last executing test programs: 1m11.662531079s ago: executing program 3 (id=81): r0 = syz_open_procfs(0x0, &(0x7f0000002340)='net/igmp\x00') read$char_usb(r0, &(0x7f0000000040)=""/4122, 0x101a) preadv(r0, &(0x7f0000002240)=[{&(0x7f0000001180)=""/4096, 0x1000}], 0x1, 0x29d3, 0x6) 1m11.37126403s ago: executing program 3 (id=86): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xc, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 1m11.167329434s ago: executing program 3 (id=88): mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000140)={0x2, 'batadv0\x00', 0x4}, 0x18) 1m10.736252096s ago: executing program 3 (id=91): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="6d9310000000f4dbdf25010000000c0006000000000002000000080001"], 0x28}, 0x1, 0x0, 0x0, 0x20048890}, 0x880) 1m10.357617105s ago: executing program 3 (id=94): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 1m10.166067188s ago: executing program 3 (id=96): io_setup(0x8, &(0x7f00000001c0)=0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0) io_submit(r0, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000300)="87992d800d80", 0x6, 0x4}]) 55.015906456s ago: executing program 32 (id=96): io_setup(0x8, &(0x7f00000001c0)=0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0) io_submit(r0, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000300)="87992d800d80", 0x6, 0x4}]) 40.304378446s ago: executing program 2 (id=394): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffd}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) 40.059925043s ago: executing program 2 (id=397): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x4000006, 0xfffffefc, 0x6}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r0], 0x1c}}, 0x804) 39.919122901s ago: executing program 2 (id=399): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x2c, r1, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) 35.4564024s ago: executing program 2 (id=424): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e24, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, 0x0) 35.455749365s ago: executing program 4 (id=425): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv6_getaddrlabel={0x24, 0x1a, 0x1, 0xfffffffd, 0x3, {0x2, 0x0, 0x20}, [@IFAL_LABEL={0x8, 0x2, 0x7}]}, 0x24}}, 0x0) 35.347223435s ago: executing program 4 (id=426): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r0, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x10000000000001}, 0x60) sendmmsg(r0, &(0x7f0000000700)=[{{&(0x7f00000002c0)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x17}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000340)="45ff4f0e", 0x4}], 0x1}}], 0x1, 0x410) 35.190594952s ago: executing program 1 (id=427): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802, 0x0, 0x1, 0x7}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000005200010f143d0900000000000a"], 0x20}}, 0x0) 35.187012907s ago: executing program 4 (id=428): bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001580)='ns/mnt\x00') ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) 34.985375783s ago: executing program 2 (id=429): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x15, &(0x7f0000000380)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0x7fd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 34.815440666s ago: executing program 4 (id=430): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x7) 34.81361402s ago: executing program 1 (id=431): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01022abd7001000000250f0000002a000e00", @ANYBLOB="8166d4df29a84d371a7f6c1bbd4ced9df546a4bd77be06636545b53bac1fd6fb80b76c61e917"], 0x40}, 0x1, 0x0, 0x0, 0x20000050}, 0x48000) 34.429316645s ago: executing program 4 (id=432): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x5) connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x8, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48) 34.371903281s ago: executing program 1 (id=433): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8863}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x40080) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 34.269809934s ago: executing program 2 (id=434): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4044004) recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x800001}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000780)=""/260, 0x104}, {&(0x7f0000000000)=""/24, 0x18}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}, {&(0x7f00000006c0)=""/133, 0x85}], 0x6}, 0x80000002}], 0x4, 0x0, 0x0) 34.120734529s ago: executing program 1 (id=435): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in=@empty, @in=@local, 0x4e22, 0x1, 0x0, 0x0, 0xa}, {0x4002, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x4, 0x1}, {0x40000000020, 0x40000000, 0xfffffffffffffffd, 0xff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x32}, 0xa, @in6=@mcast2, 0xffffffde, 0x0, 0x3, 0x0, 0x4d}}, 0xe8) sendmmsg$inet6(r0, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x40040d4) 34.099452486s ago: executing program 4 (id=436): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) io_submit(r1, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x19, 0x1, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) 33.751823772s ago: executing program 1 (id=438): r0 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0) ftruncate(r0, 0x80079a0) lseek(r0, 0x0, 0x4) 33.45209417s ago: executing program 1 (id=440): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r0 = socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000006c0)={'ip6tnl0\x00', 0x0}) 19.032000471s ago: executing program 33 (id=434): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4044004) recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x800001}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000780)=""/260, 0x104}, {&(0x7f0000000000)=""/24, 0x18}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}, {&(0x7f00000006c0)=""/133, 0x85}], 0x6}, 0x80000002}], 0x4, 0x0, 0x0) 18.854108297s ago: executing program 34 (id=436): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) io_submit(r1, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x19, 0x1, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) 17.993174762s ago: executing program 35 (id=440): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r0 = socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000006c0)={'ip6tnl0\x00', 0x0}) 16.002392481s ago: executing program 0 (id=455): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_proto_private(r0, 0x89e1, &(0x7f0000001080)) 15.903521164s ago: executing program 0 (id=456): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x5411, 0x0) 15.747796905s ago: executing program 0 (id=457): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f000000b4c0)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @empty}, 0x10, 0x0}}, {{&(0x7f0000000140)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000580)="c7ba", 0x2}], 0x1}}], 0x2, 0x488c4) sendmmsg$inet(r0, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0) 15.509813726s ago: executing program 0 (id=458): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100040, 0x1b35, 0x8, 0x2, 0x2, 0x0, 0x0, 0x7, 0x1}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x140075, 0x7ffe, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6}) 15.351407531s ago: executing program 0 (id=459): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="07022cbd7000000000000100000008000880040007012c0004800500030001000000050003000000000005000300010000000500030080ff0000050003000200000008000100030000000800020001"], 0x58}}, 0x880) 15.195595926s ago: executing program 0 (id=460): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', r1, 0x4, 0xfe, 0x2, 0x4038a0d, 0xb, @empty, @mcast2={0xff, 0x5}, 0x0, 0x8000, 0x0, 0x5}}) 0s ago: executing program 36 (id=460): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', r1, 0x4, 0xfe, 0x2, 0x4038a0d, 0xb, @empty, @mcast2={0xff, 0x5}, 0x0, 0x8000, 0x0, 0x5}}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.38' (ED25519) to the list of known hosts. [ 81.033785][ T5825] cgroup: Unknown subsys name 'net' [ 81.264003][ T5825] cgroup: Unknown subsys name 'cpuset' [ 81.310089][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.106064][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.796424][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.829672][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.835548][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.858437][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.859077][ T5154] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.862347][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.865227][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 86.865577][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.868059][ T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.879438][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.927459][ T9] cfg80211: failed to load regulatory.db [ 87.046645][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.048861][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.064256][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.067808][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.068572][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.137768][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.149406][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.151002][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.160616][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.168883][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.223666][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.226513][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.227915][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.230301][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.231185][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.980558][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 88.038736][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 88.233449][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 88.400324][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 88.571454][ T5853] chnl_net:caif_netlink_parms(): no params data found [ 88.831020][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.832549][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.833133][ T5843] bridge_slave_0: entered allmulticast mode [ 88.836194][ T5843] bridge_slave_0: entered promiscuous mode [ 88.890563][ T5844] Bluetooth: hci0: command tx timeout [ 88.953769][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.953844][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.953968][ T5843] bridge_slave_1: entered allmulticast mode [ 88.955636][ T5843] bridge_slave_1: entered promiscuous mode [ 88.969376][ T5844] Bluetooth: hci1: command tx timeout [ 89.110135][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.110261][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.110379][ T5838] bridge_slave_0: entered allmulticast mode [ 89.111907][ T5838] bridge_slave_0: entered promiscuous mode [ 89.129303][ T5844] Bluetooth: hci2: command tx timeout [ 89.209395][ T5844] Bluetooth: hci3: command tx timeout [ 89.299884][ T5844] Bluetooth: hci4: command tx timeout [ 89.321534][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.321828][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.322442][ T5838] bridge_slave_1: entered allmulticast mode [ 89.324873][ T5838] bridge_slave_1: entered promiscuous mode [ 89.452449][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.452586][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.452767][ T5848] bridge_slave_0: entered allmulticast mode [ 89.455298][ T5848] bridge_slave_0: entered promiscuous mode [ 89.605492][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.617502][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.617663][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.617841][ T5848] bridge_slave_1: entered allmulticast mode [ 89.622086][ T5848] bridge_slave_1: entered promiscuous mode [ 89.777062][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.945392][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.945641][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.945785][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.945944][ T5850] bridge_slave_0: entered allmulticast mode [ 89.947711][ T5850] bridge_slave_0: entered promiscuous mode [ 90.145145][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.146222][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.146332][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.146462][ T5850] bridge_slave_1: entered allmulticast mode [ 90.147924][ T5850] bridge_slave_1: entered promiscuous mode [ 90.320152][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.320300][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.320473][ T5853] bridge_slave_0: entered allmulticast mode [ 90.322335][ T5853] bridge_slave_0: entered promiscuous mode [ 90.328952][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.522855][ T5843] team0: Port device team_slave_0 added [ 90.523300][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.523446][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.523609][ T5853] bridge_slave_1: entered allmulticast mode [ 90.525458][ T5853] bridge_slave_1: entered promiscuous mode [ 90.533199][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.712411][ T5843] team0: Port device team_slave_1 added [ 90.831796][ T5838] team0: Port device team_slave_0 added [ 90.835486][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.969382][ T5844] Bluetooth: hci0: command tx timeout [ 91.049537][ T5844] Bluetooth: hci1: command tx timeout [ 91.083820][ T5838] team0: Port device team_slave_1 added [ 91.086351][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.175307][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.178631][ T5848] team0: Port device team_slave_0 added [ 91.219325][ T5844] Bluetooth: hci2: command tx timeout [ 91.289515][ T5844] Bluetooth: hci3: command tx timeout [ 91.351099][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.351110][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.351123][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.355076][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.356575][ T5848] team0: Port device team_slave_1 added [ 91.369267][ T5844] Bluetooth: hci4: command tx timeout [ 91.812140][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.812156][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.812180][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.010990][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.011001][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.011013][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.013561][ T5850] team0: Port device team_slave_0 added [ 92.182662][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.182678][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.182702][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.185857][ T5850] team0: Port device team_slave_1 added [ 92.195209][ T5853] team0: Port device team_slave_0 added [ 92.197648][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.197661][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.197683][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.333094][ T5853] team0: Port device team_slave_1 added [ 92.333988][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.333997][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.334011][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.630891][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.630905][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.630918][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.873456][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.873468][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.873481][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.888532][ T5843] hsr_slave_0: entered promiscuous mode [ 92.897803][ T5843] hsr_slave_1: entered promiscuous mode [ 92.908473][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.908487][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.908509][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.049694][ T5844] Bluetooth: hci0: command tx timeout [ 93.053521][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.053537][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.053560][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.139295][ T5844] Bluetooth: hci1: command tx timeout [ 93.152183][ T5838] hsr_slave_0: entered promiscuous mode [ 93.153513][ T5838] hsr_slave_1: entered promiscuous mode [ 93.154504][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 93.154614][ T5838] Cannot create hsr debugfs directory [ 93.289559][ T5844] Bluetooth: hci2: command tx timeout [ 93.314063][ T5848] hsr_slave_0: entered promiscuous mode [ 93.315416][ T5848] hsr_slave_1: entered promiscuous mode [ 93.316331][ T5848] debugfs: 'hsr0' already exists in 'hsr' [ 93.316347][ T5848] Cannot create hsr debugfs directory [ 93.369357][ T5844] Bluetooth: hci3: command tx timeout [ 93.449380][ T5844] Bluetooth: hci4: command tx timeout [ 93.876554][ T5850] hsr_slave_0: entered promiscuous mode [ 93.877380][ T5850] hsr_slave_1: entered promiscuous mode [ 93.877922][ T5850] debugfs: 'hsr0' already exists in 'hsr' [ 93.877942][ T5850] Cannot create hsr debugfs directory [ 94.144539][ T5853] hsr_slave_0: entered promiscuous mode [ 94.145896][ T5853] hsr_slave_1: entered promiscuous mode [ 94.146720][ T5853] debugfs: 'hsr0' already exists in 'hsr' [ 94.146742][ T5853] Cannot create hsr debugfs directory [ 95.129350][ T5844] Bluetooth: hci0: command tx timeout [ 95.210276][ T5844] Bluetooth: hci1: command tx timeout [ 95.369577][ T5844] Bluetooth: hci2: command tx timeout [ 95.416384][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.449477][ T5844] Bluetooth: hci3: command tx timeout [ 95.461234][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.500382][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.529425][ T5844] Bluetooth: hci4: command tx timeout [ 95.559532][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.688289][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.717449][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.736202][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.800765][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.928696][ T5848] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.974432][ T5848] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 96.033951][ T5848] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 96.093719][ T5848] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.240174][ T5850] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 96.295724][ T5850] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.339056][ T5850] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.395232][ T5850] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.555355][ T5853] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 96.598539][ T5853] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 96.636331][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.638028][ T5853] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 96.686056][ T5853] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 96.833329][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.857060][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.890299][ T1182] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.890424][ T1182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.938582][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.938666][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.006412][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.025982][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.062170][ T1278] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.063120][ T1278] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.122957][ T1278] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.123180][ T1278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.166767][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.205868][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.215242][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.215445][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.265978][ T159] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.266193][ T159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.349033][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.397715][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.413585][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.414489][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.493607][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.495390][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.568185][ T5853] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.618635][ T1182] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.618781][ T1182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.688857][ T1278] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.689375][ T1278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.895710][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.214003][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.275652][ T5843] veth0_vlan: entered promiscuous mode [ 98.307971][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.390873][ T5843] veth1_vlan: entered promiscuous mode [ 98.568654][ T5838] veth0_vlan: entered promiscuous mode [ 98.635391][ T5838] veth1_vlan: entered promiscuous mode [ 98.636591][ T5848] veth0_vlan: entered promiscuous mode [ 98.637699][ T5843] veth0_macvtap: entered promiscuous mode [ 98.660904][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.675806][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.715460][ T5843] veth1_macvtap: entered promiscuous mode [ 98.733278][ T5848] veth1_vlan: entered promiscuous mode [ 98.862918][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.925601][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.927661][ T5838] veth0_macvtap: entered promiscuous mode [ 99.020304][ T5838] veth1_macvtap: entered promiscuous mode [ 99.041826][ T1182] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.067370][ T1182] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.083570][ T1182] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.094188][ T1182] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.094836][ T5848] veth0_macvtap: entered promiscuous mode [ 99.098262][ T5850] veth0_vlan: entered promiscuous mode [ 99.178050][ T5848] veth1_macvtap: entered promiscuous mode [ 99.198898][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.199813][ T5850] veth1_vlan: entered promiscuous mode [ 99.278251][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.406551][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.427224][ T68] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.442052][ T68] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.461640][ T68] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.467110][ T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.487907][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.518212][ T3555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.518234][ T3555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.598504][ T68] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.616045][ T68] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.633446][ T68] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.703740][ T68] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.758180][ T5850] veth0_macvtap: entered promiscuous mode [ 99.772104][ T5853] veth0_vlan: entered promiscuous mode [ 99.888835][ T1278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.888854][ T1278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.913943][ T5850] veth1_macvtap: entered promiscuous mode [ 100.040401][ T5853] veth1_vlan: entered promiscuous mode [ 100.162503][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.162520][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.216770][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.298207][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.298227][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.311307][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.434632][ T3555] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.435385][ T3555] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.435400][ T3555] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.450914][ T3555] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.474196][ T3555] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.538130][ T3555] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.550978][ T5954] warning: `syz.3.6' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 100.615547][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.615565][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.675819][ T5853] veth0_macvtap: entered promiscuous mode [ 100.745796][ T5853] veth1_macvtap: entered promiscuous mode [ 101.023490][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.152519][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.158663][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.158681][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.224586][ T3555] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.288238][ T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.339372][ T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.363386][ T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.386460][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.386479][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.419974][ T989] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 101.608010][ T989] usb 2-1: Using ep0 maxpacket: 8 [ 101.624263][ T989] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.624296][ T989] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.624317][ T989] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 101.624358][ T989] usb 2-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00 [ 101.624380][ T989] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.659681][ T989] usb 2-1: config 0 descriptor?? [ 101.691532][ T5929] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 101.852784][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 101.852814][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8192, setting to 1024 [ 101.852913][ T5929] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 101.852936][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.969842][ T1664] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 102.052459][ T3555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.052479][ T3555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.064722][ T5929] usb 1-1: config 0 descriptor?? [ 102.155867][ T1664] usb 4-1: Using ep0 maxpacket: 16 [ 102.165426][ T1664] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.165457][ T1664] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 102.165478][ T1664] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 102.165520][ T1664] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 102.165541][ T1664] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.325747][ T1664] usb 4-1: config 0 descriptor?? [ 102.362254][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x4 [ 102.362297][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x6 [ 102.362327][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362354][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362380][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362406][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362432][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362458][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362484][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.362510][ T989] elecom 0003:056E:00FE.0001: unknown main item tag 0x0 [ 102.486499][ T989] elecom 0003:056E:00FE.0001: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.1-1/input0 [ 102.494189][ T5929] usb 1-1: USB disconnect, device number 2 [ 102.594992][ T989] usb 2-1: USB disconnect, device number 2 [ 102.620805][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.620824][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.871346][ T1664] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description [ 102.872216][ T1664] microsoft 0003:045E:07DA.0002: parse failed [ 102.872319][ T1664] microsoft 0003:045E:07DA.0002: probe with driver microsoft failed with error -22 [ 102.947481][ T5975] fido_id[5975]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 103.011631][ T5929] usb 4-1: USB disconnect, device number 2 [ 105.275664][ T6031] netlink: 'syz.4.34': attribute type 1 has an invalid length. [ 105.275863][ T6031] netlink: 208 bytes leftover after parsing attributes in process `syz.4.34'. [ 105.275896][ T6031] netlink: 'syz.4.34': attribute type 1 has an invalid length. [ 105.275909][ T6031] netlink: 'syz.4.34': attribute type 2 has an invalid length. [ 105.320491][ T6027] dummy0: entered promiscuous mode [ 105.412982][ T6027] dummy0: left promiscuous mode [ 106.365429][ T6058] netlink: 'syz.0.46': attribute type 2 has an invalid length. [ 106.430807][ T6061] ieee802154 phy0 wpan0: encryption failed: -22 [ 107.049076][ T6081] netlink: 'syz.2.58': attribute type 3 has an invalid length. [ 107.454136][ T5844] Bluetooth: hci4: command tx timeout [ 107.573057][ T6099] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.65'. [ 107.573461][ T6099] openvswitch: netlink: Port -8 exceeds max allowable 65535 [ 107.763808][ T6104] process 'syz.0.68' launched './file0' with NULL argv: empty string added [ 108.093901][ T6112] netlink: 1 bytes leftover after parsing attributes in process `syz.2.72'. [ 108.094551][ T6112] xt_policy: neither incoming nor outgoing policy selected [ 108.406415][ T6123] netlink: 24 bytes leftover after parsing attributes in process `syz.2.77'. [ 109.059570][ T5943] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 109.179266][ T1664] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 109.235143][ T5943] usb 5-1: config 0 has an invalid interface number: 128 but max is 0 [ 109.235171][ T5943] usb 5-1: config 0 has no interface number 0 [ 109.235202][ T5943] usb 5-1: config 0 interface 128 has no altsetting 0 [ 109.281285][ T5943] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91 [ 109.281316][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.281335][ T5943] usb 5-1: Product: syz [ 109.281349][ T5943] usb 5-1: Manufacturer: syz [ 109.281363][ T5943] usb 5-1: SerialNumber: syz [ 109.321709][ T5943] usb 5-1: config 0 descriptor?? [ 109.354874][ T1664] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.354906][ T1664] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.354928][ T1664] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 109.354970][ T1664] usb 3-1: New USB device found, idVendor=2133, idProduct=0018, bcdDevice= 0.00 [ 109.354991][ T1664] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.367496][ T5943] radio-si470x 5-1:0.128: could not find interrupt in endpoint [ 109.367584][ T5943] radio-si470x 5-1:0.128: probe with driver radio-si470x failed with error -5 [ 109.368073][ T5943] usbhid 5-1:0.128: couldn't find an input interrupt endpoint [ 109.410774][ T1664] usb 3-1: config 0 descriptor?? [ 109.729941][ T5971] usb 5-1: USB disconnect, device number 2 [ 109.853552][ T6157] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 110.008246][ T1664] viewsonic 0003:2133:0018.0003: hidraw0: USB HID v0.00 Device [HID 2133:0018] on usb-dummy_hcd.2-1/input0 [ 110.136996][ T1664] usb 3-1: USB disconnect, device number 2 [ 110.190242][ T6162] fido_id[6162]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 110.480794][ T6168] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 110.679475][ T6172] netlink: 44 bytes leftover after parsing attributes in process `syz.0.101'. [ 111.070785][ T5943] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 111.231552][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 111.231598][ T5943] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 111.231620][ T5943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.240592][ T5943] usb 2-1: config 0 descriptor?? [ 111.241616][ T6174] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 111.419362][ T5971] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 111.569834][ T5971] usb 3-1: Using ep0 maxpacket: 8 [ 111.576287][ T5971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 111.576375][ T5971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 111.576416][ T5971] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 111.576439][ T5971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.695413][ T5971] usb 3-1: config 0 descriptor?? [ 111.786110][ T5943] hid_parser_main: 50 callbacks suppressed [ 111.786133][ T5943] elan 0003:04F3:0755.0004: unknown main item tag 0x0 [ 111.786166][ T5943] elan 0003:04F3:0755.0004: item fetching failed at offset 3/5 [ 111.792208][ T5943] elan 0003:04F3:0755.0004: Hid Parse failed [ 111.795029][ T5943] elan 0003:04F3:0755.0004: probe with driver elan failed with error -22 [ 111.889411][ T1664] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 111.955879][ T5943] usb 2-1: USB disconnect, device number 3 [ 112.049262][ T1664] usb 5-1: Using ep0 maxpacket: 32 [ 112.054651][ T1664] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 112.054674][ T1664] usb 5-1: config 0 has no interface number 0 [ 112.080577][ T1664] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 112.080605][ T1664] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.080624][ T1664] usb 5-1: Product: syz [ 112.080638][ T1664] usb 5-1: Manufacturer: syz [ 112.080651][ T1664] usb 5-1: SerialNumber: syz [ 112.169741][ T1664] usb 5-1: config 0 descriptor?? [ 112.171117][ T5971] logitech 0003:046D:C20E.0005: rdesc size test failed for formula gp [ 112.180905][ T5971] logitech 0003:046D:C20E.0005: unbalanced collection at end of report description [ 112.181718][ T5971] logitech 0003:046D:C20E.0005: parse failed [ 112.181815][ T5971] logitech 0003:046D:C20E.0005: probe with driver logitech failed with error -22 [ 112.228718][ T1664] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 112.228754][ T1664] usb 5-1: selecting invalid altsetting 1 [ 112.228770][ T1664] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 112.312099][ T1664] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 112.312681][ T1664] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 112.313792][ T1664] usb 5-1: media controller created [ 112.386565][ T1664] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 112.454654][ T5943] usb 3-1: USB disconnect, device number 3 [ 112.613033][ T1664] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 112.613093][ T1664] zl10353_read_register: readreg error (reg=127, ret==-71) [ 112.639572][ T6202] capability: warning: `syz.0.115' uses 32-bit capabilities (legacy support in use) [ 112.642499][ T1664] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 112.768265][ T1664] usb 5-1: USB disconnect, device number 3 [ 112.958395][ T6204] netlink: 84 bytes leftover after parsing attributes in process `syz.0.116'. [ 112.958571][ T6204] Zero length message leads to an empty skb [ 113.252871][ T6211] loop9: detected capacity change from 0 to 7 [ 113.254864][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.254992][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255129][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255240][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255367][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255489][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255602][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.255678][ T6211] ldm_validate_partition_table(): Disk read failed. [ 113.272678][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.272810][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.272911][ T6211] Buffer I/O error on dev loop9, logical block 0, async page read [ 113.273066][ T6211] Dev loop9: unable to read RDB block 0 [ 113.273346][ T6211] loop9: unable to read partition table [ 113.273577][ T6211] loop9: partition table beyond EOD, truncated [ 113.273593][ T6211] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 113.273593][ T6211] ) failed (rc=-5) [ 114.181242][ T6239] capability: warning: `syz.0.131' uses deprecated v2 capabilities in a way that may be insecure [ 114.208522][ T37] audit: type=1326 audit(1758592519.489:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 114.208573][ T37] audit: type=1326 audit(1758592519.489:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 114.208612][ T37] audit: type=1326 audit(1758592519.489:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 114.368716][ T37] audit: type=1326 audit(1758592519.639:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0d1e28af79 code=0x7ffc0000 [ 114.368766][ T37] audit: type=1326 audit(1758592519.639:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 114.368804][ T37] audit: type=1326 audit(1758592519.639:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6231 comm="syz.2.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 115.324380][ T6260] No buffer was provided with the request [ 115.982052][ T6274] hub 9-0:1.0: USB hub found [ 115.985594][ T6274] hub 9-0:1.0: 1 port detected [ 116.289428][ T6282] ======================================================= [ 116.289428][ T6282] WARNING: The mand mount option has been deprecated and [ 116.289428][ T6282] and is ignored by this kernel. Remove the mand [ 116.289428][ T6282] option from the mount to silence this warning. [ 116.289428][ T6282] ======================================================= [ 120.960328][ T6373] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 120.991222][ T6373] @0: renamed from bond_slave_1 (while UP) [ 121.802568][ T6398] Bluetooth: MGMT ver 1.23 [ 122.932151][ T6429] gretap0: entered promiscuous mode [ 122.932542][ T6429] vlan2: entered promiscuous mode [ 123.209287][ T44] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 123.372991][ T44] usb 2-1: config 0 has an invalid interface number: 32 but max is 0 [ 123.373018][ T44] usb 2-1: config 0 has no interface number 0 [ 123.373065][ T44] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 123.373087][ T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.399471][ T44] usb 2-1: config 0 descriptor?? [ 123.403838][ T44] cp210x 2-1:0.32: cp210x converter detected [ 123.429318][ T5971] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 123.580988][ T5971] usb 3-1: Using ep0 maxpacket: 32 [ 123.586684][ T5971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.586716][ T5971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.586813][ T5971] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 123.586836][ T5971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.662655][ T5971] usb 3-1: config 0 descriptor?? [ 123.703727][ T5971] hub 3-1:0.0: USB hub found [ 123.862411][ T44] cp210x 2-1:0.32: failed to get vendor val 0x000e size 3: -71 [ 123.959351][ T5971] hub 3-1:0.0: 29 ports detected [ 123.962998][ T5971] hub 3-1:0.0: insufficient power available to use all downstream ports [ 123.974855][ T44] usb 2-1: cp210x converter now attached to ttyUSB0 [ 124.001021][ T44] usb 2-1: USB disconnect, device number 4 [ 124.142894][ T44] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 124.182885][ T44] cp210x 2-1:0.32: device disconnected [ 124.258914][ T6453] ALSA: mixer_oss: invalid OSS volume 'ިc">#a6\9/[\' [ 124.259022][ T6453] ALSA: mixer_oss: invalid OSS volume 'F4|׃|t@' [ 124.259075][ T6453] ALSA: mixer_oss: invalid OSS volume 'GJJ³ 1 [ 126.434331][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 126.435415][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 126.438886][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 126.461063][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 126.562742][ T5907] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 126.562769][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.570224][ T6514] Driver unsupported XDP return value 0 on prog (id 23) dev N/A, expect packet loss! [ 126.594462][ T5907] usb 3-1: config 0 descriptor?? [ 126.617522][ T5907] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 126.801603][ T6518] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.259'. [ 127.295320][ T5907] gp8psk: usb out operation failed. [ 127.295350][ T5907] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 127.295394][ T5907] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 127.311045][ T5907] usb 3-1: USB disconnect, device number 5 [ 127.464455][ T6530] netlink: 'syz.4.265': attribute type 1 has an invalid length. [ 127.464476][ T6530] netlink: 'syz.4.265': attribute type 2 has an invalid length. [ 127.464486][ T6530] netlink: 1172 bytes leftover after parsing attributes in process `syz.4.265'. [ 127.946603][ T159] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.389233][ T37] audit: type=1326 audit(1758592533.669:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.396374][ T37] audit: type=1326 audit(1758592533.679:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.402108][ T37] audit: type=1326 audit(1758592533.689:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.417541][ T37] audit: type=1326 audit(1758592533.689:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.417592][ T37] audit: type=1326 audit(1758592533.699:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.420715][ T37] audit: type=1326 audit(1758592533.699:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6553 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1e2eeec9 code=0x7ffc0000 [ 128.479292][ T5929] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 128.569281][ T5840] Bluetooth: hci5: command tx timeout [ 128.636814][ T5929] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.636843][ T5929] usb 2-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 128.636868][ T5929] usb 2-1: config 0 interface 0 has no altsetting 0 [ 128.636901][ T5929] usb 2-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00 [ 128.636923][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.665844][ T5929] usb 2-1: config 0 descriptor?? [ 128.764609][ T159] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.948038][ T6567] tipc: Can't bind to reserved service type 2 [ 129.111522][ T5929] kye 0003:0458:501A.0006: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 129.116724][ T5929] kye 0003:0458:501A.0006: hidraw0: USB HID v0.01 Device [HID 0458:501a] on usb-dummy_hcd.1-1/input0 [ 129.116755][ T5929] kye 0003:0458:501A.0006: tablet-enabling feature report not found [ 129.116770][ T5929] kye 0003:0458:501A.0006: tablet enabling failed [ 129.202104][ T159] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.332126][ T5943] usb 2-1: USB disconnect, device number 5 [ 129.371233][ T6575] fido_id[6575]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 129.660428][ T159] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.741216][ T6582] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 129.742025][ T6583] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 130.041900][ T6511] chnl_net:caif_netlink_parms(): no params data found [ 130.335658][ T6599] netlink: 28 bytes leftover after parsing attributes in process `syz.4.296'. [ 130.585220][ T6609] netlink: 80 bytes leftover after parsing attributes in process `syz.4.301'. [ 130.585285][ T6609] netlink: 80 bytes leftover after parsing attributes in process `syz.4.301'. [ 130.649454][ T5840] Bluetooth: hci5: command tx timeout [ 131.282700][ T6626] netlink: 348 bytes leftover after parsing attributes in process `syz.2.307'. [ 131.359527][ T6511] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.359652][ T6511] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.359870][ T6511] bridge_slave_0: entered allmulticast mode [ 131.362582][ T6511] bridge_slave_0: entered promiscuous mode [ 131.366673][ T6511] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.366792][ T6511] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.366982][ T6511] bridge_slave_1: entered allmulticast mode [ 131.427821][ T6511] bridge_slave_1: entered promiscuous mode [ 131.653997][ T159] bridge_slave_1: left allmulticast mode [ 131.654328][ T159] bridge_slave_1: left promiscuous mode [ 131.656923][ T159] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.771033][ T159] bridge_slave_0: left allmulticast mode [ 131.771064][ T159] bridge_slave_0: left promiscuous mode [ 131.771341][ T159] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.070626][ T6640] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 132.729249][ T5840] Bluetooth: hci5: command tx timeout [ 132.981656][ T1325] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.981734][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.705534][ T6673] tmpfs: Bad value for 'mpol' [ 133.858336][ T6678] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 134.200622][ T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 134.354980][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.355035][ T10] usb 5-1: New USB device found, idVendor=1038, idProduct=12c2, bcdDevice= 0.00 [ 134.355057][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.382199][ T6691] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 134.413793][ T10] usb 5-1: config 0 descriptor?? [ 134.612347][ T159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.672268][ T159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.713620][ T159] bond0 (unregistering): Released all slaves [ 134.809279][ T5840] Bluetooth: hci5: command tx timeout [ 134.875177][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875220][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875246][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875272][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875297][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875323][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.875348][ T10] steelseries 0003:1038:12C2.0007: unknown main item tag 0x0 [ 134.983345][ T6511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.987724][ T6511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.077536][ T10] usb 5-1: USB disconnect, device number 4 [ 135.210921][ T6693] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 136.009602][ T6511] team0: Port device team_slave_0 added [ 136.167326][ T6511] team0: Port device team_slave_1 added [ 137.426053][ T6734] tipc: Started in network mode [ 137.426082][ T6734] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 137.433502][ T6734] tipc: Enabled bearer , priority 17 [ 137.540268][ T6511] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 137.540283][ T6511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.540307][ T6511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 137.555782][ T6511] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.555797][ T6511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.555820][ T6511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.696488][ T6762] netlink: 8 bytes leftover after parsing attributes in process `syz.2.367'. [ 137.925344][ T6769] ptrace attach of "./syz-executor exec"[5850] was attempted by "R~sۄ9!+làvs\x22~Uxa*fPyw.6iB֡O ^$ w*? ;-b?3ASѭKkr\x0aؙ:y>sy\x1bSD8\x1bu\x0a2.bfhݹ5cM+wk|(Hn'cCj<,ᨊr.u(lnvNFQ+&iЁk&ȍĤ>貥fbRs󷖾\x0c~1%^?\x1bY\x1bg-3˩VO|\x0a᳷[.'3DAzrcO ,;j!poUe{s%@OtnZbB&+4?pRN!YˑNjgiq[6hvN|ՠxiPo54(%* ħlLUD䧥7`z8h“=-ei}\x5c\x09v:-ם\x099.VE&\x09 b&hΚA`R&֕AO ݛ/\x1bL\x07&DuoO^C'S1 @#^^V156r詴tU\x0c0鴲>ŪMVj\x07=}]MXUtY[%>p*js;x9K4m{yWp5p\x0cV\x0c\x0a(UηX8'C}ħJ=6Ww&u]8?+3q(*R\x09-e\x22gNN?-݋0ުJx~~/ALI8o$a3e@JcT ̑ѧ8%p缑/܏!/%V'Rjoqsvgqc]\x09 [ 137.930909][ T159] hsr_slave_0: left promiscuous mode [ 138.049315][ T159] hsr_slave_1: left promiscuous mode [ 138.050524][ T159] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.050605][ T159] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 138.146742][ T159] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.146773][ T159] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 138.362084][ T159] veth1_macvtap: left promiscuous mode [ 138.362393][ T159] veth0_macvtap: left promiscuous mode [ 138.363551][ T159] veth1_vlan: left promiscuous mode [ 138.364244][ T159] veth0_vlan: left promiscuous mode [ 138.458071][ T5827] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 138.483440][ T5827] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 138.541237][ T5929] tipc: Node number set to 8432298 [ 138.601236][ T6780] fido_id[6780]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 139.110955][ T6792] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 139.352420][ T6800] trusted_key: encrypted_key: key user:syz not found [ 141.974461][ T159] team0 (unregistering): Port device team_slave_1 removed [ 142.200416][ T159] team0 (unregistering): Port device team_slave_0 removed [ 146.270400][ T6905] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.099134][ C1] sched: DL replenish lagged too much [ 162.755472][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 162.782437][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 162.783547][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 162.785382][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 162.833193][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 163.035201][ T5844] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 163.055774][ T5844] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 163.072748][ T5844] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 163.074144][ T5844] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 163.075834][ T5844] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 163.283245][ T6511] hsr_slave_0: entered promiscuous mode [ 163.284646][ T6511] hsr_slave_1: entered promiscuous mode [ 163.981364][ T5840] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 163.983674][ T5840] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 163.984757][ T5840] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 163.985905][ T5840] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 163.986718][ T5840] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 164.570035][ T6959] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.605835][ T6959] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.890085][ T5844] Bluetooth: hci1: command tx timeout [ 165.139335][ T5844] Bluetooth: hci6: command tx timeout [ 166.169382][ T5844] Bluetooth: hci7: command tx timeout [ 166.972383][ T5844] Bluetooth: hci1: command tx timeout [ 167.209481][ T5844] Bluetooth: hci6: command tx timeout [ 168.249447][ T5844] Bluetooth: hci7: command tx timeout [ 169.049448][ T5844] Bluetooth: hci1: command tx timeout [ 169.289443][ T5844] Bluetooth: hci6: command tx timeout [ 170.329329][ T5844] Bluetooth: hci7: command tx timeout [ 171.129646][ T5844] Bluetooth: hci1: command tx timeout [ 171.369440][ T5844] Bluetooth: hci6: command tx timeout [ 172.416851][ T5844] Bluetooth: hci7: command tx timeout [ 181.051803][ T5840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 181.066592][ T5840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 181.068396][ T5840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 181.092289][ T5840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 181.097304][ T5840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 186.612809][ T59] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 186.632939][ T59] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 186.634043][ T59] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 186.635550][ T59] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 186.636487][ T59] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 195.672307][ T1325] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.672382][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.131583][ T59] Bluetooth: hci8: command tx timeout [ 197.501699][ T6935] chnl_net:caif_netlink_parms(): no params data found [ 198.172270][ T6938] chnl_net:caif_netlink_parms(): no params data found [ 199.209369][ T59] Bluetooth: hci8: command tx timeout [ 201.295431][ T59] Bluetooth: hci8: command tx timeout [ 203.369694][ T59] Bluetooth: hci8: command tx timeout [ 218.169488][ T5840] Bluetooth: hci9: command tx timeout [ 220.249487][ T5840] Bluetooth: hci9: command tx timeout [ 222.329465][ T5840] Bluetooth: hci9: command tx timeout [ 223.207278][ T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 223.236630][ T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 223.237745][ T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 223.260832][ T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 223.261675][ T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 223.410530][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 223.428474][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 223.438063][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 223.449080][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 223.461395][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 224.077814][ T5154] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 224.096210][ T5154] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 224.097344][ T5154] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 224.114196][ T5154] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 224.116207][ T5154] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 224.409721][ T5154] Bluetooth: hci9: command tx timeout [ 241.070346][ T5154] Bluetooth: hci10: command tx timeout [ 241.990641][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 242.011825][ T5154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 242.012953][ T5154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 242.014208][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 242.015455][ T5154] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 243.129471][ T5154] Bluetooth: hci3: command tx timeout [ 243.129775][ T5154] Bluetooth: hci2: command tx timeout [ 243.129881][ T5154] Bluetooth: hci10: command tx timeout [ 244.169407][ T5154] Bluetooth: hci0: command tx timeout [ 245.209795][ T5154] Bluetooth: hci10: command tx timeout [ 245.209826][ T5154] Bluetooth: hci2: command tx timeout [ 245.209845][ T5154] Bluetooth: hci3: command tx timeout [ 246.253780][ T59] Bluetooth: hci0: command tx timeout [ 246.953996][ T5154] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 246.972664][ T5154] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 246.973822][ T5154] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 246.974970][ T5154] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 246.978106][ T5154] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 247.289419][ T5154] Bluetooth: hci3: command tx timeout [ 247.289451][ T5154] Bluetooth: hci2: command tx timeout [ 247.289473][ T5154] Bluetooth: hci10: command tx timeout [ 248.329420][ T59] Bluetooth: hci0: command tx timeout [ 249.142313][ T59] Bluetooth: hci4: command tx timeout [ 249.369471][ T59] Bluetooth: hci2: command tx timeout [ 249.369502][ T59] Bluetooth: hci3: command tx timeout [ 250.409338][ T5154] Bluetooth: hci0: command tx timeout [ 251.209364][ T5154] Bluetooth: hci4: command tx timeout [ 253.289370][ T5154] Bluetooth: hci4: command tx timeout [ 255.369491][ T5154] Bluetooth: hci4: command tx timeout [ 255.863585][ T1325] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.863662][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 283.975871][ T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 283.988463][ T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 283.997988][ T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 284.006806][ T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 284.017948][ T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 284.090362][ T59] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 284.126984][ T59] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 284.131779][ T59] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 284.133042][ T59] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 284.149467][ T59] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 284.987688][ T59] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 285.005019][ T59] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 285.006138][ T59] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 285.029466][ T59] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 285.031962][ T59] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 286.173036][ T5840] Bluetooth: hci5: command tx timeout [ 286.249437][ T5840] Bluetooth: hci11: command tx timeout [ 287.129549][ T5840] Bluetooth: hci12: command tx timeout [ 288.258096][ T5840] Bluetooth: hci5: command tx timeout [ 288.329562][ T5840] Bluetooth: hci11: command tx timeout [ 288.665403][ T5840] Bluetooth: hci6: command 0x0406 tx timeout [ 288.665443][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 288.665465][ T5840] Bluetooth: hci7: command 0x0406 tx timeout [ 289.209364][ T7070] Bluetooth: hci12: command tx timeout [ 290.329314][ T7070] Bluetooth: hci5: command tx timeout [ 290.410829][ T7070] Bluetooth: hci11: command tx timeout [ 291.291051][ T7070] Bluetooth: hci12: command tx timeout [ 292.409485][ T7070] Bluetooth: hci5: command tx timeout [ 292.489572][ T7070] Bluetooth: hci11: command tx timeout [ 293.369513][ T7070] Bluetooth: hci12: command tx timeout [ 295.459745][ T6946] chnl_net:caif_netlink_parms(): no params data found [ 304.805756][ T59] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 304.912377][ T59] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 304.914523][ T59] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 304.915689][ T59] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 304.916460][ T59] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 307.371451][ T7042] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 307.392533][ T7042] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 307.394658][ T7042] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 307.414194][ T7042] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 307.428701][ T7042] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 317.307179][ T1325] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.307274][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.889809][ T38] INFO: task kworker/u8:5:159 blocked for more than 143 seconds. [ 326.889839][ T38] Not tainted syzkaller #0 [ 326.889849][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 326.889861][ T38] task:kworker/u8:5 state:D stack:22376 pid:159 tgid:159 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 326.889908][ T38] Workqueue: netns cleanup_net [ 326.889959][ T38] Call Trace: [ 326.889966][ T38] [ 326.889980][ T38] __schedule+0x16f3/0x4c20 [ 326.890016][ T38] ? validate_chain+0x897/0x2140 [ 326.890053][ T38] ? __lock_acquire+0xab9/0xd20 [ 326.890075][ T38] ? __pfx___schedule+0x10/0x10 [ 326.890116][ T38] ? schedule+0x91/0x360 [ 326.890142][ T38] schedule+0x165/0x360 [ 326.890167][ T38] schedule_timeout+0x9a/0x270 [ 326.890190][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 326.890226][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 326.890250][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 326.890271][ T38] ? wait_for_completion+0x267/0x5d0 [ 326.890297][ T38] wait_for_completion+0x2bf/0x5d0 [ 326.890335][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 326.890362][ T38] ? __raw_spin_lock_init+0x45/0x100 [ 326.890385][ T38] ? __init_swait_queue_head+0xa9/0x150 [ 326.890410][ T38] rcu_barrier+0x463/0x570 [ 326.890438][ T38] wg_destruct+0x21e/0x2f0 [ 326.890459][ T38] ? __pfx_wg_destruct+0x10/0x10 [ 326.890478][ T38] netdev_run_todo+0xcd4/0xea0 [ 326.890506][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 326.890522][ T38] ? unregister_netdevice_queue+0x1b3/0x380 [ 326.890545][ T38] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 326.890562][ T38] ? batadv_meshif_vlan_put+0x131/0x1e0 [ 326.890586][ T38] ? batadv_meshif_destroy_netlink+0x125/0x160 [ 326.890610][ T38] default_device_exit_batch+0x81e/0x890 [ 326.890641][ T38] ? __pfx___might_resched+0x10/0x10 [ 326.890661][ T38] ? __pfx_default_device_exit_batch+0x10/0x10 [ 326.890685][ T38] ? cfg802154_pernet_exit+0x19/0xe0 [ 326.890705][ T38] ? mutex_lock_nested+0x16a/0x1d0 [ 326.890735][ T38] ? __pfx_default_device_exit_batch+0x10/0x10 [ 326.890757][ T38] ops_undo_list+0x522/0x990 [ 326.890788][ T38] ? __pfx_ops_undo_list+0x10/0x10 [ 326.890823][ T38] cleanup_net+0x4cb/0x800 [ 326.890849][ T38] ? __pfx_cleanup_net+0x10/0x10 [ 326.890875][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 326.890897][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 326.890923][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 326.890947][ T38] process_scheduled_works+0xade/0x17b0 [ 326.890999][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 326.891048][ T38] worker_thread+0x8a0/0xda0 [ 326.891099][ T38] kthread+0x70e/0x8a0 [ 326.891127][ T38] ? __pfx_worker_thread+0x10/0x10 [ 326.891147][ T38] ? __pfx_kthread+0x10/0x10 [ 326.891176][ T38] ? __pfx_kthread+0x10/0x10 [ 326.891201][ T38] ret_from_fork+0x436/0x7d0 [ 326.891225][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 326.891254][ T38] ? __switch_to_asm+0x39/0x70 [ 326.891270][ T38] ? __switch_to_asm+0x33/0x70 [ 326.891286][ T38] ? __pfx_kthread+0x10/0x10 [ 326.891312][ T38] ret_from_fork_asm+0x1a/0x30 [ 326.891346][ T38] [ 326.891477][ T38] [ 326.891477][ T38] Showing all locks held in the system: [ 326.891487][ T38] 3 locks held by kworker/u8:1/13: [ 326.891498][ T38] #0: ffff88814d35c138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 326.891547][ T38] #1: ffffc90000127bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 326.891592][ T38] #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 326.891638][ T38] 6 locks held by rcuc/1/28: [ 326.891649][ T38] 1 lock held by khungtaskd/38: [ 326.891659][ T38] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 326.891703][ T38] 3 locks held by kworker/u8:4/68: [ 326.891713][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 326.891757][ T38] #1: ffffc9000154fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 326.891802][ T38] #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 326.891846][ T38] 5 locks held by kworker/u8:5/159: [ 326.891856][ T38] #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 326.891900][ T38] #1: ffffc90003a6fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 326.891950][ T38] #2: ffffffff8ecc6a20 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 326.891997][ T38] #3: ffff8880296e97b8 (&wg->device_update_lock){+.+.}-{4:4}, at: wg_destruct+0x116/0x2f0 [ 326.892039][ T38] #4: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 326.892086][ T38] 2 locks held by kworker/u8:9/1308: [ 326.892107][ T38] 4 locks held by kworker/u9:1/5154: [ 326.892117][ T38] #0: ffff88807d5bc938 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 326.892165][ T38] #1: ffffc9001055fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 326.892209][ T38] #2: ffff8880810500a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 326.892254][ T38] #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 326.892299][ T38] 2 locks held by dhcpcd/5500: [ 326.892309][ T38] #0: ffff888038160910 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: netlink_dump+0xbd/0xe90 [ 326.892354][ T38] #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200 [ 326.892399][ T38] 2 locks held by getty/5596: [ 326.892409][ T38] #0: ffff88823bf3c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 326.892457][ T38] #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 326.892507][ T38] 1 lock held by syz-executor/6511: [ 326.892517][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 326.892564][ T38] 1 lock held by syz.2.434/6901: [ 326.892574][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 326.892615][ T38] 1 lock held by syz.4.436/6906: [ 326.892625][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 326.892666][ T38] 1 lock held by syz.1.440/6914: [ 326.892675][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 326.892715][ T38] 3 locks held by syz-executor/6935: [ 326.892725][ T38] #0: ffff88804976ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.892770][ T38] #1: ffff88804976c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.892817][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.892859][ T38] 1 lock held by syz-executor/6938: [ 326.892869][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 326.892922][ T38] 4 locks held by syz-executor/6946: [ 326.892932][ T38] #0: ffff888063c00e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.892975][ T38] #1: ffff888063c000a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893020][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.893061][ T38] #3: ffff8880607fa358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 326.893117][ T38] 2 locks held by kworker/1:9/6953: [ 326.893128][ T38] 1 lock held by syz.0.460/6966: [ 326.893138][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 326.893183][ T38] 3 locks held by syz-executor/6971: [ 326.893193][ T38] #0: ffff888067954e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.893236][ T38] #1: ffff8880679540a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893281][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.893323][ T38] 3 locks held by syz-executor/6989: [ 326.893349][ T38] #0: ffff88802fbbce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.893392][ T38] #1: ffff88802fbbc0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893438][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.893480][ T38] 2 locks held by syz-executor/7035: [ 326.893490][ T38] #0: ffff8880574cce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.893533][ T38] #1: ffff8880574cc0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893579][ T38] 3 locks held by syz-executor/7039: [ 326.893589][ T38] #0: ffff8880237d0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.893632][ T38] #1: ffff8880237d00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893677][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.893718][ T38] 3 locks held by syz-executor/7041: [ 326.893728][ T38] #0: ffff888060d84e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 326.893771][ T38] #1: ffff888060d840a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 326.893816][ T38] #2: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 326.893858][ T38] 4 locks held by kworker/u9:4/7042: [ 326.893868][ T38] #0: ffff88803cc43138 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 326.893921][ T38] #1: ffffc90003c6fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 326.893966][ T38] #2: ffff8880343b80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 326.894009][ T38] #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 326.894053][ T38] 1 lock held by syz-executor/7049: [ 326.894063][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894106][ T38] 1 lock held by syz-executor/7052: [ 326.894116][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894158][ T38] 1 lock held by syz-executor/7061: [ 326.894168][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894209][ T38] 1 lock held by syz-executor/7062: [ 326.894219][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894261][ T38] 1 lock held by syz-executor/7068: [ 326.894270][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894313][ T38] 1 lock held by syz-executor/7076: [ 326.894323][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894364][ T38] 1 lock held by syz-executor/7079: [ 326.894374][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 326.894416][ T38] [ 326.894421][ T38] ============================================= [ 326.894421][ T38] [ 326.894439][ T38] NMI backtrace for cpu 0 [ 326.894463][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 326.894483][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 326.894493][ T38] Call Trace: [ 326.894500][ T38] [ 326.894508][ T38] dump_stack_lvl+0x189/0x250 [ 326.894534][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 326.894558][ T38] ? __pfx__printk+0x10/0x10 [ 326.894589][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 326.894614][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 326.894639][ T38] ? __pfx__printk+0x10/0x10 [ 326.894662][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 326.894685][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 326.894709][ T38] watchdog+0xf93/0xfe0 [ 326.894736][ T38] ? watchdog+0x1de/0xfe0 [ 326.894762][ T38] kthread+0x70e/0x8a0 [ 326.894788][ T38] ? __pfx_watchdog+0x10/0x10 [ 326.894808][ T38] ? __pfx_kthread+0x10/0x10 [ 326.894836][ T38] ? __pfx_kthread+0x10/0x10 [ 326.894860][ T38] ret_from_fork+0x436/0x7d0 [ 326.894884][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 326.894911][ T38] ? __switch_to_asm+0x39/0x70 [ 326.894932][ T38] ? __switch_to_asm+0x33/0x70 [ 326.894948][ T38] ? __pfx_kthread+0x10/0x10 [ 326.894972][ T38] ret_from_fork_asm+0x1a/0x30 [ 326.895003][ T38] [ 326.895010][ T38] Sending NMI from CPU 0 to CPUs 1: [ 326.895035][ C1] NMI backtrace for cpu 1 [ 326.895048][ C1] CPU: 1 UID: 0 PID: 28 Comm: rcuc/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 326.895066][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 326.895074][ C1] RIP: 0010:do_raw_spin_unlock+0x0/0x240 [ 326.895093][ C1] Code: 80 e1 07 80 c1 03 38 c1 0f 8c 6a ff ff ff e8 17 f3 80 00 e9 60 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 55 41 57 41 56 41 55 41 54 53 48 89 fb 49 bc 00 00 00 [ 326.895104][ C1] RSP: 0018:ffffc90000a2e898 EFLAGS: 00000082 [ 326.895118][ C1] RAX: f02fee3a666dbb00 RBX: 0000000000000a06 RCX: f02fee3a666dbb00 [ 326.895129][ C1] RDX: 0000000000000006 RSI: ffffffff8d21af85 RDI: ffff8880b89457d0 [ 326.895140][ C1] RBP: ffffc90000a2e930 R08: ffff8880b8945827 R09: 1ffff11017128b04 [ 326.895151][ C1] R10: dffffc0000000000 R11: ffffed1017128b05 R12: dffffc0000000000 [ 326.895168][ C1] R13: ffffc90000a2e988 R14: ffff8880b89457d0 R15: 1ffff92000145d14 [ 326.895180][ C1] FS: 0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000 [ 326.895193][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 326.895203][ C1] CR2: 00007fffad7eed54 CR3: 0000000038768000 CR4: 00000000003526f0 [ 326.895217][ C1] Call Trace: [ 326.895223][ C1] [ 326.895228][ C1] _raw_spin_unlock_irqrestore+0x78/0x110 [ 326.895250][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 326.895269][ C1] ? nft_do_chain+0x40c/0x1920 [ 326.895283][ C1] ? nf_hook_slow+0xc2/0x220 [ 326.895301][ C1] ? NF_HOOK+0x30c/0x3a0 [ 326.895318][ C1] ? __napi_poll+0xb3/0x540 [ 326.895336][ C1] rt_spin_lock+0x167/0x2c0 [ 326.895354][ C1] ? __pfx_rt_spin_lock+0x10/0x10 [ 326.895375][ C1] ___slab_alloc+0x25f/0xdc0 [ 326.895391][ C1] ? kmalloc_reserve+0xbd/0x290 [ 326.895412][ C1] ? kmalloc_reserve+0xbd/0x290 [ 326.895429][ C1] kmem_cache_alloc_node_noprof+0xf2/0x330 [ 326.895450][ C1] kmalloc_reserve+0xbd/0x290 [ 326.895470][ C1] __alloc_skb+0x142/0x2d0 [ 326.895490][ C1] synproxy_send_client_synack+0x16c/0xe20 [ 326.895516][ C1] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 326.895534][ C1] ? nft_synproxy_do_eval+0x4c0/0x570 [ 326.895549][ C1] ? synproxy_pernet+0x45/0x270 [ 326.895567][ C1] nft_synproxy_eval_v4+0x36e/0x560 [ 326.895586][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 326.895602][ C1] ? nf_ip_checksum+0x13c/0x510 [ 326.895619][ C1] nft_synproxy_do_eval+0x345/0x570 [ 326.895634][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 326.895654][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 326.895670][ C1] ? __pfx_nft_synproxy_eval+0x10/0x10 [ 326.895691][ C1] nft_do_chain+0x40c/0x1920 [ 326.895713][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 326.895747][ C1] nft_do_chain_inet+0x25d/0x340 [ 326.895762][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 326.895776][ C1] ? __lock_acquire+0xab9/0xd20 [ 326.895799][ C1] ? NF_HOOK+0x9a/0x3a0 [ 326.895816][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 326.895832][ C1] nf_hook_slow+0xc2/0x220 [ 326.895852][ C1] NF_HOOK+0x206/0x3a0 [ 326.895869][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 326.895887][ C1] ? NF_HOOK+0x9a/0x3a0 [ 326.895903][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 326.895919][ C1] ? ip_rcv_finish_core+0xda3/0x1c00 [ 326.895938][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 326.895957][ C1] ? skb_dst+0x4f/0xd0 [ 326.895974][ C1] ? ip_local_deliver+0x12a/0x1b0 [ 326.895994][ C1] NF_HOOK+0x30c/0x3a0 [ 326.896011][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 326.896028][ C1] ? NF_HOOK+0x9a/0x3a0 [ 326.896045][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 326.896063][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 326.896085][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 326.896101][ C1] __netif_receive_skb+0x143/0x380 [ 326.896117][ C1] ? rt_spin_unlock+0x65/0x80 [ 326.896135][ C1] ? process_backlog+0x27b/0x900 [ 326.896152][ C1] process_backlog+0x31e/0x900 [ 326.896181][ C1] __napi_poll+0xb3/0x540 [ 326.896200][ C1] net_rx_action+0x707/0xe00 [ 326.896216][ C1] ? arch_stack_walk+0x11c/0x150 [ 326.896237][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 326.896256][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 326.896275][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 326.896298][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 326.896320][ C1] handle_softirqs+0x22f/0x710 [ 326.896341][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 326.896362][ C1] __local_bh_enable_ip+0x179/0x270 [ 326.896378][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 326.896400][ C1] ? rcu_cpu_kthread+0x23e/0x1b50 [ 326.896419][ C1] ? rcu_cpu_kthread+0x23e/0x1b50 [ 326.896436][ C1] rcu_cpu_kthread+0xc3d/0x1b50 [ 326.896458][ C1] ? rcu_cpu_kthread+0x23e/0x1b50 [ 326.896482][ C1] ? __pfx_rcu_cpu_kthread+0x10/0x10 [ 326.896501][ C1] ? __lock_acquire+0xab9/0xd20 [ 326.896518][ C1] ? __pfx___schedule+0x10/0x10 [ 326.896544][ C1] ? schedule+0x91/0x360 [ 326.896565][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 326.896581][ C1] smpboot_thread_fn+0x53f/0xa60 [ 326.896598][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 326.896619][ C1] kthread+0x70e/0x8a0 [ 326.896639][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 326.896655][ C1] ? __pfx_kthread+0x10/0x10 [ 326.896675][ C1] ? __pfx_kthread+0x10/0x10 [ 326.896694][ C1] ret_from_fork+0x436/0x7d0 [ 326.896712][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 326.896732][ C1] ? __switch_to_asm+0x39/0x70 [ 326.896745][ C1] ? __switch_to_asm+0x33/0x70 [ 326.896755][ C1] ? __pfx_kthread+0x10/0x10 [ 326.896774][ C1] ret_from_fork_asm+0x1a/0x30 [ 326.896796][ C1] [ 326.897036][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 326.897050][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 326.897070][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 326.897079][ T38] Call Trace: [ 326.897086][ T38] [ 326.897093][ T38] dump_stack_lvl+0x99/0x250 [ 326.897117][ T38] ? __asan_memcpy+0x40/0x70 [ 326.897136][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 326.897159][ T38] ? __pfx__printk+0x10/0x10 [ 326.897190][ T38] vpanic+0x281/0x750 [ 326.897215][ T38] ? __pfx_vpanic+0x10/0x10 [ 326.897236][ T38] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 326.897254][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 326.897288][ T38] panic+0xb9/0xc0 [ 326.897310][ T38] ? __pfx_panic+0x10/0x10 [ 326.897335][ T38] ? irq_work_queue+0xc3/0x140 [ 326.897360][ T38] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 326.897384][ T38] watchdog+0xfd2/0xfe0 [ 326.897410][ T38] ? watchdog+0x1de/0xfe0 [ 326.897436][ T38] kthread+0x70e/0x8a0 [ 326.897462][ T38] ? __pfx_watchdog+0x10/0x10 [ 326.897482][ T38] ? __pfx_kthread+0x10/0x10 [ 326.897510][ T38] ? __pfx_kthread+0x10/0x10 [ 326.897534][ T38] ret_from_fork+0x436/0x7d0 [ 326.897558][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 326.897585][ T38] ? __switch_to_asm+0x39/0x70 [ 326.897601][ T38] ? __switch_to_asm+0x33/0x70 [ 326.897616][ T38] ? __pfx_kthread+0x10/0x10 [ 326.897640][ T38] ret_from_fork_asm+0x1a/0x30 [ 326.897673][ T38] [ 326.897825][ T38] Kernel Offset: disabled