.517'. [ 163.876332][ T7297] netlink: 52 bytes leftover after parsing attributes in process `syz.1.531'. [ 163.885445][ T7297] netlink: 16 bytes leftover after parsing attributes in process `syz.1.531'. [ 163.896070][ T7297] netlink: 52 bytes leftover after parsing attributes in process `syz.1.531'. [ 174.717076][ T5242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.730613][ T5242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.739102][ T5242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.755682][ T5242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.763475][ T5242] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 174.771501][ T5242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 176.500854][ T5232] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 176.517257][ T5232] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 176.525706][ T5232] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 176.536048][ T5232] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 176.548716][ T5232] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 176.557732][ T5232] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 176.681627][ T5232] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 176.696099][ T5232] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 176.704576][ T5232] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 176.713212][ T5232] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 176.721564][ T5232] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 176.730883][ T5232] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 176.922663][ T5242] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 176.936482][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 176.946744][ T5242] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 176.954774][ T5242] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 176.963437][ T5242] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 176.972271][ T5242] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 177.030770][ T5242] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 177.045277][ T5242] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 177.053739][ T5242] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 177.061921][ T5242] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 177.073650][ T5242] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 177.081089][ T5242] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 177.756393][ T5242] Bluetooth: hci5: command tx timeout [ 178.635288][ T5242] Bluetooth: hci6: command tx timeout [ 178.795072][ T5242] Bluetooth: hci7: command tx timeout [ 179.035182][ T5242] Bluetooth: hci8: command tx timeout [ 179.115454][ T5242] Bluetooth: hci9: command tx timeout [ 179.835186][ T5242] Bluetooth: hci5: command tx timeout [ 180.715270][ T5242] Bluetooth: hci6: command tx timeout [ 180.875146][ T5242] Bluetooth: hci7: command tx timeout [ 181.115228][ T5242] Bluetooth: hci8: command tx timeout [ 181.195234][ T5242] Bluetooth: hci9: command tx timeout [ 181.915086][ T5242] Bluetooth: hci5: command tx timeout [ 182.795377][ T5242] Bluetooth: hci6: command tx timeout [ 182.954996][ T5242] Bluetooth: hci7: command tx timeout [ 183.195178][ T5242] Bluetooth: hci8: command tx timeout [ 183.275297][ T5242] Bluetooth: hci9: command tx timeout [ 183.996188][ T5242] Bluetooth: hci5: command tx timeout [ 184.875223][ T5242] Bluetooth: hci6: command tx timeout [ 185.035076][ T5242] Bluetooth: hci7: command tx timeout [ 185.275105][ T5242] Bluetooth: hci8: command tx timeout [ 185.355254][ T5242] Bluetooth: hci9: command tx timeout [ 186.684885][ C1] sched: DL replenish lagged too much [ 194.479414][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.491400][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.807669][ T5235] Bluetooth: hci3: command 0x0406 tx timeout [ 206.813826][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 222.162384][ T5232] Bluetooth: hci0: command 0x0406 tx timeout [ 235.057833][ T5232] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 235.072398][ T54] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 235.084810][ T54] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 235.102085][ T54] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 235.110690][ T54] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 235.119421][ T54] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 235.129133][ T54] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 235.139959][ T54] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 235.147641][ T54] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 235.155820][ T54] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 235.164693][ T54] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 235.173230][ T54] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 235.770603][ T5242] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 235.783274][ T5242] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 235.792278][ T5242] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 235.801314][ T5242] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 235.810172][ T5242] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 235.818095][ T5242] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 237.058849][ T5242] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 237.075765][ T5242] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 237.084259][ T5242] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 237.096188][ T5242] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 237.104054][ T5242] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 237.112367][ T5242] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 237.175698][ T5242] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 237.199779][ T5242] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 237.213191][ T5242] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 237.222016][ T5242] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 237.235044][ T5242] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 237.242588][ T5242] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 237.275295][ T5242] Bluetooth: hci10: command tx timeout [ 237.281500][ T5242] Bluetooth: hci11: command tx timeout [ 237.915061][ T5242] Bluetooth: hci12: command tx timeout [ 239.195201][ T5242] Bluetooth: hci13: command tx timeout [ 239.275292][ T5242] Bluetooth: hci14: command tx timeout [ 239.355359][ T54] Bluetooth: hci10: command tx timeout [ 239.363411][ T5242] Bluetooth: hci11: command tx timeout [ 239.995200][ T5242] Bluetooth: hci12: command tx timeout [ 241.275094][ T5242] Bluetooth: hci13: command tx timeout [ 241.355215][ T5242] Bluetooth: hci14: command tx timeout [ 241.435218][ T54] Bluetooth: hci10: command tx timeout [ 241.441943][ T5242] Bluetooth: hci11: command tx timeout [ 242.075303][ T5242] Bluetooth: hci12: command tx timeout [ 243.355039][ T5242] Bluetooth: hci13: command tx timeout [ 243.435399][ T5242] Bluetooth: hci14: command tx timeout [ 243.515160][ T5242] Bluetooth: hci11: command tx timeout [ 243.521111][ T5242] Bluetooth: hci10: command tx timeout [ 244.159693][ T5242] Bluetooth: hci12: command tx timeout [ 245.435098][ T5242] Bluetooth: hci13: command tx timeout [ 245.515377][ T5242] Bluetooth: hci14: command tx timeout [ 252.882019][ T5242] Bluetooth: hci1: command 0x0406 tx timeout [ 255.925412][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.931782][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 273.355098][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 296.056161][ T54] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 296.068053][ T54] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 296.082517][ T54] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 296.101052][ T54] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 296.116401][ T54] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 296.139053][ T54] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 296.550487][ T54] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 296.560308][ T54] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 296.569736][ T54] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 296.577979][ T54] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 296.586945][ T54] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 296.594535][ T54] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 296.681007][ T5242] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 296.690499][ T5242] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 296.700005][ T5242] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 296.723003][ T5242] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 296.731284][ T5242] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 296.744068][ T5242] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 297.580509][ T5238] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 297.590410][ T5238] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 297.603913][ T5238] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 297.612242][ T5238] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 297.621663][ T5238] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 297.629284][ T5238] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 297.712073][ T5238] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 297.729514][ T5238] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 297.737822][ T5238] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 297.746484][ T5238] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 297.756604][ T5238] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 297.769768][ T5238] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 298.235083][ T5238] Bluetooth: hci15: command tx timeout [ 298.635229][ T5238] Bluetooth: hci16: command tx timeout [ 298.795204][ T5238] Bluetooth: hci17: command tx timeout [ 298.973148][ T5238] Bluetooth: hci7: command 0x0406 tx timeout [ 298.979607][ T54] Bluetooth: hci6: command 0x0406 tx timeout [ 298.985867][ T5238] Bluetooth: hci5: command 0x0406 tx timeout [ 299.675189][ T5242] Bluetooth: hci18: command tx timeout [ 299.835177][ T5242] Bluetooth: hci19: command tx timeout [ 300.315046][ T5242] Bluetooth: hci15: command tx timeout [ 300.725241][ T5242] Bluetooth: hci16: command tx timeout [ 300.875187][ T5242] Bluetooth: hci17: command tx timeout [ 301.755106][ T5242] Bluetooth: hci18: command tx timeout [ 301.919826][ T5242] Bluetooth: hci19: command tx timeout [ 302.394965][ T5242] Bluetooth: hci15: command tx timeout [ 302.795206][ T5242] Bluetooth: hci16: command tx timeout [ 302.955052][ T5242] Bluetooth: hci17: command tx timeout [ 303.835129][ T5242] Bluetooth: hci18: command tx timeout [ 303.995070][ T5242] Bluetooth: hci19: command tx timeout [ 304.080550][ T54] Bluetooth: hci8: command 0x0406 tx timeout [ 304.086804][ T5242] Bluetooth: hci9: command 0x0406 tx timeout [ 304.475050][ T5235] Bluetooth: hci15: command tx timeout [ 304.878484][ T5235] Bluetooth: hci16: command tx timeout [ 305.035025][ T5235] Bluetooth: hci17: command tx timeout [ 305.918581][ T5235] Bluetooth: hci18: command tx timeout [ 306.075339][ T5235] Bluetooth: hci19: command tx timeout [ 317.357523][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.363888][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.315422][ T30] INFO: task kworker/u8:2:35 blocked for more than 143 seconds. [ 326.323320][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 326.363426][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 326.413466][ T30] task:kworker/u8:2 state:D stack:20304 pid:35 tgid:35 ppid:2 flags:0x00004000 [ 326.504974][ T30] Workqueue: netns cleanup_net [ 326.509868][ T30] Call Trace: [ 326.513185][ T30] [ 326.593840][ T30] __schedule+0x1895/0x4b30 [ 326.625058][ T30] ? __pfx___schedule+0x10/0x10 [ 326.630016][ T30] ? __pfx_lock_release+0x10/0x10 [ 326.692412][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 326.715191][ T30] ? kthread_data+0x52/0xd0 [ 326.719801][ T30] ? schedule+0x90/0x320 [ 326.724110][ T30] ? wq_worker_sleeping+0x66/0x240 [ 326.783914][ T30] ? schedule+0x90/0x320 [ 326.804924][ T30] schedule+0x14b/0x320 [ 326.809184][ T30] schedule_preempt_disabled+0x13/0x30 [ 326.814707][ T30] __mutex_lock+0x6a7/0xd70 [ 326.872556][ T30] ? __mutex_lock+0x52a/0xd70 [ 326.905471][ T30] ? mpls_net_exit+0x7d/0x2a0 [ 326.910249][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 326.961670][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 326.972576][ T30] ? mpls_net_exit+0x78/0x2a0 [ 327.000817][ T30] ? kfree+0x1a0/0x440 [ 327.009089][ T30] ? mpls_net_exit+0x78/0x2a0 [ 327.013861][ T30] mpls_net_exit+0x7d/0x2a0 [ 327.044978][ T30] cleanup_net+0x802/0xcc0 [ 327.049488][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 327.054505][ T30] ? process_scheduled_works+0x976/0x1850 [ 327.105338][ T30] process_scheduled_works+0xa63/0x1850 [ 327.111096][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 327.141829][ T30] ? assign_work+0x364/0x3d0 [ 327.164454][ T30] worker_thread+0x870/0xd30 [ 327.180680][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 327.204688][ T30] ? __kthread_parkme+0x169/0x1d0 [ 327.218746][ T30] ? __pfx_worker_thread+0x10/0x10 [ 327.224041][ T30] kthread+0x2f0/0x390 [ 327.259900][ T30] ? __pfx_worker_thread+0x10/0x10 [ 327.275252][ T30] ? __pfx_kthread+0x10/0x10 [ 327.279927][ T30] ret_from_fork+0x4b/0x80 [ 327.306651][ T30] ? __pfx_kthread+0x10/0x10 [ 327.325065][ T30] ret_from_fork_asm+0x1a/0x30 [ 327.329942][ T30] [ 327.350992][ T30] INFO: task kworker/u8:5:1100 blocked for more than 144 seconds. [ 327.384887][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 327.414490][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 327.460130][ T30] task:kworker/u8:5 state:D stack:22960 pid:1100 tgid:1100 ppid:2 flags:0x00004000 [ 327.510735][ T30] Workqueue: events_unbound linkwatch_event [ 327.547752][ T30] Call Trace: [ 327.551120][ T30] [ 327.554094][ T30] __schedule+0x1895/0x4b30 [ 327.583618][ T30] ? __pfx___schedule+0x10/0x10 [ 327.599816][ T30] ? __pfx_lock_release+0x10/0x10 [ 327.612138][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 327.626696][ T30] ? kthread_data+0x52/0xd0 [ 327.631288][ T30] ? schedule+0x90/0x320 [ 327.654982][ T30] ? wq_worker_sleeping+0x66/0x240 [ 327.660199][ T30] ? schedule+0x90/0x320 [ 327.664500][ T30] schedule+0x14b/0x320 [ 327.694870][ T30] schedule_preempt_disabled+0x13/0x30 [ 327.700427][ T30] __mutex_lock+0x6a7/0xd70 [ 327.720841][ T30] ? __mutex_lock+0x52a/0xd70 [ 327.730566][ T30] ? linkwatch_event+0xe/0x60 [ 327.740841][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 327.755049][ T30] ? process_scheduled_works+0x976/0x1850 [ 327.761042][ T30] linkwatch_event+0xe/0x60 [ 327.781985][ T30] process_scheduled_works+0xa63/0x1850 [ 327.805170][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 327.811259][ T30] ? assign_work+0x364/0x3d0 [ 327.830673][ T30] worker_thread+0x870/0xd30 [ 327.842345][ T30] ? __kthread_parkme+0x169/0x1d0 [ 327.855009][ T30] ? __pfx_worker_thread+0x10/0x10 [ 327.860211][ T30] kthread+0x2f0/0x390 [ 327.864320][ T30] ? __pfx_worker_thread+0x10/0x10 [ 327.893203][ T30] ? __pfx_kthread+0x10/0x10 [ 327.903192][ T30] ret_from_fork+0x4b/0x80 [ 327.919173][ T30] ? __pfx_kthread+0x10/0x10 [ 327.934610][ T30] ret_from_fork_asm+0x1a/0x30 [ 327.939663][ T30] [ 327.953376][ T30] INFO: task jbd2/sda1-8:4649 blocked for more than 144 seconds. [ 327.966886][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 327.974578][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 328.013179][ T30] task:jbd2/sda1-8 state:D stack:24912 pid:4649 tgid:4649 ppid:2 flags:0x00004000 [ 328.032597][ T30] Call Trace: [ 328.037896][ T30] [ 328.040920][ T30] __schedule+0x1895/0x4b30 [ 328.049642][ T30] ? __pfx___schedule+0x10/0x10 [ 328.054573][ T30] ? __pfx_lock_release+0x10/0x10 [ 328.062772][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.072767][ T30] ? schedule+0x90/0x320 [ 328.078942][ T30] schedule+0x14b/0x320 [ 328.083166][ T30] io_schedule+0x8d/0x110 [ 328.091564][ T30] bit_wait_io+0x12/0xd0 [ 328.097528][ T30] __wait_on_bit+0xb0/0x2f0 [ 328.102090][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 328.111571][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 328.119933][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 328.129167][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 328.137229][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 328.142770][ T30] jbd2_journal_commit_transaction+0x3df6/0x67e0 [ 328.153271][ T30] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 328.161728][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 328.170890][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 328.179805][ T30] ? __try_to_del_timer_sync+0x2ad/0x340 [ 328.189607][ T30] ? __timer_delete_sync+0x15c/0x310 [ 328.196581][ T30] ? __timer_delete_sync+0x25d/0x310 [ 328.201929][ T30] ? __pfx___timer_delete_sync+0x10/0x10 [ 328.212303][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 328.219884][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 328.230228][ T30] ? prepare_to_wait+0x186/0x210 [ 328.237974][ T30] ? finish_wait+0xd4/0x1e0 [ 328.242550][ T30] kjournald2+0x41c/0x7b0 [ 328.252490][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 328.260503][ T30] ? __pfx_kjournald2+0x10/0x10 [ 328.269516][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 328.277323][ T30] ? __kthread_parkme+0x169/0x1d0 [ 328.282425][ T30] ? __pfx_kjournald2+0x10/0x10 [ 328.291445][ T30] kthread+0x2f0/0x390 [ 328.297080][ T30] ? __pfx_kjournald2+0x10/0x10 [ 328.301989][ T30] ? __pfx_kthread+0x10/0x10 [ 328.313128][ T30] ret_from_fork+0x4b/0x80 [ 328.319367][ T30] ? __pfx_kthread+0x10/0x10 [ 328.324011][ T30] ret_from_fork_asm+0x1a/0x30 [ 328.332914][ T30] [ 328.337973][ T30] INFO: task syz.2.528:7287 blocked for more than 145 seconds. [ 328.349413][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 328.359241][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 328.373970][ T30] task:syz.2.528 state:D stack:21664 pid:7287 tgid:7287 ppid:5734 flags:0x20004004 [ 328.385812][ T30] Call Trace: [ 328.389133][ T30] [ 328.392099][ T30] __schedule+0x1895/0x4b30 [ 328.401127][ T30] ? __pfx___schedule+0x10/0x10 [ 328.407586][ T30] ? __pfx_lock_release+0x10/0x10 [ 328.413244][ T30] ? schedule+0x90/0x320 [ 328.421794][ T30] schedule+0x14b/0x320 [ 328.427535][ T30] schedule_timeout+0xb0/0x310 [ 328.432663][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 328.444570][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.452424][ T30] ? wait_for_completion+0x2fe/0x620 [ 328.461689][ T30] ? wait_for_completion+0x2fe/0x620 [ 328.468881][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 328.474411][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 328.484695][ T30] ? wait_for_completion+0x2fe/0x620 [ 328.491564][ T30] wait_for_completion+0x355/0x620 [ 328.501945][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 328.509564][ T30] ? __flush_work+0xe7/0xc50 [ 328.514779][ T30] __flush_work+0xa37/0xc50 [ 328.523381][ T30] ? __flush_work+0xe7/0xc50 [ 328.529661][ T30] ? __pfx___flush_work+0x10/0x10 [ 328.534743][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 328.544399][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 328.552418][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 328.562844][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 328.569681][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 328.580393][ T30] ? __pfx_lock_release+0x10/0x10 [ 328.587058][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 328.593891][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.604005][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 328.611962][ T30] ? __queue_work+0x199/0xf50 [ 328.623325][ T30] ? queue_delayed_work_on+0x1eb/0x390 [ 328.630411][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 328.640812][ T30] unregister_netdevice_queue+0x303/0x370 [ 328.648513][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 328.658744][ T30] __tun_detach+0x6b9/0x1600 [ 328.663418][ T30] tun_chr_close+0x105/0x1b0 [ 328.669716][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 328.678910][ T30] __fput+0x23f/0x880 [ 328.682987][ T30] task_work_run+0x24f/0x310 [ 328.691153][ T30] ? __pfx_task_work_run+0x10/0x10 [ 328.700350][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 328.707789][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 328.713503][ T30] __do_fast_syscall_32+0xc4/0x110 [ 328.724906][ T30] ? exc_page_fault+0x590/0x8c0 [ 328.729849][ T30] do_fast_syscall_32+0x34/0x80 [ 328.734748][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 328.746371][ T30] RIP: 0023:0xf73cd579 [ 328.750495][ T30] RSP: 002b:00000000f751fb1c EFLAGS: 00000206 ORIG_RAX: 00000000000001b4 [ 328.765506][ T30] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e [ 328.773541][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 328.786823][ T30] RBP: 000000000000008e R08: 0000000000000000 R09: 0000000000000000 [ 328.798245][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 328.810517][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 328.821936][ T30] [ 328.827773][ T30] INFO: task syz.4.534:7302 blocked for more than 145 seconds. [ 328.838150][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 328.848731][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 328.860662][ T30] task:syz.4.534 state:D stack:25696 pid:7302 tgid:7301 ppid:6403 flags:0x20000004 [ 328.875752][ T30] Call Trace: [ 328.879083][ T30] [ 328.882051][ T30] __schedule+0x1895/0x4b30 [ 328.894508][ T30] ? __pfx___schedule+0x10/0x10 [ 328.899791][ T30] ? __pfx_lock_release+0x10/0x10 [ 328.910511][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 328.916446][ T30] ? schedule+0x90/0x320 [ 328.920758][ T30] schedule+0x14b/0x320 [ 328.934113][ T30] schedule_preempt_disabled+0x13/0x30 [ 328.940157][ T30] __mutex_lock+0x6a7/0xd70 [ 328.944726][ T30] ? __mutex_lock+0x52a/0xd70 [ 328.955273][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 328.960297][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 328.970656][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 328.977462][ T30] ? __nla_parse+0x40/0x60 [ 328.981944][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 328.991976][ T30] genl_rcv_msg+0xaaa/0xec0 [ 328.998659][ T30] ? mark_lock+0x9a/0x360 [ 329.003059][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 329.013378][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 329.019729][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 329.030766][ T30] ? __pfx_nl80211_register_mgmt+0x10/0x10 [ 329.037316][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 329.042847][ T30] ? __pfx___might_resched+0x10/0x10 [ 329.053396][ T30] netlink_rcv_skb+0x1e3/0x430 [ 329.061537][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 329.071936][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 329.077701][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 329.083225][ T30] genl_rcv+0x28/0x40 [ 329.092480][ T30] netlink_unicast+0x7f6/0x990 [ 329.097739][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 329.103089][ T30] ? __virt_addr_valid+0x183/0x530 [ 329.113494][ T30] ? __check_object_size+0x48e/0x900 [ 329.119629][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 329.124464][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.134836][ T30] ? __pfx_lock_release+0x10/0x10 [ 329.139943][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 329.149694][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.155507][ T30] __sock_sendmsg+0x221/0x270 [ 329.160254][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 329.170436][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 329.176128][ T30] __sys_sendmsg+0x292/0x380 [ 329.180955][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 329.192724][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 329.202528][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 329.212900][ T30] __do_fast_syscall_32+0xb4/0x110 [ 329.218443][ T30] ? exc_page_fault+0x590/0x8c0 [ 329.223367][ T30] do_fast_syscall_32+0x34/0x80 [ 329.233994][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 329.242620][ T30] RIP: 0023:0xf7f9f579 [ 329.249098][ T30] RSP: 002b:00000000f572656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 329.261026][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000340 [ 329.270794][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 329.282907][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 329.292546][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 329.307116][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 329.319026][ T30] [ 329.322188][ T30] INFO: task syz.3.537:7309 blocked for more than 146 seconds. [ 329.331484][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 329.343585][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 329.356124][ T30] task:syz.3.537 state:D stack:26432 pid:7309 tgid:7308 ppid:5561 flags:0x20000004 [ 329.371940][ T30] Call Trace: [ 329.375676][ T30] [ 329.378659][ T30] __schedule+0x1895/0x4b30 [ 329.383235][ T30] ? __pfx___schedule+0x10/0x10 [ 329.393628][ T30] ? __pfx_lock_release+0x10/0x10 [ 329.399081][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 329.404610][ T30] ? schedule+0x90/0x320 [ 329.414119][ T30] schedule+0x14b/0x320 [ 329.421052][ T30] schedule_preempt_disabled+0x13/0x30 [ 329.431706][ T30] __mutex_lock+0x6a7/0xd70 [ 329.440023][ T30] ? __mutex_lock+0x52a/0xd70 [ 329.450058][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 329.456564][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 329.461659][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 329.471885][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 329.478773][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 329.484304][ T30] ? ref_tracker_free+0x643/0x7e0 [ 329.490834][ T30] netlink_rcv_skb+0x1e3/0x430 [ 329.500043][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 329.505883][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 329.511253][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 329.524447][ T30] netlink_unicast+0x7f6/0x990 [ 329.530051][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 329.542987][ T30] ? __virt_addr_valid+0x183/0x530 [ 329.548584][ T30] ? __check_object_size+0x48e/0x900 [ 329.553936][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 329.564437][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.570655][ T30] ? __pfx_lock_release+0x10/0x10 [ 329.580699][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 329.586070][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.591424][ T30] __sock_sendmsg+0x221/0x270 [ 329.601864][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 329.608475][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 329.613846][ T30] __sys_sendmmsg+0x4a8/0x730 [ 329.623880][ T30] ? __pfx___sys_sendmmsg+0x10/0x10 [ 329.629618][ T30] ? futex_unqueue+0xcb/0xf0 [ 329.634276][ T30] ? __futex_wait+0x287/0x320 [ 329.644910][ T30] ? __pfx___futex_wait+0x10/0x10 [ 329.650014][ T30] ? get_futex_key+0xaeb/0x1050 [ 329.659071][ T30] ? __pfx_futex_wake_mark+0x10/0x10 [ 329.664909][ T30] ? __lock_acquire+0x1384/0x2050 [ 329.670016][ T30] ? __pfx_futex_wait+0x10/0x10 [ 329.683883][ T30] ? __pfx_do_futex+0x10/0x10 [ 329.689079][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 329.700253][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 329.706969][ T30] __ia32_compat_sys_sendmmsg+0xa2/0xc0 [ 329.712570][ T30] __do_fast_syscall_32+0xb4/0x110 [ 329.723048][ T30] ? exc_page_fault+0x590/0x8c0 [ 329.729876][ T30] do_fast_syscall_32+0x34/0x80 [ 329.735088][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 329.742056][ T30] RIP: 0023:0xf7f90579 [ 329.751313][ T30] RSP: 002b:00000000f571656c EFLAGS: 00000206 ORIG_RAX: 0000000000000159 [ 329.764468][ T30] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 329.777982][ T30] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000 [ 329.789405][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 329.801274][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 329.810827][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 329.822813][ T30] [ 329.827501][ T30] INFO: task syz.0.540:7316 blocked for more than 146 seconds. [ 329.840551][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 329.850282][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 329.862850][ T30] task:syz.0.540 state:D stack:25696 pid:7316 tgid:7314 ppid:6880 flags:0x20000004 [ 329.875012][ T30] Call Trace: [ 329.878336][ T30] [ 329.881302][ T30] __schedule+0x1895/0x4b30 [ 329.891219][ T30] ? __pfx___schedule+0x10/0x10 [ 329.896751][ T30] ? __pfx_lock_release+0x10/0x10 [ 329.902110][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 329.914284][ T30] ? schedule+0x90/0x320 [ 329.922329][ T30] schedule+0x14b/0x320 [ 329.931885][ T30] schedule_preempt_disabled+0x13/0x30 [ 329.937730][ T30] __mutex_lock+0x6a7/0xd70 [ 329.942286][ T30] ? __mutex_lock+0x52a/0xd70 [ 329.952728][ T30] ? wg_set_device+0x102/0x2160 [ 329.957988][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 329.963066][ T30] ? dev_get_by_index+0x23/0x2d0 [ 329.974646][ T30] ? dev_get_by_index+0x29c/0x2d0 [ 329.980455][ T30] ? lookup_interface+0x292/0x2d0 [ 329.990663][ T30] wg_set_device+0x102/0x2160 [ 329.995811][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 330.001593][ T30] ? __pfx_wg_set_device+0x10/0x10 [ 330.012462][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 330.019083][ T30] ? __nla_parse+0x40/0x60 [ 330.023556][ T30] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 330.034958][ T30] genl_rcv_msg+0xb14/0xec0 [ 330.039527][ T30] ? mark_lock+0x9a/0x360 [ 330.043903][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.055094][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 330.060201][ T30] ? __pfx_wg_set_device+0x10/0x10 [ 330.069385][ T30] ? __pfx___might_resched+0x10/0x10 [ 330.077241][ T30] netlink_rcv_skb+0x1e3/0x430 [ 330.082389][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.093281][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 330.101872][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 330.111363][ T30] genl_rcv+0x28/0x40 [ 330.117350][ T30] netlink_unicast+0x7f6/0x990 [ 330.122189][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 330.131640][ T30] ? __virt_addr_valid+0x183/0x530 [ 330.138349][ T30] ? __check_object_size+0x48e/0x900 [ 330.143740][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 330.152936][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.163316][ T30] ? __pfx_lock_release+0x10/0x10 [ 330.170335][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 330.179170][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.184695][ T30] __sock_sendmsg+0x221/0x270 [ 330.191145][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 330.199934][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.206803][ T30] __sys_sendmsg+0x292/0x380 [ 330.211449][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.221855][ T30] ? fput+0x1a8/0x230 [ 330.228004][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 330.234680][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 330.243964][ T30] __do_fast_syscall_32+0xb4/0x110 [ 330.250737][ T30] ? exc_page_fault+0x590/0x8c0 [ 330.260092][ T30] do_fast_syscall_32+0x34/0x80 [ 330.266556][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 330.272937][ T30] RIP: 0023:0xf73cd579 [ 330.283189][ T30] RSP: 002b:00000000f56b656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 330.293790][ T30] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000340 [ 330.305768][ T30] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 330.313802][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 330.326355][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 330.334388][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 330.350478][ T30] [ 330.353746][ T30] INFO: task syz.1.543:7322 blocked for more than 147 seconds. [ 330.362481][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 330.375658][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 330.384383][ T30] task:syz.1.543 state:D stack:25520 pid:7322 tgid:7321 ppid:5583 flags:0x20000004 [ 330.400621][ T30] Call Trace: [ 330.403958][ T30] [ 330.408720][ T30] __schedule+0x1895/0x4b30 [ 330.413310][ T30] ? __pfx___schedule+0x10/0x10 [ 330.422403][ T30] ? __pfx_lock_release+0x10/0x10 [ 330.429025][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 330.434587][ T30] ? schedule+0x90/0x320 [ 330.442885][ T30] schedule+0x14b/0x320 [ 330.448919][ T30] schedule_preempt_disabled+0x13/0x30 [ 330.454443][ T30] __mutex_lock+0x6a7/0xd70 [ 330.464848][ T30] ? __mutex_lock+0x52a/0xd70 [ 330.469590][ T30] ? genl_rcv_msg+0x121/0xec0 [ 330.474315][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 330.484699][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 330.490637][ T30] ? __local_bh_enable_ip+0x168/0x200 [ 330.501137][ T30] ? dev_hard_start_xmit+0x773/0x7e0 [ 330.506784][ T30] ? radix_tree_lookup+0x238/0x290 [ 330.511954][ T30] genl_rcv_msg+0x121/0xec0 [ 330.523025][ T30] ? mark_lock+0x9a/0x360 [ 330.527733][ T30] ? __lock_acquire+0x1384/0x2050 [ 330.532813][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.543097][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 330.548493][ T30] ? __pfx___might_resched+0x10/0x10 [ 330.553847][ T30] netlink_rcv_skb+0x1e3/0x430 [ 330.560922][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.571682][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 330.577408][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 330.582938][ T30] genl_rcv+0x28/0x40 [ 330.593978][ T30] netlink_unicast+0x7f6/0x990 [ 330.599150][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 330.604575][ T30] ? __virt_addr_valid+0x183/0x530 [ 330.615022][ T30] ? __check_object_size+0x48e/0x900 [ 330.620375][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 330.630449][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.636232][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 330.641230][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.653069][ T30] __sock_sendmsg+0x221/0x270 [ 330.658293][ T30] __sys_sendto+0x39b/0x4f0 [ 330.663936][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 330.674188][ T30] ? __might_fault+0xaa/0x120 [ 330.681782][ T30] ? fd_install+0x35c/0x5d0 [ 330.691857][ T30] ? __might_fault+0xc6/0x120 [ 330.696947][ T30] __se_compat_sys_socketcall+0xb18/0x1430 [ 330.702814][ T30] ? __pfx___se_compat_sys_socketcall+0x10/0x10 [ 330.716921][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 330.723585][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 330.734302][ T30] __do_fast_syscall_32+0xb4/0x110 [ 330.739877][ T30] ? exc_page_fault+0x590/0x8c0 [ 330.749931][ T30] do_fast_syscall_32+0x34/0x80 [ 330.755237][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 330.761628][ T30] RIP: 0023:0xf7f67579 [ 330.773653][ T30] RSP: 002b:00000000f56e5440 EFLAGS: 00000206 ORIG_RAX: 0000000000000066 [ 330.782506][ T30] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f56e5454 [ 330.795095][ T30] RDX: 0000000000000000 RSI: 00000000f56e5570 RDI: 00000000f73ebff4 [ 330.803123][ T30] RBP: 00000000f56e5570 R08: 0000000000000000 R09: 0000000000000000 [ 330.820334][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 330.832832][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 330.843879][ T30] [ 330.849792][ T30] INFO: task syz.1.543:7323 blocked for more than 147 seconds. [ 330.860134][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 330.871128][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 330.884319][ T30] task:syz.1.543 state:D stack:26336 pid:7323 tgid:7321 ppid:5583 flags:0x20000004 [ 330.897858][ T30] Call Trace: [ 330.901185][ T30] [ 330.904153][ T30] __schedule+0x1895/0x4b30 [ 330.912435][ T30] ? __pfx___schedule+0x10/0x10 [ 330.920176][ T30] ? __pfx_lock_release+0x10/0x10 [ 330.928019][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 330.933570][ T30] ? schedule+0x90/0x320 [ 330.940663][ T30] schedule+0x14b/0x320 [ 330.948859][ T30] schedule_preempt_disabled+0x13/0x30 [ 330.954384][ T30] __mutex_lock+0x6a7/0xd70 [ 330.963828][ T30] ? __mutex_lock+0x52a/0xd70 [ 330.971866][ T30] ? genl_rcv_msg+0x121/0xec0 [ 330.979267][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 330.984348][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 330.992567][ T30] ? __local_bh_enable_ip+0x168/0x200 [ 331.000270][ T30] ? dev_hard_start_xmit+0x773/0x7e0 [ 331.010391][ T30] ? radix_tree_lookup+0x238/0x290 [ 331.019807][ T30] genl_rcv_msg+0x121/0xec0 [ 331.024373][ T30] ? mark_lock+0x9a/0x360 [ 331.032981][ T30] ? __lock_acquire+0x1384/0x2050 [ 331.039549][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.044655][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 331.053826][ T30] ? __pfx___might_resched+0x10/0x10 [ 331.059575][ T30] netlink_rcv_skb+0x1e3/0x430 [ 331.064521][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.076818][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 331.082208][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 331.091031][ T30] genl_rcv+0x28/0x40 [ 331.098151][ T30] netlink_unicast+0x7f6/0x990 [ 331.102988][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 331.111295][ T30] ? __virt_addr_valid+0x183/0x530 [ 331.119580][ T30] ? __check_object_size+0x48e/0x900 [ 331.130193][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 331.137710][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.143047][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 331.150921][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.158939][ T30] __sock_sendmsg+0x221/0x270 [ 331.163676][ T30] __sys_sendto+0x39b/0x4f0 [ 331.171056][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 331.179263][ T30] ? __might_fault+0xaa/0x120 [ 331.184161][ T30] ? fd_install+0x35c/0x5d0 [ 331.193658][ T30] ? __might_fault+0xc6/0x120 [ 331.201388][ T30] __se_compat_sys_socketcall+0xb18/0x1430 [ 331.210008][ T30] ? __pfx___se_compat_sys_socketcall+0x10/0x10 [ 331.219042][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 331.228393][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 331.233660][ T30] __do_fast_syscall_32+0xb4/0x110 [ 331.244019][ T30] ? exc_page_fault+0x590/0x8c0 [ 331.251730][ T30] do_fast_syscall_32+0x34/0x80 [ 331.260553][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 331.269655][ T30] RIP: 0023:0xf7f67579 [ 331.273766][ T30] RSP: 002b:00000000f56c4440 EFLAGS: 00000206 ORIG_RAX: 0000000000000066 [ 331.285669][ T30] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f56c4454 [ 331.293711][ T30] RDX: 0000000000000000 RSI: 00000000f56c4570 RDI: 00000000f73ebff4 [ 331.306121][ T30] RBP: 00000000f56c4570 R08: 0000000000000000 R09: 0000000000000000 [ 331.314145][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 331.328974][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 331.337353][ T30] [ 331.340490][ T30] INFO: task syz-executor:7331 blocked for more than 148 seconds. [ 331.353944][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 331.362056][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 331.377973][ T30] task:syz-executor state:D stack:26816 pid:7331 tgid:7331 ppid:1 flags:0x20004004 [ 331.390275][ T30] Call Trace: [ 331.393596][ T30] [ 331.400570][ T30] __schedule+0x1895/0x4b30 [ 331.406665][ T30] ? __pfx___schedule+0x10/0x10 [ 331.412031][ T30] ? __pfx_lock_release+0x10/0x10 [ 331.421154][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 331.429556][ T30] ? schedule+0x90/0x320 [ 331.433855][ T30] schedule+0x14b/0x320 [ 331.442311][ T30] schedule_preempt_disabled+0x13/0x30 [ 331.449742][ T30] __mutex_lock+0x6a7/0xd70 [ 331.454295][ T30] ? __mutex_lock+0x52a/0xd70 [ 331.463432][ T30] ? register_nexthop_notifier+0x84/0x290 [ 331.470759][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 331.479728][ T30] ? __asan_memset+0x23/0x50 [ 331.485044][ T30] register_nexthop_notifier+0x84/0x290 [ 331.490646][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 331.503633][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 331.510333][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 331.521809][ T30] ? __asan_memset+0x23/0x50 [ 331.526743][ T30] ops_init+0x31e/0x590 [ 331.530958][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 331.541623][ T30] setup_net+0x287/0x9e0 [ 331.546238][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 331.551840][ T30] ? __pfx_setup_net+0x10/0x10 [ 331.563298][ T30] copy_net_ns+0x33f/0x570 [ 331.568318][ T30] create_new_namespaces+0x425/0x7b0 [ 331.573915][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 331.584980][ T30] ksys_unshare+0x619/0xc10 [ 331.589559][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 331.594620][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 331.606746][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 331.613405][ T30] __ia32_sys_unshare+0x37/0x40 [ 331.623608][ T30] __do_fast_syscall_32+0xb4/0x110 [ 331.631489][ T30] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 331.640370][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 331.648376][ T30] do_fast_syscall_32+0x34/0x80 [ 331.653281][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 331.662513][ T30] RIP: 0023:0xf7f50579 [ 331.669460][ T30] RSP: 002b:00000000f753ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 331.682731][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 331.693970][ T30] RDX: 00000000f73dbff4 RSI: 00000000f72b224b RDI: 0000000030000000 [ 331.704768][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 331.712884][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 331.726679][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 331.734725][ T30] [ 331.742069][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 331.753940][ T30] INFO: task syz-executor:7335 blocked for more than 148 seconds. [ 331.768418][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 331.777773][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 331.790197][ T30] task:syz-executor state:D stack:26672 pid:7335 tgid:7335 ppid:1 flags:0x20004006 [ 331.804463][ T30] Call Trace: [ 331.810570][ T30] [ 331.813556][ T30] __schedule+0x1895/0x4b30 [ 331.821306][ T30] ? __pfx___schedule+0x10/0x10 [ 331.828887][ T30] ? __pfx_lock_release+0x10/0x10 [ 331.833982][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 331.849168][ T30] ? schedule+0x90/0x320 [ 331.853482][ T30] schedule+0x14b/0x320 [ 331.858124][ T30] schedule_preempt_disabled+0x13/0x30 [ 331.863644][ T30] __mutex_lock+0x6a7/0xd70 [ 331.875077][ T30] ? __mutex_lock+0x52a/0xd70 [ 331.879812][ T30] ? register_nexthop_notifier+0x84/0x290 [ 331.890912][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 331.897305][ T30] ? __asan_memset+0x23/0x50 [ 331.901948][ T30] register_nexthop_notifier+0x84/0x290 [ 331.912806][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 331.924956][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 331.931259][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 331.944995][ T30] ? __asan_memset+0x23/0x50 [ 331.949673][ T30] ops_init+0x31e/0x590 [ 331.953884][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 331.964681][ T30] setup_net+0x287/0x9e0 [ 331.969414][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 331.980011][ T30] ? __pfx_setup_net+0x10/0x10 [ 331.986416][ T30] copy_net_ns+0x33f/0x570 [ 331.990903][ T30] create_new_namespaces+0x425/0x7b0 [ 332.003822][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 332.010540][ T30] ksys_unshare+0x619/0xc10 [ 332.020494][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 332.025987][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 332.032055][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 332.045691][ T30] __ia32_sys_unshare+0x37/0x40 [ 332.050615][ T30] __do_fast_syscall_32+0xb4/0x110 [ 332.061221][ T30] ? exc_page_fault+0x590/0x8c0 [ 332.066561][ T30] do_fast_syscall_32+0x34/0x80 [ 332.071463][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.084134][ T30] RIP: 0023:0xf7ff2579 [ 332.088620][ T30] RSP: 002b:00000000f75dff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 332.104197][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 332.112602][ T30] RDX: 00000000f747bff4 RSI: 00000000f735224b RDI: 0000000030000000 [ 332.126874][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 332.137547][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 332.148250][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 332.160607][ T30] [ 332.163671][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 332.175697][ T30] INFO: task syz-executor:7337 blocked for more than 149 seconds. [ 332.183731][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 332.195246][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.208780][ T30] task:syz-executor state:D stack:26496 pid:7337 tgid:7337 ppid:1 flags:0x20004004 [ 332.221940][ T30] Call Trace: [ 332.229584][ T30] [ 332.232567][ T30] __schedule+0x1895/0x4b30 [ 332.239138][ T30] ? __pfx___schedule+0x10/0x10 [ 332.244056][ T30] ? __pfx_lock_release+0x10/0x10 [ 332.253181][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 332.260201][ T30] ? schedule+0x90/0x320 [ 332.264500][ T30] schedule+0x14b/0x320 [ 332.272774][ T30] schedule_preempt_disabled+0x13/0x30 [ 332.279775][ T30] __mutex_lock+0x6a7/0xd70 [ 332.284333][ T30] ? __mutex_lock+0x52a/0xd70 [ 332.294881][ T30] ? register_nexthop_notifier+0x84/0x290 [ 332.300660][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 332.310880][ T30] ? __asan_memset+0x23/0x50 [ 332.315886][ T30] register_nexthop_notifier+0x84/0x290 [ 332.321484][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 332.332926][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 332.340018][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 332.353328][ T30] ? __asan_memset+0x23/0x50 [ 332.358293][ T30] ops_init+0x31e/0x590 [ 332.362510][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 332.373195][ T30] setup_net+0x287/0x9e0 [ 332.377908][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 332.383509][ T30] ? __pfx_setup_net+0x10/0x10 [ 332.393563][ T30] copy_net_ns+0x33f/0x570 [ 332.398469][ T30] create_new_namespaces+0x425/0x7b0 [ 332.404390][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 332.414830][ T30] ksys_unshare+0x619/0xc10 [ 332.419408][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 332.424473][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 332.435587][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 332.442256][ T30] __ia32_sys_unshare+0x37/0x40 [ 332.451914][ T30] __do_fast_syscall_32+0xb4/0x110 [ 332.458661][ T30] ? exc_page_fault+0x590/0x8c0 [ 332.463586][ T30] do_fast_syscall_32+0x34/0x80 [ 332.473804][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.481826][ T30] RIP: 0023:0xf748d579 [ 332.491274][ T30] RSP: 002b:00000000f75dff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 332.501275][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 332.513729][ T30] RDX: 00000000f747bff4 RSI: 00000000f735224b RDI: 0000000030000000 [ 332.528267][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 332.538494][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 332.549343][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 332.560837][ T30] [ 332.563923][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 332.578591][ T30] INFO: task syz-executor:7340 blocked for more than 149 seconds. [ 332.589347][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 332.600970][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.611819][ T30] task:syz-executor state:D stack:26656 pid:7340 tgid:7340 ppid:1 flags:0x20004006 [ 332.626177][ T30] Call Trace: [ 332.629512][ T30] [ 332.632481][ T30] __schedule+0x1895/0x4b30 [ 332.644713][ T30] ? __pfx___schedule+0x10/0x10 [ 332.650010][ T30] ? __pfx_lock_release+0x10/0x10 [ 332.660375][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 332.666784][ T30] ? schedule+0x90/0x320 [ 332.671177][ T30] schedule+0x14b/0x320 [ 332.680686][ T30] schedule_preempt_disabled+0x13/0x30 [ 332.686550][ T30] __mutex_lock+0x6a7/0xd70 [ 332.691197][ T30] ? __mutex_lock+0x52a/0xd70 [ 332.701277][ T30] ? register_nexthop_notifier+0x84/0x290 [ 332.708846][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 332.714492][ T30] ? __asan_memset+0x23/0x50 [ 332.728585][ T30] register_nexthop_notifier+0x84/0x290 [ 332.734220][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 332.740967][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 332.752446][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 332.759038][ T30] ? __asan_memset+0x23/0x50 [ 332.763684][ T30] ops_init+0x31e/0x590 [ 332.774427][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 332.780673][ T30] setup_net+0x287/0x9e0 [ 332.790110][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 332.797142][ T30] ? __pfx_setup_net+0x10/0x10 [ 332.801978][ T30] copy_net_ns+0x33f/0x570 [ 332.811610][ T30] create_new_namespaces+0x425/0x7b0 [ 332.817782][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 332.823565][ T30] ksys_unshare+0x619/0xc10 [ 332.834565][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 332.839957][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 332.851558][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 332.858509][ T30] __ia32_sys_unshare+0x37/0x40 [ 332.863500][ T30] __do_fast_syscall_32+0xb4/0x110 [ 332.873642][ T30] ? exc_page_fault+0x590/0x8c0 [ 332.883041][ T30] do_fast_syscall_32+0x34/0x80 [ 332.894748][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.901198][ T30] RIP: 0023:0xf747d579 [ 332.910387][ T30] RSP: 002b:00000000f75cff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 332.919711][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 332.933128][ T30] RDX: 00000000f746bff4 RSI: 00000000f734224b RDI: 0000000030000000 [ 332.941864][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 332.957072][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 332.970397][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 332.978954][ T30] [ 332.982013][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 332.994894][ T30] INFO: task syz-executor:7341 blocked for more than 150 seconds. [ 333.002748][ T30] Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 333.017599][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.030900][ T30] task:syz-executor state:D stack:25456 pid:7341 tgid:7341 ppid:1 flags:0x20004004 [ 333.048801][ T30] Call Trace: [ 333.052129][ T30] [ 333.055441][ T30] __schedule+0x1895/0x4b30 [ 333.060028][ T30] ? __pfx___schedule+0x10/0x10 [ 333.072547][ T30] ? __pfx_lock_release+0x10/0x10 [ 333.077947][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 333.083470][ T30] ? schedule+0x90/0x320 [ 333.092899][ T30] schedule+0x14b/0x320 [ 333.097449][ T30] schedule_preempt_disabled+0x13/0x30 [ 333.102966][ T30] __mutex_lock+0x6a7/0xd70 [ 333.112727][ T30] ? __mutex_lock+0x52a/0xd70 [ 333.118571][ T30] ? register_nexthop_notifier+0x84/0x290 [ 333.125185][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 333.130295][ T30] ? __asan_memset+0x23/0x50 [ 333.141598][ T30] register_nexthop_notifier+0x84/0x290 [ 333.148471][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 333.154346][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 333.164881][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 333.171103][ T30] ? __asan_memset+0x23/0x50 [ 333.181042][ T30] ops_init+0x31e/0x590 [ 333.185605][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 333.191041][ T30] setup_net+0x287/0x9e0 [ 333.201812][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 333.207738][ T30] ? __pfx_setup_net+0x10/0x10 [ 333.212586][ T30] copy_net_ns+0x33f/0x570 [ 333.222291][ T30] create_new_namespaces+0x425/0x7b0 [ 333.229031][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 333.239771][ T30] ksys_unshare+0x619/0xc10 [ 333.244423][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 333.250012][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 333.261431][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 333.269888][ T30] __ia32_sys_unshare+0x37/0x40 [ 333.275070][ T30] __do_fast_syscall_32+0xb4/0x110 [ 333.280239][ T30] ? exc_page_fault+0x590/0x8c0 [ 333.291122][ T30] do_fast_syscall_32+0x34/0x80 [ 333.296395][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 333.302776][ T30] RIP: 0023:0xf7fe6579 [ 333.312051][ T30] RSP: 002b:00000000f75cff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 333.320822][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 333.335302][ T30] RDX: 00000000f746bff4 RSI: 00000000f734224b RDI: 0000000030000000 [ 333.343327][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 333.356451][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 333.364558][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 333.377609][ T30] [ 333.380673][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 333.394161][ T30] [ 333.394161][ T30] Showing all locks held in the system: [ 333.404981][ T30] 7 locks held by kworker/1:0/25: [ 333.410048][ T30] 1 lock held by khungtaskd/30: [ 333.420133][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 333.430912][ T30] 4 locks held by kworker/u8:2/35: [ 333.441281][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 333.454392][ T30] #1: ffffc90000ab7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 333.470535][ T30] #2: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 333.480331][ T30] #3: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: mpls_net_exit+0x7d/0x2a0 [ 333.494448][ T30] 3 locks held by kworker/u8:5/1100: [ 333.500059][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 333.518540][ T30] #1: ffffc90003e07d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 333.532694][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 333.544606][ T30] 3 locks held by kworker/u8:9/2941: [ 333.553016][ T30] #0: ffff88802e151948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 333.572017][ T30] #1: ffffc90009b07d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 333.590904][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 333.600954][ T30] 2 locks held by getty/4991: [ 333.610883][ T30] #0: ffff8880326aa0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 333.621036][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 333.638762][ T30] 3 locks held by kworker/0:5/5338: [ 333.644019][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 333.662472][ T30] #1: ffffc90004287d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 333.674108][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 333.691714][ T30] 2 locks held by syz.2.528/7287: [ 333.697223][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 333.711292][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 333.723143][ T30] 2 locks held by syz.4.534/7302: [ 333.733305][ T30] #0: ffffffff8fd374b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 333.749622][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 333.760343][ T30] 1 lock held by syz.3.537/7309: [ 333.770444][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 333.780408][ T30] 3 locks held by syz.0.540/7316: [ 333.790494][ T30] #0: ffffffff8fd374b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 333.800827][ T30] #1: ffffffff8fd37368 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 333.814998][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: wg_set_device+0x102/0x2160 [ 333.824238][ T30] 2 locks held by syz.1.543/7322: [ 333.834726][ T30] #0: ffffffff8fd374b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 333.845215][ T30] #1: ffffffff8fd37368 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 333.854280][ T30] 2 locks held by syz.1.543/7323: [ 333.866159][ T30] #0: ffffffff8fd374b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 333.874455][ T30] #1: ffffffff8fd37368 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 333.886634][ T30] 2 locks held by syz-executor/7331: [ 333.891961][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 333.904340][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 333.919491][ T30] 2 locks held by syz-executor/7335: [ 333.931838][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 333.944559][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 333.959826][ T30] 2 locks held by syz-executor/7337: [ 333.967783][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 333.982280][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 333.993633][ T30] 2 locks held by syz-executor/7340: [ 334.004085][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.013946][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.031069][ T30] 2 locks held by syz-executor/7341: [ 334.037242][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.052616][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.063437][ T30] 2 locks held by syz-executor/7357: [ 334.073810][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.087088][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.102474][ T30] 2 locks held by syz-executor/7359: [ 334.108220][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.122838][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.133299][ T30] 2 locks held by syz-executor/7362: [ 334.143705][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.160775][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.172052][ T30] 2 locks held by syz-executor/7366: [ 334.182851][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.192745][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.208138][ T30] 2 locks held by syz-executor/7368: [ 334.213482][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.226426][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.244709][ T30] 2 locks held by syz-executor/7377: [ 334.252280][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.267817][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.282281][ T30] 2 locks held by syz-executor/7379: [ 334.289239][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.302855][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.321348][ T30] 2 locks held by syz-executor/7381: [ 334.328429][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.343126][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.354293][ T30] 2 locks held by syz-executor/7385: [ 334.364735][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.375683][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.392722][ T30] 2 locks held by syz-executor/7387: [ 334.398488][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 334.413063][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 334.423752][ T30] [ 334.431206][ T30] ============================================= [ 334.431206][ T30] [ 334.440185][ T30] NMI backtrace for cpu 0 [ 334.444562][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 334.455113][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 334.465206][ T30] Call Trace: [ 334.468518][ T30] [ 334.471480][ T30] dump_stack_lvl+0x241/0x360 [ 334.476202][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 334.481434][ T30] ? __pfx__printk+0x10/0x10 [ 334.486079][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 334.491063][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 334.496558][ T30] ? _printk+0xd5/0x120 [ 334.500752][ T30] ? __pfx__printk+0x10/0x10 [ 334.505390][ T30] ? __wake_up_klogd+0xcc/0x110 [ 334.510291][ T30] ? __pfx__printk+0x10/0x10 [ 334.514934][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 334.520004][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 334.526046][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 334.532083][ T30] watchdog+0xff4/0x1040 [ 334.536377][ T30] ? watchdog+0x1ea/0x1040 [ 334.540849][ T30] ? __pfx_watchdog+0x10/0x10 [ 334.545657][ T30] kthread+0x2f0/0x390 [ 334.549780][ T30] ? __pfx_watchdog+0x10/0x10 [ 334.554603][ T30] ? __pfx_kthread+0x10/0x10 [ 334.559238][ T30] ret_from_fork+0x4b/0x80 [ 334.563700][ T30] ? __pfx_kthread+0x10/0x10 [ 334.568353][ T30] ret_from_fork_asm+0x1a/0x30 [ 334.573187][ T30] [ 334.576818][ T30] Sending NMI from CPU 0 to CPUs 1: [ 334.582097][ C1] NMI backtrace for cpu 1 [ 334.582130][ C1] CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 334.582152][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 334.582163][ C1] RIP: 0010:unwind_next_frame+0x15f3/0x22d0 [ 334.582188][ C1] Code: 45 58 00 00 00 00 4d 8d 75 36 4c 89 f0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 d3 0a 00 00 41 c6 06 01 48 8b 44 24 70 0f b6 04 28 <84> c0 0f 85 6a 08 00 00 0f b6 04 2b 84 c0 0f 85 82 08 00 00 48 8b [ 334.582210][ C1] RSP: 0018:ffffc900001e6410 EFLAGS: 00000246 [ 334.582227][ C1] RAX: 0000000000000000 RBX: 1ffffffff2143c06 RCX: 0000000000000000 [ 334.582240][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900001e65a0 [ 334.582253][ C1] RBP: dffffc0000000000 R08: ffffc900001e659f R09: 0000000000000000 [ 334.582266][ C1] R10: ffffc900001e6590 R11: fffff5200003ccb4 R12: ffffc900001e8000 [ 334.582280][ C1] R13: ffffc900001e6540 R14: ffffffff81808e88 R15: ffffc900001e6590 [ 334.582294][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 334.582309][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.582322][ C1] CR2: 00000000f72618e0 CR3: 000000000e734000 CR4: 00000000003526f0 [ 334.582338][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 334.582349][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 334.582361][ C1] Call Trace: [ 334.582368][ C1] [ 334.582375][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 334.582398][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 334.582428][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 334.582449][ C1] ? nmi_handle+0x2a/0x5a0 [ 334.582476][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 334.582501][ C1] ? nmi_handle+0x14f/0x5a0 [ 334.582519][ C1] ? nmi_handle+0x2a/0x5a0 [ 334.582539][ C1] ? unwind_next_frame+0x15f3/0x22d0 [ 334.582556][ C1] ? default_do_nmi+0x63/0x160 [ 334.582579][ C1] ? exc_nmi+0x123/0x1f0 [ 334.582600][ C1] ? end_repeat_nmi+0xf/0x53 [ 334.582617][ C1] ? stack_trace_save+0x118/0x1d0 [ 334.582643][ C1] ? unwind_next_frame+0x15f3/0x22d0 [ 334.582661][ C1] ? unwind_next_frame+0x15f3/0x22d0 [ 334.582680][ C1] ? unwind_next_frame+0x15f3/0x22d0 [ 334.582697][ C1] [ 334.582703][ C1] [ 334.582714][ C1] ? arch_stack_walk+0xe5/0x150 [ 334.582737][ C1] __unwind_start+0x59a/0x740 [ 334.582756][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 334.582779][ C1] arch_stack_walk+0xe5/0x150 [ 334.582800][ C1] ? stack_trace_save+0x118/0x1d0 [ 334.582824][ C1] stack_trace_save+0x118/0x1d0 [ 334.582846][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 334.582867][ C1] ? validate_chain+0x11e/0x5920 [ 334.582893][ C1] kasan_save_track+0x3f/0x80 [ 334.582937][ C1] __kasan_slab_alloc+0x66/0x80 [ 334.582957][ C1] ? dst_alloc+0x12b/0x190 [ 334.582974][ C1] kmem_cache_alloc_noprof+0x135/0x2a0 [ 334.583001][ C1] dst_alloc+0x12b/0x190 [ 334.583020][ C1] ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 334.583054][ C1] ip_route_output_key_hash+0x193/0x2b0 [ 334.583087][ C1] ? ip_route_output_key_hash+0xdf/0x2b0 [ 334.583114][ C1] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 334.583142][ C1] ? __pfx_lock_release+0x10/0x10 [ 334.583174][ C1] ip_route_output_flow+0x29/0x140 [ 334.583200][ C1] ip_route_me_harder+0x80d/0x1300 [ 334.583230][ C1] ? __pfx_ip_route_me_harder+0x10/0x10 [ 334.583255][ C1] ? trace_kmalloc+0x1f/0xd0 [ 334.583277][ C1] ? __kmalloc_node_track_caller_noprof+0x242/0x440 [ 334.583313][ C1] synproxy_send_tcp+0x356/0x6c0 [ 334.583342][ C1] synproxy_send_client_synack+0x8b8/0xf30 [ 334.583374][ C1] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 334.583402][ C1] ? synproxy_pernet+0x45/0x270 [ 334.583430][ C1] nft_synproxy_eval_v4+0x3ca/0x610 [ 334.583459][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 334.583489][ C1] ? nf_ip_checksum+0x13a/0x500 [ 334.583519][ C1] nft_synproxy_do_eval+0x362/0xa60 [ 334.583548][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 334.583579][ C1] ? __pfx_validate_chain+0x10/0x10 [ 334.583604][ C1] nft_do_chain+0x4ad/0x1da0 [ 334.583628][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 334.583665][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 334.583701][ C1] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 334.583722][ C1] nft_do_chain_inet+0x418/0x6b0 [ 334.583749][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 334.583774][ C1] ? ipt_do_table+0x312/0x1860 [ 334.583807][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 334.583832][ C1] nf_hook_slow+0xc3/0x220 [ 334.583855][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 334.583876][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 334.583896][ C1] NF_HOOK+0x29e/0x450 [ 334.583917][ C1] ? NF_HOOK+0x9a/0x450 [ 334.583935][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 334.583956][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 334.583985][ C1] ? ip_rcv_finish+0x406/0x560 [ 334.584006][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 334.584025][ C1] NF_HOOK+0x3a4/0x450 [ 334.584046][ C1] ? NF_HOOK+0x9a/0x450 [ 334.584064][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 334.584087][ C1] ? ip_rcv_core+0x801/0xd10 [ 334.584107][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 334.584130][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 334.584150][ C1] __netif_receive_skb+0x2bf/0x650 [ 334.584173][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 334.584199][ C1] ? __pfx___netif_receive_skb+0x10/0x10 [ 334.584220][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 334.584246][ C1] ? __pfx_lock_release+0x10/0x10 [ 334.584272][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 334.584303][ C1] process_backlog+0x662/0x15b0 [ 334.584326][ C1] ? raise_softirq+0x108/0x1b0 [ 334.584351][ C1] ? process_backlog+0x33b/0x15b0 [ 334.584378][ C1] ? __pfx_process_backlog+0x10/0x10 [ 334.584401][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 334.584447][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 334.584473][ C1] ? invoke_rcu_core+0xbc/0x260 [ 334.584496][ C1] __napi_poll+0xcb/0x490 [ 334.584520][ C1] net_rx_action+0x89b/0x1240 [ 334.584554][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 334.584580][ C1] ? sched_clock+0x4a/0x70 [ 334.584611][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 334.584643][ C1] handle_softirqs+0x2c5/0x980 [ 334.584670][ C1] ? run_ksoftirqd+0xca/0x130 [ 334.584697][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 334.584726][ C1] run_ksoftirqd+0xca/0x130 [ 334.584752][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 334.584783][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 334.584814][ C1] smpboot_thread_fn+0x544/0xa30 [ 334.584842][ C1] ? smpboot_thread_fn+0x4e/0xa30 [ 334.584872][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 334.584900][ C1] kthread+0x2f0/0x390 [ 334.584919][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 334.584947][ C1] ? __pfx_kthread+0x10/0x10 [ 334.584966][ C1] ret_from_fork+0x4b/0x80 [ 334.584993][ C1] ? __pfx_kthread+0x10/0x10 [ 334.585010][ C1] ret_from_fork_asm+0x1a/0x30 [ 334.585043][ C1] [ 335.291476][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 335.298572][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 335.309128][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 335.319828][ T30] Call Trace: [ 335.323138][ T30] [ 335.326102][ T30] dump_stack_lvl+0x241/0x360 [ 335.330820][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.336058][ T30] ? __pfx__printk+0x10/0x10 [ 335.340688][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 335.346722][ T30] ? vscnprintf+0x5d/0x90 [ 335.351092][ T30] panic+0x349/0x880 [ 335.355038][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 335.361236][ T30] ? __pfx_panic+0x10/0x10 [ 335.365703][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 335.371165][ T30] ? __irq_work_queue_local+0x137/0x410 [ 335.376758][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 335.382166][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 335.388356][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 335.394548][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 335.400744][ T30] watchdog+0x1033/0x1040 [ 335.405118][ T30] ? watchdog+0x1ea/0x1040 [ 335.409583][ T30] ? __pfx_watchdog+0x10/0x10 [ 335.414298][ T30] kthread+0x2f0/0x390 [ 335.418395][ T30] ? __pfx_watchdog+0x10/0x10 [ 335.423108][ T30] ? __pfx_kthread+0x10/0x10 [ 335.427732][ T30] ret_from_fork+0x4b/0x80 [ 335.432277][ T30] ? __pfx_kthread+0x10/0x10 [ 335.436909][ T30] ret_from_fork_asm+0x1a/0x30 [ 335.441730][ T30] [ 335.445160][ T30] Kernel Offset: disabled [ 335.449496][ T30] Rebooting in 86400 seconds..