last executing test programs: 21.236908122s ago: executing program 0 (id=1): r0 = getpid() r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="440080090009050000f3ff0000000000050000020c000200060003400000000000000340000000050900010073797a310000000008000340"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) r3 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) connect$pppoe(r2, &(0x7f0000000240)={0x18, 0x0, {0x0, @link_local}}, 0x1e) socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r3, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e) socket$pppl2tp(0x18, 0x1, 0x1) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0) mknodat$loop(r4, &(0x7f0000002440)='./file0\x00', 0x0, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) cachestat(r4, &(0x7f0000002240)={0x9, 0x6a70}, &(0x7f00000023c0), 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r5, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r5, &(0x7f0000002300)={0x50, 0x0, r6, {0x7, 0x9, 0x0, 0x8695c3813aa3cd9d}}, 0x50) creat(&(0x7f0000000100)='./file0\x00', 0x0) read$FUSE(r5, &(0x7f0000002480)={0x2020, 0x0, 0x0}, 0x2020) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002480)=ANY=[], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000004000b7080000000000007baaf8ff00000000b5080200000000007b8af0ff00000000bfa100000000000007010000f8ff0500bfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000002000000b705000018000000850000000800000095"], &(0x7f0000000300)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) connect$pppoe(r4, &(0x7f0000002400)={0x18, 0x0, {0x3, @multicast, 'veth1_to_bond\x00'}}, 0x1e) creat(&(0x7f0000002380)='./file0\x00', 0x0) write$FUSE_INIT(r5, &(0x7f0000006500)={0x50, 0x0, r7}, 0x50) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) dup(0xffffffffffffffff) syz_pidfd_open(r0, 0x0) 21.069332223s ago: executing program 2 (id=3): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0) syz_emit_ethernet(0x3b6, &(0x7f00000009c0)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x380, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00, 0x0, [{0x0, 0xa, "a741e54006598080a8030000004023493b87aafaff0500ffffffe723732472eefa45ad96579269748e254c1e4a948b580a9bc430d3be27df3e34060000ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000100000000001995319c00"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x3, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x0, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e3b63ed09bdb581c9fe68a356f542b043059ff05932e740e077e1d16212fb"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa76ffff9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4828288e62afbf03269f1f98aea6a58cf45d7c5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c258a6f"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02c226a6bce65f81ed"}]}}}}}}, 0x0) 21.006680984s ago: executing program 1 (id=2): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x1}}}}}}, 0x0) 20.743981099s ago: executing program 4 (id=5): r0 = socket$qrtr(0x2a, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x30, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0xa6, 0x27}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x82fc8e316964f689}]}, 0x30}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ibss_ssid, 0xb, 0x0) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) r9 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r9, 0xc018643a, &(0x7f0000000000)={0x4000000}) r10 = syz_pidfd_open(0x0, 0x0) r11 = pidfd_getfd(r10, r10, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r11) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r3) sendmsg$NL80211_CMD_DEL_STATION(r11, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r12, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r6}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x80}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000840}, 0x40040d4) ioctl$DRM_IOCTL_WAIT_VBLANK(r9, 0xc018643a, &(0x7f0000000040)={0x4000000}) close_range(r8, 0xffffffffffffffff, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000380)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x8, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, {[@timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@local}]}]}}}}}) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r7, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b000014000780080006"], 0xac}}, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e25, 0x1, @loopback}, 0x1c) listen(r1, 0x0) r13 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r13, 0x6, 0x19, &(0x7f00000000c0)=0x7, 0x4) connect$inet(r13, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r13, &(0x7f0000000040)='u', 0xa792a, 0x801, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000080)) close_range(r0, 0xffffffffffffffff, 0x0) 20.578326232s ago: executing program 1 (id=6): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in=@local}, {@in6=@empty, 0x0, 0x32}, @in6=@dev, {}, {}, {0x1a000000}, 0x0, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x40}}]}, 0x13c}}, 0x0) 20.504901204s ago: executing program 2 (id=7): syz_emit_ethernet(0xb1, &(0x7f00000009c0)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x7b, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a741e54006598080a8030000004023493b87aafaff0500ffffffe723732472eefa45ad96579269748e254c1e4a948b580a9bc430d3be27df3e34060000ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000100000000001995319c00"}, {0x3, 0x1, "fe906d26efe39393fe"}]}}}}}}, 0x0) (fail_nth: 3) 20.212211804s ago: executing program 0 (id=8): syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) r0 = semget$private(0x0, 0x6, 0x583) semop(r0, 0x0, 0x0) semop(0x0, &(0x7f0000000040)=[{0x0, 0xffff}, {0x0, 0x19}], 0x2) semctl$GETPID(r0, 0x3, 0xb, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e0000000000000000007c80000040000000000000000000000000f8000000000000000038000100000000000000030000000000000023000000000000000000000000000000006be1982d1976e95b"], 0x78) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x2, 0x0, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x1}}, {{}, {0x0, 0x1, 0x0, 0x1}}, {{0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}], 0x20) 18.047365308s ago: executing program 2 (id=9): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller0\x00', 0x2}) close(r0) socket$netlink(0x10, 0x3, 0x0) preadv(r1, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x7c}], 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 10.533173068s ago: executing program 3 (id=10): syz_emit_ethernet(0xb1, &(0x7f00000009c0)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x7b, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a741e54006598080a8030000004023493b87aafaff0500ffffffe723732472eefa45ad96579269748e254c1e4a948b580a9bc430d3be27df3e34060000ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000100000000001995319c00"}, {0x3, 0x1, "fe906d26efe39393fe"}]}}}}}}, 0x0) 10.266075445s ago: executing program 2 (id=13): r0 = socket(0x10, 0x803, 0x0) r1 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa140006001400000001f0ff7e38801dff000000001400010000000006000000000000ffff"], 0x54}}, 0x0) 8.972494373s ago: executing program 3 (id=15): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000000000408a25360058dbd1477cde4cf076931e700000000000010902240001ef000000090400000203000000ece6cfc005050921000000012207000905819fd8a2224578fd39462632c7c7bd51e4109d76329ea810ebec656fabad9675dfb3315a1fee4b558e31f80312ad990f3a216866dbbeceecdc0aff30da9e53df7529189b78850eba1183797666e818d0b91ef91a2f7388127e371ef4a5e0ce6a22bfd7936f77e14fab8cb5c30b2999257c31feb933af2a772982e27b5d3fd980e443062bbecff3db27a08053588ef8ff841455067548afa2ba3ab6024493ecc7cd187c432e87f5312b71a42f"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) (async) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) unshare(0x28000600) (async) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async) mprotect(&(0x7f000000c000/0x3000)=nil, 0x3000, 0x1) futex(&(0x7f000000cffc), 0x4, 0x0, 0x0, 0x0, 0x0) (async) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a"], 0x7c}}, 0x0) (async) socket$vsock_stream(0x28, 0x1, 0x0) (async) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23}, 0x10) socket(0x5, 0x1, 0x9) (async) sched_setscheduler(0x0, 0x5, &(0x7f000000d380)) (async) request_key(&(0x7f0000000900)='user\x00', &(0x7f0000000940)={'syz', 0x2}, &(0x7f0000000980)='\x00', 0x0) (async) request_key(&(0x7f0000001040)='user\x00', &(0x7f0000001080)={'syz', 0x2}, 0x0, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x1, {0x0, 0x1}, {0xff78, 0x2}, @ramp={0x1, 0x0, {0x0, 0x0, 0x0, 0x2}}}) (async) syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x103002) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0) (async) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) (async) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) (async) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r4, 0x6, 0x3, 0x0, &(0x7f0000000040)) (async) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) (async) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)=@urb_type_interrupt={0x1, {0xc, 0x1}, 0x4, 0x1, &(0x7f0000000180), 0x0, 0xe5c, 0x5, 0x0, 0x1, 0xd, &(0x7f0000000180)="9781dfc6b9621fc7cbeb882e55b4c3fd0238102552"}) (async) preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x5, 0x1) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000240)) (async) unshare(0x200) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) 5.680037995s ago: executing program 3 (id=16): vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1, 0x1) syz_io_uring_setup(0x24ff, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f00000003c0)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0) write$P9_RSTATu(r0, &(0x7f0000000080)={0x265, 0x2, 0xa00, {{0x500, 0x124, 0x28, 0x0, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\xe8\x03\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85) 5.538718778s ago: executing program 3 (id=17): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000006c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x0, &(0x7f0000001ec0)='f'}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) ioctl$MON_IOCX_GETX(r7, 0x80089203, &(0x7f0000000a40)={0x0, 0x0}) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r8, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r9, 0x400, 0x1) fcntl$setlease(r9, 0x400, 0x1) r10 = dup(r6) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) 2.810214558s ago: executing program 3 (id=18): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x13) sched_getscheduler(r0) socket$inet6(0xa, 0x800, 0x5) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = open(&(0x7f0000000200)='./bus\x00', 0x35127e, 0x1) sendfile(r2, r2, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000000900)={0x6, 0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000080)=""/11, 0xb}, {&(0x7f0000000380)=""/205, 0xcd}, {&(0x7f0000000680)=""/250, 0xfa}, {&(0x7f0000000780)=""/179, 0xb3}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000200)=""/48, 0x30}], &(0x7f00000008c0)=[0x8, 0x100000000, 0x8]}, 0x20) r3 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) r4 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000180)={0x1, r4}) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r3) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000140)=0xd) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000580)=""/249, &(0x7f00000000c0)=""/87, &(0x7f0000000500)=""/86}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000e40)) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000) madvise(&(0x7f000057e000/0x3000)=nil, 0x3000, 0x19) set_mempolicy_home_node(&(0x7f000094a000/0x1000)=nil, 0x1000, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8) syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000"], 0x0) 0s ago: executing program 3 (id=20): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xc400}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x48}}, 0x0) pipe(&(0x7f0000000040)) ptrace(0x10, r0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.96' (ED25519) to the list of known hosts. [ 51.207149][ T5215] cgroup: Unknown subsys name 'net' [ 51.332824][ T5215] cgroup: Unknown subsys name 'cpuset' [ 51.340928][ T5215] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 52.624006][ T5215] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.710158][ T5227] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 54.749226][ T5227] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 54.757064][ T5227] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 54.769848][ T5227] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 54.777439][ T5227] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 54.789691][ T5227] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 54.825539][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 54.836485][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 54.845556][ T5229] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 54.865107][ T4621] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 54.883278][ T5235] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 54.892931][ T5235] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 54.900902][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 54.908263][ T5235] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 54.950411][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 54.958458][ T5237] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 54.958918][ T5239] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 54.972164][ T5237] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 54.980303][ T5237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 54.983179][ T5240] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 54.988245][ T5237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 55.002638][ T5237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 55.010308][ T5239] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 55.010761][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 55.020415][ T5235] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.031084][ T5241] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.039323][ T5241] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 55.040543][ T5235] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 55.054119][ T4621] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 55.062413][ T5235] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 55.254994][ T5231] chnl_net:caif_netlink_parms(): no params data found [ 55.395255][ T5231] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.402646][ T5231] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.410439][ T5231] bridge_slave_0: entered allmulticast mode [ 55.417072][ T5231] bridge_slave_0: entered promiscuous mode [ 55.428178][ T5231] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.435357][ T5231] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.443440][ T5231] bridge_slave_1: entered allmulticast mode [ 55.450281][ T5231] bridge_slave_1: entered promiscuous mode [ 55.513332][ T5231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.524789][ T5231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.598677][ T5231] team0: Port device team_slave_0 added [ 55.637780][ T5231] team0: Port device team_slave_1 added [ 55.679670][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.686644][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.712828][ T5231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.731085][ T5244] chnl_net:caif_netlink_parms(): no params data found [ 55.752013][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.759780][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.786755][ T5231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.820849][ T5247] chnl_net:caif_netlink_parms(): no params data found [ 55.870530][ T5246] chnl_net:caif_netlink_parms(): no params data found [ 55.910487][ T5231] hsr_slave_0: entered promiscuous mode [ 55.916878][ T5231] hsr_slave_1: entered promiscuous mode [ 56.019241][ T5244] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.026684][ T5244] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.034132][ T5244] bridge_slave_0: entered allmulticast mode [ 56.040916][ T5244] bridge_slave_0: entered promiscuous mode [ 56.048163][ T5247] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.055348][ T5247] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.062635][ T5247] bridge_slave_0: entered allmulticast mode [ 56.069674][ T5247] bridge_slave_0: entered promiscuous mode [ 56.081921][ T5245] chnl_net:caif_netlink_parms(): no params data found [ 56.108639][ T5244] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.116177][ T5244] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.123911][ T5244] bridge_slave_1: entered allmulticast mode [ 56.131735][ T5244] bridge_slave_1: entered promiscuous mode [ 56.138236][ T5247] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.147128][ T5247] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.154863][ T5247] bridge_slave_1: entered allmulticast mode [ 56.162208][ T5247] bridge_slave_1: entered promiscuous mode [ 56.241478][ T5247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.268931][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.276322][ T5246] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.284289][ T5246] bridge_slave_0: entered allmulticast mode [ 56.292486][ T5246] bridge_slave_0: entered promiscuous mode [ 56.302759][ T5244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.315034][ T5244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.328072][ T5247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.342059][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.349463][ T5246] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.356645][ T5246] bridge_slave_1: entered allmulticast mode [ 56.363509][ T5246] bridge_slave_1: entered promiscuous mode [ 56.453362][ T5247] team0: Port device team_slave_0 added [ 56.466459][ T5246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.480982][ T5244] team0: Port device team_slave_0 added [ 56.494415][ T5247] team0: Port device team_slave_1 added [ 56.500754][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.507807][ T5245] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.515644][ T5245] bridge_slave_0: entered allmulticast mode [ 56.523219][ T5245] bridge_slave_0: entered promiscuous mode [ 56.531819][ T5246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.543096][ T5244] team0: Port device team_slave_1 added [ 56.572117][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.582285][ T5245] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.589857][ T5245] bridge_slave_1: entered allmulticast mode [ 56.596439][ T5245] bridge_slave_1: entered promiscuous mode [ 56.632888][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.640108][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.666345][ T5244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.678752][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.685967][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.712632][ T5247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.734296][ T5245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.753085][ T5246] team0: Port device team_slave_0 added [ 56.759837][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.766819][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.793893][ T5244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.806135][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.813693][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.840059][ T5247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.853634][ T5245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.870810][ T5229] Bluetooth: hci0: command tx timeout [ 56.879035][ T5246] team0: Port device team_slave_1 added [ 56.934023][ T5245] team0: Port device team_slave_0 added [ 56.981044][ T5245] team0: Port device team_slave_1 added [ 56.987166][ T5231] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.001409][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.008376][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.034868][ T5246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.047483][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.054520][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.081128][ T5246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.099872][ T5229] Bluetooth: hci4: command tx timeout [ 57.106913][ T5244] hsr_slave_0: entered promiscuous mode [ 57.113682][ T5244] hsr_slave_1: entered promiscuous mode [ 57.122920][ T5244] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.130941][ T5244] Cannot create hsr debugfs directory [ 57.145522][ T5231] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.157561][ T5231] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.171038][ T5247] hsr_slave_0: entered promiscuous mode [ 57.177542][ T5247] hsr_slave_1: entered promiscuous mode [ 57.183301][ T5229] Bluetooth: hci2: command tx timeout [ 57.183559][ T5229] Bluetooth: hci3: command tx timeout [ 57.188891][ T5235] Bluetooth: hci1: command tx timeout [ 57.202126][ T5247] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.209795][ T5247] Cannot create hsr debugfs directory [ 57.233242][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.240903][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.266917][ T5245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.278048][ T5231] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.319187][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.326177][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.353213][ T5245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.397192][ T5246] hsr_slave_0: entered promiscuous mode [ 57.403941][ T5246] hsr_slave_1: entered promiscuous mode [ 57.410412][ T5246] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.418026][ T5246] Cannot create hsr debugfs directory [ 57.505158][ T5245] hsr_slave_0: entered promiscuous mode [ 57.512040][ T5245] hsr_slave_1: entered promiscuous mode [ 57.518433][ T5245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.526917][ T5245] Cannot create hsr debugfs directory [ 57.762420][ T5244] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.772999][ T5244] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.787798][ T5244] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 57.798174][ T5244] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 57.858098][ T5247] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 57.880857][ T5247] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.890607][ T5247] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.905323][ T5247] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.942445][ T5231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.981909][ T5245] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 57.995634][ T5245] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 58.007959][ T5245] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 58.030397][ T5245] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 58.064436][ T5231] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.098870][ T5246] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.111912][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.119433][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.131405][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.138493][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.158808][ T5246] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.167735][ T5246] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.194418][ T5246] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.285382][ T5244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.362563][ T5247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.376038][ T5244] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.407272][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.414503][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.434942][ T5247] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.451716][ T5231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.465839][ T2525] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.473000][ T2525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.515951][ T5245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.526059][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.533253][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.565584][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.572699][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.594800][ T5246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.618879][ T5245] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.646903][ T5246] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.683210][ T1043] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.690941][ T1043] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.717784][ T2525] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.725135][ T2525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.735533][ T2525] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.742668][ T2525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.766134][ T5231] veth0_vlan: entered promiscuous mode [ 58.783626][ T1043] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.790802][ T1043] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.818765][ T5244] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.864135][ T5231] veth1_vlan: entered promiscuous mode [ 58.894835][ T5246] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 58.906391][ T5246] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.949265][ T5235] Bluetooth: hci0: command tx timeout [ 58.961591][ T5247] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.992018][ T5245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.036138][ T5244] veth0_vlan: entered promiscuous mode [ 59.064986][ T5246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.086188][ T5244] veth1_vlan: entered promiscuous mode [ 59.112660][ T5245] veth0_vlan: entered promiscuous mode [ 59.136619][ T5231] veth0_macvtap: entered promiscuous mode [ 59.146365][ T5231] veth1_macvtap: entered promiscuous mode [ 59.163933][ T5245] veth1_vlan: entered promiscuous mode [ 59.179424][ T5235] Bluetooth: hci4: command tx timeout [ 59.202548][ T5244] veth0_macvtap: entered promiscuous mode [ 59.215666][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.238986][ T5244] veth1_macvtap: entered promiscuous mode [ 59.256442][ T5247] veth0_vlan: entered promiscuous mode [ 59.263668][ T5235] Bluetooth: hci1: command tx timeout [ 59.269674][ T5235] Bluetooth: hci3: command tx timeout [ 59.274909][ T54] Bluetooth: hci2: command tx timeout [ 59.280145][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.295364][ T5246] veth0_vlan: entered promiscuous mode [ 59.307043][ T5246] veth1_vlan: entered promiscuous mode [ 59.324469][ T5231] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.336996][ T5231] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.346491][ T5231] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.356925][ T5231] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.368508][ T5247] veth1_vlan: entered promiscuous mode [ 59.395285][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.406875][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.418537][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.441881][ T5244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.452777][ T5244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.464759][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.488084][ T5247] veth0_macvtap: entered promiscuous mode [ 59.502327][ T5247] veth1_macvtap: entered promiscuous mode [ 59.527643][ T5244] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.552192][ T5244] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.561585][ T5244] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.570608][ T5244] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.594341][ T5245] veth0_macvtap: entered promiscuous mode [ 59.601599][ T5246] veth0_macvtap: entered promiscuous mode [ 59.620158][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.630741][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.642973][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.654596][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.666522][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.681002][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.691810][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.702337][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.713017][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.724245][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.735194][ T5245] veth1_macvtap: entered promiscuous mode [ 59.772004][ T5247] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.780834][ T5247] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.789925][ T5247] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.798678][ T5247] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.820218][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.830957][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.841202][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.851737][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.861900][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.872716][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.883958][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.902749][ T5246] veth1_macvtap: entered promiscuous mode [ 59.924395][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.932602][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.945984][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.957845][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.967741][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.978357][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.989147][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.999884][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.011221][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.036885][ T5245] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.046249][ T5245] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.055823][ T5245] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.064957][ T5245] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.097518][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.108422][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.119920][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.130866][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.143205][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.153754][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.163918][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.174471][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.188235][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.227606][ T2525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.236418][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.248649][ T2525] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.251837][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.266213][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.276697][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.286732][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.297221][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.307406][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.317975][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.329605][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.342698][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.343581][ T5246] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.360467][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.364601][ T5246] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.376608][ T5246] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.385532][ T5246] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.477416][ T1043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.485702][ T1043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.489911][ T5231] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 60.521228][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.530459][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.659244][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.663590][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.668468][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.677614][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.714867][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.730368][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.774532][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.783056][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.816549][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.824511][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.984161][ T5292] IPv6: addrconf: prefix option has invalid lifetime [ 61.025217][ T54] Bluetooth: hci0: command tx timeout [ 61.265563][ T54] Bluetooth: hci4: command tx timeout [ 61.340943][ T54] Bluetooth: hci2: command tx timeout [ 61.347017][ T54] Bluetooth: hci3: command tx timeout [ 61.355070][ T54] Bluetooth: hci1: command tx timeout [ 61.901273][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 62.309198][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 62.607834][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 62.651468][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 63.779161][ T5298] netlink: 108 bytes leftover after parsing attributes in process `syz.4.5'. [ 63.788355][ T5298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'. [ 64.080221][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 64.081491][ T5229] Bluetooth: hci0: command tx timeout [ 64.095200][ T54] Bluetooth: hci4: command tx timeout [ 64.100841][ T54] Bluetooth: hci1: command tx timeout [ 64.106405][ T54] Bluetooth: hci3: command tx timeout [ 64.124127][ T54] Bluetooth: hci2: command tx timeout [ 64.459153][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 64.468430][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 65.352056][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 66.013116][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 70.953030][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 71.759760][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.766415][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.681305][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.691127][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.700083][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.712919][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.722143][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.738888][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.904000][ T5229] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.912965][ T5229] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.921996][ T5229] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.940873][ T5229] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.959165][ T5229] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.966633][ T5229] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 73.360236][ T5256] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 73.433663][ T5235] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.448253][ T5235] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.456873][ T5235] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.466801][ T5235] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.477188][ T5235] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.486128][ T5235] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.544528][ T5256] usb 4-1: too many configurations: 222, using maximum allowed: 8 [ 73.570259][ T5256] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 73.593165][ T5256] usb 4-1: can't read configurations, error -61 [ 73.750025][ T5256] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 73.923080][ T5256] usb 4-1: too many configurations: 222, using maximum allowed: 8 [ 73.938341][ T5256] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 73.953112][ T5256] usb 4-1: can't read configurations, error -61 [ 73.961529][ T5256] usb usb4-port1: attempt power cycle [ 74.309172][ T5256] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 74.341022][ T5256] usb 4-1: too many configurations: 222, using maximum allowed: 8 [ 74.356607][ T5256] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 74.364392][ T5256] usb 4-1: can't read configurations, error -61 [ 74.509156][ T5256] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 74.540695][ T5256] usb 4-1: too many configurations: 222, using maximum allowed: 8 [ 74.550669][ T5256] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 74.558287][ T5256] usb 4-1: can't read configurations, error -61 [ 74.572509][ T5256] usb usb4-port1: unable to enumerate USB device [ 74.779446][ T5229] Bluetooth: hci5: command tx timeout [ 75.019664][ T5229] Bluetooth: hci6: command tx timeout [ 75.579666][ T5229] Bluetooth: hci0: command tx timeout [ 76.436796][ T5333] binder_alloc: 5332: binder_alloc_buf size 1052672 failed, no address space [ 76.446613][ T5333] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 4096 (num: 1 largest: 4096) [ 76.471616][ T5333] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 76.860532][ T5229] Bluetooth: hci5: command tx timeout [ 77.099101][ T5229] Bluetooth: hci6: command tx timeout [ 77.659756][ T5229] Bluetooth: hci0: command tx timeout [ 78.939077][ T5229] Bluetooth: hci5: command tx timeout [ 79.179201][ T5229] Bluetooth: hci6: command tx timeout [ 79.739227][ T5229] Bluetooth: hci0: command tx timeout [ 80.465448][ T46] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 80.659121][ T46] usb 4-1: Using ep0 maxpacket: 16 [ 80.672537][ T46] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.699027][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 80.736986][ T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 80.786120][ T46] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 80.799000][ T46] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 80.823136][ T46] usb 4-1: Manufacturer: syz [ 80.847346][ T46] usb 4-1: config 0 descriptor?? [ 81.029902][ T5229] Bluetooth: hci5: command tx timeout [ 81.138569][ T46] usb 4-1: USB disconnect, device number 6 [ 81.264721][ T5229] Bluetooth: hci6: command tx timeout [ 81.819533][ T5229] Bluetooth: hci0: command tx timeout [ 82.033175][ T5346] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.254984][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.266625][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.280965][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.289606][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.297358][ T5235] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 82.305753][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.379249][ T5229] Bluetooth: hci2: command tx timeout [ 86.461777][ T5229] Bluetooth: hci2: command tx timeout [ 88.539067][ T5229] Bluetooth: hci2: command tx timeout [ 90.619213][ T5229] Bluetooth: hci2: command tx timeout [ 92.453961][ T5235] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.468338][ T5235] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.476436][ T5235] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.484649][ T5235] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.499660][ T5235] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.508406][ T5235] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.619110][ T5235] Bluetooth: hci3: command tx timeout [ 96.700363][ T5235] Bluetooth: hci3: command tx timeout [ 98.779146][ T5235] Bluetooth: hci3: command tx timeout [ 100.864747][ T5235] Bluetooth: hci3: command tx timeout [ 125.704020][ T1125] cfg80211: failed to load regulatory.db [ 132.921111][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 132.945809][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 132.954744][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 132.968230][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 132.976469][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 132.984143][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 133.136242][ T5235] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 133.151644][ T5235] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 133.160205][ T5235] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 133.171512][ T5235] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 133.180799][ T5235] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 133.188845][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.195539][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.203607][ T5235] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 133.911143][ T5235] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 133.921130][ T5235] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 133.929964][ T5235] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 133.938099][ T5235] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 133.946535][ T5235] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 133.953977][ T5235] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 135.019274][ T5235] Bluetooth: hci1: command tx timeout [ 135.259404][ T5235] Bluetooth: hci7: command tx timeout [ 135.979481][ T5235] Bluetooth: hci8: command tx timeout [ 137.099591][ T5235] Bluetooth: hci1: command tx timeout [ 137.339136][ T5235] Bluetooth: hci7: command tx timeout [ 138.059586][ T5235] Bluetooth: hci8: command tx timeout [ 139.179351][ T5235] Bluetooth: hci1: command tx timeout [ 139.419213][ T5235] Bluetooth: hci7: command tx timeout [ 140.139345][ T5235] Bluetooth: hci8: command tx timeout [ 141.259729][ T5235] Bluetooth: hci1: command tx timeout [ 141.499186][ T5235] Bluetooth: hci7: command tx timeout [ 142.219546][ T5235] Bluetooth: hci8: command tx timeout [ 143.143030][ T5229] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 143.151638][ T5229] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 143.160417][ T5229] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 143.168817][ T5229] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 143.176824][ T5229] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 143.187431][ T5229] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 145.259167][ T5229] Bluetooth: hci9: command tx timeout [ 147.339162][ T5229] Bluetooth: hci9: command tx timeout [ 149.419108][ T5229] Bluetooth: hci9: command tx timeout [ 151.499855][ T5229] Bluetooth: hci9: command tx timeout [ 153.652163][ T5235] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 153.672770][ T5235] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 153.681205][ T5235] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 153.689902][ T5235] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 153.701508][ T5235] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 153.711738][ T5235] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 155.739245][ T5235] Bluetooth: hci10: command tx timeout [ 157.819316][ T5235] Bluetooth: hci10: command tx timeout [ 159.899301][ T5235] Bluetooth: hci10: command tx timeout [ 161.979241][ T5235] Bluetooth: hci10: command tx timeout [ 172.608935][ C0] sched: DL replenish lagged too much [ 181.345056][ T5229] Bluetooth: hci4: command 0x0406 tx timeout [ 194.626903][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.633412][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.074647][ T4621] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 195.089835][ T4621] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 195.098073][ T4621] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 195.106864][ T4621] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 195.116227][ T4621] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 195.125097][ T4621] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 195.305343][ T5237] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 195.314347][ T5237] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 195.328536][ T5237] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 195.336823][ T5237] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 195.345489][ T5237] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 195.360001][ T5237] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 195.566180][ T5237] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 195.576692][ T5237] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 195.591052][ T5237] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 195.603263][ T5237] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 195.614291][ T5237] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 195.626290][ T5237] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 196.717456][ T4621] Bluetooth: hci5: command 0x0406 tx timeout [ 196.723616][ T5237] Bluetooth: hci6: command 0x0406 tx timeout [ 196.731843][ T5237] Bluetooth: hci0: command 0x0406 tx timeout [ 197.179236][ T5235] Bluetooth: hci11: command tx timeout [ 197.420425][ T5235] Bluetooth: hci12: command tx timeout [ 197.659060][ T5235] Bluetooth: hci13: command tx timeout [ 199.259084][ T5235] Bluetooth: hci11: command tx timeout [ 199.499162][ T5235] Bluetooth: hci12: command tx timeout [ 199.745368][ T5235] Bluetooth: hci13: command tx timeout [ 201.339200][ T5235] Bluetooth: hci11: command tx timeout [ 201.579134][ T5235] Bluetooth: hci12: command tx timeout [ 201.819121][ T5235] Bluetooth: hci13: command tx timeout [ 203.420184][ T5235] Bluetooth: hci11: command tx timeout [ 203.659075][ T5235] Bluetooth: hci12: command tx timeout [ 203.899058][ T5235] Bluetooth: hci13: command tx timeout [ 204.243099][ T54] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 204.255808][ T54] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 204.264434][ T54] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 204.272904][ T54] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 204.287619][ T54] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 204.296013][ T54] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 206.379109][ T54] Bluetooth: hci14: command tx timeout [ 206.944786][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 208.461590][ T5235] Bluetooth: hci14: command tx timeout [ 210.539044][ T5235] Bluetooth: hci14: command tx timeout [ 212.621284][ T5235] Bluetooth: hci14: command tx timeout [ 214.587684][ T54] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 214.611444][ T54] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 214.620835][ T54] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 214.629928][ T54] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 214.637775][ T54] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 214.648194][ T54] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 216.699111][ T5235] Bluetooth: hci15: command tx timeout [ 217.184801][ T5235] Bluetooth: hci3: command 0x0406 tx timeout [ 218.779132][ T54] Bluetooth: hci15: command tx timeout [ 220.859068][ T54] Bluetooth: hci15: command tx timeout [ 222.939067][ T54] Bluetooth: hci15: command tx timeout [ 256.044472][ T5235] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 256.062962][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.069655][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.077299][ T5241] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 256.087400][ T5241] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 256.099105][ T5241] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 256.129711][ T5241] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 256.137945][ T5241] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 256.659970][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 256.671023][ T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 256.679446][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 256.691871][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 256.699741][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 256.708148][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 256.814840][ T54] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 256.829877][ T54] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 256.840804][ T54] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 256.849730][ T54] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 256.866935][ T54] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 256.875398][ T54] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 258.139155][ T5241] Bluetooth: hci1: command 0x0406 tx timeout [ 258.145301][ T5241] Bluetooth: hci7: command 0x0406 tx timeout [ 258.151590][ T54] Bluetooth: hci8: command 0x0406 tx timeout [ 258.219267][ T5241] Bluetooth: hci3: command tx timeout [ 258.779082][ T5235] Bluetooth: hci4: command tx timeout [ 258.939201][ T5235] Bluetooth: hci16: command tx timeout [ 260.299131][ T5235] Bluetooth: hci3: command tx timeout [ 260.859188][ T5235] Bluetooth: hci4: command tx timeout [ 261.019145][ T5235] Bluetooth: hci16: command tx timeout [ 262.379168][ T5235] Bluetooth: hci3: command tx timeout [ 262.939055][ T5235] Bluetooth: hci4: command tx timeout [ 263.099096][ T5235] Bluetooth: hci16: command tx timeout [ 264.459169][ T5235] Bluetooth: hci3: command tx timeout [ 265.019130][ T5235] Bluetooth: hci4: command tx timeout [ 265.120087][ T5237] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 265.129310][ T5237] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 265.145561][ T5237] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 265.166932][ T5237] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 265.174856][ T5237] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 265.182913][ T5229] Bluetooth: hci16: command tx timeout [ 265.189112][ T5237] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 267.259195][ T5237] Bluetooth: hci17: command tx timeout [ 268.384563][ T5237] Bluetooth: hci9: command 0x0406 tx timeout [ 269.339077][ T5235] Bluetooth: hci17: command tx timeout [ 271.419525][ T5235] Bluetooth: hci17: command tx timeout [ 273.499108][ T5235] Bluetooth: hci17: command tx timeout [ 275.777676][ T5237] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 275.794150][ T5237] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 275.802438][ T5237] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 275.811868][ T5237] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 275.820879][ T5237] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 275.829618][ T5237] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 276.539921][ T30] INFO: task kworker/u8:1:12 blocked for more than 143 seconds. [ 276.547837][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 276.608971][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 276.617713][ T30] task:kworker/u8:1 state:D stack:21168 pid:12 tgid:12 ppid:2 flags:0x00004000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 276.739137][ T30] Workqueue: netns cleanup_net [ 276.744020][ T30] Call Trace: [ 276.747427][ T30] [ 276.767527][ T30] __schedule+0x1895/0x4b30 [ 276.778340][ T30] ? __pfx___schedule+0x10/0x10 [ 276.784701][ T30] ? __pfx_lock_release+0x10/0x10 [ 276.795019][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 276.802029][ T30] ? kthread_data+0x52/0xd0 [ 276.806586][ T30] ? schedule+0x90/0x320 [ 276.817210][ T30] ? wq_worker_sleeping+0x66/0x240 [ 276.823906][ T30] ? schedule+0x90/0x320 [ 276.828194][ T30] schedule+0x14b/0x320 [ 276.840815][ T30] schedule_preempt_disabled+0x13/0x30 [ 276.846350][ T30] __mutex_lock+0x6a7/0xd70 [ 276.856518][ T30] ? __mutex_lock+0x52a/0xd70 [ 276.864542][ T30] ? wg_netns_pre_exit+0x1f/0x1e0 [ 276.873413][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 276.878503][ T30] wg_netns_pre_exit+0x1f/0x1e0 [ 276.886138][ T30] cleanup_net+0x615/0xcc0 [ 276.894365][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 276.903659][ T30] ? process_scheduled_works+0x976/0x1850 [ 276.913094][ T30] process_scheduled_works+0xa63/0x1850 [ 276.918726][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 276.927441][ T30] ? assign_work+0x364/0x3d0 [ 276.935900][ T30] worker_thread+0x870/0xd30 [ 276.946288][ T30] ? __kthread_parkme+0x169/0x1d0 [ 276.955174][ T30] ? __pfx_worker_thread+0x10/0x10 [ 276.963481][ T30] kthread+0x2f0/0x390 [ 276.967604][ T30] ? __pfx_worker_thread+0x10/0x10 [ 276.976814][ T30] ? __pfx_kthread+0x10/0x10 [ 276.984048][ T30] ret_from_fork+0x4b/0x80 [ 276.988510][ T30] ? __pfx_kthread+0x10/0x10 [ 276.998339][ T30] ret_from_fork_asm+0x1a/0x30 [ 277.005792][ T30] [ 277.013070][ T30] INFO: task kworker/u8:3:53 blocked for more than 143 seconds. [ 277.023607][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 277.034625][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 277.059015][ T30] task:kworker/u8:3 state:D stack:22672 pid:53 tgid:53 ppid:2 flags:0x00004000 [ 277.074963][ T30] Workqueue: events_unbound linkwatch_event [ 277.081437][ T30] Call Trace: [ 277.084750][ T30] [ 277.087713][ T30] __schedule+0x1895/0x4b30 [ 277.099746][ T30] ? __pfx___schedule+0x10/0x10 [ 277.104674][ T30] ? __pfx_lock_release+0x10/0x10 [ 277.115760][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 277.122128][ T30] ? kthread_data+0x52/0xd0 [ 277.126684][ T30] ? schedule+0x90/0x320 [ 277.138075][ T30] ? wq_worker_sleeping+0x66/0x240 [ 277.146279][ T30] ? schedule+0x90/0x320 [ 277.156371][ T30] schedule+0x14b/0x320 [ 277.161589][ T30] schedule_preempt_disabled+0x13/0x30 [ 277.167100][ T30] __mutex_lock+0x6a7/0xd70 [ 277.177604][ T30] ? __mutex_lock+0x52a/0xd70 [ 277.184271][ T30] ? linkwatch_event+0xe/0x60 [ 277.195538][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 277.201053][ T30] ? process_scheduled_works+0x976/0x1850 [ 277.206824][ T30] linkwatch_event+0xe/0x60 [ 277.217334][ T30] process_scheduled_works+0xa63/0x1850 [ 277.223427][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 277.236799][ T30] ? assign_work+0x364/0x3d0 [ 277.242084][ T30] worker_thread+0x870/0xd30 [ 277.248360][ T30] ? __kthread_parkme+0x169/0x1d0 [ 277.259569][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.265326][ T30] kthread+0x2f0/0x390 [ 277.274316][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.282071][ T30] ? __pfx_kthread+0x10/0x10 [ 277.286706][ T30] ret_from_fork+0x4b/0x80 [ 277.296963][ T30] ? __pfx_kthread+0x10/0x10 [ 277.303497][ T30] ret_from_fork_asm+0x1a/0x30 [ 277.308512][ T30] [ 277.316774][ T30] INFO: task kworker/u8:5:1043 blocked for more than 144 seconds. [ 277.326175][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 277.339726][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 277.357031][ T30] task:kworker/u8:5 state:D stack:21360 pid:1043 tgid:1043 ppid:2 flags:0x00004000 [ 277.367740][ T30] Workqueue: ipv6_addrconf addrconf_dad_work [ 277.380252][ T30] Call Trace: [ 277.383581][ T30] [ 277.386536][ T30] __schedule+0x1895/0x4b30 [ 277.397595][ T30] ? __pfx___schedule+0x10/0x10 [ 277.404314][ T30] ? __pfx_lock_release+0x10/0x10 [ 277.414276][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 277.422880][ T30] ? kthread_data+0x52/0xd0 [ 277.427451][ T30] ? schedule+0x90/0x320 [ 277.438955][ T30] ? wq_worker_sleeping+0x66/0x240 [ 277.444143][ T30] ? schedule+0x90/0x320 [ 277.448418][ T30] schedule+0x14b/0x320 [ 277.459722][ T30] schedule_preempt_disabled+0x13/0x30 [ 277.465252][ T30] __mutex_lock+0x6a7/0xd70 [ 277.475795][ T30] ? mark_lock+0x9a/0x360 [ 277.481144][ T30] ? __mutex_lock+0x52a/0xd70 [ 277.485871][ T30] ? addrconf_dad_work+0xd0/0x16f0 [ 277.499397][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 277.504505][ T30] addrconf_dad_work+0xd0/0x16f0 [ 277.515468][ T30] ? __pfx_addrconf_dad_work+0x10/0x10 [ 277.521376][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 277.527767][ T30] ? process_scheduled_works+0x976/0x1850 [ 277.538940][ T30] process_scheduled_works+0xa63/0x1850 [ 277.544575][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 277.558028][ T30] ? assign_work+0x364/0x3d0 [ 277.563147][ T30] worker_thread+0x870/0xd30 [ 277.567797][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 277.584817][ T30] ? __kthread_parkme+0x169/0x1d0 [ 277.594866][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.602574][ T30] kthread+0x2f0/0x390 [ 277.606695][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.615745][ T30] ? __pfx_kthread+0x10/0x10 [ 277.623006][ T30] ret_from_fork+0x4b/0x80 [ 277.627473][ T30] ? __pfx_kthread+0x10/0x10 [ 277.637113][ T30] ret_from_fork_asm+0x1a/0x30 [ 277.644619][ T30] [ 277.647763][ T30] INFO: task kworker/0:2:1125 blocked for more than 144 seconds. [ 277.659190][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 277.674797][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 277.688345][ T30] task:kworker/0:2 state:D stack:25200 pid:1125 tgid:1125 ppid:2 flags:0x00004000 [ 277.702309][ T30] Workqueue: events request_firmware_work_func [ 277.708543][ T30] Call Trace: [ 277.715051][ T30] [ 277.718130][ T30] __schedule+0x1895/0x4b30 [ 277.726537][ T30] ? __pfx___schedule+0x10/0x10 [ 277.736150][ T30] ? __pfx_lock_release+0x10/0x10 [ 277.748600][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 277.757664][ T30] ? kthread_data+0x52/0xd0 [ 277.767356][ T30] ? schedule+0x90/0x320 [ 277.774922][ T30] ? wq_worker_sleeping+0x66/0x240 [ 277.785196][ T30] ? schedule+0x90/0x320 [ 277.792476][ T30] schedule+0x14b/0x320 [ 277.796698][ T30] schedule_preempt_disabled+0x13/0x30 [ 277.805959][ T30] __mutex_lock+0x6a7/0xd70 [ 277.813099][ T30] ? __mutex_lock+0x52a/0xd70 [ 277.817827][ T30] ? regdb_fw_cb+0x82/0x1c0 [ 277.828970][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 277.834072][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 277.845692][ T30] regdb_fw_cb+0x82/0x1c0 [ 277.850385][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 277.855399][ T30] request_firmware_work_func+0x1a4/0x280 [ 277.868682][ T30] ? __pfx_request_firmware_work_func+0x10/0x10 [ 277.876456][ T30] ? process_scheduled_works+0x976/0x1850 [ 277.888672][ T30] process_scheduled_works+0xa63/0x1850 [ 277.896100][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 277.908972][ T5237] Bluetooth: hci18: command tx timeout [ 277.919068][ T30] ? assign_work+0x364/0x3d0 [ 277.923739][ T30] worker_thread+0x870/0xd30 [ 277.928395][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 277.940607][ T30] ? __kthread_parkme+0x169/0x1d0 [ 277.945716][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.955861][ T30] kthread+0x2f0/0x390 [ 277.961535][ T30] ? __pfx_worker_thread+0x10/0x10 [ 277.968224][ T30] ? __pfx_kthread+0x10/0x10 [ 277.979680][ T30] ret_from_fork+0x4b/0x80 [ 277.989291][ T30] ? __pfx_kthread+0x10/0x10 [ 277.993960][ T30] ret_from_fork_asm+0x1a/0x30 [ 277.998772][ T30] [ 278.007111][ T30] INFO: task syz.2.13:5317 blocked for more than 144 seconds. [ 278.017567][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 278.030835][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 278.043259][ T30] task:syz.2.13 state:D stack:23696 pid:5317 tgid:5316 ppid:5244 flags:0x00004002 [ 278.056218][ T30] Call Trace: [ 278.064651][ T30] [ 278.071621][ T30] __schedule+0x1895/0x4b30 [ 278.076189][ T30] ? __pfx___schedule+0x10/0x10 [ 278.084963][ T30] ? __pfx_lock_release+0x10/0x10 [ 278.092583][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 278.098167][ T30] ? schedule+0x90/0x320 [ 278.106812][ T30] schedule+0x14b/0x320 [ 278.113601][ T30] schedule_preempt_disabled+0x13/0x30 [ 278.124364][ T30] __mutex_lock+0x6a7/0xd70 [ 278.131495][ T30] ? __mutex_lock+0x52a/0xd70 [ 278.136223][ T30] ? tun_chr_close+0x3b/0x1b0 [ 278.144789][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 278.152460][ T30] ? __pfx_call_rcu+0x10/0x10 [ 278.157192][ T30] tun_chr_close+0x3b/0x1b0 [ 278.165524][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 278.176041][ T30] __fput+0x23f/0x880 [ 278.183766][ T30] task_work_run+0x24f/0x310 [ 278.188586][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 278.197067][ T30] ? __pfx_task_work_run+0x10/0x10 [ 278.206028][ T30] ? do_exit+0xa2a/0x28e0 [ 278.214171][ T30] ? kmem_cache_free+0x1a2/0x420 [ 278.223506][ T30] ? do_exit+0xa2a/0x28e0 [ 278.227890][ T30] do_exit+0xa2f/0x28e0 [ 278.235100][ T30] ? __pfx_do_exit+0x10/0x10 [ 278.243760][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 278.251690][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.257726][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 278.273679][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 278.281515][ T30] do_group_exit+0x207/0x2c0 [ 278.286164][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 278.295813][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 278.303866][ T30] get_signal+0x16a3/0x1740 [ 278.308457][ T30] ? __pfx_get_signal+0x10/0x10 [ 278.318485][ T30] arch_do_signal_or_restart+0x96/0x860 [ 278.326744][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 278.336603][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.345638][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 278.356292][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 278.364514][ T30] do_syscall_64+0x100/0x230 [ 278.373180][ T30] ? clear_bhb_loop+0x35/0x90 [ 278.377920][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.388614][ T30] RIP: 0033:0x7fb705b7df39 [ 278.396216][ T30] RSP: 002b:00007fb7069a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 278.409585][ T30] RAX: 0000000000000054 RBX: 00007fb705d35f80 RCX: 00007fb705b7df39 [ 278.417613][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 278.428904][ T30] RBP: 00007fb705bf0216 R08: 0000000000000000 R09: 0000000000000000 [ 278.436930][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.452758][ T30] R13: 0000000000000000 R14: 00007fb705d35f80 R15: 00007fb705e5fa28 [ 278.465972][ T30] [ 278.471698][ T30] INFO: task syz-executor:5371 blocked for more than 145 seconds. [ 278.486692][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 278.498592][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 278.511072][ T30] task:syz-executor state:D stack:26368 pid:5371 tgid:5371 ppid:1 flags:0x00004004 [ 278.525371][ T30] Call Trace: [ 278.528696][ T30] [ 278.534301][ T30] __schedule+0x1895/0x4b30 [ 278.542635][ T30] ? __pfx___schedule+0x10/0x10 [ 278.547545][ T30] ? __pfx_lock_release+0x10/0x10 [ 278.556500][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 278.566127][ T30] ? schedule+0x90/0x320 [ 278.572997][ T30] schedule+0x14b/0x320 [ 278.578681][ T30] schedule_preempt_disabled+0x13/0x30 [ 278.588090][ T30] __mutex_lock+0x6a7/0xd70 [ 278.595277][ T30] ? __mutex_lock+0x52a/0xd70 [ 278.605366][ T30] ? register_nexthop_notifier+0x84/0x290 [ 278.613729][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 278.618828][ T30] ? __asan_memset+0x23/0x50 [ 278.621160][ T5237] Bluetooth: hci10: command 0x0406 tx timeout [ 278.639018][ T30] register_nexthop_notifier+0x84/0x290 [ 278.646261][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 278.657552][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 278.664267][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 278.676668][ T30] ? __asan_memset+0x23/0x50 [ 278.683172][ T30] ops_init+0x31e/0x590 [ 278.687491][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 278.699428][ T30] setup_net+0x287/0x9e0 [ 278.703743][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 278.718949][ T30] ? __pfx_setup_net+0x10/0x10 [ 278.723788][ T30] copy_net_ns+0x33f/0x570 [ 278.728246][ T30] create_new_namespaces+0x425/0x7b0 [ 278.738976][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 278.744770][ T30] ksys_unshare+0x619/0xc10 [ 278.756438][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 278.761916][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.767955][ T30] ? do_syscall_64+0x100/0x230 [ 278.778691][ T30] __x64_sys_unshare+0x38/0x40 [ 278.788065][ T30] do_syscall_64+0xf3/0x230 [ 278.798951][ T30] ? clear_bhb_loop+0x35/0x90 [ 278.803692][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.814553][ T30] RIP: 0033:0x7fb74d77f737 [ 278.819416][ T30] RSP: 002b:00007fb74da5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 278.827877][ T30] RAX: ffffffffffffffda RBX: 00007fb74d7f198c RCX: 00007fb74d77f737 [ 278.843434][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 278.854218][ T30] RBP: 0000000000000000 R08: 00007fb74e467d60 R09: 0000000000000000 [ 278.866087][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 278.876814][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 278.894364][ T30] [ 278.898448][ T30] [ 278.898448][ T30] Showing all locks held in the system: [ 278.907428][ T30] 6 locks held by kworker/0:1/9: [ 278.918270][ T30] 4 locks held by kworker/u8:1/12: [ 278.938966][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 278.974430][ T30] #1: ffffc90000117d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 278.993984][ T30] #2: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 279.004103][ T30] #3: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0 [ 279.020337][ T30] 1 lock held by khungtaskd/30: [ 279.025232][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 279.042060][ T30] 3 locks held by kworker/u8:3/53: [ 279.047235][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 279.064930][ T30] #1: ffffc90000be7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 279.076332][ T30] #2: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 279.088902][ T30] 3 locks held by kworker/u8:4/81: [ 279.098362][ T30] #0: ffff8880b873ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 279.111229][ T30] #1: ffffc900020cfd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 279.131800][ T30] #2: ffff8880b872a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 279.145095][ T30] 3 locks held by kworker/u8:5/1043: [ 279.152959][ T30] #0: ffff88802dcdf948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 279.168322][ T30] #1: ffffc90003d4fd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 279.188049][ T30] #2: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 279.199366][ T30] 3 locks held by kworker/0:2/1125: [ 279.205126][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 279.222292][ T30] #1: ffffc900040ffd00 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 279.238548][ T30] #2: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: regdb_fw_cb+0x82/0x1c0 [ 279.254105][ T30] 2 locks held by getty/4986: [ 279.258837][ T30] #0: ffff88802e65c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 279.276498][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 279.287109][ T30] 3 locks held by kworker/0:5/5279: [ 279.298927][ T30] 1 lock held by syz.2.13/5317: [ 279.303829][ T30] #0: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 279.320303][ T30] 2 locks held by syz-executor/5320: [ 279.325632][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.341241][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 279.355180][ T30] 2 locks held by syz-executor/5326: [ 279.364299][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.377492][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 279.389704][ T30] 2 locks held by syz-executor/5329: [ 279.395030][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.415942][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 279.427867][ T30] 2 locks held by syz-executor/5350: [ 279.439275][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.448768][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 279.464893][ T30] 2 locks held by syz-executor/5371: [ 279.477536][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.487411][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.506137][ T30] 2 locks held by syz-executor/5373: [ 279.513352][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.529398][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.544383][ T30] 2 locks held by syz-executor/5376: [ 279.552497][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.566888][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.583484][ T30] 2 locks held by syz-executor/5381: [ 279.588825][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.606751][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.618447][ T30] 2 locks held by syz-executor/5387: [ 279.630531][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.643652][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.657966][ T30] 2 locks held by syz-executor/5396: [ 279.669070][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.678809][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.697393][ T30] 2 locks held by syz-executor/5398: [ 279.703063][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.720159][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.734556][ T30] 2 locks held by syz-executor/5400: [ 279.746434][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.758962][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.775069][ T30] 2 locks held by syz-executor/5406: [ 279.780732][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.797962][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.810304][ T30] 2 locks held by syz-executor/5412: [ 279.815628][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.833159][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.847157][ T30] 2 locks held by syz-executor/5425: [ 279.856193][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.868357][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.882198][ T30] 2 locks held by syz-executor/5429: [ 279.887533][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.904333][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.916289][ T30] 2 locks held by syz-executor/5431: [ 279.927761][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.945267][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.956050][ T30] 2 locks held by syz-executor/5436: [ 279.967164][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 279.977053][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 279.987382][ T5235] Bluetooth: hci18: command tx timeout [ 280.000742][ T30] 2 locks held by syz-executor/5442: [ 280.006072][ T30] #0: ffffffff8fcc4910 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 280.024141][ T30] #1: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 280.038825][ T30] [ 280.046664][ T30] ============================================= [ 280.046664][ T30] [ 280.056830][ T30] NMI backtrace for cpu 1 [ 280.061205][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 280.071404][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 280.081567][ T30] Call Trace: [ 280.084862][ T30] [ 280.087806][ T30] dump_stack_lvl+0x241/0x360 [ 280.092507][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 280.097724][ T30] ? __pfx__printk+0x10/0x10 [ 280.102349][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 280.107317][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 280.112796][ T30] ? _printk+0xd5/0x120 [ 280.117061][ T30] ? __pfx__printk+0x10/0x10 [ 280.121674][ T30] ? __wake_up_klogd+0xcc/0x110 [ 280.126549][ T30] ? __pfx__printk+0x10/0x10 [ 280.131163][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 280.136224][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 280.142223][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 280.148234][ T30] watchdog+0xff4/0x1040 [ 280.152505][ T30] ? watchdog+0x1ea/0x1040 [ 280.156949][ T30] ? __pfx_watchdog+0x10/0x10 [ 280.161645][ T30] kthread+0x2f0/0x390 [ 280.165736][ T30] ? __pfx_watchdog+0x10/0x10 [ 280.170438][ T30] ? __pfx_kthread+0x10/0x10 [ 280.175044][ T30] ret_from_fork+0x4b/0x80 [ 280.179488][ T30] ? __pfx_kthread+0x10/0x10 [ 280.184096][ T30] ret_from_fork_asm+0x1a/0x30 [ 280.188890][ T30] [ 280.192662][ T30] Sending NMI from CPU 1 to CPUs 0: [ 280.197910][ C0] NMI backtrace for cpu 0 [ 280.197924][ C0] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 280.197943][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 280.197953][ C0] Workqueue: events nsim_dev_trap_report_work [ 280.197976][ C0] RIP: 0010:ip_sabotage_in+0x4/0x290 [ 280.197995][ C0] Code: ef e8 d0 f2 65 f7 e9 1b fa ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <55> 41 57 41 56 41 55 41 54 53 50 49 89 d5 49 89 f7 49 bc 00 00 00 [ 280.198015][ C0] RSP: 0018:ffffc90000007830 EFLAGS: 00000246 [ 280.198028][ C0] RAX: 1ffff11004d43ea2 RBX: ffff888026a1f508 RCX: dffffc0000000000 [ 280.198041][ C0] RDX: ffffc900000078e0 RSI: ffff88809b1a5a00 RDI: 0000000000000000 [ 280.198052][ C0] RBP: ffffffff8a987370 R08: ffffffff89d9cdbf R09: 0000000000000000 [ 280.198063][ C0] R10: ffffc900000078f0 R11: ffffffff8a987370 R12: ffffc900000078e0 [ 280.198075][ C0] R13: 0000000000000000 R14: ffff888026a1f510 R15: 1ffff11004d43ea0 [ 280.198086][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 280.198100][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 280.198111][ C0] CR2: 0000001b3271dff8 CR3: 000000000e734000 CR4: 00000000003506f0 [ 280.198125][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 280.198135][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 280.198172][ C0] Call Trace: [ 280.198177][ C0] [ 280.198184][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 280.198202][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 280.198224][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 280.198240][ C0] ? nmi_handle+0x2a/0x5a0 [ 280.198263][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 280.198281][ C0] ? nmi_handle+0x14f/0x5a0 [ 280.198296][ C0] ? nmi_handle+0x2a/0x5a0 [ 280.198311][ C0] ? ip_sabotage_in+0x4/0x290 [ 280.198326][ C0] ? default_do_nmi+0x63/0x160 [ 280.198344][ C0] ? exc_nmi+0x123/0x1f0 [ 280.198360][ C0] ? end_repeat_nmi+0xf/0x53 [ 280.198375][ C0] ? __pfx_ip_sabotage_in+0x10/0x10 [ 280.198390][ C0] ? __pfx_ip_sabotage_in+0x10/0x10 [ 280.198404][ C0] ? nf_hook_slow+0x4f/0x220 [ 280.198423][ C0] ? ip_sabotage_in+0x4/0x290 [ 280.198439][ C0] ? ip_sabotage_in+0x4/0x290 [ 280.198455][ C0] ? ip_sabotage_in+0x4/0x290 [ 280.198470][ C0] [ 280.198476][ C0] [ 280.198481][ C0] nf_hook_slow+0xc3/0x220 [ 280.198499][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 280.198515][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 280.198531][ C0] NF_HOOK+0x29e/0x450 [ 280.198546][ C0] ? __lock_acquire+0x1384/0x2050 [ 280.198566][ C0] ? NF_HOOK+0x9a/0x450 [ 280.198581][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 280.198596][ C0] ? ip_rcv_core+0x801/0xd10 [ 280.198612][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 280.198631][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 280.198647][ C0] __netif_receive_skb+0x2bf/0x650 [ 280.198666][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 280.198685][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 280.198702][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.198721][ C0] ? __pfx_lock_release+0x10/0x10 [ 280.198741][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 280.198765][ C0] process_backlog+0x662/0x15b0 [ 280.198785][ C0] ? process_backlog+0x33b/0x15b0 [ 280.198807][ C0] ? __pfx_process_backlog+0x10/0x10 [ 280.198824][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.198845][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.198867][ C0] __napi_poll+0xcb/0x490 [ 280.198884][ C0] net_rx_action+0x89b/0x1240 [ 280.198909][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 280.198926][ C0] ? sched_clock+0x4a/0x70 [ 280.198948][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.198972][ C0] handle_softirqs+0x2c5/0x980 [ 280.198992][ C0] ? do_softirq+0x11b/0x1e0 [ 280.199011][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 280.199031][ C0] do_softirq+0x11b/0x1e0 [ 280.199048][ C0] [ 280.199053][ C0] [ 280.199059][ C0] ? __pfx_do_softirq+0x10/0x10 [ 280.199078][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 280.199101][ C0] ? rcu_is_watching+0x15/0xb0 [ 280.199119][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 280.199138][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 280.199163][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 280.199182][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 280.199201][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 280.199221][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 280.199245][ C0] ? process_scheduled_works+0x976/0x1850 [ 280.199265][ C0] process_scheduled_works+0xa63/0x1850 [ 280.199297][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 280.199322][ C0] ? assign_work+0x364/0x3d0 [ 280.199343][ C0] worker_thread+0x870/0xd30 [ 280.199368][ C0] ? __kthread_parkme+0x169/0x1d0 [ 280.199389][ C0] ? __pfx_worker_thread+0x10/0x10 [ 280.199407][ C0] kthread+0x2f0/0x390 [ 280.199421][ C0] ? __pfx_worker_thread+0x10/0x10 [ 280.199439][ C0] ? __pfx_kthread+0x10/0x10 [ 280.199454][ C0] ret_from_fork+0x4b/0x80 [ 280.199472][ C0] ? __pfx_kthread+0x10/0x10 [ 280.199486][ C0] ret_from_fork_asm+0x1a/0x30 [ 280.199511][ C0] [ 280.752005][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 280.758900][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 280.769088][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 280.779161][ T30] Call Trace: [ 280.782543][ T30] [ 280.785495][ T30] dump_stack_lvl+0x241/0x360 [ 280.790208][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 280.795431][ T30] ? __pfx__printk+0x10/0x10 [ 280.800050][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.806078][ T30] ? vscnprintf+0x5d/0x90 [ 280.810436][ T30] panic+0x349/0x880 [ 280.814445][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 280.820621][ T30] ? __pfx_panic+0x10/0x10 [ 280.825069][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 280.830461][ T30] ? __irq_work_queue_local+0x137/0x410 [ 280.836039][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 280.841428][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 280.847602][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 280.853774][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 280.859948][ T30] watchdog+0x1033/0x1040 [ 280.864302][ T30] ? watchdog+0x1ea/0x1040 [ 280.868742][ T30] ? __pfx_watchdog+0x10/0x10 [ 280.873438][ T30] kthread+0x2f0/0x390 [ 280.877526][ T30] ? __pfx_watchdog+0x10/0x10 [ 280.882225][ T30] ? __pfx_kthread+0x10/0x10 [ 280.886928][ T30] ret_from_fork+0x4b/0x80 [ 280.891365][ T30] ? __pfx_kthread+0x10/0x10 [ 280.895981][ T30] ret_from_fork_asm+0x1a/0x30 [ 280.900791][ T30] [ 280.904178][ T30] Kernel Offset: disabled [ 280.908522][ T30] Rebooting in 86400 seconds..