last executing test programs: 40.933019676s ago: executing program 2 (id=4786): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='bbr\x00', 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) 40.590316503s ago: executing program 1 (id=4788): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x18, 0x0, 0x0) bind$inet(r0, 0x0, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mkdirat(0xffffffffffffff9c, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f0000000000), 0x4240a2a0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4000000000000a12, 0x0) 39.963904164s ago: executing program 2 (id=4790): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[], 0x7c}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x24, 0x0, &(0x7f0000000100)) 39.762346282s ago: executing program 2 (id=4791): socket(0x10, 0x803, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$key(0xf, 0x3, 0x2) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0x8) ioctl$SIOCSIFHWADDR(r0, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'}) 39.606208348s ago: executing program 1 (id=4792): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004002800018007000100637400001c00028008000240000000150500030000000000080001400000000d0900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x400) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}]}}}}}}}, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[], 0x0) 39.275334596s ago: executing program 1 (id=4795): socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdir(0x0, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000ac0)={0x3, 0x0, [{0x10000, 0xe4, &(0x7f0000001cc0)=""/228}, {0x0, 0x5, &(0x7f0000000240)=""/5}, {0x0, 0xa7, &(0x7f0000000a00)=""/167}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20003) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f40)={0x11, 0x1, &(0x7f0000000140)=@raw=[@jmp={0x5, 0x1, 0x3, 0x0, 0x9, 0xfffffffffffffe5c}], &(0x7f0000000180)='GPL\x00', 0xfffffffa, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0), &(0x7f00000006c0), 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x2100000000000000, &(0x7f0000000840)=@base={0xa, 0x101, 0x7ffb, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00'}) 38.621666793s ago: executing program 4 (id=4798): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r1, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, 0x0, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, 0x0}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) r4 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6f94f90224fc600e0005000a000200053582c137153e3704000880fc0b09000300", 0x33fe0}], 0x1}, 0x0) syz_emit_ethernet(0x46, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2b, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @broadcast=0xac1414bb, {[@cipso={0x86, 0x6}]}}}}}}}, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) 38.608285859s ago: executing program 2 (id=4799): sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000000011140100000000000000000008004a00000000f107004b"], 0x20}}, 0x0) 38.334301879s ago: executing program 2 (id=4801): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="0b1c6840a936a0e377c392a7a3b38e1d", 0x10) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000007c40)=[{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000340)="e7b43786ed2e3ec68c78255c7a2a17848ca191c13fa2c389d1332f973fd665e71bd13300f61b4d2bd324f765692a6cc31d998a57a62a4319e5fc97a9b3d122c0a40d91d535fb720a26d211c40320abf547b0e5", 0x53}, {&(0x7f0000001500)}, {&(0x7f00000016c0)}], 0x3, &(0x7f00000026c0)=[@assoc={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000003880)=[{{0x0, 0x0, &(0x7f0000008e80)=[{&(0x7f0000007d80)=""/4093, 0xffd}], 0x1}}], 0x1, 0x0, 0x0) 38.183714764s ago: executing program 0 (id=4802): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x18, 0x0, 0x0) bind$inet(r0, 0x0, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mkdirat(0xffffffffffffff9c, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f0000000000), 0x4240a2a0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4000000000000a12, 0x0) 38.174903905s ago: executing program 4 (id=4803): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) 37.769858283s ago: executing program 1 (id=4804): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000ffdbdf256c00000008000300", @ANYRES32=r1], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0) 36.526317191s ago: executing program 4 (id=4805): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x2, 0x9, 0x30, 0x67, 0x0, 0x2, 0x1, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3, 0xe2}, @ssrr={0x89, 0x3, 0x2e}]}}, @timestamp_reply={0xe, 0x0, 0x0, 0x81, 0x8, 0x99f, 0x10000, 0x2}}}}}, 0x0) 36.420631719s ago: executing program 2 (id=4806): pipe(&(0x7f0000000000)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) pipe(&(0x7f0000000200)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8) r1 = getpid() capget(&(0x7f0000000c00)={0x20071026, r1}, &(0x7f0000000c40)={0xa0f, 0x880, 0x7ff, 0x48000, 0x5, 0xa0}) 35.466361403s ago: executing program 0 (id=4808): r0 = socket(0x8000000010, 0x2, 0x0) write(r0, &(0x7f00000003c0)="fc0000001c000900ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c286480d0000b9d95662537a00bc000c10f0ff7f0000b400600033254d48ecaa448355ae0c3397d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3632e94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f31d8f9ab3ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af00", 0xfc) 35.410399346s ago: executing program 3 (id=4809): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e) listen(r1, 0x0) connect$unix(r0, &(0x7f0000000640)=@file={0x1}, 0x6e) r2 = socket$kcm(0x10, 0x100000000002, 0x4) sendmsg$kcm(r2, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0100d41f215c0000883795c04a31ba377a1b2cc32b38d3440c6942cb76cab3000000", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0) 35.373030472s ago: executing program 4 (id=4810): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)={0x60, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "543f06fcde9e0821fad184a7cae1985949c797cb7c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x81}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040800}, 0x0) 35.274106655s ago: executing program 1 (id=4811): sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000000011140100000000000000000008004a00000000f107004b"], 0x20}}, 0x0) 35.105184298s ago: executing program 0 (id=4812): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c956fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d68d7489cfcb0176"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) 35.002875997s ago: executing program 3 (id=4813): mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) write$binfmt_aout(r2, 0x0, 0x28) 34.914381093s ago: executing program 4 (id=4814): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20000000ec071, 0xffffffffffffffff, 0x4000) mmap(&(0x7f0000724000/0x1000)=nil, 0x1000, 0x0, 0x4000932, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) 34.914013682s ago: executing program 1 (id=4815): r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x2000, 0x0, @mcast1, 0x9}, 0x34) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9584, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x584}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 26.797894547s ago: executing program 0 (id=4816): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000, 0x1, 0x2}, 0x1c) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r3, &(0x7f0000000340)={0x2c, 0xa, r5}, 0x10) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x33fe1, 0x0) 25.12188397s ago: executing program 3 (id=4818): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) pwritev2(r0, 0x0, 0x0, 0x5405, 0x0, 0x0) 24.560302357s ago: executing program 3 (id=4821): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001e01000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x4) 23.998074515s ago: executing program 3 (id=4822): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_open_procfs(0xffffffffffffffff, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {0x0, 0x0, 0x0, 0x57d1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x80000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x28}, {0x0, 0x0, 0x0, 0x0, 0x107f86e5}, {}, {}, {}, {}, {0x400000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) 23.826718169s ago: executing program 0 (id=4823): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000180)) timer_settime(0x0, 0x0, 0x0, 0x0) close(0xffffffffffffffff) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000900007b8af8ff00000000bfa200000000000007020000faffffffb703000008000000b7040000000000008500000003000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000700), &(0x7f0000000780)="0082570135b985d28b5a08d1d26f9f5ee90f78677afef2b226", 0x40}, 0x38) 23.390257033s ago: executing program 3 (id=4824): bpf$MAP_CREATE(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) syslog(0x2, 0xfffffffffffffffc, 0x1000000) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00') rmdir(&(0x7f00000001c0)='./file0\x00') 23.362440207s ago: executing program 0 (id=4825): r0 = io_uring_setup(0x599c, &(0x7f00000002c0)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r2}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 0s ago: executing program 4 (id=4820): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x54, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x54}}, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x50, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffa7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x50}}, 0x0) kernel console output (not intermixed with test programs): blems! [ 2804.347810][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2804.359605][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.392452][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2804.432482][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.443914][T20905] usb 4-1: USB disconnect, device number 46 [ 2804.456384][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2804.467656][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.507235][T29524] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2804.533178][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2804.563340][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.575309][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2804.590636][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.607527][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2804.642619][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.660974][T29524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2804.684388][T29524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2804.706014][T29524] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2804.772185][T29524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2804.802425][T29524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2804.812401][T29524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2804.834721][T29524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2804.887096][T29699] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4369'. [ 2804.969919][ T45] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 2804.994818][ T45] ath9k_htc: Failed to initialize the device [ 2805.031826][T20905] usb 4-1: ath9k_htc: USB layer deinitialized [ 2805.128290][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2805.142536][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2805.287616][T16480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2805.328036][T16480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2805.663301][T29711] 9pnet_fd: Insufficient options for proto=fd [ 2805.728570][T20905] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 2805.779110][T29715] autofs: Unknown parameter 'ÿÿ0x0000000000000000' [ 2805.891917][T20905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2805.925408][T20905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2805.966698][T27024] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 2806.662169][T27024] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 2806.668518][T20905] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 2806.681955][T20905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2806.692014][T20905] usb 4-1: config 0 descriptor?? [ 2806.716840][T27024] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2806.746186][T27024] usb 1-1: Product: syz [ 2806.750667][T27024] usb 1-1: Manufacturer: syz [ 2806.755289][T27024] usb 1-1: SerialNumber: syz [ 2806.784529][T27024] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 2806.817019][ T45] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 2807.590631][T20905] zydacron 0003:13EC:0006.0031: unknown main item tag 0x0 [ 2807.649780][T20905] zydacron 0003:13EC:0006.0031: unknown main item tag 0x0 [ 2807.925413][T20905] zydacron 0003:13EC:0006.0031: unknown main item tag 0x0 [ 2807.932715][T20905] zydacron 0003:13EC:0006.0031: unknown main item tag 0x0 [ 2808.157249][T20905] zydacron 0003:13EC:0006.0031: item fetching failed at offset 4/5 [ 2808.208716][ T45] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 2808.216656][ T45] ath9k_htc: Failed to initialize the device [ 2808.231294][T29735] tmpfs: Bad value for 'mpol' [ 2808.926076][T20905] zydacron 0003:13EC:0006.0031: parse failed [ 2808.932620][T20905] zydacron 0003:13EC:0006.0031: probe with driver zydacron failed with error -22 [ 2809.737014][T29745] netlink: 'syz.4.4377': attribute type 1 has an invalid length. [ 2809.746602][T29745] netlink: 'syz.4.4377': attribute type 2 has an invalid length. [ 2809.956612][ T45] usb 1-1: ath9k_htc: USB layer deinitialized [ 2810.216866][ T29] audit: type=1400 audit(2941.245:1401): avc: denied { write } for pid=29730 comm="syz.4.4377" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 2810.317592][T20905] usb 4-1: USB disconnect, device number 47 [ 2810.369712][ T45] usb 1-1: USB disconnect, device number 55 [ 2810.575333][ T5263] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 2810.880476][ T5263] usb 2-1: New USB device found, idVendor=06cd, idProduct=010c, bcdDevice= a.f0 [ 2811.262685][ T5263] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2811.487582][T29762] tmpfs: Bad value for 'mpol' [ 2811.495104][ T29] audit: type=1326 audit(2943.209:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.518200][ T29] audit: type=1326 audit(2943.209:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.541276][ T29] audit: type=1326 audit(2943.209:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.564336][ T29] audit: type=1326 audit(2943.209:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.587389][ T29] audit: type=1326 audit(2943.209:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.614849][ T29] audit: type=1326 audit(2943.209:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.637857][ T29] audit: type=1326 audit(2943.209:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.660306][ T5263] usb 2-1: Product: syz [ 2811.660837][ T29] audit: type=1326 audit(2943.209:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.664968][ T5263] usb 2-1: Manufacturer: syz [ 2811.687859][ T29] audit: type=1326 audit(2943.209:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29753 comm="syz.0.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f61e077dff9 code=0x7ffc0000 [ 2811.716619][ T5263] usb 2-1: SerialNumber: syz [ 2811.736234][ T5263] usb 2-1: config 0 descriptor?? [ 2811.745164][ T5263] keyspan 2-1:0.0: Keyspan 1 port adapter converter detected [ 2811.752848][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 84 [ 2811.761291][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81 [ 2811.769030][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 82 [ 2811.776716][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1 [ 2811.784417][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2 [ 2811.793733][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83 [ 2811.801478][ T5263] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3 [ 2811.820778][ T5263] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 2812.449477][T18203] usb 2-1: USB disconnect, device number 54 [ 2812.457257][T18203] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 2812.474355][T29777] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4384'. [ 2812.483786][T18203] keyspan 2-1:0.0: device disconnected [ 2813.752255][T29794] tmpfs: Bad value for 'mpol' [ 2814.658691][T29811] tmpfs: Bad value for 'mpol' [ 2814.858546][T29805] Cannot find add_set index 0 as target [ 2815.221537][T29824] netlink: 'syz.2.4398': attribute type 4 has an invalid length. [ 2815.230215][T29824] netlink: 206236 bytes leftover after parsing attributes in process `syz.2.4398'. [ 2815.406043][ T5263] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 2815.443643][T29826] FAULT_INJECTION: forcing a failure. [ 2815.443643][T29826] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2815.471607][T29826] CPU: 0 UID: 0 PID: 29826 Comm: syz.0.4400 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 2815.482035][T29826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2815.492079][T29826] Call Trace: [ 2815.495351][T29826] [ 2815.498272][T29826] dump_stack_lvl+0x16c/0x1f0 [ 2815.502948][T29826] should_fail_ex+0x497/0x5b0 [ 2815.507626][T29826] _copy_from_user+0x30/0xf0 [ 2815.512213][T29826] ____sys_sendmsg+0x8d2/0xc90 [ 2815.516972][T29826] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2815.522253][T29826] ? __pfx___lock_acquire+0x10/0x10 [ 2815.527449][T29826] ___sys_sendmsg+0x135/0x1e0 [ 2815.532122][T29826] ? __pfx____sys_sendmsg+0x10/0x10 [ 2815.537323][T29826] ? lock_acquire+0x2f/0xb0 [ 2815.541812][T29826] ? __fget_files+0x40/0x3f0 [ 2815.546404][T29826] ? fdget+0x176/0x210 [ 2815.550470][T29826] __sys_sendmsg+0x117/0x1f0 [ 2815.555055][T29826] ? __pfx___sys_sendmsg+0x10/0x10 [ 2815.560172][T29826] ? __fget_files+0x244/0x3f0 [ 2815.564880][T29826] do_syscall_64+0xcd/0x250 [ 2815.569382][T29826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2815.575267][T29826] RIP: 0033:0x7f61e077dff9 [ 2815.579670][T29826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2815.599267][T29826] RSP: 002b:00007f61e1537038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2815.607677][T29826] RAX: ffffffffffffffda RBX: 00007f61e0935f80 RCX: 00007f61e077dff9 [ 2815.615642][T29826] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003 [ 2815.623602][T29826] RBP: 00007f61e1537090 R08: 0000000000000000 R09: 0000000000000000 [ 2815.631561][T29826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2815.639518][T29826] R13: 0000000000000000 R14: 00007f61e0935f80 R15: 00007ffe07f12848 [ 2815.647487][T29826] [ 2815.650626][ C0] vkms_vblank_simulate: vblank timer overrun [ 2815.749647][ T5263] usb 5-1: Using ep0 maxpacket: 32 [ 2815.773630][ T5263] usb 5-1: unable to get BOS descriptor or descriptor too short [ 2815.835146][ T5263] usb 5-1: config 12 has an invalid interface number: 184 but max is 0 [ 2815.865968][ T5263] usb 5-1: config 12 has no interface number 0 [ 2815.872186][ T5263] usb 5-1: config 12 interface 184 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2815.903786][ T5263] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=84.a2 [ 2815.917764][ T5263] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2816.059900][ T5263] usb 5-1: Product: syz [ 2816.064273][ T5263] usb 5-1: Manufacturer: syz [ 2816.069359][ T5263] usb 5-1: SerialNumber: syz [ 2816.181893][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 2816.181934][ T29] audit: type=1326 audit(2948.185:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.343650][T29843] tmpfs: Bad value for 'mpol' [ 2816.807724][ T29] audit: type=1326 audit(2948.185:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.828390][T29819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2816.852846][ T29] audit: type=1326 audit(2948.185:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.876255][ T29] audit: type=1326 audit(2948.185:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.876409][T29819] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2816.899987][ T29] audit: type=1326 audit(2948.185:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.906891][ C0] vkms_vblank_simulate: vblank timer overrun [ 2816.939630][ T29] audit: type=1326 audit(2948.185:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.962788][ T29] audit: type=1326 audit(2948.185:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2816.970914][ T5263] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 2816.986555][ T29] audit: type=1326 audit(2948.185:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2817.017630][ T29] audit: type=1326 audit(2948.185:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2817.042091][ T29] audit: type=1326 audit(2948.185:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29835 comm="syz.3.4405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7ffc0000 [ 2817.074271][ T5263] usb 5-1: USB disconnect, device number 54 [ 2817.394673][T29856] tmpfs: Bad value for 'mpol' [ 2817.662900][T29857] Cannot find add_set index 0 as target [ 2818.234679][T29875] netlink: 'syz.2.4413': attribute type 29 has an invalid length. [ 2818.242785][T29875] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4413'. [ 2818.307172][T29871] netlink: 'syz.2.4413': attribute type 29 has an invalid length. [ 2818.315569][T29871] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4413'. [ 2818.625752][T18203] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 2818.745007][T29880] netlink: 'syz.1.4415': attribute type 3 has an invalid length. [ 2818.752828][T29880] netlink: 'syz.1.4415': attribute type 28 has an invalid length. [ 2818.761028][T29880] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4415'. [ 2818.778513][T18203] usb 4-1: Using ep0 maxpacket: 8 [ 2818.815295][T18203] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 2818.841017][T18203] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2818.903106][T18203] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2818.918792][T18203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2818.942666][T18203] usb 4-1: Product: syz [ 2818.946823][T18203] usb 4-1: Manufacturer: syz [ 2818.969939][T18203] usb 4-1: SerialNumber: syz [ 2818.997535][ T5263] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 2818.997917][T29874] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 2819.084625][T29886] input: syz0 as /devices/virtual/input/input167 [ 2819.134227][T29887] netlink: 'syz.2.4417': attribute type 4 has an invalid length. [ 2819.142627][T29887] netlink: 206236 bytes leftover after parsing attributes in process `syz.2.4417'. [ 2819.210357][T29872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2819.226233][T29872] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2819.258996][T29872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2819.269768][T29872] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2819.314259][T29872] netlink: 2548 bytes leftover after parsing attributes in process `syz.3.4414'. [ 2819.327062][T29872] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4414'. [ 2819.386075][T18203] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71 [ 2819.427297][T18203] usb 4-1: USB disconnect, device number 48 [ 2819.840333][T29891] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4418'. [ 2821.054721][ T45] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 2821.063439][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 2821.063456][ T29] audit: type=1326 audit(2953.318:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.092623][ C0] vkms_vblank_simulate: vblank timer overrun [ 2821.120904][ T29] audit: type=1326 audit(2953.318:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.152076][T29905] tmpfs: Bad value for 'mpol' [ 2821.158130][ T29] audit: type=1326 audit(2953.350:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.181200][ C0] vkms_vblank_simulate: vblank timer overrun [ 2821.193795][ T29] audit: type=1326 audit(2953.350:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.201631][ T45] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 2821.216825][ C0] vkms_vblank_simulate: vblank timer overrun [ 2821.248215][ T29] audit: type=1326 audit(2953.350:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.262823][ T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2821.285708][ T29] audit: type=1326 audit(2953.350:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.297333][ T45] usb 4-1: Product: syz [ 2821.308693][ C0] vkms_vblank_simulate: vblank timer overrun [ 2821.319834][ T29] audit: type=1326 audit(2953.350:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.342137][ T45] usb 4-1: Manufacturer: syz [ 2821.342822][ C0] vkms_vblank_simulate: vblank timer overrun [ 2821.354014][ T45] usb 4-1: SerialNumber: syz [ 2821.363640][ T29] audit: type=1326 audit(2953.350:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.385272][ T45] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 2821.406762][T18203] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 2821.425041][ T29] audit: type=1326 audit(2953.350:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2821.456594][ T29] audit: type=1326 audit(2953.350:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29902 comm="syz.4.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2822.339117][T29917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2822.379035][T29917] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2822.715302][T18203] usb 4-1: Service connection timeout for: 256 [ 2822.723052][T18203] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 2823.041448][T29922] netlink: 'syz.2.4427': attribute type 29 has an invalid length. [ 2823.111286][T18203] ath9k_htc: Failed to initialize the device [ 2823.140097][T29922] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4427'. [ 2823.166662][T18203] usb 4-1: ath9k_htc: USB layer deinitialized [ 2823.217667][T29928] netlink: 'syz.2.4427': attribute type 29 has an invalid length. [ 2823.225658][T29928] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4427'. [ 2823.250834][T29936] netlink: 'syz.0.4430': attribute type 4 has an invalid length. [ 2823.282274][T29936] netlink: 206236 bytes leftover after parsing attributes in process `syz.0.4430'. [ 2823.455627][T18203] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 2823.560167][ T5263] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 2823.588666][ T45] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 2823.619424][T18203] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 2823.633597][T18203] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2823.642935][T18203] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 2823.650962][T18203] usb 5-1: SerialNumber: syz [ 2823.705006][ T5263] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2823.716110][ T5263] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2823.728817][ T5263] usb 2-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 2823.740350][ T5263] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2823.750550][ T5263] usb 2-1: config 0 descriptor?? [ 2823.757905][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2823.769264][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2823.786988][ T45] usb 3-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 2823.796956][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2823.813567][ T45] usb 3-1: config 0 descriptor?? [ 2824.061650][T29942] 9pnet_fd: Insufficient options for proto=fd [ 2824.159885][ T5263] zydacron 0003:13EC:0006.0032: unknown main item tag 0x0 [ 2824.178212][ T5263] zydacron 0003:13EC:0006.0032: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.1-1/input0 [ 2824.212149][ T45] zydacron 0003:13EC:0006.0033: unknown main item tag 0x0 [ 2824.232221][ T45] zydacron 0003:13EC:0006.0033: hidraw1: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.2-1/input0 [ 2824.235771][T29935] FAULT_INJECTION: forcing a failure. [ 2824.235771][T29935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2824.273478][T29935] CPU: 0 UID: 0 PID: 29935 Comm: syz.4.4431 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 2824.283918][T29935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2824.293988][T29935] Call Trace: [ 2824.297270][T29935] [ 2824.300188][T29935] dump_stack_lvl+0x16c/0x1f0 [ 2824.304887][T29935] should_fail_ex+0x497/0x5b0 [ 2824.309575][T29935] _copy_from_user+0x30/0xf0 [ 2824.314190][T29935] get_timespec64+0x8c/0x240 [ 2824.318808][T29935] ? __pfx_get_timespec64+0x10/0x10 [ 2824.324026][T29935] ? __mutex_unlock_slowpath+0x164/0x650 [ 2824.329689][T29935] get_itimerspec64+0x40/0x60 [ 2824.334387][T29935] __x64_sys_timer_settime+0x17e/0x2c0 [ 2824.339864][T29935] ? __pfx___x64_sys_timer_settime+0x10/0x10 [ 2824.345861][T29935] ? ksys_write+0x1ad/0x260 [ 2824.350374][T29935] do_syscall_64+0xcd/0x250 [ 2824.354910][T29935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2824.360811][T29935] RIP: 0033:0x7f888677dff9 [ 2824.365235][T29935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2824.384842][T29935] RSP: 002b:00007f888763a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df [ 2824.393263][T29935] RAX: ffffffffffffffda RBX: 00007f8886935f80 RCX: 00007f888677dff9 [ 2824.401232][T29935] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000 [ 2824.409205][T29935] RBP: 00007f888763a090 R08: 0000000000000000 R09: 0000000000000000 [ 2824.417177][T29935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2824.425154][T29935] R13: 0000000000000000 R14: 00007f8886935f80 R15: 00007ffdf0b83b58 [ 2824.433139][T29935] [ 2824.464899][T18203] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 2824.510336][T18203] usb 2-1: USB disconnect, device number 56 [ 2824.527007][ T45] usb 3-1: USB disconnect, device number 51 [ 2824.608390][ T5263] usb 4-1: USB disconnect, device number 49 [ 2824.842845][ T45] usb 5-1: USB disconnect, device number 55 [ 2824.853365][ T45] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 2825.193308][T29955] autofs: Unknown parameter './file1' [ 2825.467556][T29961] tmpfs: Bad value for 'mpol' [ 2827.165004][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 2827.171396][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 2827.511834][T29984] netlink: 'syz.1.4442': attribute type 29 has an invalid length. [ 2827.586497][T29984] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4442'. [ 2827.631515][T29975] netlink: 'syz.1.4442': attribute type 29 has an invalid length. [ 2827.656512][T29975] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4442'. [ 2829.102854][T18203] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 2829.367453][T30011] FAULT_INJECTION: forcing a failure. [ 2829.367453][T30011] name failslab, interval 1, probability 0, space 0, times 0 [ 2829.380832][T30011] CPU: 0 UID: 0 PID: 30011 Comm: syz.0.4451 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 2829.391285][T30011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2829.401354][T30011] Call Trace: [ 2829.404642][T30011] [ 2829.407584][T30011] dump_stack_lvl+0x16c/0x1f0 [ 2829.412294][T30011] should_fail_ex+0x497/0x5b0 [ 2829.416996][T30011] ? fs_reclaim_acquire+0xae/0x160 [ 2829.422138][T30011] should_failslab+0xc2/0x120 [ 2829.426838][T30011] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 2829.432232][T30011] ? prepare_creds+0x2e/0x750 [ 2829.436942][T30011] prepare_creds+0x2e/0x750 [ 2829.441469][T30011] ? __pfx_get_random_u64+0x10/0x10 [ 2829.446694][T30011] copy_creds+0xa7/0xa50 [ 2829.450973][T30011] copy_process+0x10b5/0x8dc0 [ 2829.455674][T30011] ? __pfx___lock_acquire+0x10/0x10 [ 2829.460915][T30011] ? __pfx_copy_process+0x10/0x10 [ 2829.465964][T30011] ? get_pid_task+0xfc/0x250 [ 2829.470583][T30011] ? __pfx_lock_release+0x10/0x10 [ 2829.475636][T30011] ? trace_lock_acquire+0x14a/0x1d0 [ 2829.480868][T30011] ? find_held_lock+0x2d/0x110 [ 2829.485666][T30011] ? find_held_lock+0x2d/0x110 [ 2829.490461][T30011] kernel_clone+0xfd/0x960 [ 2829.494902][T30011] ? __pfx_kernel_clone+0x10/0x10 [ 2829.499962][T30011] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2829.505973][T30011] __do_sys_clone+0xba/0x100 [ 2829.510588][T30011] ? __pfx___do_sys_clone+0x10/0x10 [ 2829.515829][T30011] do_syscall_64+0xcd/0x250 [ 2829.520361][T30011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2829.526275][T30011] RIP: 0033:0x7f61e077dff9 [ 2829.530704][T30011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2829.550335][T30011] RSP: 002b:00007f61e1536fe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 2829.558772][T30011] RAX: ffffffffffffffda RBX: 00007f61e0935f80 RCX: 00007f61e077dff9 [ 2829.566763][T30011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000080 [ 2829.574757][T30011] RBP: 00007f61e1537090 R08: 0000000000000000 R09: 0000000000000000 [ 2829.582755][T30011] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 2829.590747][T30011] R13: 0000000000000000 R14: 00007f61e0935f80 R15: 00007ffe07f12848 [ 2829.598753][T30011] [ 2830.218035][T18203] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2830.238370][T18203] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2830.248535][T18203] usb 5-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 2830.257653][T18203] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2830.305129][T18203] usb 5-1: config 0 descriptor?? [ 2830.769854][T18203] zydacron 0003:13EC:0006.0034: unknown main item tag 0x0 [ 2830.783735][T18203] zydacron 0003:13EC:0006.0034: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.4-1/input0 [ 2831.124130][T18203] usb 5-1: USB disconnect, device number 56 [ 2832.849363][T30053] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2832.891042][T30053] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4459'. [ 2833.544488][T30056] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 2833.723240][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 2833.723252][ T29] audit: type=1326 audit(2966.609:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30060 comm="syz.3.4462" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff250d7dff9 code=0x0 [ 2834.287501][T30071] bridge0: port 2(bridge_slave_1) entered disabled state [ 2834.294820][T30071] bridge0: port 1(bridge_slave_0) entered disabled state [ 2834.310802][T30071] bridge0: port 2(bridge_slave_1) entered blocking state [ 2834.317942][T30071] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2834.325547][T30071] bridge0: port 1(bridge_slave_0) entered blocking state [ 2834.332657][T30071] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2834.341156][T30071] bridge0: entered promiscuous mode [ 2834.348811][T30071] bridge0: entered allmulticast mode [ 2834.990879][T30080] bridge0: port 2(bridge_slave_1) entered disabled state [ 2834.998403][T30080] bridge0: port 1(bridge_slave_0) entered disabled state [ 2835.038959][T30080] bridge0: port 2(bridge_slave_1) entered blocking state [ 2835.046099][T30080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2835.053539][T30080] bridge0: port 1(bridge_slave_0) entered blocking state [ 2835.060700][T30080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2835.068777][T30080] bridge0: entered promiscuous mode [ 2835.074083][T30080] bridge0: entered allmulticast mode [ 2835.798558][T30081] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4468'. [ 2835.880815][ T29] audit: type=1400 audit(2968.876:1526): avc: denied { create } for pid=30084 comm="syz.4.4469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 2835.900614][ C0] vkms_vblank_simulate: vblank timer overrun [ 2836.103480][ T29] audit: type=1400 audit(2968.908:1527): avc: denied { setopt } for pid=30084 comm="syz.4.4469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 2836.123296][ C0] vkms_vblank_simulate: vblank timer overrun [ 2838.181705][T30094] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2838.208093][T30094] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4471'. [ 2838.858728][T30100] tmpfs: Bad value for 'mpol' [ 2839.474838][ T29] audit: type=1326 audit(2971.889:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.526210][ T29] audit: type=1326 audit(2971.889:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.549356][ T29] audit: type=1326 audit(2971.900:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.572578][ T29] audit: type=1326 audit(2971.900:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.599070][ T29] audit: type=1326 audit(2971.900:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.630255][ T29] audit: type=1326 audit(2971.900:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.658622][ T29] audit: type=1326 audit(2971.900:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.684347][ T29] audit: type=1326 audit(2971.900:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.709148][ T29] audit: type=1326 audit(2971.900:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.732522][ T29] audit: type=1326 audit(2971.900:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30096 comm="syz.4.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7ffc0000 [ 2839.756986][T30105] virtio-fs: tag <(null)> not found [ 2839.802308][T30105] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 2839.808909][T30105] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 2839.855966][T30105] vhci_hcd vhci_hcd.0: Device attached [ 2839.857592][T30110] vhci_hcd: connection closed [ 2839.882729][ T9465] vhci_hcd: stop threads [ 2839.901649][ T9465] vhci_hcd: release socket [ 2839.906312][ T9465] vhci_hcd: disconnect device [ 2839.973911][T30109] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4475'. [ 2840.979184][T30120] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4478'. [ 2841.249277][T23423] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 2841.846592][T30132] Cannot find set identified by id 0 to match [ 2841.862818][T23423] usb 1-1: config 0 has an invalid interface number: 61 but max is 0 [ 2841.871029][T23423] usb 1-1: config 0 has no interface number 0 [ 2841.877267][T23423] usb 1-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=fe.09 [ 2841.977978][T23423] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2842.015104][T23423] usb 1-1: config 0 descriptor?? [ 2842.186991][T30136] FAULT_INJECTION: forcing a failure. [ 2842.186991][T30136] name failslab, interval 1, probability 0, space 0, times 0 [ 2842.210845][T30136] CPU: 0 UID: 0 PID: 30136 Comm: syz.4.4483 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 2842.221298][T30136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2842.231360][T30136] Call Trace: [ 2842.234639][T30136] [ 2842.237577][T30136] dump_stack_lvl+0x16c/0x1f0 [ 2842.242251][T30136] should_fail_ex+0x497/0x5b0 [ 2842.247018][T30136] ? fs_reclaim_acquire+0xae/0x160 [ 2842.252149][T30136] should_failslab+0xc2/0x120 [ 2842.256855][T30136] kmem_cache_alloc_node_noprof+0x71/0x310 [ 2842.262690][T30136] ? __alloc_skb+0x2b1/0x380 [ 2842.267314][T30136] __alloc_skb+0x2b1/0x380 [ 2842.271755][T30136] ? __pfx___alloc_skb+0x10/0x10 [ 2842.276690][T30136] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2842.282683][T30136] netlink_alloc_large_skb+0x69/0x130 [ 2842.288060][T30136] netlink_sendmsg+0x689/0xd70 [ 2842.292842][T30136] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2842.298131][T30136] ? __import_iovec+0x1fd/0x6e0 [ 2842.303363][T30136] ____sys_sendmsg+0xaaf/0xc90 [ 2842.308120][T30136] ? copy_msghdr_from_user+0x10b/0x160 [ 2842.313579][T30136] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2842.318865][T30136] ? __pfx___lock_acquire+0x10/0x10 [ 2842.324064][T30136] ___sys_sendmsg+0x135/0x1e0 [ 2842.328738][T30136] ? __pfx____sys_sendmsg+0x10/0x10 [ 2842.333937][T30136] ? lock_acquire+0x2f/0xb0 [ 2842.338427][T30136] ? __fget_files+0x40/0x3f0 [ 2842.343033][T30136] ? fdget+0x176/0x210 [ 2842.347119][T30136] __sys_sendmsg+0x117/0x1f0 [ 2842.351730][T30136] ? __pfx___sys_sendmsg+0x10/0x10 [ 2842.356836][T30136] ? __fget_files+0x244/0x3f0 [ 2842.361518][T30136] do_syscall_64+0xcd/0x250 [ 2842.366018][T30136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2842.371900][T30136] RIP: 0033:0x7f888677dff9 [ 2842.376305][T30136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2842.395913][T30136] RSP: 002b:00007f888763a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2842.404354][T30136] RAX: ffffffffffffffda RBX: 00007f8886935f80 RCX: 00007f888677dff9 [ 2842.412335][T30136] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003 [ 2842.420299][T30136] RBP: 00007f888763a090 R08: 0000000000000000 R09: 0000000000000000 [ 2842.428273][T30136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2842.436240][T30136] R13: 0000000000000000 R14: 00007f8886935f80 R15: 00007ffdf0b83b58 [ 2842.444228][T30136] [ 2842.940005][T30141] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2843.210061][T23423] snd-usb-audio 1-1:0.61: probe with driver snd-usb-audio failed with error -110 [ 2843.371697][T18203] usb 1-1: USB disconnect, device number 56 [ 2869.641431][ T29] kauditd_printk_skb: 28 callbacks suppressed [ 2869.641451][ T29] audit: type=1326 audit(3004.307:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30159 comm="syz.3.4490" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff250d7dff9 code=0x0 [ 2870.483332][T18203] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 2870.722312][T23423] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 2870.731546][T18203] usb 2-1: no configurations [ 2870.736418][T18203] usb 2-1: can't read configurations, error -22 [ 2871.057812][T18203] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 2871.419265][T23423] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2871.449081][T23423] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2871.661401][T23423] usb 5-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 2871.670570][T23423] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2871.903778][T18203] usb 2-1: no configurations [ 2871.908452][T18203] usb 2-1: can't read configurations, error -22 [ 2871.982598][T23423] usb 5-1: config 0 descriptor?? [ 2872.026442][T18203] usb usb2-port1: attempt power cycle [ 2872.096796][T30196] virtio-fs: tag <(null)> not found [ 2872.140934][T30196] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 2872.147549][T30196] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 2872.175283][T30196] vhci_hcd vhci_hcd.0: Device attached [ 2872.193064][T30202] vhci_hcd: connection closed [ 2872.194931][T16480] vhci_hcd: stop threads [ 2872.221692][T16480] vhci_hcd: release socket [ 2872.233774][T16480] vhci_hcd: disconnect device [ 2872.958432][T23423] zydacron 0003:13EC:0006.0035: unknown main item tag 0x0 [ 2872.965640][T23423] zydacron 0003:13EC:0006.0035: unknown main item tag 0x0 [ 2872.972857][T23423] zydacron 0003:13EC:0006.0035: unknown main item tag 0x0 [ 2872.980070][T23423] zydacron 0003:13EC:0006.0035: unknown main item tag 0x0 [ 2872.988618][T23423] zydacron 0003:13EC:0006.0035: item fetching failed at offset 4/5 [ 2872.989169][T23423] zydacron 0003:13EC:0006.0035: parse failed [ 2873.061619][T23423] zydacron 0003:13EC:0006.0035: probe with driver zydacron failed with error -22 [ 2873.074599][T18203] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 2873.078030][T23423] usb 5-1: USB disconnect, device number 57 [ 2873.131793][T18203] usb 2-1: device descriptor read/8, error -71 [ 2874.300589][ T29] audit: type=1326 audit(3009.199:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30224 comm="syz.0.4506" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f61e077dff9 code=0x0 [ 2874.651583][T30229] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4507'. [ 2874.674766][T23423] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 2874.817295][T23423] usb 5-1: Using ep0 maxpacket: 16 [ 2874.831194][T23423] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2874.845454][T23423] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 2874.857710][T23423] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 2874.867084][T23423] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 2874.875578][T23423] usb 5-1: SerialNumber: syz [ 2874.887515][T23423] usb 5-1: 0:2 : does not exist [ 2875.133723][T23423] usb 5-1: USB disconnect, device number 58 [ 2875.380527][T30236] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4509'. [ 2877.308857][T30243] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4511'. [ 2878.279248][T30250] xt_l2tp: v2 doesn't support IP mode [ 2878.984994][ T29] audit: type=1400 audit(3013.703:1568): avc: denied { read } for pid=30249 comm="syz.2.4515" dev="sockfs" ino=164873 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 2879.471124][ T5224] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 2879.717526][T30268] virtio-fs: tag <(null)> not found [ 2879.735658][T30268] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 2879.742274][T30268] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 2879.751897][T30268] vhci_hcd vhci_hcd.0: Device attached [ 2879.780031][T30277] vhci_hcd: connection closed [ 2879.783328][ T2563] vhci_hcd: stop threads [ 2879.803400][ T2563] vhci_hcd: release socket [ 2879.804353][ T5224] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2879.812568][ T2563] vhci_hcd: disconnect device [ 2879.820589][ T5224] usb 4-1: config 0 has no interfaces? [ 2879.836355][ T5224] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 2879.846445][ T5224] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2879.860710][ T5224] usb 4-1: Product: syz [ 2879.864899][ T5224] usb 4-1: Manufacturer: syz [ 2879.892475][ T5224] usb 4-1: SerialNumber: syz [ 2879.903869][ T5224] usb 4-1: config 0 descriptor?? [ 2881.120599][ T29] audit: type=1326 audit(3016.369:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30282 comm="syz.4.4520" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f888677dff9 code=0x0 [ 2881.142957][ C1] vkms_vblank_simulate: vblank timer overrun [ 2881.191927][T30284] syz.4.4520: attempt to access beyond end of device [ 2881.191927][T30284] nbd4: rw=0, sector=16, nr_sectors = 8 limit=0 [ 2881.231591][T30284] REISERFS warning (device nbd4): sh-2006 read_super_block: bread failed (dev nbd4, block 2, size 4096) [ 2881.320739][T30284] syz.4.4520: attempt to access beyond end of device [ 2881.320739][T30284] nbd4: rw=0, sector=128, nr_sectors = 8 limit=0 [ 2881.381133][T30284] REISERFS warning (device nbd4): sh-2006 read_super_block: bread failed (dev nbd4, block 16, size 4096) [ 2881.410224][T30284] REISERFS warning (device nbd4): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd4 [ 2882.058125][ T45] usb 4-1: USB disconnect, device number 50 [ 2882.208259][T30294] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4524'. [ 2885.218403][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 2885.225049][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 2886.612168][T30329] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4529'. [ 2889.906309][T30347] bridge0: port 2(bridge_slave_1) entered disabled state [ 2889.913423][T30347] bridge0: port 1(bridge_slave_0) entered disabled state [ 2889.921756][T30347] bridge0: left promiscuous mode [ 2889.926753][T30347] bridge0: left allmulticast mode [ 2890.273243][T30345] bridge0: port 2(bridge_slave_1) entered blocking state [ 2890.280338][T30345] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2890.287656][T30345] bridge0: port 1(bridge_slave_0) entered blocking state [ 2890.294697][T30345] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2890.302110][T30345] bridge0: entered promiscuous mode [ 2890.307416][T30345] bridge0: entered allmulticast mode [ 2890.496214][T30346] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2890.662954][T30356] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.4538'. [ 2890.746815][T30360] netlink: 'syz.1.4540': attribute type 29 has an invalid length. [ 2890.770291][T30360] netlink: 'syz.1.4540': attribute type 29 has an invalid length. [ 2890.792032][T30360] netlink: 'syz.1.4540': attribute type 29 has an invalid length. [ 2890.827105][T30360] netlink: 'syz.1.4540': attribute type 29 has an invalid length. [ 2891.140852][T23781] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2891.152247][T23781] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2891.160927][T23781] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2891.169342][T23781] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2891.177214][T23781] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 2891.187129][T23781] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2892.720418][T20905] IPVS: starting estimator thread 0... [ 2892.943412][T30384] IPVS: using max 14 ests per chain, 33600 per kthread [ 2892.990831][ T29] audit: type=1400 audit(3028.820:1570): avc: denied { bind } for pid=30388 comm="syz.2.4550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 2893.136261][T23781] Bluetooth: hci5: command tx timeout [ 2893.177453][T30366] chnl_net:caif_netlink_parms(): no params data found [ 2893.306441][T30387] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30387 comm=syz.1.4548 [ 2893.552102][ T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2894.419954][ T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2895.169385][T23781] Bluetooth: hci5: command tx timeout [ 2897.725843][ T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2897.764691][T30423] bridge: RTM_DELNEIGH with unconfigured vlan 2 on bridge_slave_0 [ 2897.776770][T30366] bridge0: port 1(bridge_slave_0) entered blocking state [ 2897.783874][T30366] bridge0: port 1(bridge_slave_0) entered disabled state [ 2897.879089][T30366] bridge_slave_0: entered allmulticast mode [ 2897.908998][T30366] bridge_slave_0: entered promiscuous mode [ 2897.932652][T30428] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4562'. [ 2897.952834][T30366] bridge0: port 2(bridge_slave_1) entered blocking state [ 2897.996736][T30366] bridge0: port 2(bridge_slave_1) entered disabled state [ 2898.036041][T30366] bridge_slave_1: entered allmulticast mode [ 2898.054523][T30366] bridge_slave_1: entered promiscuous mode [ 2898.146403][ T45] usb 5-1: new high-speed USB device number 59 using dummy_hcd [ 2898.152935][ T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2898.166177][T30447] netlink: 'syz.1.4569': attribute type 6 has an invalid length. [ 2898.173933][T30447] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4569'. [ 2898.393628][T23781] Bluetooth: hci5: command tx timeout [ 2898.416307][T30366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2898.433782][T30366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2899.417274][ T45] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 2899.428558][ T45] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 49199, setting to 1024 [ 2899.439777][ T45] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 2899.449943][ T45] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 2899.840307][ T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2899.878203][T30440] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 2899.889166][ T45] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 2899.982459][T30366] team0: Port device team_slave_0 added [ 2900.115883][ T29] audit: type=1326 audit(3036.305:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.143179][ T45] usb 5-1: USB disconnect, device number 59 [ 2900.177901][T30366] team0: Port device team_slave_1 added [ 2900.203133][ T29] audit: type=1326 audit(3036.305:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.226098][ C1] vkms_vblank_simulate: vblank timer overrun [ 2900.264691][T30366] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2900.274595][T30366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2900.301526][ T29] audit: type=1326 audit(3036.305:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.325741][T30366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2900.337135][ T29] audit: type=1326 audit(3036.305:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.372999][T30366] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2900.380855][T23781] Bluetooth: hci5: command tx timeout [ 2900.386361][T30366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2900.412663][ T29] audit: type=1326 audit(3036.305:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.436433][T30366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2900.457048][ T29] audit: type=1326 audit(3036.305:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.525208][ T29] audit: type=1326 audit(3036.305:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.604339][ T29] audit: type=1326 audit(3036.305:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.628448][ T29] audit: type=1326 audit(3036.305:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30458 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068d97dff9 code=0x7ffc0000 [ 2900.998049][T30366] hsr_slave_0: entered promiscuous mode [ 2901.185754][T30366] hsr_slave_1: entered promiscuous mode [ 2901.207357][T30366] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2901.235807][ T29] audit: type=1400 audit(3036.567:1580): avc: denied { listen } for pid=30464 comm="syz.2.4574" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 2901.281272][T30366] Cannot create hsr debugfs directory [ 2901.438582][T30481] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4578'. [ 2901.513371][T30485] mac80211_hwsim hwsim195 wlan1: entered allmulticast mode [ 2901.559946][ T63] bridge_slave_1: left allmulticast mode [ 2901.571811][ T63] bridge_slave_1: left promiscuous mode [ 2901.578459][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 2901.596460][ T63] bridge_slave_0: left allmulticast mode [ 2901.602254][ T63] bridge_slave_0: left promiscuous mode [ 2901.612167][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 2902.659704][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2902.670587][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2902.680814][ T63] bond0 (unregistering): Released all slaves [ 2902.720960][T30491] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4580'. [ 2902.733956][T30494] netlink: 'syz.2.4580': attribute type 4 has an invalid length. [ 2906.051556][ T29] audit: type=1400 audit(3041.785:1581): avc: denied { watch_mount } for pid=30510 comm="syz.2.4585" path="/75" dev="tmpfs" ino=419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2907.102715][T30525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4591'. [ 2907.315260][T30534] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.4592'. [ 2907.352163][ T63] hsr_slave_0: left promiscuous mode [ 2907.379890][ T63] hsr_slave_1: left promiscuous mode [ 2907.404224][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2907.433513][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2907.457472][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2907.624814][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2907.794551][ T63] veth1_macvtap: left promiscuous mode [ 2907.847434][ T63] veth0_macvtap: left promiscuous mode [ 2907.914821][ T63] veth1_vlan: left promiscuous mode [ 2907.981380][ T63] veth0_vlan: left promiscuous mode [ 2908.092999][T30533] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2908.157646][T30533] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4593'. [ 2908.557395][ T5262] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 2908.721754][ T5262] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2908.762109][ T5262] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2908.806196][ T5262] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 2908.842321][ T5262] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2908.958449][ T5262] usb 4-1: config 0 descriptor?? [ 2908.989531][ T5262] gspca_main: spca561-2.14.0 probing abcd:cdee [ 2909.187106][ T5262] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 2909.197557][ T5262] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 2909.204566][ T5262] usb 4-1: MIDIStreaming interface descriptor not found [ 2909.252854][ T5262] usb 4-1: USB disconnect, device number 51 [ 2910.161119][ T63] team0 (unregistering): Port device team_slave_1 removed [ 2910.251323][ T63] team0 (unregistering): Port device team_slave_0 removed [ 2911.330238][T30549] netlink: 'syz.4.4598': attribute type 1 has an invalid length. [ 2911.338035][T30549] netlink: 67 bytes leftover after parsing attributes in process `syz.4.4598'. [ 2913.694261][T30366] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2913.803831][T30366] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2913.849413][T30366] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2913.959067][T30592] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4609'. [ 2914.020027][T30592] 9pnet_fd: Insufficient options for proto=fd [ 2914.037641][T30366] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2914.253609][ T5224] usb 3-1: new full-speed USB device number 52 using dummy_hcd [ 2914.261232][T30366] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2914.318662][T30366] 8021q: adding VLAN 0 to HW filter on device team0 [ 2914.375819][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state [ 2914.383022][ T9465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2914.431746][ T5224] usb 3-1: config 0 has an invalid interface number: 198 but max is 0 [ 2914.559926][ T5224] usb 3-1: config 0 has no interface number 0 [ 2914.572508][ T5224] usb 3-1: config 0 interface 198 altsetting 0 endpoint 0x2 has invalid maxpacket 1024, setting to 64 [ 2914.585994][ T5224] usb 3-1: config 0 interface 198 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 2914.641661][ T2563] bridge0: port 2(bridge_slave_1) entered blocking state [ 2914.648811][ T2563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2914.653588][ T5224] usb 3-1: New USB device found, idVendor=162e, idProduct=94f9, bcdDevice=4d.c0 [ 2914.665728][ T5224] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2914.673902][ T5224] usb 3-1: Product: syz [ 2914.678682][ T5224] usb 3-1: Manufacturer: syz [ 2914.683494][ T5224] usb 3-1: SerialNumber: syz [ 2914.824924][T30366] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2914.837427][T30366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2915.104319][ T5224] usb 3-1: config 0 descriptor?? [ 2915.116332][T30602] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 2915.300318][T30366] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2915.325173][ T5224] usb 3-1: USB disconnect, device number 52 [ 2915.375724][T30366] veth0_vlan: entered promiscuous mode [ 2915.507620][T30366] veth1_vlan: entered promiscuous mode [ 2915.589667][T30366] veth0_macvtap: entered promiscuous mode [ 2915.647771][T30366] veth1_macvtap: entered promiscuous mode [ 2915.681100][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2915.692337][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2915.808163][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2915.898064][ T29] audit: type=1326 audit(3052.850:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30634 comm="syz.4.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7fc00000 [ 2916.075743][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.355226][ T29] audit: type=1326 audit(3052.860:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30634 comm="syz.4.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f888677dff9 code=0x7fc00000 [ 2916.389633][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2916.425786][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.459662][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2916.470514][ T29] audit: type=1326 audit(3053.333:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30634 comm="syz.4.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888677dff9 code=0x7fc00000 [ 2916.502629][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.518769][T30366] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2916.529405][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2916.545227][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.555243][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2916.565913][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.579281][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2916.589826][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.599690][T30366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2916.610405][T30366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2916.621402][T30366] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2916.642402][T30366] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2916.663782][T30366] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2916.672510][T30366] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2916.699380][T30366] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2916.765424][T30648] bridge2: entered promiscuous mode [ 2918.243876][T30658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4628'. [ 2918.431970][T30659] bond1 (unregistering): Released all slaves [ 2918.873521][ T2587] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2918.891315][ T2587] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2919.638067][T26076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2919.654847][T26076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2924.406161][T20905] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 2925.014662][T20905] usb 4-1: Using ep0 maxpacket: 8 [ 2925.032468][T20905] usb 4-1: unable to get BOS descriptor set [ 2925.051031][T20905] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 2925.176034][T20905] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2925.185335][T20905] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2925.193425][T20905] usb 4-1: Product: syz [ 2925.197820][T20905] usb 4-1: Manufacturer: syz [ 2925.202511][T20905] usb 4-1: SerialNumber: syz [ 2925.212582][T20905] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 2925.544382][ T45] usb 4-1: USB disconnect, device number 52 [ 2927.572868][T30734] Bluetooth: MGMT ver 1.23 [ 2928.134054][ T29] audit: type=1326 audit(3065.720:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30729 comm="syz.3.4652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7fc00000 [ 2928.406804][ T29] audit: type=1400 audit(3066.004:1586): avc: denied { read } for pid=30742 comm="syz.1.4654" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 2930.815871][T30777] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4666'. [ 2930.869240][T30778] binder_alloc: 30775: binder_alloc_buf, no vma [ 2931.686534][ T29] audit: type=1326 audit(3069.447:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30779 comm="syz.3.4667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff250d7dff9 code=0x7fc00000 [ 2943.754984][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 2943.761312][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 2957.261531][T24932] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2957.270064][T24932] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2957.294133][T24932] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2957.315269][T11922] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2957.323404][T29525] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2957.332176][T11922] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2957.340068][T11922] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2957.348692][T11922] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 2957.359116][T29525] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 2957.367051][T11922] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 2957.367212][T29525] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2957.374871][T11922] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2957.381589][T29525] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 2957.396192][T29525] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 2957.399551][T16908] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 2957.406569][T29525] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2957.435569][T16908] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 2957.443031][T16908] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 2957.460617][T29525] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 2957.481665][T24932] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 2957.508104][T24932] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 2957.587080][T24932] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 2957.600057][T24932] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 2957.623299][T24932] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 2957.651259][T30800] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2957.663293][T30800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2957.671272][T30800] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2957.679660][T30800] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2957.687354][T30800] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 2957.709701][T30800] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2957.907330][ T2563] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2958.001425][ T2563] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2958.103879][ T2563] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2958.179945][ T2563] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2958.252108][T30798] chnl_net:caif_netlink_parms(): no params data found [ 2958.410941][T30794] chnl_net:caif_netlink_parms(): no params data found [ 2958.467081][T30802] chnl_net:caif_netlink_parms(): no params data found [ 2958.496276][T30795] chnl_net:caif_netlink_parms(): no params data found [ 2958.523602][ T2563] bridge_slave_1: left allmulticast mode [ 2958.529404][ T2563] bridge_slave_1: left promiscuous mode [ 2958.535120][ T2563] bridge0: port 2(bridge_slave_1) entered disabled state [ 2958.543980][ T2563] bridge_slave_0: left allmulticast mode [ 2958.551277][ T2563] bridge_slave_0: left promiscuous mode [ 2958.556917][ T2563] bridge0: port 1(bridge_slave_0) entered disabled state [ 2958.969896][ T2563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2958.983616][ T2563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2958.997303][ T2563] bond0 (unregistering): Released all slaves [ 2959.176922][T30798] bridge0: port 1(bridge_slave_0) entered blocking state [ 2959.184088][T30798] bridge0: port 1(bridge_slave_0) entered disabled state [ 2959.191566][T30798] bridge_slave_0: entered allmulticast mode [ 2959.198193][T30798] bridge_slave_0: entered promiscuous mode [ 2959.215305][T30798] bridge0: port 2(bridge_slave_1) entered blocking state [ 2959.222403][T30798] bridge0: port 2(bridge_slave_1) entered disabled state [ 2959.229977][T30798] bridge_slave_1: entered allmulticast mode [ 2959.237193][T30798] bridge_slave_1: entered promiscuous mode [ 2959.266840][T30804] chnl_net:caif_netlink_parms(): no params data found [ 2959.381232][T30798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2959.451135][ T2563] hsr_slave_0: left promiscuous mode [ 2959.458197][ T2563] hsr_slave_1: left promiscuous mode [ 2959.470232][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2959.478154][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2959.491746][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2959.499137][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2959.510357][T24932] Bluetooth: hci1: command tx timeout [ 2959.510437][T30801] Bluetooth: hci4: command tx timeout [ 2959.516796][T30800] Bluetooth: hci6: command tx timeout [ 2959.544867][ T2563] veth1_macvtap: left promiscuous mode [ 2959.550559][ T2563] veth0_macvtap: left promiscuous mode [ 2959.556113][ T2563] veth1_vlan: left promiscuous mode [ 2959.561571][ T2563] veth0_vlan: left promiscuous mode [ 2959.586403][T30800] Bluetooth: hci7: command tx timeout [ 2959.662164][T30800] Bluetooth: hci0: command tx timeout [ 2960.145260][ T2563] team0 (unregistering): Port device team_slave_1 removed [ 2960.194927][ T2563] team0 (unregistering): Port device team_slave_0 removed [ 2960.749552][T30798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2960.772285][T30794] bridge0: port 1(bridge_slave_0) entered blocking state [ 2960.786568][T30794] bridge0: port 1(bridge_slave_0) entered disabled state [ 2960.793729][T30794] bridge_slave_0: entered allmulticast mode [ 2960.807073][T30794] bridge_slave_0: entered promiscuous mode [ 2960.828724][T30802] bridge0: port 1(bridge_slave_0) entered blocking state [ 2960.836688][T30802] bridge0: port 1(bridge_slave_0) entered disabled state [ 2960.844003][T30802] bridge_slave_0: entered allmulticast mode [ 2960.850672][T30802] bridge_slave_0: entered promiscuous mode [ 2960.880910][T30794] bridge0: port 2(bridge_slave_1) entered blocking state [ 2960.899213][T30794] bridge0: port 2(bridge_slave_1) entered disabled state [ 2960.906683][T30794] bridge_slave_1: entered allmulticast mode [ 2960.913857][T30794] bridge_slave_1: entered promiscuous mode [ 2960.955928][T30802] bridge0: port 2(bridge_slave_1) entered blocking state [ 2960.972126][T30802] bridge0: port 2(bridge_slave_1) entered disabled state [ 2960.979501][T30802] bridge_slave_1: entered allmulticast mode [ 2960.986047][T30802] bridge_slave_1: entered promiscuous mode [ 2961.008305][T30795] bridge0: port 1(bridge_slave_0) entered blocking state [ 2961.015691][T30795] bridge0: port 1(bridge_slave_0) entered disabled state [ 2961.022848][T30795] bridge_slave_0: entered allmulticast mode [ 2961.031266][T30795] bridge_slave_0: entered promiscuous mode [ 2961.109805][T30798] team0: Port device team_slave_0 added [ 2961.118351][T30798] team0: Port device team_slave_1 added [ 2961.124910][T30795] bridge0: port 2(bridge_slave_1) entered blocking state [ 2961.138098][T30795] bridge0: port 2(bridge_slave_1) entered disabled state [ 2961.145480][T30795] bridge_slave_1: entered allmulticast mode [ 2961.153002][T30795] bridge_slave_1: entered promiscuous mode [ 2961.168383][T30794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.199693][T30802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.267376][T30794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.303511][T30802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.355655][T30794] team0: Port device team_slave_0 added [ 2961.372572][T30804] bridge0: port 1(bridge_slave_0) entered blocking state [ 2961.379967][T30804] bridge0: port 1(bridge_slave_0) entered disabled state [ 2961.387449][T30804] bridge_slave_0: entered allmulticast mode [ 2961.394005][T30804] bridge_slave_0: entered promiscuous mode [ 2961.413699][T30798] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2961.428882][T30798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2961.455054][T30798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2961.470065][T30795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.484093][T30795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.493342][T30800] Bluetooth: hci4: command tx timeout [ 2961.493359][T30801] Bluetooth: hci6: command tx timeout [ 2961.498725][T30800] Bluetooth: hci1: command tx timeout [ 2961.536710][T30794] team0: Port device team_slave_1 added [ 2961.551311][T30804] bridge0: port 2(bridge_slave_1) entered blocking state [ 2961.558991][T30804] bridge0: port 2(bridge_slave_1) entered disabled state [ 2961.566154][T30804] bridge_slave_1: entered allmulticast mode [ 2961.572268][T30800] Bluetooth: hci7: command tx timeout [ 2961.583717][T30804] bridge_slave_1: entered promiscuous mode [ 2961.621576][T30802] team0: Port device team_slave_0 added [ 2961.630677][T30798] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2961.642388][T30798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2961.669292][T30800] Bluetooth: hci0: command tx timeout [ 2961.674911][T30798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2961.733064][T30804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.744797][T30802] team0: Port device team_slave_1 added [ 2961.776150][T30795] team0: Port device team_slave_0 added [ 2961.784630][T30795] team0: Port device team_slave_1 added [ 2961.791418][T30794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2961.798744][T30794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2961.834212][T30794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2961.847755][T30794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2961.854992][T30794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2961.881043][T30794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2961.895145][T30804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.914631][T30802] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2961.921659][T30802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2961.951340][T30802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2961.981980][T30798] hsr_slave_0: entered promiscuous mode [ 2961.988598][T30798] hsr_slave_1: entered promiscuous mode [ 2961.994600][T30798] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.002729][T30798] Cannot create hsr debugfs directory [ 2962.097570][T30802] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2962.105124][T30802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.131797][T30802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2962.143897][T30795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2962.151117][T30795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.180383][T30795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2962.209923][T30804] team0: Port device team_slave_0 added [ 2962.219713][T30804] team0: Port device team_slave_1 added [ 2962.246838][T30795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2962.254254][T30795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.280394][T30795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2962.309758][T30794] hsr_slave_0: entered promiscuous mode [ 2962.316467][T30794] hsr_slave_1: entered promiscuous mode [ 2962.323457][T30794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.331424][T30794] Cannot create hsr debugfs directory [ 2962.375011][T30804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2962.382412][T30804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.417701][T30804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2962.485416][ T2563] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2962.514722][T30804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2962.521968][T30804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.552668][T30804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2962.612908][ T2563] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2962.647081][T30802] hsr_slave_0: entered promiscuous mode [ 2962.653316][T30802] hsr_slave_1: entered promiscuous mode [ 2962.661575][T30802] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.677330][T30802] Cannot create hsr debugfs directory [ 2962.737935][T30795] hsr_slave_0: entered promiscuous mode [ 2962.745220][T30795] hsr_slave_1: entered promiscuous mode [ 2962.751931][T30795] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.759641][T30795] Cannot create hsr debugfs directory [ 2962.786069][ T2563] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2962.847616][T30804] hsr_slave_0: entered promiscuous mode [ 2962.856018][T30804] hsr_slave_1: entered promiscuous mode [ 2962.862002][T30804] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.869720][T30804] Cannot create hsr debugfs directory [ 2962.924949][ T2563] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.124668][T30798] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.227321][T30798] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.331432][T30798] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.378957][ T2563] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.420439][T30798] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.458669][ T2563] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.472450][T24932] Bluetooth: hci4: command tx timeout [ 2963.473090][T30801] Bluetooth: hci1: command tx timeout [ 2963.478306][T30800] Bluetooth: hci6: command tx timeout [ 2963.549414][T30800] Bluetooth: hci7: command tx timeout [ 2963.569022][ T2563] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.634666][T30800] Bluetooth: hci0: command tx timeout [ 2963.636425][ T2563] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.780612][ T2563] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.865882][ T2563] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.922346][ T2563] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2963.998486][ T2563] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2964.114849][ T2563] bridge_slave_1: left allmulticast mode [ 2964.120746][ T2563] bridge_slave_1: left promiscuous mode [ 2964.126401][ T2563] bridge0: port 2(bridge_slave_1) entered disabled state [ 2964.135510][ T2563] bridge_slave_0: left allmulticast mode [ 2964.141289][ T2563] bridge_slave_0: left promiscuous mode [ 2964.146942][ T2563] bridge0: port 1(bridge_slave_0) entered disabled state [ 2964.156221][ T2563] bridge_slave_1: left allmulticast mode [ 2964.162301][ T2563] bridge_slave_1: left promiscuous mode [ 2964.168294][ T2563] bridge0: port 2(bridge_slave_1) entered disabled state [ 2964.178197][ T2563] bridge_slave_0: left allmulticast mode [ 2964.183829][ T2563] bridge_slave_0: left promiscuous mode [ 2964.189779][ T2563] bridge0: port 1(bridge_slave_0) entered disabled state [ 2964.201683][ T2563] bridge_slave_1: left allmulticast mode [ 2964.207587][ T2563] bridge_slave_1: left promiscuous mode [ 2964.213228][ T2563] bridge0: port 2(bridge_slave_1) entered disabled state [ 2964.221912][ T2563] bridge_slave_0: left allmulticast mode [ 2964.227732][ T2563] bridge_slave_0: left promiscuous mode [ 2964.233359][ T2563] bridge0: port 1(bridge_slave_0) entered disabled state [ 2964.245231][ T2563] bridge_slave_1: left allmulticast mode [ 2964.251072][ T2563] bridge_slave_1: left promiscuous mode [ 2964.257928][ T2563] bridge0: port 2(bridge_slave_1) entered disabled state [ 2964.268372][ T2563] bridge_slave_0: left allmulticast mode [ 2964.274314][ T2563] bridge_slave_0: left promiscuous mode [ 2964.279940][ T2563] bridge0: port 1(bridge_slave_0) entered disabled state [ 2965.461559][T30800] Bluetooth: hci1: command tx timeout [ 2965.467150][T30801] Bluetooth: hci6: command tx timeout [ 2965.467165][T24932] Bluetooth: hci4: command tx timeout [ 2965.537726][ T2563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2965.539970][T24932] Bluetooth: hci7: command tx timeout [ 2965.559355][ T2563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2965.575187][ T2563] bond0 (unregistering): Released all slaves [ 2965.607600][T24932] Bluetooth: hci0: command tx timeout [ 2965.725244][ T2563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2965.735981][ T2563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2965.746569][ T2563] bond0 (unregistering): Released all slaves [ 2965.896254][ T2563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2965.908134][ T2563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2965.919427][ T2563] bond0 (unregistering): Released all slaves [ 2966.062113][ T2563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2966.076117][ T2563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2966.086460][ T2563] bond0 (unregistering): Released all slaves [ 2966.798023][T30798] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2966.814163][T30798] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2966.825212][T30798] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2966.842388][T30798] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2966.978532][T30802] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 2967.012759][T30802] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 2967.044121][T30802] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 2967.063543][ T2563] hsr_slave_0: left promiscuous mode [ 2967.072807][ T2563] hsr_slave_1: left promiscuous mode [ 2967.085632][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2967.098442][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2967.106608][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2967.116559][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2967.128100][ T2563] hsr_slave_0: left promiscuous mode [ 2967.137238][ T2563] hsr_slave_1: left promiscuous mode [ 2967.145403][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2967.153118][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2967.164102][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2967.171704][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2967.191721][ T2563] hsr_slave_0: left promiscuous mode [ 2967.201316][ T2563] hsr_slave_1: left promiscuous mode [ 2967.209700][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2967.217315][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2967.224905][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2967.232484][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2967.248464][ T2563] hsr_slave_0: left promiscuous mode [ 2967.254642][ T2563] hsr_slave_1: left promiscuous mode [ 2967.260416][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2967.267885][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2967.276013][ T2563] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2967.283518][ T2563] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2967.346158][ T2563] veth1_macvtap: left promiscuous mode [ 2967.351851][ T2563] veth0_macvtap: left promiscuous mode [ 2967.357432][ T2563] veth1_vlan: left promiscuous mode [ 2967.362834][ T2563] veth0_vlan: left promiscuous mode [ 2967.374664][ T2563] veth1_macvtap: left promiscuous mode [ 2967.380256][ T2563] veth0_macvtap: left promiscuous mode [ 2967.385768][ T2563] veth1_vlan: left promiscuous mode [ 2967.391152][ T2563] veth0_vlan: left promiscuous mode [ 2967.397811][ T2563] veth1_macvtap: left promiscuous mode [ 2967.403342][ T2563] veth0_macvtap: left promiscuous mode [ 2967.409062][ T2563] veth1_vlan: left promiscuous mode [ 2967.414327][ T2563] veth0_vlan: left promiscuous mode [ 2967.424751][ T2563] veth1_macvtap: left promiscuous mode [ 2967.430396][ T2563] veth0_macvtap: left promiscuous mode [ 2967.436216][ T2563] veth1_vlan: left promiscuous mode [ 2967.441477][ T2563] veth0_vlan: left promiscuous mode [ 2968.228107][ T2563] team0 (unregistering): Port device team_slave_1 removed [ 2968.285012][ T2563] team0 (unregistering): Port device team_slave_0 removed [ 2969.217294][ T2563] team0 (unregistering): Port device team_slave_1 removed [ 2969.280917][ T2563] team0 (unregistering): Port device team_slave_0 removed [ 2970.162118][ T2563] team0 (unregistering): Port device team_slave_1 removed [ 2970.217792][ T2563] team0 (unregistering): Port device team_slave_0 removed [ 2971.102178][ T2563] team0 (unregistering): Port device team_slave_1 removed [ 2971.159845][ T2563] team0 (unregistering): Port device team_slave_0 removed [ 2971.651365][T30802] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 2971.737758][T30794] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2971.747379][T30794] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2971.799825][T30794] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2971.820908][T30794] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2971.899415][T30798] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2971.971779][T30795] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2972.009325][T30795] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2972.040016][T30798] 8021q: adding VLAN 0 to HW filter on device team0 [ 2972.059364][T30795] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2972.072017][T30802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2972.119941][T30795] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2972.155963][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state [ 2972.163096][ T9465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2972.201408][T30802] 8021q: adding VLAN 0 to HW filter on device team0 [ 2972.253581][ T9465] bridge0: port 2(bridge_slave_1) entered blocking state [ 2972.260688][ T9465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2972.277512][T30804] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2972.316658][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 2972.323796][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2972.344835][T30794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2972.355763][T30804] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2972.374094][T30804] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2972.415589][ T9465] bridge0: port 2(bridge_slave_1) entered blocking state [ 2972.422737][ T9465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2972.449039][T30804] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2972.491675][T30794] 8021q: adding VLAN 0 to HW filter on device team0 [ 2972.603770][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state [ 2972.610930][ T9465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2972.683468][ T2587] bridge0: port 2(bridge_slave_1) entered blocking state [ 2972.690570][ T2587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2972.768774][T30798] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2972.822260][T30795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2972.935917][T30795] 8021q: adding VLAN 0 to HW filter on device team0 [ 2972.981851][T30804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2973.003657][T30798] veth0_vlan: entered promiscuous mode [ 2973.041684][T26065] bridge0: port 1(bridge_slave_0) entered blocking state [ 2973.048858][T26065] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2973.073186][T26065] bridge0: port 2(bridge_slave_1) entered blocking state [ 2973.080326][T26065] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2973.154235][T30804] 8021q: adding VLAN 0 to HW filter on device team0 [ 2973.172265][T30802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2973.196636][T30798] veth1_vlan: entered promiscuous mode [ 2973.224596][ T2587] bridge0: port 1(bridge_slave_0) entered blocking state [ 2973.231674][ T2587] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2973.270351][ T2587] bridge0: port 2(bridge_slave_1) entered blocking state [ 2973.277443][ T2587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2973.325381][T30795] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2973.353049][T30794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2973.399522][T30798] veth0_macvtap: entered promiscuous mode [ 2973.441542][T30798] veth1_macvtap: entered promiscuous mode [ 2973.481035][ T2563] IPVS: stop unused estimator thread 0... [ 2973.483743][T30802] veth0_vlan: entered promiscuous mode [ 2973.583733][T30798] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2973.609654][T30802] veth1_vlan: entered promiscuous mode [ 2973.628214][T30798] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2973.642161][T30795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2973.663489][T30794] veth0_vlan: entered promiscuous mode [ 2973.683595][T30798] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.699683][T30798] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.708914][T30798] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.718292][T30798] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.743384][T30794] veth1_vlan: entered promiscuous mode [ 2973.821341][T30802] veth0_macvtap: entered promiscuous mode [ 2973.840533][T30804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2973.861439][T30794] veth0_macvtap: entered promiscuous mode [ 2973.885198][T30795] veth0_vlan: entered promiscuous mode [ 2973.909706][T30794] veth1_macvtap: entered promiscuous mode [ 2973.942185][T30802] veth1_macvtap: entered promiscuous mode [ 2973.957811][T30794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2973.974724][T30794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2973.986073][T30794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2974.003382][T30795] veth1_vlan: entered promiscuous mode [ 2974.016851][T30794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.028440][T30794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.040284][T30794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2974.055627][T26076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.063462][T26076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.083877][T30802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2974.099783][T30802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.113485][T30802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2974.124446][T30802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.136320][T30802] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2974.168008][T30802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.178724][T30802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.188716][T30802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.199241][T30802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.210213][T30802] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2974.218457][T30794] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.228198][T30794] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.239258][T30794] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.249319][T30794] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.264733][ T2587] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.268689][T30802] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.281664][T30802] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.290712][T30802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.299878][ T2587] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.307998][T30802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.442540][T30795] veth0_macvtap: entered promiscuous mode [ 2974.459531][ T9465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.468768][ T9465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.493299][T30795] veth1_macvtap: entered promiscuous mode [ 2974.541206][T26065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.549811][T26065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.568697][T30804] veth0_vlan: entered promiscuous mode [ 2974.576519][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2974.587689][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.597840][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2974.609293][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.623921][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2974.634911][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.646610][T30795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2974.668837][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.680474][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.691108][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.703555][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.713591][T30795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2974.724435][T30795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2974.735809][T30795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2974.748950][T30804] veth1_vlan: entered promiscuous mode [ 2974.774394][T30795] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.784154][T30795] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.793795][T30795] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.803000][T30795] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2974.850231][T30804] veth0_macvtap: entered promiscuous mode [ 2974.859984][T30804] veth1_macvtap: entered promiscuous mode [ 2974.904365][ T2563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.922559][ T2563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.986377][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2975.004482][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.017032][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2975.042706][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.052642][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2975.063359][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.074284][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2975.085629][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.323663][T30804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2975.545547][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2975.766087][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2975.797313][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2975.827351][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.857775][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2975.892205][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.917387][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2975.928131][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.944187][T30804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2975.958625][T30804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2975.976557][T30804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2976.140185][T30804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2977.103873][T30804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2977.112732][T30804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2977.123173][T30804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2977.548701][ T9465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2977.597926][ T9465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2977.608570][T21265] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 2977.655753][T26065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2977.671468][T26065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2977.744340][T26076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2977.756084][T26076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2977.798928][T21265] usb 1-1: Using ep0 maxpacket: 16 [ 2977.826116][T21265] usb 1-1: config 1 has an invalid interface number: 3 but max is 2 [ 2977.842317][ T2587] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2977.847129][T21265] usb 1-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 2977.869009][ T2587] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2977.875242][T21265] usb 1-1: too many endpoints for config 1 interface 3 altsetting 249: 35, using maximum allowed: 30 [ 2978.080183][T21265] usb 1-1: config 1 interface 3 altsetting 249 has 0 endpoint descriptors, different from the interface descriptor's value: 35 [ 2978.093422][T21265] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 2978.104930][T21265] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 2978.115084][T21265] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2978.223852][T21265] usb 1-1: config 1 interface 3 has no altsetting 0 [ 2979.117962][T21265] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 8.40 [ 2979.127116][T21265] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2979.135432][T21265] usb 1-1: Product: syz [ 2979.139629][T21265] usb 1-1: Manufacturer: syz [ 2979.144287][T21265] usb 1-1: SerialNumber: syz [ 2979.506528][T30882] syzkaller0: entered allmulticast mode [ 2980.444521][T30903] Can't find ip_set type [ 2982.858640][T30926] Bluetooth: MGMT ver 1.23 [ 2982.910112][ T29] audit: type=1326 audit(3123.218:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30921 comm="syz.1.4686" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1db037dff9 code=0x0 [ 2984.151953][T30935] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 2985.711470][T21265] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 2985.743613][T21265] usb 1-1: 2:1: cannot set freq 9338507 to ep 0x82 [ 2986.250014][T21265] usb 1-1: USB disconnect, device number 57 [ 2986.711580][T30962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2991.570479][ T29] audit: type=1400 audit(3132.320:1589): avc: denied { setopt } for pid=31009 comm="syz.3.4714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 2992.554021][ T29] audit: type=1326 audit(3133.254:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31013 comm="syz.3.4717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc471f7dff9 code=0x7fc00000 [ 2992.941384][ T29] audit: type=1326 audit(3133.254:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31013 comm="syz.3.4717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc471f7dff9 code=0x7fc00000 [ 2993.040038][ T29] audit: type=1326 audit(3133.621:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31013 comm="syz.3.4717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc471f7dff9 code=0x7fc00000 [ 2994.923564][T31036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4723'. [ 2995.032524][ T29] audit: type=1400 audit(3135.952:1593): avc: denied { map } for pid=31039 comm="syz.4.4724" path="socket:[170816]" dev="sockfs" ino=170816 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 2995.075769][ T29] audit: type=1400 audit(3135.983:1594): avc: denied { accept } for pid=31039 comm="syz.4.4724" path="socket:[170816]" dev="sockfs" ino=170816 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 2995.687582][T31050] Bluetooth: hci0: Opcode 0x0401 failed: -112 [ 2996.115894][T31070] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4738'. [ 2996.273817][T31053] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 2996.463261][T31079] dccp_close: ABORT with 1 bytes unread [ 2997.654080][T31104] netlink: 116 bytes leftover after parsing attributes in process `syz.1.4750'. [ 2998.065088][T31118] netlink: 13 bytes leftover after parsing attributes in process `syz.4.4756'. [ 2998.222151][T24932] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 2998.987290][T31104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2999.191780][T31104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2999.215071][T31104] bond0 (unregistering): Released all slaves [ 2999.305317][T31125] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4753'. [ 2999.702792][T31146] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4767'. [ 2999.765248][T31148] hsr0: entered allmulticast mode [ 2999.771746][T31148] hsr_slave_0: entered allmulticast mode [ 2999.784114][T31148] hsr_slave_1: entered allmulticast mode [ 3000.042134][T31148] hsr_slave_0: left promiscuous mode [ 3000.073677][T31148] hsr_slave_1: left promiscuous mode [ 3000.880608][T31148] hsr0 (unregistering): left allmulticast mode [ 3000.894724][T31160] netlink: 'syz.2.4772': attribute type 75 has an invalid length. [ 3001.289352][ T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 3001.441383][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 3001.455063][ T9] usb 4-1: config 1 has an invalid interface number: 3 but max is 2 [ 3001.485748][ T9] usb 4-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 3001.536063][ T9] usb 4-1: too many endpoints for config 1 interface 3 altsetting 249: 35, using maximum allowed: 30 [ 3001.577591][ T9] usb 4-1: config 1 interface 3 altsetting 249 has 0 endpoint descriptors, different from the interface descriptor's value: 35 [ 3002.259880][ T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 3002.273591][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 3002.273642][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 3002.288196][ T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 3002.298459][ T9] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 3002.309482][ T9] usb 4-1: config 1 interface 3 has no altsetting 0 [ 3002.331019][ T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 8.40 [ 3002.340142][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3002.348225][ T9] usb 4-1: Product: syz [ 3002.352406][ T9] usb 4-1: Manufacturer: syz [ 3002.358558][ T9] usb 4-1: SerialNumber: syz [ 3002.617053][T31166] syzkaller0: entered allmulticast mode [ 3004.928994][T31225] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4798'. [ 3007.834797][T31244] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4804'. [ 3008.538144][ T29] audit: type=1326 audit(3150.082:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3014.129889][ T29] audit: type=1326 audit(3150.093:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3016.050209][ C0] sched: DL replenish lagged too much [ 3016.149285][ T29] audit: type=1326 audit(3150.103:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3016.313385][ T29] audit: type=1326 audit(3150.103:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3016.541965][ T29] audit: type=1326 audit(3150.103:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3017.949676][ T29] audit: type=1326 audit(3150.103:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3018.119969][ T29] audit: type=1326 audit(3150.103:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3018.359395][ T29] audit: type=1326 audit(3150.103:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31255 comm="syz.0.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab22b7dff9 code=0x7ffc0000 [ 3018.810263][ T29] audit: type=1400 audit(3160.916:1603): avc: denied { bind } for pid=31264 comm="syz.0.4816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 3018.988173][ T29] audit: type=1400 audit(3161.021:1604): avc: denied { write } for pid=31264 comm="syz.0.4816" path="socket:[171713]" dev="sockfs" ino=171713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 3020.009865][T30800] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 3020.024291][T30800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 3020.032579][T30800] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 3020.042857][T30800] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 3020.051021][T30800] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 3020.058778][T30800] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 3020.163090][T24932] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 3020.175126][T24932] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 3020.183826][T24932] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 3020.195287][T24932] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 3020.206265][T24932] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 3020.213723][T24932] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 3020.940933][T31285] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 3022.027291][T30800] Bluetooth: hci0: command tx timeout [ 3022.210680][T30800] Bluetooth: hci2: command tx timeout [ 3022.791756][T24932] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 3022.908338][T24932] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 3024.578801][T24932] Bluetooth: hci0: command tx timeout [ 3024.589123][T30800] Bluetooth: hci2: command tx timeout [ 3025.495528][T31283] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 3027.044136][T30800] Bluetooth: hci0: command tx timeout [ 3027.957772][T30800] Bluetooth: hci2: command tx timeout [ 3029.383208][T30800] Bluetooth: hci0: command tx timeout [ 3030.548632][T30800] Bluetooth: hci2: command tx timeout [ 3044.494848][T24932] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 3044.507227][T24932] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 3044.520520][T24932] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 3044.531235][T24932] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 3044.538894][T24932] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 3044.546237][T24932] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 3045.132926][T30800] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 3045.153646][T30800] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 3045.161887][T30800] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 3045.170091][T30800] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 3045.177838][T30800] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 3045.185240][T30800] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 3045.274476][T24932] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 3045.284728][T24932] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 3045.293208][T24932] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 3045.306057][T24932] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 3045.314433][T24932] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 3045.324079][T24932] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 3046.536234][T24932] Bluetooth: hci1: command tx timeout [ 3047.146474][T24932] Bluetooth: hci3: command tx timeout [ 3047.298237][T24932] Bluetooth: hci4: command tx timeout [ 3048.343129][ T29] audit: type=1400 audit(3191.917:1605): avc: denied { sys_chroot } for pid=31303 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 3048.389642][ T29] audit: type=1400 audit(3191.938:1606): avc: denied { setgid } for pid=31303 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 3048.420442][ T29] audit: type=1400 audit(3191.938:1607): avc: denied { setrlimit } for pid=31303 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 3048.517506][T24932] Bluetooth: hci1: command tx timeout [ 3049.127060][T24932] Bluetooth: hci3: command tx timeout [ 3049.279739][T24932] Bluetooth: hci4: command tx timeout [ 3050.504587][T24932] Bluetooth: hci1: command tx timeout [ 3051.124223][T24932] Bluetooth: hci3: command tx timeout [ 3051.260850][T24932] Bluetooth: hci4: command tx timeout [ 3052.480090][T24932] Bluetooth: hci1: command tx timeout [ 3053.095528][T24932] Bluetooth: hci3: command tx timeout [ 3053.242325][T24932] Bluetooth: hci4: command tx timeout [ 3060.788010][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 3060.794341][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 3077.430006][T30800] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 3077.445822][T30800] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 3077.453998][T30800] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 3077.462082][T30800] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 3077.469780][T30800] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 3077.480410][T30800] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 3077.549639][T30800] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 3077.568653][T30800] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 3077.578023][T30800] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 3077.588010][T30800] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 3077.596653][T30800] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 3077.604278][T30800] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 3079.472068][T30800] Bluetooth: hci5: command tx timeout [ 3079.533025][T30800] Bluetooth: hci6: command tx timeout [ 3081.443876][T30800] Bluetooth: hci5: command tx timeout [ 3081.514194][T30800] Bluetooth: hci6: command tx timeout [ 3083.428926][T30800] Bluetooth: hci5: command tx timeout [ 3083.501400][T30800] Bluetooth: hci6: command tx timeout [ 3085.400528][T30800] Bluetooth: hci5: command tx timeout [ 3085.476823][T30800] Bluetooth: hci6: command tx timeout [ 3102.657241][T24932] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 3102.669024][T24932] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 3102.678239][T24932] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 3102.694832][T24932] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 3102.703038][T24932] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 3102.711057][T24932] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 3102.764338][T30800] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 3102.774472][T30800] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 3102.785368][T30800] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 3102.793253][T30800] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 3102.802597][T30800] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 3102.810139][T30800] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 3102.880758][T24932] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 3102.891138][T24932] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 3102.900672][T24932] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 3102.912047][T24932] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 3102.919701][T24932] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 3102.927008][T24932] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 3104.684422][T24932] Bluetooth: hci7: command tx timeout [ 3104.756835][T24932] Bluetooth: hci8: command tx timeout [ 3104.915238][T24932] Bluetooth: hci9: command tx timeout [ 3106.661587][T24932] Bluetooth: hci7: command tx timeout [ 3106.738111][T24932] Bluetooth: hci8: command tx timeout [ 3106.890501][T24932] Bluetooth: hci9: command tx timeout [ 3108.643158][T24932] Bluetooth: hci7: command tx timeout [ 3108.729099][T24932] Bluetooth: hci8: command tx timeout [ 3108.871846][T24932] Bluetooth: hci9: command tx timeout [ 3110.624493][T24932] Bluetooth: hci7: command tx timeout [ 3110.700675][T24932] Bluetooth: hci8: command tx timeout [ 3110.862793][T24932] Bluetooth: hci9: command tx timeout [ 3119.316316][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 3119.330314][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 3135.185085][T30800] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 3135.200947][T30800] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 3135.211931][T30800] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 3135.220219][T30800] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 3135.229744][T30800] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 3135.238851][T30800] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 3135.452457][T30800] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 3135.469705][T30800] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 3135.483805][T30800] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 3135.492049][T30800] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 3135.500074][T30800] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 3135.509499][T30800] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 3137.220219][T30800] Bluetooth: hci10: command tx timeout [ 3137.448742][T30800] Bluetooth: hci11: command tx timeout [ 3139.207414][T30800] Bluetooth: hci10: command tx timeout [ 3139.439629][T30800] Bluetooth: hci11: command tx timeout [ 3140.801561][T30800] Bluetooth: hci0: command 0x0406 tx timeout [ 3140.807695][T30800] Bluetooth: hci2: command 0x0406 tx timeout [ 3141.196305][T30801] Bluetooth: hci10: command tx timeout [ 3141.411483][T30801] Bluetooth: hci11: command tx timeout [ 3143.179938][T30801] Bluetooth: hci10: command tx timeout [ 3143.392771][T30801] Bluetooth: hci11: command tx timeout [ 3160.377269][T24932] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 3160.404303][T24932] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 3160.412914][T24932] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 3160.421577][T24932] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 3160.430855][T24932] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 3160.438213][T24932] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 3160.506681][T30800] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 3160.516788][T30800] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 3160.525833][T30800] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 3160.535442][T30800] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 3160.543281][T30800] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 3160.550684][T30800] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 3160.559116][T30800] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 3160.569895][T30800] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 3160.578125][T30800] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 3160.588710][T30800] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 3160.596421][T30800] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 3160.625859][T30800] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 3162.367758][T30800] Bluetooth: hci0: command tx timeout [ 3162.596467][T24932] Bluetooth: hci12: command tx timeout [ 3162.603376][T24932] Bluetooth: hci2: command tx timeout [ 3164.349123][T24932] Bluetooth: hci0: command tx timeout [ 3164.577673][T24932] Bluetooth: hci2: command tx timeout [ 3164.583137][T24932] Bluetooth: hci12: command tx timeout [ 3165.187170][T24932] Bluetooth: hci4: command 0x0406 tx timeout [ 3165.193383][T11922] Bluetooth: hci3: command 0x0406 tx timeout [ 3165.212903][T11922] Bluetooth: hci1: command 0x0406 tx timeout [ 3166.340012][T30801] Bluetooth: hci0: command tx timeout [ 3166.559125][T30800] Bluetooth: hci2: command tx timeout [ 3166.566866][T30801] Bluetooth: hci12: command tx timeout [ 3168.311687][T30801] Bluetooth: hci0: command tx timeout [ 3168.549932][T30800] Bluetooth: hci2: command tx timeout [ 3168.555403][T30801] Bluetooth: hci12: command tx timeout [ 3177.839182][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 3177.845514][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 3192.639012][T29525] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 3192.649472][T29525] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 3192.661177][T29525] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 3192.669169][T29525] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 3192.677677][T29525] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 3192.685227][T29525] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 3192.924957][T16908] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 3192.935682][T16908] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 3192.952216][T16908] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 3192.964471][T16908] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 3192.972482][T16908] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 3192.979953][T16908] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 3194.449710][T29525] Bluetooth: hci5: command 0x0406 tx timeout [ 3194.455842][T29525] Bluetooth: hci6: command 0x0406 tx timeout [ 3194.684659][T30800] Bluetooth: hci13: command tx timeout [ 3194.907452][T30800] Bluetooth: hci14: command tx timeout [ 3196.660076][T30800] Bluetooth: hci13: command tx timeout [ 3196.888194][T30800] Bluetooth: hci14: command tx timeout [ 3198.565116][ T30] INFO: task kworker/u8:5:1068 blocked for more than 143 seconds. [ 3198.572974][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3198.588397][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3198.622079][ T30] task:kworker/u8:5 state:D stack:22432 pid:1068 tgid:1068 ppid:2 flags:0x00004000 [ 3198.641897][T30800] Bluetooth: hci13: command tx timeout SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3198.680621][ T30] Workqueue: netns cleanup_net [ 3198.685465][ T30] Call Trace: [ 3198.715191][ T30] [ 3198.724964][ T30] __schedule+0xef5/0x5750 [ 3198.791912][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3198.835772][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3198.888893][ T30] ? __pfx___schedule+0x10/0x10 [ 3198.893794][ T30] ? schedule+0x298/0x350 [ 3198.898151][ T30] ? __pfx_lock_release+0x10/0x10 [ 3198.903328][T30800] Bluetooth: hci14: command tx timeout [ 3198.954225][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3198.971774][ T30] ? lock_acquire+0x2f/0xb0 [ 3198.983933][ T30] ? schedule+0x1fd/0x350 [ 3198.988307][ T30] schedule+0xe7/0x350 [ 3199.006958][ T30] schedule_preempt_disabled+0x13/0x30 [ 3199.012465][ T30] __mutex_lock+0x5b8/0x9c0 [ 3199.018998][ T30] ? wg_netns_pre_exit+0x1b/0x230 [ 3199.031191][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3199.036564][ T30] ? net_generic+0xea/0x2a0 [ 3199.041115][ T30] ? __pfx_wg_netns_pre_exit+0x10/0x10 [ 3199.053354][ T30] ? wg_netns_pre_exit+0x1b/0x230 [ 3199.058420][ T30] ? rtnl_lock+0x9/0x20 [ 3199.068837][ T30] wg_netns_pre_exit+0x1b/0x230 [ 3199.074096][ T30] ? __pfx_wg_netns_pre_exit+0x10/0x10 [ 3199.087469][ T30] cleanup_net+0x488/0xb40 [ 3199.092255][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 3199.097238][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3199.107654][ T30] ? process_one_work+0x921/0x1ba0 [ 3199.112808][ T30] ? lock_acquire+0x2f/0xb0 [ 3199.117332][ T30] ? process_one_work+0x921/0x1ba0 [ 3199.134187][ T30] process_one_work+0x9c5/0x1ba0 [ 3199.147146][ T30] ? __pfx_batadv_nc_worker+0x10/0x10 [ 3199.153245][ T30] ? __pfx_process_one_work+0x10/0x10 [ 3199.165147][ T30] ? assign_work+0x1a0/0x250 [ 3199.169789][ T30] worker_thread+0x6c8/0xf00 [ 3199.174422][ T30] ? __pfx_worker_thread+0x10/0x10 [ 3199.187900][ T30] kthread+0x2c1/0x3a0 [ 3199.192011][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3199.201211][ T30] ? __pfx_kthread+0x10/0x10 [ 3199.208672][ T30] ret_from_fork+0x45/0x80 [ 3199.217016][ T30] ? __pfx_kthread+0x10/0x10 [ 3199.221650][ T30] ret_from_fork_asm+0x1a/0x30 [ 3199.230519][ T30] [ 3199.237556][ T30] INFO: task kworker/u8:7:2587 blocked for more than 144 seconds. [ 3199.250317][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3199.261764][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3199.276254][ T30] task:kworker/u8:7 state:D stack:22432 pid:2587 tgid:2587 ppid:2 flags:0x00004000 [ 3199.287959][ T30] Workqueue: ipv6_addrconf addrconf_verify_work [ 3199.298090][ T30] Call Trace: [ 3199.301393][ T30] [ 3199.304351][ T30] __schedule+0xef5/0x5750 [ 3199.315316][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.320791][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.327294][ T30] ? __pfx___schedule+0x10/0x10 [ 3199.332186][ T30] ? schedule+0x298/0x350 [ 3199.343763][ T30] ? __pfx_lock_release+0x10/0x10 [ 3199.349107][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3199.354351][ T30] ? lock_acquire+0x2f/0xb0 [ 3199.366207][ T30] ? schedule+0x1fd/0x350 [ 3199.370764][ T30] schedule+0xe7/0x350 [ 3199.380042][ T30] schedule_preempt_disabled+0x13/0x30 [ 3199.391624][ T30] __mutex_lock+0x5b8/0x9c0 [ 3199.401134][ T30] ? addrconf_verify_work+0x12/0x30 [ 3199.408697][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3199.419027][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 3199.427019][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3199.437090][ T30] ? process_one_work+0x921/0x1ba0 [ 3199.444796][ T30] ? addrconf_verify_work+0x12/0x30 [ 3199.450044][ T30] addrconf_verify_work+0x12/0x30 [ 3199.459849][ T30] process_one_work+0x9c5/0x1ba0 [ 3199.467437][ T30] ? __pfx_batadv_nc_worker+0x10/0x10 [ 3199.476679][ T30] ? __pfx_process_one_work+0x10/0x10 [ 3199.484747][ T30] ? assign_work+0x1a0/0x250 [ 3199.493193][ T30] worker_thread+0x6c8/0xf00 [ 3199.497827][ T30] ? __kthread_parkme+0x148/0x220 [ 3199.505672][ T30] ? __pfx_worker_thread+0x10/0x10 [ 3199.515640][ T30] kthread+0x2c1/0x3a0 [ 3199.523260][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3199.532320][ T30] ? __pfx_kthread+0x10/0x10 [ 3199.539562][ T30] ret_from_fork+0x45/0x80 [ 3199.544619][ T30] ? __pfx_kthread+0x10/0x10 [ 3199.553831][ T30] ret_from_fork_asm+0x1a/0x30 [ 3199.561479][ T30] [ 3199.564598][ T30] INFO: task dhcpcd:4886 blocked for more than 144 seconds. [ 3199.577236][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3199.587343][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3199.599855][ T30] task:dhcpcd state:D stack:22528 pid:4886 tgid:4886 ppid:4885 flags:0x00000002 [ 3199.612798][ T30] Call Trace: [ 3199.617004][ T30] [ 3199.619966][ T30] __schedule+0xef5/0x5750 [ 3199.630819][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.637691][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.648506][ T30] ? __pfx___schedule+0x10/0x10 [ 3199.655281][ T30] ? schedule+0x298/0x350 [ 3199.659648][ T30] ? __pfx_lock_release+0x10/0x10 [ 3199.669828][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3199.675070][ T30] ? lock_acquire+0x2f/0xb0 [ 3199.686276][ T30] ? schedule+0x1fd/0x350 [ 3199.690919][ T30] schedule+0xe7/0x350 [ 3199.695024][ T30] schedule_preempt_disabled+0x13/0x30 [ 3199.706901][ T30] __mutex_lock+0x5b8/0x9c0 [ 3199.711803][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3199.718976][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3199.724062][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3199.736563][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 3199.742054][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3199.753959][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.760330][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3199.771702][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 3199.777047][ T30] netlink_rcv_skb+0x16b/0x440 [ 3199.781850][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3199.793928][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 3199.799279][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 3199.810032][ T30] netlink_unicast+0x53c/0x7f0 [ 3199.815975][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 3199.821409][ T30] netlink_sendmsg+0x8b8/0xd70 [ 3199.831956][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 3199.837281][ T30] ? __import_iovec+0x1fd/0x6e0 [ 3199.850033][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 3199.855099][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 3199.865555][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 3199.872922][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 3199.878246][ T30] ___sys_sendmsg+0x135/0x1e0 [ 3199.887226][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 3199.895102][ T30] ? fdget+0x176/0x210 [ 3199.904521][ T30] __sys_sendmsg+0x117/0x1f0 [ 3199.912787][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 3199.921854][ T30] do_syscall_64+0xcd/0x250 [ 3199.926407][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3199.935715][ T30] RIP: 0033:0x7f82455a4a4b [ 3199.945195][ T30] RSP: 002b:00007ffc0fe21a08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3199.956745][ T30] RAX: ffffffffffffffda RBX: 00007f82454cc6c0 RCX: 00007f82455a4a4b [ 3199.964755][ T30] RDX: 0000000000000000 RSI: 00007ffc0fe35bb8 RDI: 0000000000000019 [ 3199.978323][ T30] RBP: 0000000000000019 R08: 0000000000000000 R09: 00007ffc0fe35bb8 [ 3199.989007][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 3200.000822][ T30] R13: 00007ffc0fe35bb8 R14: 0000000000000044 R15: 0000000000000001 [ 3200.012534][ T30] [ 3200.016377][ T30] INFO: task kworker/0:7:23423 blocked for more than 144 seconds. [ 3200.032047][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3200.039366][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3200.054540][ T30] task:kworker/0:7 state:D stack:22904 pid:23423 tgid:23423 ppid:2 flags:0x00004000 [ 3200.068161][ T30] Workqueue: events_power_efficient check_lifetime [ 3200.078555][ T30] Call Trace: [ 3200.084935][ T30] [ 3200.087900][ T30] __schedule+0xef5/0x5750 [ 3200.098356][ T30] ? __pfx_mark_lock+0x10/0x10 [ 3200.105934][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 3200.115329][ T30] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 3200.124900][ T30] ? find_held_lock+0x2d/0x110 [ 3200.134128][ T30] ? __pfx___schedule+0x10/0x10 [ 3200.141643][ T30] ? schedule+0x298/0x350 [ 3200.146268][ T30] ? __pfx_lock_release+0x10/0x10 [ 3200.151353][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3200.162857][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3200.169484][ T30] schedule+0xe7/0x350 [ 3200.173641][ T30] schedule_preempt_disabled+0x13/0x30 [ 3200.184200][ T30] __mutex_lock+0x5b8/0x9c0 [ 3200.188748][ T30] ? check_lifetime+0x584/0xab0 [ 3200.193626][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3200.205315][ T30] ? check_lifetime+0x361/0xab0 [ 3200.210220][ T30] ? lock_acquire+0x2f/0xb0 [ 3200.218696][ T30] ? check_lifetime+0x584/0xab0 [ 3200.227908][ T30] check_lifetime+0x584/0xab0 [ 3200.236499][ T30] ? check_lifetime+0x73/0xab0 [ 3200.241304][ T30] process_one_work+0x9c5/0x1ba0 [ 3200.246689][ T30] ? __pfx_wg_ratelimiter_gc_entries+0x10/0x10 [ 3200.259527][ T30] ? __pfx_process_one_work+0x10/0x10 [ 3200.265223][ T30] ? assign_work+0x1a0/0x250 [ 3200.270132][ T30] worker_thread+0x6c8/0xf00 [ 3200.274768][ T30] ? __kthread_parkme+0x148/0x220 [ 3200.287709][ T30] ? __pfx_worker_thread+0x10/0x10 [ 3200.293113][ T30] kthread+0x2c1/0x3a0 [ 3200.297219][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3200.307884][ T30] ? __pfx_kthread+0x10/0x10 [ 3200.312523][ T30] ret_from_fork+0x45/0x80 [ 3200.316961][ T30] ? __pfx_kthread+0x10/0x10 [ 3200.328442][ T30] ret_from_fork_asm+0x1a/0x30 [ 3200.333266][ T30] [ 3200.336383][ T30] INFO: task kworker/u8:13:26065 blocked for more than 145 seconds. [ 3200.351103][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3200.361074][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3200.373550][ T30] task:kworker/u8:13 state:D stack:23680 pid:26065 tgid:26065 ppid:2 flags:0x00004000 [ 3200.387551][ T30] Workqueue: events_unbound linkwatch_event [ 3200.393486][ T30] Call Trace: [ 3200.401693][ T30] [ 3200.407734][ T30] __schedule+0xef5/0x5750 [ 3200.412190][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3200.421883][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3200.430002][ T30] ? __pfx___schedule+0x10/0x10 [ 3200.439504][ T30] ? schedule+0x298/0x350 [ 3200.446486][ T30] ? __pfx_lock_release+0x10/0x10 [ 3200.455459][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3200.463325][ T30] ? lock_acquire+0x2f/0xb0 [ 3200.467863][ T30] ? schedule+0x1fd/0x350 [ 3200.476133][ T30] schedule+0xe7/0x350 [ 3200.482865][ T30] schedule_preempt_disabled+0x13/0x30 [ 3200.488361][ T30] __mutex_lock+0x5b8/0x9c0 [ 3200.498449][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3200.503699][ T30] ? linkwatch_event+0x51/0xc0 [ 3200.514359][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3200.520299][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 3200.525969][ T30] ? rcu_is_watching+0x12/0xc0 [ 3200.537128][ T30] ? linkwatch_event+0x51/0xc0 [ 3200.541929][ T30] ? rtnl_lock+0x9/0x20 [ 3200.546105][ T30] linkwatch_event+0x51/0xc0 [ 3200.557148][ T30] ? __pfx_linkwatch_event+0x10/0x10 [ 3200.562476][ T30] ? rcu_is_watching+0x12/0xc0 [ 3200.572464][ T30] process_one_work+0x9c5/0x1ba0 [ 3200.577791][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 3200.583456][ T30] ? __pfx_process_one_work+0x10/0x10 [ 3200.591533][ T30] ? assign_work+0x1a0/0x250 [ 3200.601003][ T30] worker_thread+0x6c8/0xf00 [ 3200.608023][ T30] ? __pfx_worker_thread+0x10/0x10 [ 3200.618526][ T30] kthread+0x2c1/0x3a0 [ 3200.622962][T30800] Bluetooth: hci13: command tx timeout [ 3200.630741][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3200.641077][ T30] ? __pfx_kthread+0x10/0x10 [ 3200.647194][ T30] ret_from_fork+0x45/0x80 [ 3200.656661][ T30] ? __pfx_kthread+0x10/0x10 [ 3200.664042][ T30] ret_from_fork_asm+0x1a/0x30 [ 3200.669181][ T30] [ 3200.677195][ T30] INFO: task syz-executor:30795 blocked for more than 145 seconds. [ 3200.686620][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3200.698605][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3200.707298][ T30] task:syz-executor state:D stack:24288 pid:30795 tgid:30795 ppid:1 flags:0x00004006 [ 3200.725810][ T30] Call Trace: [ 3200.729784][ T30] [ 3200.732745][ T30] __schedule+0xef5/0x5750 [ 3200.743950][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3200.749486][ T30] ? __pfx___schedule+0x10/0x10 [ 3200.754372][ T30] ? schedule+0x298/0x350 [ 3200.766692][ T30] ? __pfx_lock_release+0x10/0x10 [ 3200.771765][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3200.783395][ T30] ? lock_acquire+0x2f/0xb0 [ 3200.789079][ T30] ? schedule+0x1fd/0x350 [ 3200.793450][ T30] schedule+0xe7/0x350 [ 3200.803587][ T30] schedule_preempt_disabled+0x13/0x30 [ 3200.809875][ T30] __mutex_lock+0x5b8/0x9c0 [ 3200.822283][ T30] ? tun_chr_close+0x38/0x230 [ 3200.830796][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3200.841768][ T30] ? locks_remove_file+0x393/0x5a0 [ 3200.846923][ T30] ? __pfx_locks_remove_file+0x10/0x10 [ 3200.852708][T30800] Bluetooth: hci14: command tx timeout [ 3200.863455][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 3200.868675][ T30] ? tun_chr_close+0x38/0x230 [ 3200.877750][ T30] ? rtnl_lock+0x9/0x20 [ 3200.886583][ T30] tun_chr_close+0x38/0x230 [ 3200.893743][ T30] __fput+0x3f6/0xb60 [ 3200.897776][ T30] task_work_run+0x14e/0x250 [ 3200.906890][ T30] ? __pfx_task_work_run+0x10/0x10 [ 3200.914747][ T30] do_exit+0xadd/0x2d70 [ 3200.922746][ T30] ? get_signal+0x8f2/0x2770 [ 3200.932796][ T30] ? __pfx_do_exit+0x10/0x10 [ 3200.941613][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 3200.949440][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 3200.954855][ T30] do_group_exit+0xd3/0x2a0 [ 3200.963318][ T30] get_signal+0x25fb/0x2770 [ 3200.970858][ T30] ? lock_acquire+0x2f/0xb0 [ 3200.979156][ T30] ? __pfx_get_signal+0x10/0x10 [ 3200.986374][ T30] ? path_umount+0x68b/0x10d0 [ 3200.991102][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 3201.002910][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 3201.012933][ T30] ? __x64_sys_umount+0x125/0x1a0 [ 3201.018010][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 3201.031066][ T30] do_syscall_64+0xda/0x250 [ 3201.035867][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3201.048628][ T30] RIP: 0033:0x7fc471f7f327 [ 3201.053410][ T30] RSP: 002b:00007ffeb67480d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 3201.068126][ T30] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc471f7f327 [ 3201.076394][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeb6748190 [ 3201.088951][ T30] RBP: 00007ffeb6748190 R08: 0000000000000000 R09: 0000000000000000 [ 3201.096954][ T30] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb6749210 [ 3201.113710][ T30] R13: 00007fc471ff0134 R14: 00000000003040c7 R15: 00007ffeb6749250 [ 3201.122048][ T30] [ 3201.125167][ T30] INFO: task syz.2.4806:31240 blocked for more than 146 seconds. [ 3201.140909][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3201.150129][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3201.165161][ T30] task:syz.2.4806 state:D stack:25280 pid:31240 tgid:31238 ppid:30802 flags:0x00004002 [ 3201.182217][ T30] Call Trace: [ 3201.185929][ T30] [ 3201.188918][ T30] __schedule+0xef5/0x5750 [ 3201.193364][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3201.206834][ T30] ? __pfx___schedule+0x10/0x10 [ 3201.211726][ T30] ? schedule+0x298/0x350 [ 3201.218920][ T30] ? __pfx_lock_release+0x10/0x10 [ 3201.228182][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3201.236383][ T30] ? lock_acquire+0x2f/0xb0 [ 3201.240967][ T30] ? schedule+0x1fd/0x350 [ 3201.250813][ T30] schedule+0xe7/0x350 [ 3201.258009][ T30] schedule_preempt_disabled+0x13/0x30 [ 3201.267284][ T30] __mutex_lock+0x5b8/0x9c0 [ 3201.273964][ T30] ? tun_chr_close+0x38/0x230 [ 3201.278682][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3201.289188][ T30] ? locks_remove_file+0x393/0x5a0 [ 3201.294345][ T30] ? __pfx_locks_remove_file+0x10/0x10 [ 3201.307963][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 3201.313423][ T30] ? tun_chr_close+0x38/0x230 [ 3201.324262][ T30] ? rtnl_lock+0x9/0x20 [ 3201.328718][ T30] tun_chr_close+0x38/0x230 [ 3201.333259][ T30] __fput+0x3f6/0xb60 [ 3201.343549][ T30] task_work_run+0x14e/0x250 [ 3201.348475][ T30] ? __pfx_task_work_run+0x10/0x10 [ 3201.353638][ T30] do_exit+0xadd/0x2d70 [ 3201.365331][ T30] ? get_signal+0x8f2/0x2770 [ 3201.369962][ T30] ? __pfx_do_exit+0x10/0x10 [ 3201.381139][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 3201.386501][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 3201.391913][ T30] do_group_exit+0xd3/0x2a0 [ 3201.403300][ T30] get_signal+0x25fb/0x2770 [ 3201.408130][ T30] ? __pfx_get_signal+0x10/0x10 [ 3201.421842][ T30] ? task_work_add+0x1d6/0x370 [ 3201.426923][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 3201.438664][ T30] ? __fget_files+0x244/0x3f0 [ 3201.443685][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 3201.449891][ T30] ? ksys_read+0x1ad/0x260 [ 3201.460521][ T30] ? __pfx_ksys_read+0x10/0x10 [ 3201.465339][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 3201.479257][ T30] do_syscall_64+0xda/0x250 [ 3201.484079][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3201.496787][ T30] RIP: 0033:0x7f56a5d7dff9 [ 3201.501571][ T30] RSP: 002b:00007f56a6c5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3201.516130][ T30] RAX: 0000000000018ff8 RBX: 00007f56a5f35f80 RCX: 00007f56a5d7dff9 [ 3201.525526][ T30] RDX: 0000000000018ff8 RSI: 0000000020032680 RDI: 0000000000000009 [ 3201.536573][ T30] RBP: 00007f56a5df0296 R08: 0000000000000000 R09: 0000000000000000 [ 3201.544577][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3201.558608][ T30] R13: 0000000000000000 R14: 00007f56a5f35f80 R15: 00007fff1e51a178 [ 3201.571548][ T30] [ 3201.574658][ T30] INFO: task syz-executor:31297 blocked for more than 146 seconds. [ 3201.587526][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3201.598730][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3201.610037][ T30] task:syz-executor state:D stack:26112 pid:31297 tgid:31297 ppid:1 flags:0x00000004 [ 3201.625058][ T30] Call Trace: [ 3201.628363][ T30] [ 3201.631365][ T30] __schedule+0xef5/0x5750 [ 3201.640628][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3201.649682][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3201.657661][ T30] ? __pfx___schedule+0x10/0x10 [ 3201.667415][ T30] ? schedule+0x298/0x350 [ 3201.676490][ T30] ? __pfx_lock_release+0x10/0x10 [ 3201.688492][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3201.697361][ T30] ? lock_acquire+0x2f/0xb0 [ 3201.705721][ T30] ? schedule+0x1fd/0x350 [ 3201.713116][ T30] schedule+0xe7/0x350 [ 3201.717232][ T30] schedule_preempt_disabled+0x13/0x30 [ 3201.726628][ T30] __mutex_lock+0x5b8/0x9c0 [ 3201.735216][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3201.744223][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3201.751893][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3201.760868][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 3201.769410][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3201.774915][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3201.780406][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3201.793323][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 3201.800189][ T30] netlink_rcv_skb+0x16b/0x440 [ 3201.811149][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3201.816944][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 3201.822288][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 3201.831940][ T30] netlink_unicast+0x53c/0x7f0 [ 3201.836750][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 3201.849336][ T30] netlink_sendmsg+0x8b8/0xd70 [ 3201.854406][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 3201.860818][ T30] __sys_sendto+0x479/0x4d0 [ 3201.865369][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 3201.877079][ T30] ? reacquire_held_locks+0x20b/0x4c0 [ 3201.883377][ T30] ? do_user_addr_fault+0xdc7/0x13f0 [ 3201.888746][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 3201.900235][ T30] ? do_syscall_64+0x91/0x250 [ 3201.904954][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3201.915471][ T30] do_syscall_64+0xcd/0x250 [ 3201.921672][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3201.933720][ T30] RIP: 0033:0x7fc69357fe8c [ 3201.938449][ T30] RSP: 002b:00007fffd1576c10 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 3201.954291][ T30] RAX: ffffffffffffffda RBX: 00007fc694264620 RCX: 00007fc69357fe8c [ 3201.963488][ T30] RDX: 0000000000000028 RSI: 00007fc694264670 RDI: 0000000000000003 [ 3201.978267][ T30] RBP: 0000000000000000 R08: 00007fffd1576c64 R09: 000000000000000c [ 3201.988934][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 3202.003498][ T30] R13: 0000000000000000 R14: 00007fc694264670 R15: 0000000000000000 [ 3202.011524][ T30] [ 3202.021697][ T30] INFO: task syz-executor:31299 blocked for more than 146 seconds. [ 3202.029908][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3202.041684][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3202.050375][ T30] task:syz-executor state:D stack:26112 pid:31299 tgid:31299 ppid:1 flags:0x00000004 [ 3202.068492][ T30] Call Trace: [ 3202.075989][ T30] [ 3202.079589][ T30] __schedule+0xef5/0x5750 [ 3202.090656][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.095907][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.106900][ T30] ? __pfx___schedule+0x10/0x10 [ 3202.113248][ T30] ? schedule+0x298/0x350 [ 3202.117611][ T30] ? __pfx_lock_release+0x10/0x10 [ 3202.127404][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3202.132648][ T30] ? lock_acquire+0x2f/0xb0 [ 3202.142861][ T30] ? schedule+0x1fd/0x350 [ 3202.152701][ T30] schedule+0xe7/0x350 [ 3202.163003][ T30] schedule_preempt_disabled+0x13/0x30 [ 3202.168775][ T30] __mutex_lock+0x5b8/0x9c0 [ 3202.173319][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3202.184723][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3202.189811][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3202.201524][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 3202.207214][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3202.212717][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.222493][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.227740][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 3202.242529][ T30] netlink_rcv_skb+0x16b/0x440 [ 3202.247337][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3202.259946][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 3202.265554][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 3202.277606][ T30] netlink_unicast+0x53c/0x7f0 [ 3202.284797][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 3202.296553][ T30] netlink_sendmsg+0x8b8/0xd70 [ 3202.301887][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 3202.307231][ T30] __sys_sendto+0x479/0x4d0 [ 3202.317836][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 3202.322908][ T30] ? reacquire_held_locks+0x20b/0x4c0 [ 3202.334992][ T30] ? do_user_addr_fault+0xdc7/0x13f0 [ 3202.340637][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 3202.345441][ T30] ? do_syscall_64+0x91/0x250 [ 3202.355907][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3202.361150][ T30] do_syscall_64+0xcd/0x250 [ 3202.371622][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3202.380521][ T30] RIP: 0033:0x7fee7017fe8c [ 3202.392359][ T30] RSP: 002b:00007ffcac60bad0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 3202.401094][ T30] RAX: ffffffffffffffda RBX: 00007fee70e64620 RCX: 00007fee7017fe8c [ 3202.412970][ T30] RDX: 0000000000000028 RSI: 00007fee70e64670 RDI: 0000000000000003 [ 3202.420974][ T30] RBP: 0000000000000000 R08: 00007ffcac60bb24 R09: 000000000000000c [ 3202.434553][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 3202.448352][ T30] R13: 0000000000000000 R14: 00007fee70e64670 R15: 0000000000000000 [ 3202.460844][ T30] [ 3202.464846][ T30] INFO: task syz-executor:31301 blocked for more than 147 seconds. [ 3202.478379][ T30] Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3202.487195][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3202.502819][ T30] task:syz-executor state:D stack:26112 pid:31301 tgid:31301 ppid:1 flags:0x00004006 [ 3202.521471][ T30] Call Trace: [ 3202.524776][ T30] [ 3202.534214][ T30] __schedule+0xef5/0x5750 [ 3202.541299][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.552572][ T30] ? __pfx___schedule+0x10/0x10 [ 3202.560064][ T30] ? schedule+0x298/0x350 [ 3202.564439][ T30] ? __pfx_lock_release+0x10/0x10 [ 3202.574024][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 3202.581914][ T30] ? lock_acquire+0x2f/0xb0 [ 3202.590261][ T30] ? schedule+0x1fd/0x350 [ 3202.597218][ T30] schedule+0xe7/0x350 [ 3202.601328][ T30] schedule_preempt_disabled+0x13/0x30 [ 3202.612156][ T30] __mutex_lock+0x5b8/0x9c0 [ 3202.619331][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3202.632249][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 3202.637330][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 3202.649092][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 3202.655907][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3202.668143][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.673658][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 3202.678901][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 3202.689645][ T30] netlink_rcv_skb+0x16b/0x440 [ 3202.694452][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 3202.706116][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 3202.713505][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 3202.724967][ T30] netlink_unicast+0x53c/0x7f0 [ 3202.730049][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 3202.735386][ T30] netlink_sendmsg+0x8b8/0xd70 [ 3202.746505][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 3202.751845][ T30] __sys_sendto+0x479/0x4d0 [ 3202.763849][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 3202.769213][ T30] ? reacquire_held_locks+0x20b/0x4c0 [ 3202.774627][ T30] ? do_user_addr_fault+0xdc7/0x13f0 [ 3202.784540][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 3202.789351][ T30] ? do_syscall_64+0x91/0x250 [ 3202.794062][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3202.805097][ T30] do_syscall_64+0xcd/0x250 [ 3202.809644][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3202.821737][ T30] RIP: 0033:0x7ff720d7fe8c [ 3202.827779][ T30] RSP: 002b:00007ffd17132140 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 3202.843737][ T30] RAX: ffffffffffffffda RBX: 00007ff721a64620 RCX: 00007ff720d7fe8c [ 3202.855775][ T30] RDX: 0000000000000028 RSI: 00007ff721a64670 RDI: 0000000000000003 [ 3202.868731][ T30] RBP: 0000000000000000 R08: 00007ffd17132194 R09: 000000000000000c [ 3202.880655][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 3202.888660][ T30] R13: 0000000000000000 R14: 00007ff721a64670 R15: 0000000000000000 [ 3202.902025][ T30] [ 3202.905082][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 3202.920150][ T30] [ 3202.920150][ T30] Showing all locks held in the system: [ 3202.934867][ T30] 6 locks held by kworker/0:1/9: [ 3202.942666][ T30] 1 lock held by khungtaskd/30: [ 3202.951724][ T30] #0: ffffffff8e1b8300 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 3202.964937][ T30] 4 locks held by kworker/u8:5/1068: [ 3202.974634][ T30] #0: ffff88801beeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 [ 3202.992456][ T30] #1: ffffc900048b7d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 3203.006802][ T30] #2: ffffffff8fecae50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 [ 3203.020161][ T30] #3: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1b/0x230 [ 3203.034665][ T30] 3 locks held by kworker/u8:7/2587: [ 3203.039979][ T30] #0: ffff88814c0fc948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 [ 3203.057028][ T30] #1: ffffc9000a097d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 3203.076885][ T30] #2: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 [ 3203.090801][ T30] 1 lock held by dhcpcd/4886: [ 3203.096740][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.113733][ T30] 2 locks held by getty/4977: [ 3203.121526][ T30] #0: ffff88802ec570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 3203.134939][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 3203.152359][ T30] 4 locks held by kworker/0:3/5262: [ 3203.160801][ T30] 3 locks held by kworker/0:7/23423: [ 3203.169935][ T30] #0: ffff88801b081948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 [ 3203.184554][ T30] #1: ffffc90004047d80 ((check_lifetime_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 3203.202405][ T30] #2: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: check_lifetime+0x584/0xab0 [ 3203.213592][ T30] 3 locks held by kworker/u8:13/26065: [ 3203.219080][ T30] #0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 [ 3203.237441][ T30] #1: ffffc90003bdfd80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 3203.252569][ T30] #2: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 3203.267856][ T30] 1 lock held by syz-executor/30795: [ 3203.273439][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x38/0x230 [ 3203.288727][ T30] 1 lock held by syz.2.4806/31240: [ 3203.294155][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x38/0x230 [ 3203.308483][ T30] 2 locks held by syz.0.4825/31286: [ 3203.313711][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x38/0x230 [ 3203.329437][ T30] #1: ffffffff8e05b950 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x54d/0x1e50 [ 3203.345339][ T30] 1 lock held by syz-executor/31297: [ 3203.353356][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.368481][ T30] 1 lock held by syz-executor/31299: [ 3203.373790][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.388435][ T30] 1 lock held by syz-executor/31301: [ 3203.393752][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.406046][ T30] 1 lock held by syz-executor/31306: [ 3203.411361][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.427480][ T30] 1 lock held by syz-executor/31308: [ 3203.435500][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.449497][ T30] 1 lock held by syz-executor/31313: [ 3203.457475][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.470291][ T30] 1 lock held by syz-executor/31315: [ 3203.475603][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.490830][ T30] 1 lock held by syz-executor/31317: [ 3203.496140][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.511088][ T30] 1 lock held by syz-executor/31321: [ 3203.516397][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.532033][ T30] 1 lock held by syz-executor/31323: [ 3203.540554][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.554582][ T30] 1 lock held by syz-executor/31328: [ 3203.562661][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.576382][ T30] 1 lock held by syz-executor/31330: [ 3203.581692][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.597258][ T30] 1 lock held by syz-executor/31331: [ 3203.602570][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.616001][ T30] 1 lock held by syz-executor/31336: [ 3203.621313][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.636609][ T30] 1 lock held by syz-executor/31338: [ 3203.641927][ T30] #0: ffffffff8fee07e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 3203.658515][ T30] [ 3203.661512][ T30] ============================================= [ 3203.661512][ T30] [ 3203.669957][ T30] NMI backtrace for cpu 1 [ 3203.674308][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3203.684483][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 3203.694555][ T30] Call Trace: [ 3203.697844][ T30] [ 3203.700795][ T30] dump_stack_lvl+0x116/0x1f0 [ 3203.705501][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 3203.710464][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 3203.716476][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 3203.722488][ T30] watchdog+0xf0c/0x1240 [ 3203.726758][ T30] ? __pfx_watchdog+0x10/0x10 [ 3203.731453][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3203.736680][ T30] ? __kthread_parkme+0x148/0x220 [ 3203.741734][ T30] ? __pfx_watchdog+0x10/0x10 [ 3203.746432][ T30] kthread+0x2c1/0x3a0 [ 3203.750524][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3203.755749][ T30] ? __pfx_kthread+0x10/0x10 [ 3203.760369][ T30] ret_from_fork+0x45/0x80 [ 3203.764808][ T30] ? __pfx_kthread+0x10/0x10 [ 3203.769424][ T30] ret_from_fork_asm+0x1a/0x30 [ 3203.774232][ T30] [ 3203.777962][ T30] Sending NMI from CPU 1 to CPUs 0: [ 3203.783197][ C0] NMI backtrace for cpu 0 [ 3203.783216][ C0] CPU: 0 UID: 0 PID: 5262 Comm: kworker/0:3 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3203.783245][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 3203.783261][ C0] Workqueue: events nsim_dev_trap_report_work [ 3203.783291][ C0] RIP: 0010:do_raw_spin_unlock+0x68/0x230 [ 3203.783320][ C0] Code: ad de 0f 85 75 01 00 00 be 04 00 00 00 48 89 df e8 2d df 83 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 14 02 <48> 89 d8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 6c 01 00 00 8b [ 3203.783343][ C0] RSP: 0018:ffffc90000007d08 EFLAGS: 00000802 [ 3203.783362][ C0] RAX: dffffc0000000000 RBX: ffffffff9aaa44e8 RCX: ffffffff816ab223 [ 3203.783380][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff9aaa44e8 [ 3203.783395][ C0] RBP: 0000000000000202 R08: 0000000000000000 R09: fffffbfff355489d [ 3203.783412][ C0] R10: ffffffff9aaa44eb R11: 0000000000000000 R12: 0000000000000006 [ 3203.783427][ C0] R13: dffffc0000000000 R14: ffff888065cfea50 R15: 1ffff92000000faa [ 3203.783445][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 3203.783469][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3203.783487][ C0] CR2: 00007fc472df0d58 CR3: 000000000df7c000 CR4: 00000000003506f0 [ 3203.783504][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3203.783519][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3203.783534][ C0] Call Trace: [ 3203.783542][ C0] [ 3203.783551][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 3203.783576][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 3203.783609][ C0] ? nmi_handle+0x1a9/0x5c0 [ 3203.783633][ C0] ? do_raw_spin_unlock+0x68/0x230 [ 3203.783660][ C0] ? default_do_nmi+0x6a/0x160 [ 3203.783694][ C0] ? exc_nmi+0x170/0x1e0 [ 3203.783726][ C0] ? end_repeat_nmi+0xf/0x53 [ 3203.783756][ C0] ? do_raw_spin_unlock+0x53/0x230 [ 3203.783783][ C0] ? do_raw_spin_unlock+0x68/0x230 [ 3203.783810][ C0] ? do_raw_spin_unlock+0x68/0x230 [ 3203.783837][ C0] ? do_raw_spin_unlock+0x68/0x230 [ 3203.783863][ C0] [ 3203.783871][ C0] [ 3203.783880][ C0] _raw_spin_unlock_irqrestore+0x22/0x80 [ 3203.783906][ C0] debug_object_deactivate+0x1f0/0x370 [ 3203.783934][ C0] ? __pfx_debug_object_deactivate+0x10/0x10 [ 3203.783959][ C0] ? rcu_core+0x79b/0x14d0 [ 3203.783988][ C0] ? dst_destroy+0x27f/0x820 [ 3203.784017][ C0] rcu_core+0x732/0x14d0 [ 3203.784045][ C0] ? __pfx_rcu_core+0x10/0x10 [ 3203.784071][ C0] ? run_timer_base+0x11e/0x190 [ 3203.784101][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 3203.784134][ C0] handle_softirqs+0x213/0x8f0 [ 3203.784162][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 3203.784193][ C0] ? irqtime_account_irq+0x18d/0x2e0 [ 3203.784219][ C0] ? nsim_dev_trap_report_work+0x870/0xc80 [ 3203.784248][ C0] do_softirq+0xb2/0xf0 [ 3203.784272][ C0] [ 3203.784280][ C0] [ 3203.784288][ C0] __local_bh_enable_ip+0x100/0x120 [ 3203.784314][ C0] nsim_dev_trap_report_work+0x870/0xc80 [ 3203.784349][ C0] process_one_work+0x9c5/0x1ba0 [ 3203.784377][ C0] ? __pfx_wg_packet_tx_worker+0x10/0x10 [ 3203.784412][ C0] ? __pfx_process_one_work+0x10/0x10 [ 3203.784438][ C0] ? assign_work+0x1a0/0x250 [ 3203.784472][ C0] worker_thread+0x6c8/0xf00 [ 3203.784500][ C0] ? __pfx_worker_thread+0x10/0x10 [ 3203.784523][ C0] kthread+0x2c1/0x3a0 [ 3203.784548][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 3203.784571][ C0] ? __pfx_kthread+0x10/0x10 [ 3203.784599][ C0] ret_from_fork+0x45/0x80 [ 3203.784619][ C0] ? __pfx_kthread+0x10/0x10 [ 3203.784646][ C0] ret_from_fork_asm+0x1a/0x30 [ 3203.784685][ C0] [ 3204.174255][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 3204.181130][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 3204.191310][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 3204.201379][ T30] Call Trace: [ 3204.204668][ T30] [ 3204.207613][ T30] dump_stack_lvl+0x3d/0x1f0 [ 3204.212238][ T30] panic+0x71d/0x800 [ 3204.216166][ T30] ? __pfx_panic+0x10/0x10 [ 3204.220610][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 3204.226010][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 3204.232022][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 3204.237419][ T30] ? watchdog+0xd76/0x1240 [ 3204.241852][ T30] ? watchdog+0xd69/0x1240 [ 3204.246288][ T30] watchdog+0xd87/0x1240 [ 3204.250557][ T30] ? __pfx_watchdog+0x10/0x10 [ 3204.255249][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 3204.260476][ T30] ? __kthread_parkme+0x148/0x220 [ 3204.265529][ T30] ? __pfx_watchdog+0x10/0x10 [ 3204.270223][ T30] kthread+0x2c1/0x3a0 [ 3204.274312][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 3204.279530][ T30] ? __pfx_kthread+0x10/0x10 [ 3204.284152][ T30] ret_from_fork+0x45/0x80 [ 3204.288585][ T30] ? __pfx_kthread+0x10/0x10 [ 3204.293198][ T30] ret_from_fork_asm+0x1a/0x30 [ 3204.298003][ T30] [ 3204.301242][ T30] Kernel Offset: disabled [ 3204.305556][ T30] Rebooting in 86400 seconds..