last executing test programs: 7.612429762s ago: executing program 2 (id=91): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0x4}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4) 7.299845417s ago: executing program 0 (id=94): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) 7.248859363s ago: executing program 2 (id=95): r0 = fsopen(&(0x7f0000000000)='udf\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101042, 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='.\x00', 0x0, r1) 7.075433766s ago: executing program 1 (id=96): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000080)=0xffff7b6e, 0x4) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000001c0)=0x7, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000240)) 6.900734196s ago: executing program 0 (id=97): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) clock_gettime(0x0, &(0x7f0000000000)) 6.723667262s ago: executing program 1 (id=98): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=@bridge_dellink={0x2c, 0x11, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x3, 0x0, 0x1, {0x4, 0x6}}]}]}, 0x2c}}, 0x0) 6.706939552s ago: executing program 2 (id=99): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100010000"], 0x54}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0) 6.373668896s ago: executing program 1 (id=100): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001080), 0x3b3004, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000340)=r0, 0x4) 6.296941436s ago: executing program 4 (id=101): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) ioctl$DMA_BUF_SET_NAME_A(r2, 0x40086203, 0x0) 6.178782104s ago: executing program 2 (id=102): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) fcntl$lock(r0, 0x24, &(0x7f0000000140)={0x2, 0x0, 0x800000000000}) 5.959934027s ago: executing program 1 (id=103): r0 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x95d3, 0x0, 0x1}, &(0x7f00000000c0), &(0x7f0000000140)) io_uring_enter(r0, 0x0, 0xe38e, 0x5, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20) 5.779019558s ago: executing program 4 (id=104): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000700)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) read$alg(r1, &(0x7f0000001e00)=""/4108, 0x210) 5.728045082s ago: executing program 2 (id=105): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0xff, 0x71, 0x20, 0x9c4, 0x11, 0xb01c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x4, 0x10, 0x0, [{{0x9, 0x4, 0x7e, 0x10, 0x2, 0x26, 0xd5, 0x18, 0x8, [], [{{0x9, 0x5, 0x6, 0x2, 0x3ff}}, {{0x9, 0x5, 0x82, 0x2, 0x8}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000880)={0x2c, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0003f4000000f403"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f00000004c0)={0x14, 0x0, &(0x7f0000000e00)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_control_io$printer(r0, &(0x7f0000001800)={0x14, &(0x7f0000001740)={0x0, 0x5, 0xc, {0xc, 0x21, "f5b3db686f6331598b91"}}, 0x0}, 0x0) 5.4052387s ago: executing program 4 (id=106): unshare(0x400) openat$uinput(0xffffff9c, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@o_path={0x0, r0}, 0x18) 5.073702155s ago: executing program 4 (id=107): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e22, 0xc, @private2={0xfc, 0x2, '\x00', 0x1}, 0x921}]}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={r1}, 0x8) 4.901011086s ago: executing program 3 (id=108): r0 = syz_open_dev$radio(&(0x7f0000000d80), 0x1, 0x2) ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000000)={0x3}) ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x20000000) ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x1) 4.744223179s ago: executing program 1 (id=109): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000280)="f9", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x9, 0xb}, &(0x7f0000000240)=0x10) 4.541630235s ago: executing program 4 (id=110): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x38}}, 0x0) 4.437051044s ago: executing program 3 (id=111): r0 = socket$inet(0x2, 0x3, 0x4) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xf4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x9c, 0x2, [@TCA_HTB_INIT={0xfffffffffffffe15, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffc}}, @TCA_HTB_INIT={0x18}, @TCA_HTB_DIRECT_QLEN={0x8}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}, @TCA_RATE={0x6}]}, 0xf4}}, 0x0) 4.40249469s ago: executing program 0 (id=112): r0 = syz_io_uring_setup(0x24fb, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@ax25={{0x3, @default}, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}}) io_uring_enter(r0, 0x5b43, 0x0, 0x0, 0x0, 0x0) 4.298184561s ago: executing program 1 (id=113): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'netpci0\x00', 0x2}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x13) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000240)=""/206) 4.043123735s ago: executing program 4 (id=114): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x2c, 0x11, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4}}]}]}, 0x2c}}, 0x0) 3.886507795s ago: executing program 3 (id=115): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) r0 = syz_io_uring_setup(0x3aec, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff86}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 3.853494685s ago: executing program 0 (id=116): r0 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) read(r0, &(0x7f0000000000)=""/150, 0x96) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10) 3.507933564s ago: executing program 0 (id=117): mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000008000/0x3000)=nil) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) io_setup(0x222, &(0x7f0000000180)=0x0) io_submit(r1, 0x2, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) 3.506754114s ago: executing program 3 (id=118): r0 = fsopen(&(0x7f0000000000)='devpts\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 3.181145934s ago: executing program 3 (id=119): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 2.685985195s ago: executing program 0 (id=120): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000600eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 2.636000405s ago: executing program 2 (id=121): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'macvlan1\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}}, 0x0) 0s ago: executing program 3 (id=122): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x64, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x34, 0x51, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "02d0e86cbe4d68f75ce39f0dab"}, @NL80211_KEY_MODE={0x5}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x4}]}]}, @NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x64}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.116' (ED25519) to the list of known hosts. syzkaller login: [ 50.667472][ T5217] cgroup: Unknown subsys name 'net' [ 50.814483][ T5217] cgroup: Unknown subsys name 'cpuset' [ 50.822279][ T5217] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 52.069693][ T5217] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.234141][ T5230] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.264472][ T5230] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.290650][ T5230] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 55.309512][ T5231] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 55.342197][ T5231] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 55.345155][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.357913][ T5231] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 55.358257][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 55.373468][ T5231] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 55.382487][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 55.392002][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 55.399410][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 55.479117][ T5230] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.487337][ T5230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 55.495884][ T5230] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 55.507566][ T5230] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 55.515677][ T5230] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 55.523461][ T5230] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.556417][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.572783][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.583681][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 55.597322][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.615147][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 55.622781][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 55.714971][ T5230] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 55.723551][ T5230] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 55.731717][ T5230] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 55.740350][ T5230] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 55.761440][ T5230] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 55.769851][ T5230] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 55.835357][ T5236] chnl_net:caif_netlink_parms(): no params data found [ 55.904713][ T5235] chnl_net:caif_netlink_parms(): no params data found [ 55.969927][ T5236] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.977943][ T5236] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.985694][ T5236] bridge_slave_0: entered allmulticast mode [ 55.993531][ T5236] bridge_slave_0: entered promiscuous mode [ 56.005237][ T5236] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.013761][ T5236] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.020936][ T5236] bridge_slave_1: entered allmulticast mode [ 56.027784][ T5236] bridge_slave_1: entered promiscuous mode [ 56.090597][ T5236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.103334][ T5236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.176516][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.184751][ T5235] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.193902][ T5235] bridge_slave_0: entered allmulticast mode [ 56.200477][ T5235] bridge_slave_0: entered promiscuous mode [ 56.209571][ T5236] team0: Port device team_slave_0 added [ 56.219029][ T5236] team0: Port device team_slave_1 added [ 56.237721][ T5242] chnl_net:caif_netlink_parms(): no params data found [ 56.247783][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.255264][ T5235] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.262589][ T5235] bridge_slave_1: entered allmulticast mode [ 56.269448][ T5235] bridge_slave_1: entered promiscuous mode [ 56.319549][ T5236] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.327280][ T5236] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.354201][ T5236] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.387912][ T5236] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.394954][ T5236] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.420968][ T5236] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.437587][ T5235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.449366][ T5235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.566187][ T5235] team0: Port device team_slave_0 added [ 56.579957][ T5235] team0: Port device team_slave_1 added [ 56.586404][ T5244] chnl_net:caif_netlink_parms(): no params data found [ 56.595906][ T5242] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.603338][ T5242] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.610500][ T5242] bridge_slave_0: entered allmulticast mode [ 56.617435][ T5242] bridge_slave_0: entered promiscuous mode [ 56.624731][ T5242] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.632009][ T5242] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.639173][ T5242] bridge_slave_1: entered allmulticast mode [ 56.645945][ T5242] bridge_slave_1: entered promiscuous mode [ 56.654902][ T5236] hsr_slave_0: entered promiscuous mode [ 56.661442][ T5236] hsr_slave_1: entered promiscuous mode [ 56.668059][ T5250] chnl_net:caif_netlink_parms(): no params data found [ 56.720581][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.727611][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.753563][ T5235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.799129][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.809422][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.835580][ T5235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.849050][ T5242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.892873][ T5242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.945484][ T5242] team0: Port device team_slave_0 added [ 56.985434][ T5242] team0: Port device team_slave_1 added [ 57.015269][ T5250] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.022943][ T5250] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.030122][ T5250] bridge_slave_0: entered allmulticast mode [ 57.037535][ T5250] bridge_slave_0: entered promiscuous mode [ 57.044620][ T5244] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.051877][ T5244] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.059075][ T5244] bridge_slave_0: entered allmulticast mode [ 57.065920][ T5244] bridge_slave_0: entered promiscuous mode [ 57.086310][ T5235] hsr_slave_0: entered promiscuous mode [ 57.093315][ T5235] hsr_slave_1: entered promiscuous mode [ 57.099377][ T5235] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.107566][ T5235] Cannot create hsr debugfs directory [ 57.113743][ T5250] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.120886][ T5250] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.130394][ T5250] bridge_slave_1: entered allmulticast mode [ 57.138327][ T5250] bridge_slave_1: entered promiscuous mode [ 57.153532][ T5244] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.160642][ T5244] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.170572][ T5244] bridge_slave_1: entered allmulticast mode [ 57.177785][ T5244] bridge_slave_1: entered promiscuous mode [ 57.225905][ T5242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.233054][ T5242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.259341][ T5242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.289200][ T5250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.302649][ T5244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.314456][ T5244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.326136][ T5242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.334447][ T5242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.360840][ T5242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.382502][ T5250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.432845][ T5230] Bluetooth: hci1: command tx timeout [ 57.441483][ T5230] Bluetooth: hci0: command tx timeout [ 57.443054][ T5244] team0: Port device team_slave_0 added [ 57.458875][ T5244] team0: Port device team_slave_1 added [ 57.483912][ T5250] team0: Port device team_slave_0 added [ 57.517315][ T5250] team0: Port device team_slave_1 added [ 57.545102][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.555384][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.582655][ T5244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.592103][ T5230] Bluetooth: hci2: command tx timeout [ 57.613325][ T5242] hsr_slave_0: entered promiscuous mode [ 57.619582][ T5242] hsr_slave_1: entered promiscuous mode [ 57.626518][ T5242] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.634544][ T5242] Cannot create hsr debugfs directory [ 57.649235][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.656534][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.672244][ T5230] Bluetooth: hci3: command tx timeout [ 57.682895][ T5244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.707576][ T5250] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.714624][ T5250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.740851][ T5250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.753570][ T5250] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.760556][ T5250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.786620][ T5250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.831412][ T5230] Bluetooth: hci4: command tx timeout [ 57.876136][ T5244] hsr_slave_0: entered promiscuous mode [ 57.882471][ T5244] hsr_slave_1: entered promiscuous mode [ 57.888496][ T5244] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.896213][ T5244] Cannot create hsr debugfs directory [ 57.927098][ T5236] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.937696][ T5236] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.969229][ T5250] hsr_slave_0: entered promiscuous mode [ 57.976796][ T5250] hsr_slave_1: entered promiscuous mode [ 57.983430][ T5250] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.990993][ T5250] Cannot create hsr debugfs directory [ 58.005200][ T5236] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.036261][ T5236] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.150105][ T5235] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.165315][ T5235] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.180485][ T5235] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.208739][ T5235] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.347520][ T5242] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.366393][ T5242] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.395211][ T5242] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.409471][ T5242] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.450909][ T5244] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.462253][ T5244] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.473045][ T5244] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.498684][ T5244] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.522797][ T5236] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.550473][ T5250] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 58.574212][ T5250] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 58.593657][ T5250] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 58.615307][ T5236] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.623032][ T5250] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 58.639895][ T5235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.669176][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.676597][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.708090][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.715230][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.743880][ T5235] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.775314][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.782494][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.834024][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.841108][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.873147][ T5242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.936036][ T5242] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.960054][ T5244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.978353][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.985996][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.025364][ T5250] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.036048][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.043200][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.077283][ T5244] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.090172][ T5236] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.099668][ T5235] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.118918][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.126094][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.165134][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.172900][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.184559][ T5250] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.207499][ T5242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.222918][ T3338] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.230027][ T3338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.239338][ T3338] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.246527][ T3338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.336765][ T5236] veth0_vlan: entered promiscuous mode [ 59.355756][ T5242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.376083][ T5235] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.410471][ T5236] veth1_vlan: entered promiscuous mode [ 59.434213][ T5250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.500691][ T5242] veth0_vlan: entered promiscuous mode [ 59.512762][ T5230] Bluetooth: hci0: command tx timeout [ 59.518219][ T5230] Bluetooth: hci1: command tx timeout [ 59.543003][ T5242] veth1_vlan: entered promiscuous mode [ 59.556124][ T5244] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.576829][ T5235] veth0_vlan: entered promiscuous mode [ 59.602984][ T5250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.610998][ T5236] veth0_macvtap: entered promiscuous mode [ 59.624797][ T5236] veth1_macvtap: entered promiscuous mode [ 59.654580][ T5235] veth1_vlan: entered promiscuous mode [ 59.663456][ T5236] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.673168][ T5230] Bluetooth: hci2: command tx timeout [ 59.703449][ T5236] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.725628][ T5244] veth0_vlan: entered promiscuous mode [ 59.736797][ T5242] veth0_macvtap: entered promiscuous mode [ 59.751930][ T5230] Bluetooth: hci3: command tx timeout [ 59.762925][ T5236] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.772143][ T5236] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.780867][ T5236] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.790396][ T5236] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.805033][ T5242] veth1_macvtap: entered promiscuous mode [ 59.820340][ T5244] veth1_vlan: entered promiscuous mode [ 59.864047][ T5235] veth0_macvtap: entered promiscuous mode [ 59.881888][ T5250] veth0_vlan: entered promiscuous mode [ 59.890453][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.905075][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.916190][ T5230] Bluetooth: hci4: command tx timeout [ 59.930164][ T5242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.942056][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.952665][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.964827][ T5242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.978471][ T5242] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.988691][ T5242] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.998710][ T5242] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.009076][ T5242] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.022537][ T5235] veth1_macvtap: entered promiscuous mode [ 60.068743][ T5250] veth1_vlan: entered promiscuous mode [ 60.115257][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.130118][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.147508][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.147952][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.166020][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.176734][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.187883][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.198290][ T5244] veth0_macvtap: entered promiscuous mode [ 60.218792][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.229523][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.241145][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.254744][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.266368][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.293532][ T5244] veth1_macvtap: entered promiscuous mode [ 60.304762][ T5235] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.314987][ T5235] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.324180][ T5235] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.334181][ T5235] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.363071][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.378443][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.439798][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.450447][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.460472][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.471069][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.486023][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.496598][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.508386][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.528520][ T5236] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 60.540901][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.554550][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.567494][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.576226][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.586187][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.597067][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.607295][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.617835][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.628759][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.642105][ T5250] veth0_macvtap: entered promiscuous mode [ 60.652864][ T5250] veth1_macvtap: entered promiscuous mode [ 60.667491][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.667927][ T5244] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.685768][ T5244] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.695708][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.707311][ T5244] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.718053][ T5244] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.790720][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.801866][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.812104][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.822674][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.822835][ T5281] kernel read not supported for file /eth0 (pid: 5281 comm: syz.0.1) [ 60.832546][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.832570][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.832583][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.832596][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.833892][ T5250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.898015][ T29] audit: type=1800 audit(1728979455.284:2): pid=5281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1" name="eth0" dev="mqueue" ino=5036 res=0 errno=0 [ 60.927065][ T3338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.928817][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.946126][ T3338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.959934][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.970257][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.981434][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.006258][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.022602][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.037808][ T5250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.049400][ T5250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.060399][ T5250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.090282][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.107966][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.118031][ T5250] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.166728][ T5250] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.175248][ T5288] capability: warning: `syz.0.7' uses deprecated v2 capabilities in a way that may be insecure [ 61.176720][ T5250] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.201525][ T5250] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.286798][ T1583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.322179][ T1583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.416194][ T1583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.437430][ T1583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.488759][ T5294] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 61.552925][ T5296] capability: warning: `syz.0.9' uses 32-bit capabilities (legacy support in use) [ 61.590624][ T29] audit: type=1326 audit(1728979455.974:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 61.594461][ T54] Bluetooth: hci0: command tx timeout [ 61.627389][ T5230] Bluetooth: hci1: command tx timeout [ 61.651076][ T3338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.689675][ T3338] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.700180][ T29] audit: type=1326 audit(1728979456.014:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 61.751768][ T5230] Bluetooth: hci2: command tx timeout [ 61.828454][ T29] audit: type=1326 audit(1728979456.024:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 61.850561][ T5230] Bluetooth: hci3: command tx timeout [ 61.899618][ T29] audit: type=1326 audit(1728979456.074:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 61.961351][ T29] audit: type=1326 audit(1728979456.074:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 61.962510][ T1583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.991776][ T5230] Bluetooth: hci4: command tx timeout [ 62.001567][ T29] audit: type=1326 audit(1728979456.074:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 62.024038][ T29] audit: type=1326 audit(1728979456.074:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 62.046597][ T29] audit: type=1326 audit(1728979456.074:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 62.068723][ T29] audit: type=1326 audit(1728979456.074:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801497dff9 code=0x7ffc0000 [ 62.096652][ T1850] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 62.116607][ T1583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.327393][ T1850] usb 4-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea [ 62.362378][ T1850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.400227][ T1850] usb 4-1: config 0 descriptor?? [ 62.444001][ T1850] usb 4-1: Invalid firmware size=18. [ 62.947501][ T5276] usb 4-1: USB disconnect, device number 2 [ 63.761516][ T5230] Bluetooth: hci0: command tx timeout [ 63.767834][ T5230] Bluetooth: hci1: command tx timeout [ 63.832511][ T5230] Bluetooth: hci2: command tx timeout [ 63.928001][ T5230] Bluetooth: hci3: command tx timeout [ 64.078428][ T5230] Bluetooth: hci4: command tx timeout [ 65.106017][ T5369] netlink: 292 bytes leftover after parsing attributes in process `syz.2.39'. [ 65.574967][ T5375] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 65.637039][ T5375] team0: Device ipvlan2 failed to register rx_handler [ 66.257040][ T5394] process 'syz.1.50' launched './file0' with NULL argv: empty string added [ 66.447094][ T5279] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 66.647454][ T5279] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 66.691337][ T5279] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.754930][ T5279] usb 4-1: config 0 descriptor?? [ 66.829379][ T5403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.54'. [ 67.210555][ T5279] [drm:udl_init] *ERROR* Selecting channel failed [ 67.369127][ T5279] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 67.454303][ T5279] [drm] Initialized udl on minor 2 [ 67.516145][ T5279] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 67.620900][ T5279] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 67.632882][ T5276] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 67.762436][ T5276] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 67.787368][ T5279] usb 4-1: USB disconnect, device number 3 [ 67.879008][ T5276] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 69.561292][ T5453] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies. [ 70.046938][ T5279] IPVS: starting estimator thread 0... [ 70.181462][ T5465] IPVS: using max 27 ests per chain, 64800 per kthread [ 71.091480][ T5279] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 71.317744][ T5279] usb 4-1: config 0 has an invalid interface number: 32 but max is 0 [ 71.355841][ T5279] usb 4-1: config 0 has no interface number 0 [ 71.420771][ T5279] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.528376][ T5279] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.614658][ T5279] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 71.692257][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.698845][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.705353][ T5279] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.767083][ T5279] usb 4-1: config 0 descriptor?? [ 71.785115][ T24] sched: DL replenish lagged too much [ 72.319151][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.433369][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.508975][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.588518][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.651521][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.713631][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.764032][ T5279] logitech-djreceiver 0003:046D:C71B.0001: unknown main item tag 0x0 [ 72.857131][ T5279] logitech-djreceiver 0003:046D:C71B.0001: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.3-1/input32 [ 72.961752][ T5276] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 72.999718][ T5279] usb 4-1: USB disconnect, device number 4 [ 73.161360][ T5276] usb 3-1: Using ep0 maxpacket: 32 [ 73.201811][ T5276] usb 3-1: config 0 has an invalid interface number: 126 but max is 0 [ 73.245319][ T5276] usb 3-1: config 0 has no interface number 0 [ 73.292603][ T5276] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 73.383352][ T5276] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 73.491372][ T5276] usb 3-1: config 0 interface 126 has no altsetting 0 [ 73.558809][ T5276] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 73.628934][ T5276] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.690050][ T5276] usb 3-1: Product: syz [ 73.731338][ T5276] usb 3-1: Manufacturer: syz [ 73.736064][ T5276] usb 3-1: SerialNumber: syz [ 73.841479][ T5276] usb 3-1: config 0 descriptor?? [ 73.847181][ T5512] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 73.871409][ T5512] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 74.020559][ T5526] netlink: 152 bytes leftover after parsing attributes in process `syz.3.111'. [ 74.241926][ T5529] netpci0: tun_chr_ioctl cmd 2148553947 [ 74.417203][ T5276] ir_usb 3-1:0.126: IR Dongle converter detected [ 74.624746][ T5276] usb 3-1: IR Dongle converter now attached to ttyUSB0 [ 74.912082][ T5276] usb 3-1: USB disconnect, device number 2 [ 74.972381][ T5276] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 75.010711][ T5276] ir_usb 3-1:0.126: device disconnected [ 76.845865][ T8] cfg80211: failed to load regulatory.db [ 85.089791][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 85.103383][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 85.118315][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 85.128896][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 85.137343][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 85.149717][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 85.239587][ T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 85.248537][ T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 85.258202][ T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 85.269050][ T54] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 85.277643][ T54] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 85.287595][ T54] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 86.386495][ T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 86.396758][ T54] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 86.405471][ T54] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 86.413824][ T54] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 86.422932][ T54] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 86.430920][ T54] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 86.521779][ T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 86.539335][ T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 86.550090][ T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 86.560242][ T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 86.568342][ T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 86.578617][ T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 87.191513][ T54] Bluetooth: hci5: command tx timeout [ 87.351494][ T54] Bluetooth: hci6: command tx timeout [ 88.556218][ T54] Bluetooth: hci7: command tx timeout [ 88.631556][ T54] Bluetooth: hci8: command tx timeout [ 88.707357][ T5230] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 88.721665][ T5230] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 88.732001][ T5230] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 88.741255][ T5230] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 88.749410][ T5230] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 88.760682][ T5230] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 89.273597][ T54] Bluetooth: hci5: command tx timeout [ 89.431414][ T54] Bluetooth: hci6: command tx timeout [ 90.632237][ T54] Bluetooth: hci7: command tx timeout [ 90.711674][ T54] Bluetooth: hci8: command tx timeout [ 90.791678][ T54] Bluetooth: hci9: command tx timeout [ 91.351451][ T54] Bluetooth: hci5: command tx timeout [ 91.520154][ T5230] Bluetooth: hci6: command tx timeout [ 92.711550][ T54] Bluetooth: hci7: command tx timeout [ 92.794978][ T54] Bluetooth: hci8: command tx timeout [ 92.871551][ T54] Bluetooth: hci9: command tx timeout [ 93.434523][ T54] Bluetooth: hci5: command tx timeout [ 93.591490][ T54] Bluetooth: hci6: command tx timeout [ 94.791572][ T54] Bluetooth: hci7: command tx timeout [ 94.871853][ T54] Bluetooth: hci8: command tx timeout [ 94.951639][ T54] Bluetooth: hci9: command tx timeout [ 97.032316][ T54] Bluetooth: hci9: command tx timeout [ 133.121664][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.128048][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 149.409360][ T5230] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 149.437835][ T5230] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 149.446390][ T5230] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 149.454812][ T5230] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 149.463519][ T5230] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 149.471328][ T5230] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 149.786564][ T54] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 149.812111][ T54] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 149.820366][ T54] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 149.830127][ T54] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 149.838405][ T54] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 149.846229][ T54] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 149.988875][ T5230] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 150.003190][ T5230] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 150.011913][ T5230] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 150.019915][ T5230] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 150.035762][ T5230] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 150.044650][ T5230] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 150.145761][ T54] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 150.164736][ T54] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 150.173353][ T54] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 150.191903][ T54] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 150.200862][ T54] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 150.241547][ T54] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 150.410309][ T5230] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 150.426070][ T5230] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 150.434324][ T5230] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 150.444015][ T5230] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 150.452768][ T5230] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 150.460497][ T5230] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 151.511421][ T54] Bluetooth: hci10: command tx timeout [ 151.911572][ T54] Bluetooth: hci11: command tx timeout [ 152.072288][ T54] Bluetooth: hci12: command tx timeout [ 152.311478][ T5230] Bluetooth: hci13: command tx timeout [ 152.471434][ T54] Bluetooth: hci14: command tx timeout [ 153.598710][ T54] Bluetooth: hci10: command tx timeout [ 153.991368][ T54] Bluetooth: hci11: command tx timeout [ 154.151600][ T54] Bluetooth: hci12: command tx timeout [ 154.391448][ T54] Bluetooth: hci13: command tx timeout [ 154.552515][ T54] Bluetooth: hci14: command tx timeout [ 155.671349][ T54] Bluetooth: hci10: command tx timeout [ 156.071387][ T54] Bluetooth: hci11: command tx timeout [ 156.231432][ T54] Bluetooth: hci12: command tx timeout [ 156.472013][ T54] Bluetooth: hci13: command tx timeout [ 156.631318][ T54] Bluetooth: hci14: command tx timeout [ 157.751377][ T54] Bluetooth: hci10: command tx timeout [ 158.151461][ T54] Bluetooth: hci11: command tx timeout [ 158.311420][ T54] Bluetooth: hci12: command tx timeout [ 158.552674][ T54] Bluetooth: hci13: command tx timeout [ 158.711387][ T54] Bluetooth: hci14: command tx timeout [ 181.284631][ T5592] Bluetooth: hci0: command 0x0406 tx timeout [ 181.290720][ T5592] Bluetooth: hci3: command 0x0406 tx timeout [ 181.320952][ T5592] Bluetooth: hci4: command 0x0406 tx timeout [ 181.356580][ T5592] Bluetooth: hci2: command 0x0406 tx timeout [ 181.362737][ T5592] Bluetooth: hci1: command 0x0406 tx timeout [ 194.566500][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.574136][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 207.433521][ T5233] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 207.448398][ T5233] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 207.456711][ T5233] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 207.466120][ T5233] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 207.475948][ T5233] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 207.494119][ T5233] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 207.780886][ T5233] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 207.796148][ T5233] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 207.804345][ T5233] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 207.822091][ T5233] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 207.833264][ T5233] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 207.842337][ T5233] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 207.962007][ T54] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 207.971619][ T54] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 207.983025][ T54] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 207.992674][ T54] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 208.001795][ T54] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 208.009223][ T54] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 208.279207][ T5233] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 208.289871][ T5233] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 208.304157][ T5233] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 208.316119][ T5233] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 208.327654][ T5233] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 208.340192][ T5233] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 209.591811][ T54] Bluetooth: hci15: command tx timeout [ 209.879988][ T5233] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 209.890412][ T5233] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 209.902385][ T5233] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 209.915494][ T5230] Bluetooth: hci16: command tx timeout [ 209.931367][ T5230] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 209.939404][ T5230] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 209.948238][ T5230] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 210.071372][ T5230] Bluetooth: hci17: command tx timeout [ 210.392797][ T5230] Bluetooth: hci18: command tx timeout [ 211.671715][ T5230] Bluetooth: hci15: command tx timeout [ 212.017466][ T5230] Bluetooth: hci19: command tx timeout [ 212.023284][ T5613] Bluetooth: hci16: command tx timeout [ 212.029513][ T5613] Bluetooth: hci5: command 0x0406 tx timeout [ 212.062775][ T54] Bluetooth: hci9: command 0x0406 tx timeout [ 212.068848][ T54] Bluetooth: hci6: command 0x0406 tx timeout [ 212.075099][ T5613] Bluetooth: hci7: command 0x0406 tx timeout [ 212.083205][ T5230] Bluetooth: hci8: command 0x0406 tx timeout [ 212.151683][ T5593] Bluetooth: hci17: command tx timeout [ 212.471310][ T5233] Bluetooth: hci18: command tx timeout [ 213.752029][ T5233] Bluetooth: hci15: command tx timeout [ 214.151615][ T4623] Bluetooth: hci16: command tx timeout [ 214.157982][ T5233] Bluetooth: hci19: command tx timeout [ 214.231380][ T5233] Bluetooth: hci17: command tx timeout [ 214.551289][ T5233] Bluetooth: hci18: command tx timeout [ 215.831601][ T5233] Bluetooth: hci15: command tx timeout [ 216.231541][ T5233] Bluetooth: hci19: command tx timeout [ 216.237094][ T5233] Bluetooth: hci16: command tx timeout [ 216.311724][ T5233] Bluetooth: hci17: command tx timeout [ 216.631359][ T5233] Bluetooth: hci18: command tx timeout [ 218.311434][ T5233] Bluetooth: hci19: command tx timeout [ 234.871454][ T30] INFO: task kworker/0:0:8 blocked for more than 143 seconds. [ 234.879183][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 234.930959][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 234.971353][ T30] task:kworker/0:0 state:D stack:23344 pid:8 tgid:8 ppid:2 flags:0x00004000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 235.069970][ T30] Workqueue: events request_firmware_work_func [ 235.111328][ T30] Call Trace: [ 235.114669][ T30] [ 235.117619][ T30] __schedule+0x1895/0x4b30 [ 235.155313][ T30] ? __pfx___schedule+0x10/0x10 [ 235.160243][ T30] ? __pfx_lock_release+0x10/0x10 [ 235.209848][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 235.241362][ T30] ? kthread_data+0x52/0xd0 [ 235.245940][ T30] ? schedule+0x90/0x320 [ 235.250212][ T30] ? wq_worker_sleeping+0x66/0x240 [ 235.309623][ T30] ? schedule+0x90/0x320 [ 235.341605][ T30] schedule+0x14b/0x320 [ 235.345836][ T30] schedule_preempt_disabled+0x13/0x30 [ 235.381166][ T30] __mutex_lock+0x6a7/0xd70 [ 235.385744][ T30] ? __mutex_lock+0x52a/0xd70 [ 235.390448][ T30] ? regdb_fw_cb+0x82/0x1c0 [ 235.451409][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 235.456522][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 235.487186][ T30] regdb_fw_cb+0x82/0x1c0 [ 235.511574][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 235.516602][ T30] request_firmware_work_func+0x1a4/0x280 [ 235.558588][ T30] ? __pfx_request_firmware_work_func+0x10/0x10 [ 235.579778][ T30] ? process_scheduled_works+0x976/0x1850 [ 235.601191][ T30] process_scheduled_works+0xa63/0x1850 [ 235.606832][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 235.661205][ T30] ? assign_work+0x364/0x3d0 [ 235.665869][ T30] worker_thread+0x870/0xd30 [ 235.670499][ T30] ? __kthread_parkme+0x169/0x1d0 [ 235.731752][ T30] ? __pfx_worker_thread+0x10/0x10 [ 235.736946][ T30] kthread+0x2f0/0x390 [ 235.741041][ T30] ? __pfx_worker_thread+0x10/0x10 [ 235.781281][ T30] ? __pfx_kthread+0x10/0x10 [ 235.786751][ T30] ret_from_fork+0x4b/0x80 [ 235.819424][ T30] ? __pfx_kthread+0x10/0x10 [ 235.847839][ T30] ret_from_fork_asm+0x1a/0x30 [ 235.858634][ T30] [ 235.877797][ T30] INFO: task kworker/u8:3:52 blocked for more than 144 seconds. [ 235.905763][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 235.918604][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 235.940875][ T30] task:kworker/u8:3 state:D stack:21272 pid:52 tgid:52 ppid:2 flags:0x00004000 [ 235.967366][ T30] Workqueue: events_unbound linkwatch_event [ 235.989074][ T30] Call Trace: [ 235.996412][ T30] [ 235.999386][ T30] __schedule+0x1895/0x4b30 [ 236.019347][ T30] ? __pfx___schedule+0x10/0x10 [ 236.034586][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.039676][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 236.061277][ T30] ? kthread_data+0x52/0xd0 [ 236.065858][ T30] ? schedule+0x90/0x320 [ 236.070127][ T30] ? wq_worker_sleeping+0x66/0x240 [ 236.101277][ T30] ? schedule+0x90/0x320 [ 236.105604][ T30] schedule+0x14b/0x320 [ 236.109795][ T30] schedule_preempt_disabled+0x13/0x30 [ 236.136747][ T30] __mutex_lock+0x6a7/0xd70 [ 236.150015][ T30] ? __mutex_lock+0x52a/0xd70 [ 236.166979][ T30] ? linkwatch_event+0xe/0x60 [ 236.177118][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 236.190964][ T30] ? process_scheduled_works+0x976/0x1850 [ 236.207542][ T30] linkwatch_event+0xe/0x60 [ 236.219551][ T30] process_scheduled_works+0xa63/0x1850 [ 236.239434][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 236.256939][ T30] ? assign_work+0x364/0x3d0 [ 236.272360][ T30] worker_thread+0x870/0xd30 [ 236.277031][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 236.292922][ T30] ? __kthread_parkme+0x169/0x1d0 [ 236.312511][ T30] ? __pfx_worker_thread+0x10/0x10 [ 236.321026][ T30] kthread+0x2f0/0x390 [ 236.336830][ T30] ? __pfx_worker_thread+0x10/0x10 [ 236.351234][ T30] ? __pfx_kthread+0x10/0x10 [ 236.355895][ T30] ret_from_fork+0x4b/0x80 [ 236.360340][ T30] ? __pfx_kthread+0x10/0x10 [ 236.386595][ T30] ret_from_fork_asm+0x1a/0x30 [ 236.398589][ T30] [ 236.411909][ T30] INFO: task jbd2/sda1-8:4647 blocked for more than 144 seconds. [ 236.419683][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 236.454787][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 236.481271][ T30] task:jbd2/sda1-8 state:D stack:24912 pid:4647 tgid:4647 ppid:2 flags:0x00004000 [ 236.503138][ T30] Call Trace: [ 236.506468][ T30] [ 236.509419][ T30] __schedule+0x1895/0x4b30 [ 236.521543][ T30] ? __pfx___schedule+0x10/0x10 [ 236.526456][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.538375][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 236.544738][ T30] ? schedule+0x90/0x320 [ 236.549017][ T30] schedule+0x14b/0x320 [ 236.559851][ T30] io_schedule+0x8d/0x110 [ 236.565732][ T30] bit_wait_io+0x12/0xd0 [ 236.570013][ T30] __wait_on_bit+0xb0/0x2f0 [ 236.580616][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 236.585882][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 236.597479][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 236.604091][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 236.610113][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 236.620820][ T30] jbd2_journal_commit_transaction+0x3df6/0x67e0 [ 236.633815][ T30] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 236.640543][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 236.649779][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 236.657374][ T30] ? __try_to_del_timer_sync+0x2ad/0x340 [ 236.670312][ T30] ? __timer_delete_sync+0x15c/0x310 [ 236.677164][ T30] ? __timer_delete_sync+0x25d/0x310 [ 236.687334][ T30] ? __pfx___timer_delete_sync+0x10/0x10 [ 236.694881][ T30] ? __pfx_do_raw_write_lock+0x10/0x10 [ 236.700387][ T30] ? prepare_to_wait+0x186/0x210 [ 236.711710][ T30] ? schedule+0x90/0x320 [ 236.716003][ T30] kjournald2+0x41c/0x7b0 [ 236.720365][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 236.735227][ T30] ? __pfx_kjournald2+0x10/0x10 [ 236.740133][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 236.749063][ T30] ? __kthread_parkme+0x169/0x1d0 [ 236.757952][ T30] ? __pfx_kjournald2+0x10/0x10 [ 236.767439][ T30] kthread+0x2f0/0x390 [ 236.775797][ T30] ? __pfx_kjournald2+0x10/0x10 [ 236.780691][ T30] ? __pfx_kthread+0x10/0x10 [ 236.788054][ T30] ret_from_fork+0x4b/0x80 [ 236.796271][ T30] ? __pfx_kthread+0x10/0x10 [ 236.800897][ T30] ret_from_fork_asm+0x1a/0x30 [ 236.809634][ T30] [ 236.819073][ T30] INFO: task syz.1.113:5528 blocked for more than 145 seconds. [ 236.829799][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 236.843464][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 236.856004][ T30] task:syz.1.113 state:D stack:21664 pid:5528 tgid:5528 ppid:5235 flags:0x00004004 [ 236.869996][ T30] Call Trace: [ 236.877831][ T30] [ 236.880802][ T30] __schedule+0x1895/0x4b30 [ 236.888519][ T30] ? __pfx___schedule+0x10/0x10 [ 236.896015][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.901096][ T30] ? schedule+0x90/0x320 [ 236.909117][ T30] schedule+0x14b/0x320 [ 236.918360][ T30] schedule_timeout+0xb0/0x310 [ 236.926843][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 236.935587][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 236.945248][ T30] ? wait_for_completion+0x2fe/0x620 [ 236.950628][ T30] ? wait_for_completion+0x2fe/0x620 [ 236.969773][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 236.977235][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 236.987339][ T30] ? wait_for_completion+0x2fe/0x620 [ 236.994514][ T30] wait_for_completion+0x355/0x620 [ 236.999693][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 237.010225][ T30] ? __flush_work+0xe7/0xc50 [ 237.017479][ T30] __flush_work+0xa37/0xc50 [ 237.028346][ T30] ? __flush_work+0xe7/0xc50 [ 237.036233][ T30] ? __pfx___flush_work+0x10/0x10 [ 237.046080][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 237.052962][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 237.059327][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 237.069599][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 237.078739][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 237.090042][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 237.098365][ T30] ? irqentry_exit+0x63/0x90 [ 237.108277][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 237.116518][ T30] ? queue_delayed_work_on+0x237/0x390 [ 237.129063][ T30] ? queue_delayed_work_on+0x267/0x390 [ 237.136094][ T30] ? queue_delayed_work_on+0x271/0x390 [ 237.147131][ T30] unregister_netdevice_queue+0x303/0x370 [ 237.154372][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 237.160662][ T30] __tun_detach+0x6b9/0x1600 [ 237.170228][ T30] tun_chr_close+0x105/0x1b0 [ 237.177709][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 237.187687][ T30] __fput+0x23f/0x880 [ 237.195409][ T30] task_work_run+0x24f/0x310 [ 237.200055][ T30] ? __pfx_task_work_run+0x10/0x10 [ 237.210148][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 237.218910][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 237.230615][ T30] do_syscall_64+0x100/0x230 [ 237.237091][ T30] ? clear_bhb_loop+0x35/0x90 [ 237.247182][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.254648][ T30] RIP: 0033:0x7f1910f7dff9 [ 237.259110][ T30] RSP: 002b:00007f191125fb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 237.276505][ T30] RAX: 0000000000000000 RBX: 0000000000012145 RCX: 00007f1910f7dff9 [ 237.288229][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 237.300008][ T30] RBP: 00007f1911137a80 R08: 0000000000000001 R09: 00007f191125fe7f [ 237.310691][ T30] R10: 00007f1910e00000 R11: 0000000000000246 R12: 0000000000012214 [ 237.326367][ T30] R13: 00007f191125fc90 R14: 0000000000000032 R15: ffffffffffffffff [ 237.337080][ T30] [ 237.340205][ T30] INFO: task syz.4.114:5531 blocked for more than 145 seconds. [ 237.355833][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 237.366114][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.378576][ T30] task:syz.4.114 state:D stack:26976 pid:5531 tgid:5530 ppid:5250 flags:0x00000004 [ 237.396188][ T30] Call Trace: [ 237.399505][ T30] [ 237.402880][ T30] __schedule+0x1895/0x4b30 [ 237.407440][ T30] ? __pfx___schedule+0x10/0x10 [ 237.418554][ T30] ? __pfx_lock_release+0x10/0x10 [ 237.425203][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 237.430880][ T30] ? schedule+0x90/0x320 [ 237.441219][ T30] schedule+0x14b/0x320 [ 237.445432][ T30] schedule_preempt_disabled+0x13/0x30 [ 237.459094][ T30] __mutex_lock+0x6a7/0xd70 [ 237.463975][ T30] ? __mutex_lock+0x52a/0xd70 [ 237.468690][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 237.479851][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 237.487120][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 237.498042][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 237.503603][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 237.509114][ T30] ? ref_tracker_free+0x643/0x7e0 [ 237.520425][ T30] netlink_rcv_skb+0x1e3/0x430 [ 237.526737][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 237.540258][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 237.546379][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 237.559873][ T30] netlink_unicast+0x7f6/0x990 [ 237.565069][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 237.570393][ T30] ? __virt_addr_valid+0x183/0x530 [ 237.581482][ T30] ? __check_object_size+0x48e/0x900 [ 237.586825][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 237.598073][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.603676][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 237.608648][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.620337][ T30] __sock_sendmsg+0x221/0x270 [ 237.625341][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 237.631515][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 237.636853][ T30] __sys_sendmsg+0x292/0x380 [ 237.648981][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 237.655643][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 237.667853][ T30] ? do_syscall_64+0x100/0x230 [ 237.674388][ T30] ? do_syscall_64+0xb6/0x230 [ 237.679105][ T30] do_syscall_64+0xf3/0x230 [ 237.689782][ T30] ? clear_bhb_loop+0x35/0x90 [ 237.696087][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.708016][ T30] RIP: 0033:0x7fd30d17dff9 [ 237.712611][ T30] RSP: 002b:00007fd30dee3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 237.721059][ T30] RAX: ffffffffffffffda RBX: 00007fd30d335f80 RCX: 00007fd30d17dff9 [ 237.736487][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 237.746512][ T30] RBP: 00007fd30d1f0296 R08: 0000000000000000 R09: 0000000000000000 [ 237.762733][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.770749][ T30] R13: 0000000000000000 R14: 00007fd30d335f80 R15: 00007fd30d45fa28 [ 237.784951][ T30] [ 237.788085][ T30] INFO: task syz.0.120:5546 blocked for more than 146 seconds. [ 237.798763][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 237.812562][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.825008][ T30] task:syz.0.120 state:D stack:27136 pid:5546 tgid:5544 ppid:5236 flags:0x00000004 [ 237.839011][ T30] Call Trace: [ 237.847970][ T30] [ 237.850942][ T30] __schedule+0x1895/0x4b30 [ 237.858787][ T30] ? __pfx___schedule+0x10/0x10 [ 237.867479][ T30] ? __pfx_lock_release+0x10/0x10 [ 237.875527][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 237.881040][ T30] ? schedule+0x90/0x320 [ 237.889133][ T30] schedule+0x14b/0x320 [ 237.897337][ T30] schedule_preempt_disabled+0x13/0x30 [ 237.906533][ T30] __mutex_lock+0x6a7/0xd70 [ 237.911078][ T30] ? __mutex_lock+0x52a/0xd70 [ 237.918428][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 237.931277][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 237.937498][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 237.948586][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 237.955202][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 237.960709][ T30] ? ref_tracker_free+0x643/0x7e0 [ 237.972483][ T30] netlink_rcv_skb+0x1e3/0x430 [ 237.977301][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 237.986980][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 237.995230][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 238.000485][ T30] netlink_unicast+0x7f6/0x990 [ 238.010342][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 238.018252][ T30] ? __virt_addr_valid+0x183/0x530 [ 238.027168][ T30] ? __check_object_size+0x48e/0x900 [ 238.035001][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 238.040980][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.050217][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 238.059573][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.068592][ T30] __sock_sendmsg+0x221/0x270 [ 238.077026][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 238.085550][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.090896][ T30] __sys_sendmsg+0x292/0x380 [ 238.098728][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.107620][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.117811][ T30] ? do_syscall_64+0x100/0x230 [ 238.126306][ T30] ? do_syscall_64+0xb6/0x230 [ 238.131023][ T30] do_syscall_64+0xf3/0x230 [ 238.138208][ T30] ? clear_bhb_loop+0x35/0x90 [ 238.147712][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.158361][ T30] RIP: 0033:0x7f346617dff9 [ 238.166603][ T30] RSP: 002b:00007f3466f17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.177659][ T30] RAX: ffffffffffffffda RBX: 00007f3466335f80 RCX: 00007f346617dff9 [ 238.189354][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 238.199897][ T30] RBP: 00007f34661f0296 R08: 0000000000000000 R09: 0000000000000000 [ 238.215670][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.225317][ T30] R13: 0000000000000000 R14: 00007f3466335f80 R15: 00007f346645fa28 [ 238.242580][ T30] [ 238.248426][ T30] INFO: task syz.2.121:5547 blocked for more than 146 seconds. [ 238.265106][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 238.274282][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.287824][ T30] task:syz.2.121 state:D stack:27136 pid:5547 tgid:5545 ppid:5242 flags:0x00000004 [ 238.299532][ T30] Call Trace: [ 238.308740][ T30] [ 238.315946][ T30] __schedule+0x1895/0x4b30 [ 238.320518][ T30] ? __pfx___schedule+0x10/0x10 [ 238.330212][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.337222][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 238.348685][ T30] ? schedule+0x90/0x320 [ 238.355597][ T30] schedule+0x14b/0x320 [ 238.359800][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.370926][ T30] __mutex_lock+0x6a7/0xd70 [ 238.377087][ T30] ? __mutex_lock+0x52a/0xd70 [ 238.388082][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 238.398621][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 238.408479][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 238.417150][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 238.427034][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 238.434209][ T30] ? ref_tracker_free+0x643/0x7e0 [ 238.439277][ T30] netlink_rcv_skb+0x1e3/0x430 [ 238.450622][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 238.457676][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 238.468436][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 238.477515][ T30] netlink_unicast+0x7f6/0x990 [ 238.484904][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 238.490230][ T30] ? __virt_addr_valid+0x183/0x530 [ 238.499235][ T30] ? __check_object_size+0x48e/0x900 [ 238.507212][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 238.517724][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.525575][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 238.530558][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.539766][ T30] __sock_sendmsg+0x221/0x270 [ 238.547038][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 238.558546][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.566423][ T30] __sys_sendmsg+0x292/0x380 [ 238.571062][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.580762][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.589744][ T30] ? do_syscall_64+0x100/0x230 [ 238.598437][ T30] ? do_syscall_64+0xb6/0x230 [ 238.606895][ T30] do_syscall_64+0xf3/0x230 [ 238.615431][ T30] ? clear_bhb_loop+0x35/0x90 [ 238.620155][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.628725][ T30] RIP: 0033:0x7f801497dff9 [ 238.636849][ T30] RSP: 002b:00007f8015792038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.647840][ T30] RAX: ffffffffffffffda RBX: 00007f8014b35f80 RCX: 00007f801497dff9 [ 238.664908][ T30] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 238.676209][ T30] RBP: 00007f80149f0296 R08: 0000000000000000 R09: 0000000000000000 [ 238.687883][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.699878][ T30] R13: 0000000000000000 R14: 00007f8014b35f80 R15: 00007f8014c5fa28 [ 238.711166][ T30] [ 238.714698][ T30] INFO: task syz.3.122:5549 blocked for more than 147 seconds. [ 238.728470][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 238.737656][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.751236][ T30] task:syz.3.122 state:D stack:25984 pid:5549 tgid:5548 ppid:5244 flags:0x00000004 [ 238.768193][ T30] Call Trace: [ 238.772707][ T30] [ 238.775678][ T30] __schedule+0x1895/0x4b30 [ 238.780895][ T30] ? __pfx___schedule+0x10/0x10 [ 238.791257][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.796331][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 238.810059][ T30] ? schedule+0x90/0x320 [ 238.814731][ T30] schedule+0x14b/0x320 [ 238.818930][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.830413][ T30] __mutex_lock+0x6a7/0xd70 [ 238.835317][ T30] ? __mutex_lock+0x52a/0xd70 [ 238.840030][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 238.850957][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 238.858832][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 238.871002][ T30] ? __nla_parse+0x40/0x60 [ 238.875864][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 238.880671][ T30] genl_rcv_msg+0xaaa/0xec0 [ 238.892410][ T30] ? mark_lock+0x9a/0x360 [ 238.896792][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.908084][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 238.914593][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 238.920000][ T30] ? __pfx_nl80211_join_ibss+0x10/0x10 [ 238.930377][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 238.937330][ T30] ? __pfx___might_resched+0x10/0x10 [ 238.947503][ T30] netlink_rcv_skb+0x1e3/0x430 [ 238.955747][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.966685][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 238.973530][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 238.979095][ T30] genl_rcv+0x28/0x40 [ 238.988644][ T30] netlink_unicast+0x7f6/0x990 [ 238.995295][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 239.000616][ T30] ? __virt_addr_valid+0x183/0x530 [ 239.012234][ T30] ? __check_object_size+0x48e/0x900 [ 239.017565][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 239.028530][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 239.034225][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 239.039204][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 239.051675][ T30] __sock_sendmsg+0x221/0x270 [ 239.056406][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 239.068367][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 239.074034][ T30] __sys_sendmsg+0x292/0x380 [ 239.078675][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 239.090466][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.098234][ T30] ? do_syscall_64+0x100/0x230 [ 239.109393][ T30] ? do_syscall_64+0xb6/0x230 [ 239.115526][ T30] do_syscall_64+0xf3/0x230 [ 239.120074][ T30] ? clear_bhb_loop+0x35/0x90 [ 239.130823][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.137190][ T30] RIP: 0033:0x7fbf0f77dff9 [ 239.148664][ T30] RSP: 002b:00007fbf0f1ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 239.157463][ T30] RAX: ffffffffffffffda RBX: 00007fbf0f935f80 RCX: 00007fbf0f77dff9 [ 239.171245][ T30] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 239.179268][ T30] RBP: 00007fbf0f7f0296 R08: 0000000000000000 R09: 0000000000000000 [ 239.194839][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.206549][ T30] R13: 0000000000000000 R14: 00007fbf0f935f80 R15: 00007fbf0fa5fa28 [ 239.217547][ T30] [ 239.220658][ T30] INFO: task syz-executor:5557 blocked for more than 147 seconds. [ 239.234468][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 239.246992][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.257177][ T30] task:syz-executor state:D stack:26592 pid:5557 tgid:5557 ppid:1 flags:0x00004006 [ 239.273658][ T30] Call Trace: [ 239.276979][ T30] [ 239.279929][ T30] __schedule+0x1895/0x4b30 [ 239.295434][ T30] ? __pfx___schedule+0x10/0x10 [ 239.300339][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.310273][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 239.317231][ T30] ? schedule+0x90/0x320 [ 239.325741][ T30] schedule+0x14b/0x320 [ 239.329943][ T30] schedule_preempt_disabled+0x13/0x30 [ 239.339844][ T30] __mutex_lock+0x6a7/0xd70 [ 239.348175][ T30] ? __mutex_lock+0x52a/0xd70 [ 239.358233][ T30] ? register_nexthop_notifier+0x84/0x290 [ 239.368600][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 239.376422][ T30] ? __asan_memset+0x23/0x50 [ 239.381062][ T30] register_nexthop_notifier+0x84/0x290 [ 239.394687][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 239.400539][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 239.409585][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 239.419482][ T30] ? __asan_memset+0x23/0x50 [ 239.426693][ T30] ops_init+0x31e/0x590 [ 239.431065][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 239.441264][ T30] setup_net+0x287/0x9e0 [ 239.445549][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 239.457832][ T30] ? __pfx_setup_net+0x10/0x10 [ 239.462997][ T30] copy_net_ns+0x33f/0x570 [ 239.467459][ T30] create_new_namespaces+0x425/0x7b0 [ 239.479905][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 239.486020][ T30] ksys_unshare+0x57d/0xa70 [ 239.498323][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 239.503718][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.510080][ T30] ? do_syscall_64+0x100/0x230 [ 239.520923][ T30] __x64_sys_unshare+0x38/0x40 [ 239.526088][ T30] do_syscall_64+0xf3/0x230 [ 239.530623][ T30] ? clear_bhb_loop+0x35/0x90 [ 239.542762][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.548707][ T30] RIP: 0033:0x7f071d97f7f7 [ 239.559526][ T30] RSP: 002b:00007f071dc5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 239.568369][ T30] RAX: ffffffffffffffda RBX: 00007f071d9f1a85 RCX: 00007f071d97f7f7 [ 239.583555][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 239.597313][ T30] RBP: 0000000000000000 R08: 00007f071e667d60 R09: 0000000000000000 [ 239.608028][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 239.619978][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 239.630613][ T30] [ 239.638310][ T30] INFO: task syz-executor:5558 blocked for more than 148 seconds. [ 239.648706][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 239.660096][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.675385][ T30] task:syz-executor state:D stack:25232 pid:5558 tgid:5558 ppid:1 flags:0x00004004 [ 239.689516][ T30] Call Trace: [ 239.696529][ T30] [ 239.699495][ T30] __schedule+0x1895/0x4b30 [ 239.707256][ T30] ? __pfx___schedule+0x10/0x10 [ 239.715801][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.720874][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 239.728984][ T30] ? schedule+0x90/0x320 [ 239.738238][ T30] schedule+0x14b/0x320 [ 239.745001][ T30] schedule_preempt_disabled+0x13/0x30 [ 239.750503][ T30] __mutex_lock+0x6a7/0xd70 [ 239.759926][ T30] ? __mutex_lock+0x52a/0xd70 [ 239.767176][ T30] ? register_nexthop_notifier+0x84/0x290 [ 239.777897][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 239.786122][ T30] ? __asan_memset+0x23/0x50 [ 239.790763][ T30] register_nexthop_notifier+0x84/0x290 [ 239.801437][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 239.807289][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 239.820724][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 239.827259][ T30] ? __asan_memset+0x23/0x50 [ 239.841028][ T30] ops_init+0x31e/0x590 [ 239.845514][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 239.850925][ T30] setup_net+0x287/0x9e0 [ 239.861188][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 239.866776][ T30] ? __pfx_setup_net+0x10/0x10 [ 239.876625][ T30] copy_net_ns+0x33f/0x570 [ 239.882544][ T30] create_new_namespaces+0x425/0x7b0 [ 239.887886][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 239.901281][ T30] ksys_unshare+0x57d/0xa70 [ 239.906473][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 239.917607][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.924268][ T30] ? do_syscall_64+0x100/0x230 [ 239.929069][ T30] __x64_sys_unshare+0x38/0x40 [ 239.939781][ T30] do_syscall_64+0xf3/0x230 [ 239.945838][ T30] ? clear_bhb_loop+0x35/0x90 [ 239.950550][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.962448][ T30] RIP: 0033:0x7f989157f7f7 [ 239.966899][ T30] RSP: 002b:00007f989185ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 239.979220][ T30] RAX: ffffffffffffffda RBX: 00007f98915f1a85 RCX: 00007f989157f7f7 [ 239.997533][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 240.008656][ T30] RBP: 0000000000000000 R08: 00007f9892267d60 R09: 0000000000000000 [ 240.019286][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 240.030924][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 240.047346][ T30] [ 240.050401][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 240.059952][ T30] INFO: task syz-executor:5562 blocked for more than 148 seconds. [ 240.073899][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 240.086859][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 240.101201][ T30] task:syz-executor state:D stack:26256 pid:5562 tgid:5562 ppid:1 flags:0x00004006 [ 240.117446][ T30] Call Trace: [ 240.120758][ T30] [ 240.124163][ T30] __schedule+0x1895/0x4b30 [ 240.128732][ T30] ? __pfx___schedule+0x10/0x10 [ 240.141379][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.146457][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 240.159364][ T30] ? schedule+0x90/0x320 [ 240.164037][ T30] schedule+0x14b/0x320 [ 240.168234][ T30] schedule_preempt_disabled+0x13/0x30 [ 240.179760][ T30] __mutex_lock+0x6a7/0xd70 [ 240.185756][ T30] ? __mutex_lock+0x52a/0xd70 [ 240.197445][ T30] ? register_nexthop_notifier+0x84/0x290 [ 240.203647][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 240.209381][ T30] ? __asan_memset+0x23/0x50 [ 240.220200][ T30] register_nexthop_notifier+0x84/0x290 [ 240.227676][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 240.239426][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 240.245999][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 240.258178][ T30] ? __asan_memset+0x23/0x50 [ 240.263115][ T30] ops_init+0x31e/0x590 [ 240.267314][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 240.278757][ T30] setup_net+0x287/0x9e0 [ 240.284679][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 240.291518][ T30] ? __pfx_setup_net+0x10/0x10 [ 240.296336][ T30] copy_net_ns+0x33f/0x570 [ 240.300783][ T30] create_new_namespaces+0x425/0x7b0 [ 240.315305][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 240.321089][ T30] ksys_unshare+0x57d/0xa70 [ 240.329804][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 240.339322][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 240.349385][ T30] ? do_syscall_64+0x100/0x230 [ 240.356725][ T30] __x64_sys_unshare+0x38/0x40 [ 240.365143][ T30] do_syscall_64+0xf3/0x230 [ 240.369683][ T30] ? clear_bhb_loop+0x35/0x90 [ 240.378239][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.387800][ T30] RIP: 0033:0x7fb4d097f7f7 [ 240.398760][ T30] RSP: 002b:00007fb4d0c5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 240.410876][ T30] RAX: ffffffffffffffda RBX: 00007fb4d09f1a85 RCX: 00007fb4d097f7f7 [ 240.423431][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 240.436477][ T30] RBP: 0000000000000000 R08: 00007fb4d1667d60 R09: 0000000000000000 [ 240.446329][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 240.459131][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 240.469596][ T30] [ 240.478685][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 240.489204][ T30] INFO: task syz-executor:5564 blocked for more than 148 seconds. [ 240.504119][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 240.515063][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 240.529321][ T30] task:syz-executor state:D stack:26640 pid:5564 tgid:5564 ppid:1 flags:0x00004004 [ 240.542178][ T30] Call Trace: [ 240.545486][ T30] [ 240.548437][ T30] __schedule+0x1895/0x4b30 [ 240.558734][ T30] ? __pfx___schedule+0x10/0x10 [ 240.565067][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.570135][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 240.581363][ T30] ? schedule+0x90/0x320 [ 240.585653][ T30] schedule+0x14b/0x320 [ 240.589838][ T30] schedule_preempt_disabled+0x13/0x30 [ 240.602568][ T30] __mutex_lock+0x6a7/0xd70 [ 240.607116][ T30] ? __mutex_lock+0x52a/0xd70 [ 240.617052][ T30] ? register_nexthop_notifier+0x84/0x290 [ 240.625989][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 240.641516][ T30] ? __asan_memset+0x23/0x50 [ 240.646169][ T30] register_nexthop_notifier+0x84/0x290 [ 240.657104][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 240.663681][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 240.669959][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 240.683390][ T30] ? __asan_memset+0x23/0x50 [ 240.688028][ T30] ops_init+0x31e/0x590 [ 240.697314][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 240.705300][ T30] setup_net+0x287/0x9e0 [ 240.709584][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 240.720275][ T30] ? __pfx_setup_net+0x10/0x10 [ 240.729111][ T30] copy_net_ns+0x33f/0x570 [ 240.738496][ T30] create_new_namespaces+0x425/0x7b0 [ 240.745296][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 240.751057][ T30] ksys_unshare+0x57d/0xa70 [ 240.760509][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 240.767033][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 240.779621][ T30] ? do_syscall_64+0x100/0x230 [ 240.785827][ T30] __x64_sys_unshare+0x38/0x40 [ 240.790627][ T30] do_syscall_64+0xf3/0x230 [ 240.802261][ T30] ? clear_bhb_loop+0x35/0x90 [ 240.806985][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.818065][ T30] RIP: 0033:0x7f34e617f7f7 [ 240.825343][ T30] RSP: 002b:00007f34e645ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 240.840334][ T30] RAX: ffffffffffffffda RBX: 00007f34e61f1a85 RCX: 00007f34e617f7f7 [ 240.850660][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 240.864645][ T30] RBP: 0000000000000000 R08: 00007f34e6e67d60 R09: 0000000000000000 [ 240.877613][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 240.889649][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 240.900352][ T30] [ 240.908133][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 240.925069][ T30] INFO: task syz-executor:5567 blocked for more than 149 seconds. [ 240.935565][ T30] Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 240.946917][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 240.958573][ T30] task:syz-executor state:D stack:26624 pid:5567 tgid:5567 ppid:1 flags:0x00004004 [ 240.971181][ T30] Call Trace: [ 240.974490][ T30] [ 240.977441][ T30] __schedule+0x1895/0x4b30 [ 240.988187][ T30] ? __pfx___schedule+0x10/0x10 [ 240.993761][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.998823][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 241.011205][ T30] ? schedule+0x90/0x320 [ 241.015491][ T30] schedule+0x14b/0x320 [ 241.019675][ T30] schedule_preempt_disabled+0x13/0x30 [ 241.033701][ T30] __mutex_lock+0x6a7/0xd70 [ 241.038253][ T30] ? __mutex_lock+0x52a/0xd70 [ 241.048926][ T30] ? register_nexthop_notifier+0x84/0x290 [ 241.055085][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 241.060153][ T30] ? __asan_memset+0x23/0x50 [ 241.070743][ T30] register_nexthop_notifier+0x84/0x290 [ 241.077807][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 241.089599][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 241.096207][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 241.109412][ T30] ? __asan_memset+0x23/0x50 [ 241.114932][ T30] ops_init+0x31e/0x590 [ 241.119126][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 241.130623][ T30] setup_net+0x287/0x9e0 [ 241.137005][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 241.147348][ T30] ? __pfx_setup_net+0x10/0x10 [ 241.153587][ T30] copy_net_ns+0x33f/0x570 [ 241.158052][ T30] create_new_namespaces+0x425/0x7b0 [ 241.168302][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 241.176689][ T30] ksys_unshare+0x57d/0xa70 [ 241.186125][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 241.193960][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.200331][ T30] ? do_syscall_64+0x100/0x230 [ 241.210047][ T30] __x64_sys_unshare+0x38/0x40 [ 241.217785][ T30] do_syscall_64+0xf3/0x230 [ 241.228207][ T30] ? clear_bhb_loop+0x35/0x90 [ 241.234951][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.240889][ T30] RIP: 0033:0x7f496317f7f7 [ 241.250187][ T30] RSP: 002b:00007f496345ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 241.260100][ T30] RAX: ffffffffffffffda RBX: 00007f49631f1a85 RCX: 00007f496317f7f7 [ 241.279235][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 241.287601][ T30] RBP: 0000000000000000 R08: 00007f4963e67d60 R09: 0000000000000000 [ 241.301214][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 241.309223][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 241.325638][ T30] [ 241.328694][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 241.345005][ T30] [ 241.345005][ T30] Showing all locks held in the system: [ 241.357475][ T30] 3 locks held by kworker/0:0/8: [ 241.368331][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 241.382030][ T30] #1: ffffc900000d7d00 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 241.399014][ T30] #2: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: regdb_fw_cb+0x82/0x1c0 [ 241.409347][ T30] 1 lock held by khungtaskd/30: [ 241.421234][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 241.440333][ T30] 3 locks held by kworker/u8:2/35: [ 241.445765][ T30] #0: ffff88814c100148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 241.461150][ T30] #1: ffffc90000ab7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 241.480870][ T30] #2: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 241.490836][ T30] 3 locks held by kworker/u8:3/52: [ 241.501385][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 241.522422][ T30] #1: ffffc90000bd7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 241.540058][ T30] #2: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 241.549868][ T30] 4 locks held by kworker/1:2/1850: [ 241.561332][ T30] 2 locks held by getty/4986: [ 241.566041][ T30] #0: ffff88803248a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 241.583074][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 241.597093][ T30] 3 locks held by kworker/0:5/5276: [ 241.604894][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 241.626185][ T30] #1: ffffc90003a5fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 241.637761][ T30] #2: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 241.654456][ T30] 2 locks held by syz.1.113/5528: [ 241.659523][ T30] #0: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 241.672419][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 241.687900][ T30] 1 lock held by syz.4.114/5531: [ 241.695422][ T30] #0: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 241.708570][ T30] 1 lock held by syz.0.120/5546: [ 241.717843][ T30] #0: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 241.734642][ T30] 1 lock held by syz.2.121/5547: [ 241.739628][ T30] #0: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 241.758757][ T30] 2 locks held by syz.3.122/5549: [ 241.765704][ T30] #0: ffffffff8fd381f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 241.778852][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 241.789670][ T30] 2 locks held by syz-executor/5557: [ 241.799792][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.811861][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.826441][ T30] 2 locks held by syz-executor/5558: [ 241.835787][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.848608][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.866838][ T30] 2 locks held by syz-executor/5562: [ 241.872873][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.888230][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.900633][ T30] 2 locks held by syz-executor/5564: [ 241.911202][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.920676][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.938648][ T30] 2 locks held by syz-executor/5567: [ 241.944395][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.962406][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.978421][ T30] 2 locks held by syz-executor/5582: [ 241.984461][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.001759][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.017754][ T30] 2 locks held by syz-executor/5584: [ 242.023399][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.039850][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.052029][ T30] 2 locks held by syz-executor/5586: [ 242.057345][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.073095][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.087877][ T30] 2 locks held by syz-executor/5589: [ 242.097128][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.110277][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.122901][ T30] 2 locks held by syz-executor/5591: [ 242.128213][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.146187][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.157527][ T30] 2 locks held by syz-executor/5604: [ 242.168763][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.178665][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.196080][ T30] 2 locks held by syz-executor/5606: [ 242.202101][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.217591][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.227988][ T30] 2 locks held by syz-executor/5608: [ 242.241171][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.256524][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.268071][ T30] 2 locks held by syz-executor/5610: [ 242.279298][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.290282][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.305286][ T30] 2 locks held by syz-executor/5614: [ 242.310603][ T30] #0: ffffffff8fcc5990 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 242.326651][ T30] #1: ffffffff8fcd2488 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 242.339638][ T30] [ 242.347812][ T30] ============================================= [ 242.347812][ T30] [ 242.357423][ T30] NMI backtrace for cpu 0 [ 242.361794][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 242.372321][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.382393][ T30] Call Trace: [ 242.385687][ T30] [ 242.388637][ T30] dump_stack_lvl+0x241/0x360 [ 242.393341][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.398555][ T30] ? __pfx__printk+0x10/0x10 [ 242.403176][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 242.408138][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 242.413614][ T30] ? _printk+0xd5/0x120 [ 242.417794][ T30] ? __pfx__printk+0x10/0x10 [ 242.422406][ T30] ? __wake_up_klogd+0xcc/0x110 [ 242.427279][ T30] ? __pfx__printk+0x10/0x10 [ 242.431891][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 242.436934][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 242.442937][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 242.448942][ T30] watchdog+0xff4/0x1040 [ 242.453207][ T30] ? watchdog+0x1ea/0x1040 [ 242.457652][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.462346][ T30] kthread+0x2f0/0x390 [ 242.466429][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.471125][ T30] ? __pfx_kthread+0x10/0x10 [ 242.475729][ T30] ret_from_fork+0x4b/0x80 [ 242.480168][ T30] ? __pfx_kthread+0x10/0x10 [ 242.484779][ T30] ret_from_fork_asm+0x1a/0x30 [ 242.489573][ T30] [ 242.493622][ T30] Sending NMI from CPU 0 to CPUs 1: [ 242.498876][ C1] NMI backtrace for cpu 1 [ 242.498888][ C1] CPU: 1 UID: 0 PID: 1850 Comm: kworker/1:2 Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 242.498908][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.498918][ C1] Workqueue: events_power_efficient neigh_periodic_work [ 242.498941][ C1] RIP: 0010:deref_stack_reg+0x1ac/0x210 [ 242.498959][ C1] Code: 24 18 48 89 e8 48 c1 e8 03 80 3c 18 00 74 08 48 89 ef e8 27 0b bd 00 4c 89 75 00 b0 01 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f <5d> c3 cc cc cc cc 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c db fe ff [ 242.498976][ C1] RSP: 0018:ffffc90000a17c60 EFLAGS: 00000282 [ 242.498989][ C1] RAX: 1ffff92000142f01 RBX: ffffffff9127fe18 RCX: 0000000000000000 [ 242.499001][ C1] RDX: dffffc0000000000 RSI: ffffc90000a11000 RDI: ffffc90000a18750 [ 242.499012][ C1] RBP: ffffc90000a17d80 R08: ffffc90000a18750 R09: 0000000000000000 [ 242.499024][ C1] R10: ffffc90000a17d90 R11: fffff52000142fb4 R12: ffffc90000a19000 [ 242.499035][ C1] R13: ffffc90000a17d40 R14: ffffffff8a20546e R15: ffffc90000a17d90 [ 242.499047][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 242.499061][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.499072][ C1] CR2: 0000001b32c1bff8 CR3: 000000000e734000 CR4: 00000000003526f0 [ 242.499086][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 242.499095][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 242.499105][ C1] Call Trace: [ 242.499110][ C1] [ 242.499117][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 242.499135][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 242.499156][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 242.499172][ C1] ? nmi_handle+0x2a/0x5a0 [ 242.499195][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 242.499213][ C1] ? nmi_handle+0x14f/0x5a0 [ 242.499228][ C1] ? nmi_handle+0x2a/0x5a0 [ 242.499243][ C1] ? deref_stack_reg+0x1ac/0x210 [ 242.499257][ C1] ? default_do_nmi+0x63/0x160 [ 242.499275][ C1] ? exc_nmi+0x123/0x1f0 [ 242.499292][ C1] ? end_repeat_nmi+0xf/0x53 [ 242.499307][ C1] ? NF_HOOK+0x29e/0x450 [ 242.499327][ C1] ? deref_stack_reg+0x1ac/0x210 [ 242.499341][ C1] ? deref_stack_reg+0x1ac/0x210 [ 242.499356][ C1] ? deref_stack_reg+0x1ac/0x210 [ 242.499371][ C1] [ 242.499376][ C1] [ 242.499382][ C1] unwind_next_frame+0x1799/0x22d0 [ 242.499400][ C1] ? nf_hook_slow+0xc3/0x220 [ 242.499420][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 242.499438][ C1] arch_stack_walk+0x11c/0x150 [ 242.499457][ C1] ? NF_HOOK+0x29e/0x450 [ 242.499474][ C1] stack_trace_save+0x118/0x1d0 [ 242.499492][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 242.499515][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.499537][ C1] kasan_save_track+0x3f/0x80 [ 242.499552][ C1] ? kasan_save_track+0x3f/0x80 [ 242.499566][ C1] ? kasan_save_free_info+0x40/0x50 [ 242.499584][ C1] ? __kasan_slab_free+0x59/0x70 [ 242.499599][ C1] ? kmem_cache_free+0x1a2/0x420 [ 242.499616][ C1] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 242.499635][ C1] ? nft_synproxy_do_eval+0x362/0xa60 [ 242.499653][ C1] ? nft_do_chain+0x4ad/0x1da0 [ 242.499671][ C1] ? nft_do_chain_inet+0x418/0x6b0 [ 242.499689][ C1] ? nf_hook_slow+0xc3/0x220 [ 242.499724][ C1] ? skb_release_data+0x6a0/0x8a0 [ 242.499741][ C1] kasan_save_free_info+0x40/0x50 [ 242.499759][ C1] __kasan_slab_free+0x59/0x70 [ 242.499774][ C1] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 242.499793][ C1] kmem_cache_free+0x1a2/0x420 [ 242.499811][ C1] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 242.499831][ C1] nft_synproxy_eval_v4+0x3d2/0x610 [ 242.499853][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 242.499873][ C1] ? nf_ip_checksum+0x13a/0x500 [ 242.499894][ C1] nft_synproxy_do_eval+0x362/0xa60 [ 242.499915][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 242.499933][ C1] ? __hrtimer_run_queues+0xcdc/0xd50 [ 242.499951][ C1] ? __pfx_validate_chain+0x10/0x10 [ 242.499966][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 242.499988][ C1] nft_do_chain+0x4ad/0x1da0 [ 242.500013][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 242.500031][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 242.500061][ C1] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 242.500079][ C1] nft_do_chain_inet+0x418/0x6b0 [ 242.500098][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 242.500116][ C1] ? ipt_do_table+0x312/0x1860 [ 242.500142][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 242.500160][ C1] nf_hook_slow+0xc3/0x220 [ 242.500178][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 242.500194][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 242.500210][ C1] NF_HOOK+0x29e/0x450 [ 242.500227][ C1] ? NF_HOOK+0x9a/0x450 [ 242.500242][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 242.500259][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 242.500278][ C1] ? ip_rcv_finish+0x406/0x560 [ 242.500295][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 242.500310][ C1] NF_HOOK+0x3a4/0x450 [ 242.500325][ C1] ? __lock_acquire+0x1384/0x2050 [ 242.500344][ C1] ? NF_HOOK+0x9a/0x450 [ 242.500359][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 242.500374][ C1] ? ip_rcv_core+0x801/0xd10 [ 242.500390][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 242.500410][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 242.500426][ C1] __netif_receive_skb+0x2bf/0x650 [ 242.500444][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 242.500463][ C1] ? __pfx___netif_receive_skb+0x10/0x10 [ 242.500480][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.500504][ C1] ? __pfx_lock_release+0x10/0x10 [ 242.500524][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 242.500548][ C1] process_backlog+0x662/0x15b0 [ 242.500568][ C1] ? process_backlog+0x33b/0x15b0 [ 242.500589][ C1] ? __pfx_process_backlog+0x10/0x10 [ 242.500605][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.500626][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 242.500647][ C1] __napi_poll+0xcb/0x490 [ 242.500665][ C1] net_rx_action+0x89b/0x1240 [ 242.500691][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 242.500711][ C1] ? sched_clock+0x4a/0x70 [ 242.500735][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 242.500759][ C1] handle_softirqs+0x2c5/0x980 [ 242.500779][ C1] ? do_softirq+0x11b/0x1e0 [ 242.500798][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 242.500816][ C1] ? rcu_is_watching+0x15/0xb0 [ 242.500834][ C1] do_softirq+0x11b/0x1e0 [ 242.500851][ C1] [ 242.500856][ C1] [ 242.500862][ C1] ? __pfx_do_softirq+0x10/0x10 [ 242.500879][ C1] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 242.500900][ C1] ? rcu_is_watching+0x15/0xb0 [ 242.500916][ C1] __local_bh_enable_ip+0x1bb/0x200 [ 242.500934][ C1] ? neigh_periodic_work+0xb35/0xd50 [ 242.500951][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 242.500969][ C1] ? neigh_destroy+0x423/0x580 [ 242.500989][ C1] neigh_periodic_work+0xb35/0xd50 [ 242.501010][ C1] ? process_scheduled_works+0x976/0x1850 [ 242.501029][ C1] process_scheduled_works+0xa63/0x1850 [ 242.501059][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 242.501081][ C1] ? assign_work+0x364/0x3d0 [ 242.501101][ C1] worker_thread+0x870/0xd30 [ 242.501127][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 242.501148][ C1] ? __kthread_parkme+0x169/0x1d0 [ 242.501168][ C1] ? __pfx_worker_thread+0x10/0x10 [ 242.501187][ C1] kthread+0x2f0/0x390 [ 242.501201][ C1] ? __pfx_worker_thread+0x10/0x10 [ 242.501218][ C1] ? __pfx_kthread+0x10/0x10 [ 242.501233][ C1] ret_from_fork+0x4b/0x80 [ 242.501250][ C1] ? __pfx_kthread+0x10/0x10 [ 242.501265][ C1] ret_from_fork_asm+0x1a/0x30 [ 242.501288][ C1] [ 243.277912][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 243.284811][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 243.295327][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 243.305397][ T30] Call Trace: [ 243.308688][ T30] [ 243.311630][ T30] dump_stack_lvl+0x241/0x360 [ 243.316328][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.321543][ T30] ? __pfx__printk+0x10/0x10 [ 243.326152][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.332160][ T30] ? vscnprintf+0x5d/0x90 [ 243.336513][ T30] panic+0x349/0x880 [ 243.340429][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 243.346606][ T30] ? __pfx_panic+0x10/0x10 [ 243.351039][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 243.356431][ T30] ? __irq_work_queue_local+0x137/0x410 [ 243.362002][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 243.367387][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 243.373558][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 243.379734][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 243.385912][ T30] watchdog+0x1033/0x1040 [ 243.390261][ T30] ? watchdog+0x1ea/0x1040 [ 243.394698][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.399395][ T30] kthread+0x2f0/0x390 [ 243.403486][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.408180][ T30] ? __pfx_kthread+0x10/0x10 [ 243.412782][ T30] ret_from_fork+0x4b/0x80 [ 243.417220][ T30] ? __pfx_kthread+0x10/0x10 [ 243.421821][ T30] ret_from_fork_asm+0x1a/0x30 [ 243.426615][ T30] [ 243.429956][ T30] Kernel Offset: disabled [ 243.434280][ T30] Rebooting in 86400 seconds..