last executing test programs: 20.135564133s ago: executing program 3 (id=2402): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x34, 0x4, 0x0, 0x0, 0xd0, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@dev={0xac, 0x14, 0x14, 0x39}}, {@remote, 0x8}, {@dev, 0x659}, {@empty}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x3d}}, {@remote, 0xffffffff}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffe}, {@broadcast, 0x52b1}, {@broadcast}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x77, [@rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 19.287541146s ago: executing program 2 (id=2404): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() syz_emit_ethernet(0x4e, &(0x7f0000002e40)=ANY=[], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x2, 0x0, 0x1}, 0x18) linkat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', r5, 0x0, 0x400) sendmmsg$unix(r4, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0202000310000000000000000000000005000600000000000a000000000000002001000000000000000000000000000100000000000000000200010000000000000000000000000005000500000000000a0000"], 0x80}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) 16.92304817s ago: executing program 0 (id=2406): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@dev={0xac, 0x14, 0x14, 0x39}}, {@remote, 0x8}, {@empty}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x3d}}, {@remote, 0xffffffff}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffe}, {@broadcast, 0x52b1}, {@broadcast}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x77, [@rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 16.919399347s ago: executing program 2 (id=2408): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') readv(0xffffffffffffffff, &(0x7f0000000180), 0x0) openat(0xffffffffffffff9c, 0x0, 0x842, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002300)={&(0x7f0000002240)={0x80, 0x0, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x24, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xb}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7a93}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x74b0}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_LABELS_MASK={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x4004000}, 0x480d4) r3 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000ec03010000000000000000000000000a14000000fa030100"], 0x28}}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) sync() ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000480)={0x1000000}) 14.501628255s ago: executing program 3 (id=2409): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x48) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 14.489347041s ago: executing program 4 (id=2410): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x1de) write$binfmt_script(r4, &(0x7f00000038c0)={'#! ', './file0'}, 0xb) bpf$MAP_CREATE(0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000080)=0x80000001, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14", 0x0, 0x80, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_open_procfs$namespace(r1, &(0x7f0000000180)='ns/pid\x00') socket$packet(0x11, 0x2, 0x300) 14.328258039s ago: executing program 1 (id=2411): syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002aafee08f00a51678b75000000010902240001000000000904"], 0x0) 14.320574976s ago: executing program 2 (id=2412): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') readv(0xffffffffffffffff, &(0x7f0000000180), 0x0) openat(0xffffffffffffff9c, 0x0, 0x842, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002300)={&(0x7f0000002240)={0x80, 0x0, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x24, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x10001}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7a93}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x74b0}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_LABELS_MASK={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x4004000}, 0x480d4) r3 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000ec03010000000000000000000000000a14000000fa030100"], 0x28}}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) sync() ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000480)={0x1000000}) 13.182708271s ago: executing program 0 (id=2413): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffbd) r3 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r3, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r3, 0x0, 0x0) ftruncate(r3, 0x2) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) dup3(0xffffffffffffffff, r4, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0x100a, 0x0, 0x0}, 0x0) 12.168661752s ago: executing program 4 (id=2414): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x48) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 12.120113822s ago: executing program 3 (id=2415): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b40), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {0x0}], 0x3) 12.000701689s ago: executing program 2 (id=2416): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') readv(0xffffffffffffffff, &(0x7f0000000180), 0x0) openat(0xffffffffffffff9c, 0x0, 0x842, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002300)={&(0x7f0000002240)={0x88, 0x0, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x2c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x10001}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xb}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7a93}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x74b0}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_LABELS_MASK={0x4}]}, 0x88}, 0x1, 0x0, 0x0, 0x4004000}, 0x480d4) r3 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) sync() ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000480)={0x1000000}) 10.380181162s ago: executing program 0 (id=2417): mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000240)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001080)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d00000021000000008a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe320fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6420ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6ad62934782cc308e936d7637e07c201282bbbed84a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbefc18f77700372471609e2c443e84ee5e9a5178f90512df04f3a0909c96632ae20c68c62b06e9fdc2977dfef1ced97b70263fc81c30f1354b319fe9d59d3101c4ee7375ff8673de5caff9e6ee73ccae77d1bf8f22330e8840af1ded6d5be627f7f87d5b12a2d6317825d77bef85313f541dcc4ff13f413db34d5da05648590a1685031e6955d4352bf0b7efd0b0a1e636b8aa4963d9f67de5ba91d501418bbeaac09bdd1059f3c3159e5900"/2282], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 9.734756617s ago: executing program 3 (id=2418): r0 = socket$nl_route(0x10, 0x3, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) mremap(&(0x7f0000a4c000/0xf000)=nil, 0xf000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x62841, 0x0) write$P9_RSTATu(r1, 0x0, 0x58) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x108) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) syz_clone(0x4010e000, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001800128009000100697069700000713ca80e02800400130008000500", @ANYRES32=0x0, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB], 0x48}}, 0x0) 9.732328931s ago: executing program 4 (id=2419): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x35, 0x4, 0x0, 0x0, 0xd4, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@dev={0xac, 0x14, 0x14, 0x39}}, {@remote, 0x8}, {@dev, 0x659}, {@empty}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x3d}}, {@remote, 0xffffffff}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffe}, {@broadcast, 0x52b1}, {@broadcast}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0x77, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @private=0xa010102]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 9.000116386s ago: executing program 1 (id=2420): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') readv(0xffffffffffffffff, &(0x7f0000000180), 0x0) openat(0xffffffffffffff9c, 0x0, 0x842, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002300)={&(0x7f0000002240)={0x80, 0x0, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x24, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x10001}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7a93}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x74b0}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_LABELS_MASK={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x4004000}, 0x480d4) r3 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000ec03010000000000000000000000000a14000000fa030100"], 0x28}}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) sync() ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000480)={0x1000000}) 8.005135306s ago: executing program 0 (id=2421): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x48) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, 0x0) syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 5.907499432s ago: executing program 2 (id=2422): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x10, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@dev={0xac, 0x14, 0x14, 0x39}}, {@remote, 0x8}, {@dev, 0x659}, {@empty}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x3d}}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffe}, {@broadcast, 0x52b1}, {@broadcast}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0x77, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 4.91206169s ago: executing program 1 (id=2423): socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x3, 0x4) getitimer(0x1, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000000)={0x10}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x952b, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 4.694389013s ago: executing program 1 (id=2424): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') readv(0xffffffffffffffff, &(0x7f0000000180), 0x0) openat(0xffffffffffffff9c, 0x0, 0x842, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002300)={&(0x7f0000002240)={0x88, 0x0, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x2c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x10001}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xb}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7a93}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x74b0}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_LABELS_MASK={0x4}]}, 0x88}, 0x1, 0x0, 0x0, 0x4004000}, 0x480d4) r3 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) sync() ioctl$USBDEVFS_SETINTERFACE(r4, 0x80045510, &(0x7f0000000480)={0x1000000}) 4.360870575s ago: executing program 0 (id=2425): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x1de) write$binfmt_script(r4, &(0x7f00000038c0)={'#! ', './file0'}, 0xb) bpf$MAP_CREATE(0x0, 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000080)=0x80000001, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14", 0x0, 0x80, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_open_procfs$namespace(r1, &(0x7f0000000180)='ns/pid\x00') socket$packet(0x11, 0x2, 0x300) 4.359552184s ago: executing program 3 (id=2426): r0 = socket$inet6(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$selinux_access(r6, 0x0, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0) 4.312684407s ago: executing program 4 (id=2427): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f00000190c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_dev$tty1(0xc, 0x4, 0x1) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time\x00', 0x275a, 0x0) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f000001b140)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="000000000023ac6ca74aa5b482534de3000000000000000000000000000000a9194af1fec5e4696da0679f7b2364ed19c226600165ac000d1d256c9c09605694b30960e467973d76bb0e7a2ac1332813c3f1c95b037907ae55d8fb0c7bbc2502674e0e7a1359284ed20c255126a15f14320d62721c5e7a639a46e62f616b1a83a03b79e01902d1abdd17422ee08ecd404885cdf13bf80696cc600e1d275c5ddab8a755bd4291e1e1709615faff8e7c7d6ab5aec003902c275d055f9d18f04331160a23f753923580433244d573de6e771b4de8b0f53a91205c45172bed9bdeb740b07e2163bd4af936a3a120196c755c277a91b481473303c5ab3c246cb8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x17) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000040)=r5, 0x4) fsetxattr$security_selinux(r4, &(0x7f0000000080), &(0x7f0000000180)='system_u:object_r:load_policy_exec_t:s0\x00', 0x1001, 0x1) read$FUSE(r4, &(0x7f0000019100)={0x2020}, 0x2020) ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00') pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a) socket$inet_udplite(0x2, 0x2, 0x88) 1.219501956s ago: executing program 1 (id=2428): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b40), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {0x0}], 0x3) 1.214123917s ago: executing program 4 (id=2429): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() syz_emit_ethernet(0x4e, &(0x7f0000002e40)=ANY=[], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x2, 0x0, 0x1}, 0x18) linkat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', r5, 0x0, 0x400) sendmmsg$unix(r4, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0202000310000000000000000000000005000600000000000a000000000000002001000000000000000000000000000100000000000000000200010000000000000000000000000005000500000000000a0000"], 0x80}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) 1.182791062s ago: executing program 3 (id=2430): syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002aafee08f00a51678b75000000010902240001000000000904"], 0x0) 734.815684ms ago: executing program 1 (id=2431): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x34, 0x4, 0x0, 0x0, 0xd0, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@dev={0xac, 0x14, 0x14, 0x39}}, {@remote, 0x8}, {@dev, 0x659}, {@empty}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x3d}}, {@remote, 0xffffffff}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffe}, {@broadcast, 0x52b1}, {@broadcast}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x77, [@rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 721.406529ms ago: executing program 2 (id=2432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x0, 0xfffffffffffffffb, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000000"], 0x7c}}, 0x0) 661.817877ms ago: executing program 0 (id=2433): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="150000004effff000000000800395032303030"], 0x15) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 0s ago: executing program 4 (id=2434): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil) kernel console output (not intermixed with test programs): isabled state [ 2185.352955][ T1053] bridge_slave_0: left allmulticast mode [ 2185.364691][ T1053] bridge_slave_0: left promiscuous mode [ 2185.372354][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 2186.802189][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2186.823619][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2186.840963][ T1053] bond0 (unregistering): Released all slaves [ 2187.920042][ T29] audit: type=1400 audit(1728400216.472:385): avc: denied { create } for pid=18337 comm="syz.0.2130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 2187.941148][ T29] audit: type=1400 audit(1728400216.482:386): avc: denied { write } for pid=18337 comm="syz.0.2130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 2188.023253][ T1053] hsr_slave_0: left promiscuous mode [ 2188.052939][ T1053] hsr_slave_1: left promiscuous mode [ 2188.061502][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2188.088725][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2188.112435][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2188.147767][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2188.224394][ T1053] veth1_macvtap: left promiscuous mode [ 2188.266206][ T1053] veth0_macvtap: left promiscuous mode [ 2188.300338][ T1053] veth1_vlan: left promiscuous mode [ 2188.324492][ T1053] veth0_vlan: left promiscuous mode [ 2188.689173][ T7545] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 2188.855878][ T7545] usb 1-1: Using ep0 maxpacket: 32 [ 2188.867749][ T7545] usb 1-1: config 0 has an invalid interface number: 35 but max is 0 [ 2188.893158][ T7545] usb 1-1: config 0 has no interface number 0 [ 2188.922385][ T7545] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 2188.943623][ T7545] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2188.970516][ T7545] usb 1-1: Product: syz [ 2188.974743][ T7545] usb 1-1: Manufacturer: syz [ 2188.995256][ T7545] usb 1-1: SerialNumber: syz [ 2189.032982][ T7545] usb 1-1: config 0 descriptor?? [ 2189.059459][ T7545] radio-si470x 1-1:0.35: could not find interrupt in endpoint [ 2189.073700][ T7545] radio-si470x 1-1:0.35: probe with driver radio-si470x failed with error -5 [ 2189.287892][ T7545] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 2189.415483][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 2189.499865][ T7545] radio-raremono 1-1:0.35: V4L2 device registered as radio32 [ 2189.512935][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 2189.732457][ T7545] usb 1-1: USB disconnect, device number 44 [ 2189.744160][ T7545] radio-raremono 1-1:0.35: Thanko's Raremono disconnected [ 2190.924021][T18137] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2191.021552][T18137] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2191.062394][T18137] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2191.162028][T18137] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2191.515580][T18137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2191.615095][T18137] 8021q: adding VLAN 0 to HW filter on device team0 [ 2191.652131][ T1053] bridge0: port 1(bridge_slave_0) entered blocking state [ 2191.659482][ T1053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2191.873040][ T1053] bridge0: port 2(bridge_slave_1) entered blocking state [ 2191.880410][ T1053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2193.487694][T18137] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2193.850719][T18390] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2135'. [ 2194.604853][T18137] veth0_vlan: entered promiscuous mode [ 2194.800488][T18137] veth1_vlan: entered promiscuous mode [ 2194.926486][T18137] veth0_macvtap: entered promiscuous mode [ 2195.079389][T18137] veth1_macvtap: entered promiscuous mode [ 2195.130226][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2195.214237][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.251990][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2195.303304][ T29] audit: type=1326 audit(1728400223.852:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18393 comm="syz.4.2136" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f433f57dff9 code=0x0 [ 2195.343877][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.369138][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2195.381210][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.477764][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2195.592115][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.605064][T18137] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2195.619697][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2195.634819][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.647251][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2195.671546][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.694692][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2195.724257][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2195.755192][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.789702][T18137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2195.830782][T18137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2195.868565][T18137] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2195.921649][T18137] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2195.946210][T16774] Bluetooth: Error in BCSP hdr checksum [ 2195.962218][T18137] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2195.977298][T18137] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2196.005398][T18137] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2196.207178][T14302] Bluetooth: Error in BCSP hdr checksum [ 2196.376451][T11614] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2196.393095][T11614] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2196.403575][T11614] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2196.425355][T11614] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2196.438449][T11614] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 2196.453787][T11614] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2196.466314][ T5458] Bluetooth: Error in BCSP hdr checksum [ 2196.602937][ T6612] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2196.732477][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2196.745961][T14302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2196.754304][T14302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2196.986589][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2197.000163][T14247] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 2197.011725][T14247] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 2197.021885][T14247] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 2197.030382][T14247] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 2197.038186][T14247] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 2197.047829][T14247] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 2197.064081][ T6612] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2197.122251][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2197.130869][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2197.251365][T16774] Bluetooth: Error in BCSP hdr checksum [ 2197.398944][ T6612] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2197.417999][T16691] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 2197.555179][T16792] Bluetooth: Error in BCSP hdr checksum [ 2197.827741][ T6612] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2198.894960][T16691] Bluetooth: hci5: command tx timeout [ 2199.109093][T18401] chnl_net:caif_netlink_parms(): no params data found [ 2199.165974][T16691] Bluetooth: hci6: command tx timeout [ 2199.525892][T18404] chnl_net:caif_netlink_parms(): no params data found [ 2201.280240][T16691] Bluetooth: hci5: command tx timeout [ 2201.285883][T16691] Bluetooth: hci6: command tx timeout [ 2201.332053][T18426] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2139'. [ 2201.341324][T18426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2139'. [ 2201.350623][T18401] bridge0: port 1(bridge_slave_0) entered blocking state [ 2201.378632][T18401] bridge0: port 1(bridge_slave_0) entered disabled state [ 2201.400870][T18401] bridge_slave_0: entered allmulticast mode [ 2201.423000][T18401] bridge_slave_0: entered promiscuous mode [ 2201.974355][ T6612] bridge_slave_1: left allmulticast mode [ 2201.980699][ T6612] bridge_slave_1: left promiscuous mode [ 2202.000680][ T6612] bridge0: port 2(bridge_slave_1) entered disabled state [ 2202.027555][ T6612] bridge_slave_0: left allmulticast mode [ 2202.043327][ T6612] bridge_slave_0: left promiscuous mode [ 2202.056859][ T6612] bridge0: port 1(bridge_slave_0) entered disabled state [ 2203.325844][T16691] Bluetooth: hci5: command tx timeout [ 2203.405974][T16691] Bluetooth: hci6: command tx timeout [ 2203.415663][ T6612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2203.446577][ T6612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2203.483574][ T6612] bond0 (unregistering): Released all slaves [ 2203.500700][T18432] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2140'. [ 2203.510030][T18432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2140'. [ 2203.565915][T18401] bridge0: port 2(bridge_slave_1) entered blocking state [ 2203.590568][T18401] bridge0: port 2(bridge_slave_1) entered disabled state [ 2203.598957][T18401] bridge_slave_1: entered allmulticast mode [ 2203.616939][T18401] bridge_slave_1: entered promiscuous mode [ 2204.469053][T18401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2205.142846][T18401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2205.402920][T18458] slcan: can't register candev [ 2205.408100][T18458] Falling back ldisc for ptm0. [ 2205.414061][T16691] Bluetooth: hci5: command tx timeout [ 2205.486920][T16691] Bluetooth: hci6: command tx timeout [ 2205.530231][T18404] bridge0: port 1(bridge_slave_0) entered blocking state [ 2205.554887][T18404] bridge0: port 1(bridge_slave_0) entered disabled state [ 2205.576091][T18404] bridge_slave_0: entered allmulticast mode [ 2205.597338][T18404] bridge_slave_0: entered promiscuous mode [ 2205.636623][T18404] bridge0: port 2(bridge_slave_1) entered blocking state [ 2205.643849][T18404] bridge0: port 2(bridge_slave_1) entered disabled state [ 2205.652049][T18404] bridge_slave_1: entered allmulticast mode [ 2205.659806][T18404] bridge_slave_1: entered promiscuous mode [ 2206.081269][ T6612] hsr_slave_0: left promiscuous mode [ 2206.087840][ T6612] hsr_slave_1: left promiscuous mode [ 2206.116703][ T6612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2206.142545][ T6612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2206.178394][ T6612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2206.215987][ T6612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2206.318008][ T6612] veth1_macvtap: left promiscuous mode [ 2206.323610][ T6612] veth0_macvtap: left promiscuous mode [ 2206.329513][ T6612] veth1_vlan: left promiscuous mode [ 2206.895185][ T6612] veth0_vlan: left promiscuous mode [ 2208.959678][ T6612] team0 (unregistering): Port device team_slave_1 removed [ 2209.094733][ T6612] team0 (unregistering): Port device team_slave_0 removed [ 2209.248130][T18492] 9pnet_fd: Insufficient options for proto=fd [ 2211.129022][T18401] team0: Port device team_slave_0 added [ 2211.149147][T18401] team0: Port device team_slave_1 added [ 2211.172859][T18404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2211.192363][T18488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2152'. [ 2211.202620][T18488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2152'. [ 2211.408981][T18404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2211.450363][T18401] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2211.491285][T18401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2211.540013][T18401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2211.553682][T18401] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2211.560779][T18401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2211.588537][T18401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2212.645441][T18505] slcan: can't register candev [ 2212.654515][T18505] Falling back ldisc for ptm0. [ 2213.209911][T18508] slcan: can't register candev [ 2213.215084][T18508] Falling back ldisc for ptm1. [ 2213.439185][T18404] team0: Port device team_slave_0 added [ 2213.581124][T18404] team0: Port device team_slave_1 added [ 2213.759312][T18404] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2213.776232][T18404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2213.806092][T18404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2214.370306][T18404] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2214.557831][T18404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2214.682955][T18404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2214.750188][T18401] hsr_slave_0: entered promiscuous mode [ 2214.762614][T18401] hsr_slave_1: entered promiscuous mode [ 2215.026181][T18401] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2215.035463][T18401] Cannot create hsr debugfs directory [ 2215.696163][T13784] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 2215.762031][T18541] openvswitch: netlink: Actions may not be safe on all matching packets [ 2216.022863][T18404] hsr_slave_0: entered promiscuous mode [ 2216.065501][T13784] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 2216.074664][T13784] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2216.084951][T13784] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 2216.110615][T13784] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2216.161094][T13784] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 2216.171160][T13784] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 2216.302945][T13784] usb 5-1: Product: syz [ 2216.315792][T18404] hsr_slave_1: entered promiscuous mode [ 2216.360967][T13784] usb 5-1: Manufacturer: syz [ 2216.395390][T18404] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2216.475226][T18404] Cannot create hsr debugfs directory [ 2216.588654][T13784] cdc_wdm 5-1:1.0: skipping garbage [ 2216.593947][T13784] cdc_wdm 5-1:1.0: skipping garbage [ 2216.616205][T13784] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 2216.840136][ T6612] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2216.874170][ T5244] usb 5-1: USB disconnect, device number 26 [ 2216.974600][ T6612] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2217.179090][ T6612] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2217.403489][ T6612] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2218.212480][ T6612] bridge_slave_1: left allmulticast mode [ 2218.220086][ T6612] bridge_slave_1: left promiscuous mode [ 2218.228363][ T6612] bridge0: port 2(bridge_slave_1) entered disabled state [ 2218.258476][ T6612] bridge_slave_0: left allmulticast mode [ 2218.264204][ T6612] bridge_slave_0: left promiscuous mode [ 2218.299722][ T6612] bridge0: port 1(bridge_slave_0) entered disabled state [ 2219.550851][ T6612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2220.140632][T18576] slcan: can't register candev [ 2220.145654][T18576] Falling back ldisc for ptm0. [ 2220.371939][ T6612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2220.400517][ T6612] bond0 (unregistering): Released all slaves [ 2220.887553][ T5244] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 2221.086978][ T5244] usb 5-1: Using ep0 maxpacket: 8 [ 2221.113304][ T5244] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 2221.145920][ T5244] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2221.161020][ T6612] hsr_slave_0: left promiscuous mode [ 2221.176930][ T6612] hsr_slave_1: left promiscuous mode [ 2221.190769][ T5244] usb 5-1: config 0 has no interface number 0 [ 2221.212856][ T5244] usb 5-1: config 0 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 2221.228217][ T6612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2221.248913][ T6612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2221.260386][ T5244] usb 5-1: config 0 interface 1 has no altsetting 0 [ 2221.283484][ T5244] usb 5-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 2221.293969][ T6612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2221.313514][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2221.314833][ T6612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2221.361688][ T6612] veth1_macvtap: left promiscuous mode [ 2221.367618][ T6612] veth0_macvtap: left promiscuous mode [ 2221.380007][ T6612] veth1_vlan: left promiscuous mode [ 2221.392243][ T6612] veth0_vlan: left promiscuous mode [ 2221.393305][ T5244] usb 5-1: config 0 descriptor?? [ 2221.439011][ T5244] hso 5-1:0.1: Failed to find BULK IN ep [ 2221.695110][ T5244] usb 5-1: USB disconnect, device number 27 [ 2223.426633][T18605] slcan: can't register candev [ 2223.431627][T18605] Falling back ldisc for ptm0. [ 2223.782594][ T6612] team0 (unregistering): Port device team_slave_1 removed [ 2223.913804][ T6612] team0 (unregistering): Port device team_slave_0 removed [ 2225.380881][T18613] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2171'. [ 2225.718402][T18401] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 2225.893476][T18401] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 2225.926111][T18401] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 2226.622070][T18401] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 2227.237071][T18401] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2227.254573][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 2227.261629][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 2228.480178][T18401] 8021q: adding VLAN 0 to HW filter on device team0 [ 2228.518444][T18404] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2228.558701][T18404] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2228.597369][ T29] audit: type=1400 audit(1728400257.132:388): avc: denied { create } for pid=18640 comm="syz.3.2178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 2228.639997][T18404] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2228.865143][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 2228.872641][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2229.341212][ T5455] bridge0: port 2(bridge_slave_1) entered blocking state [ 2229.348460][ T5455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2229.415983][T18404] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2231.442070][T18404] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2231.699703][T18404] 8021q: adding VLAN 0 to HW filter on device team0 [ 2231.787851][T18404] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2231.805824][T18404] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2232.058409][T18678] can0: slcan on ptm0. [ 2232.241232][ T5458] bridge0: port 1(bridge_slave_0) entered blocking state [ 2232.248474][ T5458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2232.872862][ T5458] bridge0: port 2(bridge_slave_1) entered blocking state [ 2232.880106][ T5458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2233.168293][T18670] can0 (unregistered): slcan off ptm0. [ 2233.340960][T18401] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2233.750735][T18676] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2183'. [ 2234.020587][T18401] veth0_vlan: entered promiscuous mode [ 2234.063923][T18401] veth1_vlan: entered promiscuous mode [ 2235.031887][T18699] netlink: 'syz.3.2184': attribute type 4 has an invalid length. [ 2235.039850][T18699] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2184'. [ 2235.192143][T18404] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2235.246868][T18401] veth0_macvtap: entered promiscuous mode [ 2235.286745][T18401] veth1_macvtap: entered promiscuous mode [ 2236.344294][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2236.405787][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2236.436575][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2236.523511][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2236.563373][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2236.599675][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2236.671432][T18401] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2237.038016][T18731] netlink: 'syz.0.2189': attribute type 4 has an invalid length. [ 2237.045991][T18731] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2189'. [ 2237.678482][T18404] veth0_vlan: entered promiscuous mode [ 2238.656026][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2238.706546][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2238.733122][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2238.744144][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2238.791098][T18401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2239.091964][T18401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2239.134421][T18401] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2240.048313][T18404] veth1_vlan: entered promiscuous mode [ 2240.071666][T18401] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2240.095944][T18401] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2240.104774][T18401] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2240.116916][T18401] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2240.501709][T18404] veth0_macvtap: entered promiscuous mode [ 2242.537727][T18404] veth1_macvtap: entered promiscuous mode [ 2243.426135][T16792] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2243.465940][T16792] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2243.528098][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2243.592622][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.637910][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2243.682725][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.693303][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2243.714392][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.732509][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2243.754436][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.777616][T18404] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2243.876138][ T5244] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 2243.888970][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2243.901152][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.911141][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2243.921762][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.932042][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2243.942935][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.953079][T18404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2243.963720][T18404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2243.975101][T18404] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2244.007274][ T5455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2244.015221][ T5455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2244.044385][T18404] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2244.055133][T18404] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2244.085481][T18404] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2244.094842][T18404] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2244.253822][ T5244] usb 5-1: Using ep0 maxpacket: 32 [ 2244.262771][ T5244] usb 5-1: unable to get BOS descriptor or descriptor too short [ 2244.278751][ T5244] usb 5-1: config 7 has an invalid interface number: 112 but max is 1 [ 2244.425808][ T5244] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 2244.442918][ T5244] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 2245.034771][ T5244] usb 5-1: config 7 has no interface number 0 [ 2245.320230][ T5244] usb 5-1: config 7 interface 112 has no altsetting 0 [ 2245.350689][ T5244] usb 5-1: New USB device found, idVendor=04e2, idProduct=1420, bcdDevice=b5.bb [ 2245.406676][ T5244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2245.468228][ T5244] usb 5-1: Product: syz [ 2245.472484][ T5244] usb 5-1: Manufacturer: syz [ 2245.510185][ T5455] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2245.519584][ T5244] usb 5-1: SerialNumber: syz [ 2245.558457][ T5455] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2246.185081][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2246.194779][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2246.243142][ T5244] usb 5-1: USB disconnect, device number 28 [ 2247.256094][T18819] 9pnet_fd: Insufficient options for proto=fd [ 2247.518994][T18823] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2138'. [ 2248.253453][T13784] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 2248.444636][T13784] usb 1-1: Using ep0 maxpacket: 8 [ 2249.003517][T13784] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 2249.026040][T13784] usb 1-1: config 0 has no interface number 0 [ 2249.042706][T13784] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2249.064001][T13784] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 2249.084666][T13784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2249.116854][T13784] usb 1-1: config 0 descriptor?? [ 2249.132042][T13784] iowarrior 1-1:0.1: no interrupt-in endpoint found [ 2249.266009][ T938] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 2250.370343][T13784] usb 1-1: USB disconnect, device number 45 [ 2250.457899][ T938] usb 3-1: Using ep0 maxpacket: 8 [ 2250.483268][ T938] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 2250.507512][ T938] usb 3-1: config 0 has no interface number 0 [ 2250.805266][ T938] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2250.842428][ T938] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 2251.825600][ T938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2251.839412][ T938] usb 3-1: config 0 descriptor?? [ 2252.142204][T18864] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2205'. [ 2252.879843][ T938] usb 3-1: can't set config #0, error -71 [ 2252.887392][ T938] usb 3-1: USB disconnect, device number 26 [ 2253.101162][T18873] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2210'. [ 2253.142056][T18873] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2210'. [ 2253.198282][T13784] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 2253.265603][T18883] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2209'. [ 2253.293042][T18883] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2209'. [ 2253.494584][T13784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2253.506061][T13784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2253.710229][T13784] usb 5-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 2253.719988][T13784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2253.739551][T13784] usb 5-1: config 0 descriptor?? [ 2254.822627][T13784] usbhid 5-1:0.0: can't add hid device: -71 [ 2254.840141][T13784] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 2254.851920][T13784] usb 5-1: USB disconnect, device number 29 [ 2259.718535][T18928] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2220'. [ 2261.738427][T18942] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2223'. [ 2265.365959][T11614] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2265.380563][T11614] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2265.394847][T11614] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2265.403176][T11614] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2265.411823][ T6640] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2265.419135][ T6640] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2265.460726][ T6640] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2265.468876][ T6640] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 2265.477116][ T6640] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2265.484305][ T6640] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2265.493080][ T6640] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 2265.510655][ T6640] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2265.873934][T18961] chnl_net:caif_netlink_parms(): no params data found [ 2265.961439][T18974] netlink: 'syz.1.2229': attribute type 4 has an invalid length. [ 2265.969893][T18974] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2229'. [ 2266.012951][T18960] chnl_net:caif_netlink_parms(): no params data found [ 2267.317461][T18960] bridge0: port 1(bridge_slave_0) entered blocking state [ 2267.355871][T18960] bridge0: port 1(bridge_slave_0) entered disabled state [ 2267.369487][T18960] bridge_slave_0: entered allmulticast mode [ 2267.387580][T18960] bridge_slave_0: entered promiscuous mode [ 2267.456491][T18960] bridge0: port 2(bridge_slave_1) entered blocking state [ 2267.463631][T18960] bridge0: port 2(bridge_slave_1) entered disabled state [ 2267.484497][T18960] bridge_slave_1: entered allmulticast mode [ 2267.492661][T18960] bridge_slave_1: entered promiscuous mode [ 2267.573238][T18964] Bluetooth: hci2: command tx timeout [ 2267.580037][T18964] Bluetooth: hci3: command tx timeout [ 2267.781612][T18961] bridge0: port 1(bridge_slave_0) entered blocking state [ 2267.790082][T18961] bridge0: port 1(bridge_slave_0) entered disabled state [ 2267.797863][T18961] bridge_slave_0: entered allmulticast mode [ 2267.805210][T18961] bridge_slave_0: entered promiscuous mode [ 2267.832974][T18961] bridge0: port 2(bridge_slave_1) entered blocking state [ 2267.843289][T18961] bridge0: port 2(bridge_slave_1) entered disabled state [ 2268.629366][T18961] bridge_slave_1: entered allmulticast mode [ 2268.666994][T18961] bridge_slave_1: entered promiscuous mode [ 2268.814172][ T1053] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2268.878401][T18988] netlink: 'syz.1.2231': attribute type 4 has an invalid length. [ 2268.886272][T18988] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2231'. [ 2269.051164][T18964] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2269.066137][T18964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2269.094134][T18964] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2269.113164][T18964] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2269.122378][T18964] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 2269.130351][T18964] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2269.150327][ T1053] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2269.323551][T18960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2269.349101][T18960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2269.655789][T16691] Bluetooth: hci3: command tx timeout [ 2269.662740][T16691] Bluetooth: hci2: command tx timeout [ 2270.234014][ T1053] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2270.282169][T18961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2270.341436][T18960] team0: Port device team_slave_0 added [ 2270.363483][T18960] team0: Port device team_slave_1 added [ 2270.445177][T18961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2270.495651][ T1053] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2270.543443][T18960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2270.552758][T18960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2270.583054][T18960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2270.668972][T18961] team0: Port device team_slave_0 added [ 2270.722186][T18960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2270.735891][T18960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2270.857058][T18960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2271.227058][T18961] team0: Port device team_slave_1 added [ 2271.246728][T18964] Bluetooth: hci1: command tx timeout [ 2271.292886][T18960] hsr_slave_0: entered promiscuous mode [ 2271.314612][T18960] hsr_slave_1: entered promiscuous mode [ 2271.465815][T18961] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2271.485795][T18961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2271.512380][T18961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2271.525484][T18961] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2271.532744][T18961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2271.559265][T18961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2271.756609][T18964] Bluetooth: hci2: command tx timeout [ 2271.762268][T18964] Bluetooth: hci3: command tx timeout [ 2271.810566][T18961] hsr_slave_0: entered promiscuous mode [ 2271.829727][T18961] hsr_slave_1: entered promiscuous mode [ 2271.847355][T18961] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2271.855113][T18961] Cannot create hsr debugfs directory [ 2271.875126][ T1053] bridge_slave_1: left allmulticast mode [ 2271.894175][ T1053] bridge_slave_1: left promiscuous mode [ 2271.903452][ T1053] bridge0: port 2(bridge_slave_1) entered disabled state [ 2271.923437][ T1053] bridge_slave_0: left allmulticast mode [ 2271.933604][ T1053] bridge_slave_0: left promiscuous mode [ 2271.952152][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 2273.192926][T18964] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2273.205113][T18964] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2273.221330][T18964] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2273.230609][T18964] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2273.244893][T18964] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 2273.254559][T18964] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2273.324950][T13784] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 2273.333112][T18964] Bluetooth: hci1: command tx timeout [ 2273.450045][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2273.463564][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2273.475503][ T1053] bond0 (unregistering): Released all slaves [ 2273.531600][T13784] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 2273.540865][T13784] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2273.557331][T13784] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 2273.566668][T13784] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2273.583852][T13784] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 2273.593482][T13784] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 2273.602331][T13784] usb 2-1: Product: syz [ 2273.607020][T13784] usb 2-1: Manufacturer: syz [ 2273.621764][T13784] cdc_wdm 2-1:1.0: skipping garbage [ 2273.628379][T13784] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22 [ 2273.809239][T18964] Bluetooth: hci3: command tx timeout [ 2273.814726][T18964] Bluetooth: hci2: command tx timeout [ 2273.909381][T13784] usb 2-1: USB disconnect, device number 30 [ 2274.059274][T18989] chnl_net:caif_netlink_parms(): no params data found [ 2274.153505][T18960] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2274.211458][ T1053] hsr_slave_0: left promiscuous mode [ 2274.226386][ T1053] hsr_slave_1: left promiscuous mode [ 2274.232822][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2274.255941][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2274.264145][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2274.272013][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2274.311820][ T1053] veth1_macvtap: left promiscuous mode [ 2274.325467][ T1053] veth0_macvtap: left promiscuous mode [ 2274.334076][ T1053] veth1_vlan: left promiscuous mode [ 2274.341518][ T1053] veth0_vlan: left promiscuous mode [ 2275.337330][T18964] Bluetooth: hci4: command tx timeout [ 2275.472436][T18964] Bluetooth: hci1: command tx timeout [ 2275.821892][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 2275.883217][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 2276.535913][T18960] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2276.565244][T19033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2238'. [ 2276.641971][T18960] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2276.760142][T18960] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2276.781209][T18989] bridge0: port 1(bridge_slave_0) entered blocking state [ 2276.788833][T18989] bridge0: port 1(bridge_slave_0) entered disabled state [ 2276.796650][T18989] bridge_slave_0: entered allmulticast mode [ 2276.804033][T18989] bridge_slave_0: entered promiscuous mode [ 2276.814641][T18989] bridge0: port 2(bridge_slave_1) entered blocking state [ 2276.822172][T18989] bridge0: port 2(bridge_slave_1) entered disabled state [ 2276.833367][T18989] bridge_slave_1: entered allmulticast mode [ 2276.840642][T18989] bridge_slave_1: entered promiscuous mode [ 2276.928730][T18989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2276.969026][T18989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2277.125629][T18989] team0: Port device team_slave_0 added [ 2277.216949][T18989] team0: Port device team_slave_1 added [ 2277.339338][T18989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2277.353235][T18989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2277.396107][T18989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2277.409496][T18989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2277.416047][T18964] Bluetooth: hci4: command tx timeout [ 2277.417486][T18989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2277.448435][T18989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2277.466536][T18960] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 2277.485949][T18964] Bluetooth: hci1: command tx timeout [ 2277.508579][T18960] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 2277.693760][T19010] chnl_net:caif_netlink_parms(): no params data found [ 2277.892037][T18960] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 2278.174414][T18960] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 2278.525071][T19055] slcan: can't register candev [ 2278.531542][T19055] Falling back ldisc for ptm0. [ 2278.675486][T18989] hsr_slave_0: entered promiscuous mode [ 2278.706687][T18989] hsr_slave_1: entered promiscuous mode [ 2278.735536][T18989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2278.755967][T18989] Cannot create hsr debugfs directory [ 2278.899029][ T1053] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2279.052576][ T1053] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2279.072638][T19010] bridge0: port 1(bridge_slave_0) entered blocking state [ 2279.084299][T19010] bridge0: port 1(bridge_slave_0) entered disabled state [ 2279.092226][T19010] bridge_slave_0: entered allmulticast mode [ 2279.100423][T19010] bridge_slave_0: entered promiscuous mode [ 2279.111342][T19010] bridge0: port 2(bridge_slave_1) entered blocking state [ 2279.120276][T19010] bridge0: port 2(bridge_slave_1) entered disabled state [ 2279.134424][T19010] bridge_slave_1: entered allmulticast mode [ 2279.142201][T19010] bridge_slave_1: entered promiscuous mode [ 2279.198681][ T1053] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2279.320526][ T1053] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2279.341516][T19010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2279.404679][T19010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2279.486220][T18964] Bluetooth: hci4: command tx timeout [ 2279.567014][T19010] team0: Port device team_slave_0 added [ 2279.589295][T19010] team0: Port device team_slave_1 added [ 2279.736177][T19010] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2279.753147][T19010] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2279.790313][T19010] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2279.837883][T18961] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2280.690750][T19010] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2280.697902][T19010] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2280.724115][T19010] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2280.743990][T19070] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2241'. [ 2280.753602][T18961] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2280.772843][T18961] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2280.834010][T18961] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2280.869023][T19010] hsr_slave_0: entered promiscuous mode [ 2280.879293][T19010] hsr_slave_1: entered promiscuous mode [ 2280.885913][T19010] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2280.894110][T19010] Cannot create hsr debugfs directory [ 2281.213633][ T1053] bridge_slave_1: left allmulticast mode [ 2281.222993][ T1053] bridge_slave_1: left promiscuous mode [ 2281.237367][ T1053] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.249214][ T1053] bridge_slave_0: left allmulticast mode [ 2281.254940][ T1053] bridge_slave_0: left promiscuous mode [ 2281.274549][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.297060][ T1053] bridge_slave_1: left allmulticast mode [ 2281.303209][ T1053] bridge_slave_1: left promiscuous mode [ 2281.320779][ T1053] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.341503][ T1053] bridge_slave_0: left allmulticast mode [ 2281.353729][ T1053] bridge_slave_0: left promiscuous mode [ 2281.366107][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.565860][T18964] Bluetooth: hci4: command tx timeout [ 2282.562032][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2282.573814][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2282.594153][ T1053] bond0 (unregistering): Released all slaves [ 2282.751441][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2282.774316][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2282.792329][ T1053] bond0 (unregistering): Released all slaves [ 2282.832871][T18960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2282.858775][T18960] 8021q: adding VLAN 0 to HW filter on device team0 [ 2283.044006][ T3020] bridge0: port 1(bridge_slave_0) entered blocking state [ 2283.051208][ T3020] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2283.190116][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 2283.197374][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2283.866386][T18989] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2283.900291][T18989] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2283.981444][T19010] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2284.027877][ T1053] hsr_slave_0: left promiscuous mode [ 2284.034594][ T1053] hsr_slave_1: left promiscuous mode [ 2284.052288][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2284.071060][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2284.082206][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2284.100705][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2284.121741][ T1053] hsr_slave_0: left promiscuous mode [ 2284.131223][ T1053] hsr_slave_1: left promiscuous mode [ 2284.141263][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2284.148825][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2284.161777][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2284.175427][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2284.229442][ T1053] veth1_macvtap: left promiscuous mode [ 2284.235058][ T1053] veth0_macvtap: left promiscuous mode [ 2284.240901][ T1053] veth1_vlan: left promiscuous mode [ 2284.246496][ T1053] veth0_vlan: left promiscuous mode [ 2284.253265][ T1053] veth1_macvtap: left promiscuous mode [ 2284.263184][ T1053] veth0_macvtap: left promiscuous mode [ 2284.269011][ T1053] veth1_vlan: left promiscuous mode [ 2284.274483][ T1053] veth0_vlan: left promiscuous mode [ 2286.027922][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 2286.098605][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 2287.274184][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 2287.332676][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 2287.934647][T18989] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2287.954269][T18989] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2287.977804][T18961] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2288.037001][T19010] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2288.053557][T19126] netlink: 'syz.1.2244': attribute type 4 has an invalid length. [ 2288.061663][T19126] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2244'. [ 2288.081699][T18960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2288.159670][T18961] 8021q: adding VLAN 0 to HW filter on device team0 [ 2288.190573][T14302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2288.197900][T14302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2288.355109][T19129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2245'. [ 2288.498227][T19010] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2288.665458][T14302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2288.672897][T14302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2288.688527][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 2288.695495][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 2288.967915][T19010] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2289.009086][T18960] veth0_vlan: entered promiscuous mode [ 2289.077522][T18960] veth1_vlan: entered promiscuous mode [ 2289.220326][T18989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2289.296832][T18989] 8021q: adding VLAN 0 to HW filter on device team0 [ 2289.362545][T14302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2289.369831][T14302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2289.437584][T14302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2289.444969][T14302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2289.468455][T18960] veth0_macvtap: entered promiscuous mode [ 2289.502194][T19010] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2289.539196][T19010] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2289.588766][T18960] veth1_macvtap: entered promiscuous mode [ 2289.606985][T19010] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2289.635617][T19010] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2289.667951][T18960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2289.690108][T18960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2289.711300][T18960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2289.733690][T18960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2289.754390][T18960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2289.782325][T18960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2289.803023][T18960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2289.825077][T18960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2289.845394][T18960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2289.866697][T18960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2289.923679][T18961] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2289.953597][T18960] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2290.128659][T18960] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2290.186360][T18960] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2290.243519][T18960] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2290.630751][T19138] netlink: 'syz.1.2246': attribute type 4 has an invalid length. [ 2290.638890][T19138] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2246'. [ 2290.950886][T18961] veth0_vlan: entered promiscuous mode [ 2291.036245][T16774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2291.044220][T16774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2291.075390][T18961] veth1_vlan: entered promiscuous mode [ 2291.164945][T14302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2291.169844][T19010] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2291.186643][T14302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2291.253710][T18961] veth0_macvtap: entered promiscuous mode [ 2291.298937][T18961] veth1_macvtap: entered promiscuous mode [ 2291.321233][T19010] 8021q: adding VLAN 0 to HW filter on device team0 [ 2291.351262][ T1053] bridge0: port 1(bridge_slave_0) entered blocking state [ 2291.358479][ T1053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2291.442633][T18989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2291.540683][ T1053] bridge0: port 2(bridge_slave_1) entered blocking state [ 2291.547955][ T1053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2291.662830][T19010] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2291.697460][T19010] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2292.243317][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2292.294775][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.325436][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2292.362367][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.393204][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2292.422689][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.453403][T18961] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2292.577008][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2292.633495][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.664054][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2292.675046][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.685565][T18961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2292.696344][T18961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2292.707881][T18961] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2292.718856][T18961] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2292.727721][T18961] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2292.736745][T18961] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2292.745502][T18961] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2293.459503][T19158] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2248'. [ 2293.642682][T14302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2293.654623][T14302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2293.814017][T18989] veth0_vlan: entered promiscuous mode [ 2293.856523][T18989] veth1_vlan: entered promiscuous mode [ 2293.977673][T14302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2294.031632][T14302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2294.118323][T19010] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2294.163667][T18989] veth0_macvtap: entered promiscuous mode [ 2294.189109][T18989] veth1_macvtap: entered promiscuous mode [ 2294.259913][T19010] veth0_vlan: entered promiscuous mode [ 2294.279554][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2294.300630][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2294.335164][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2294.425352][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2294.506260][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2294.545483][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2294.573910][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2294.605280][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2295.435893][T18989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2295.453193][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2295.636128][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2295.659128][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2295.670020][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2295.680466][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2295.691169][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2295.701087][T18989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2295.711815][T18989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2295.723325][T18989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2296.002318][T19010] veth1_vlan: entered promiscuous mode [ 2296.078902][T18989] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2296.088142][T18989] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2296.097070][T18989] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2296.106094][T18989] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2298.356626][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2298.387585][T19010] veth0_macvtap: entered promiscuous mode [ 2298.394825][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2298.995000][T19010] veth1_macvtap: entered promiscuous mode [ 2299.079085][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2299.095128][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2299.127390][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2299.180569][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.315892][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2299.355761][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.418332][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2299.495983][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.541746][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2299.579228][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.625895][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2299.685809][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.742120][T19010] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2299.831792][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2299.875935][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.895811][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2299.925852][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2299.952898][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2299.985735][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2300.016299][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2300.057897][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2300.098522][T19010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2300.125187][T19010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2300.188752][T19010] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2300.259740][T19010] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2300.432526][T19010] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2300.441907][T19010] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2300.667597][T19010] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2301.045058][T19207] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2255'. [ 2301.403800][T19212] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2232'. [ 2301.815855][ T1053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2301.973039][ T1053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2302.579787][ T29] audit: type=1326 audit(1728400331.082:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19195 comm="syz.2.2254" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b1c37dff9 code=0x0 [ 2302.622084][T16774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2302.684854][T16774] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2302.747847][T16774] Bluetooth: Error in BCSP hdr checksum [ 2303.913936][ T5458] Bluetooth: Error in BCSP hdr checksum [ 2304.142980][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2304.275860][ T5232] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 2304.397049][T16774] Bluetooth: Error in BCSP hdr checksum [ 2304.429789][ T5232] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 2304.450103][ T5232] usb 1-1: config 0 has no interface number 0 [ 2304.469179][ T5232] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 2304.509511][ T5232] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2304.526077][T18964] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 2304.535829][ T5232] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 2304.546587][ T5232] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2304.635900][ T5232] usb 1-1: Product: syz [ 2304.652019][ T5232] usb 1-1: Manufacturer: syz [ 2304.666451][ T5232] usb 1-1: SerialNumber: syz [ 2304.722349][ T5232] usb 1-1: config 0 descriptor?? [ 2304.751432][T19227] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 2304.797434][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2304.986971][ T5232] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 2304.997492][ T5232] cyberjack ttyUSB0: usb_submit_urb(read int) failed [ 2305.040267][ T5232] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 2305.046133][ T63] Bluetooth: Error in BCSP hdr checksum [ 2305.227996][ T6806] usb 1-1: USB disconnect, device number 46 [ 2305.251013][ T6806] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 2305.294581][ T6806] cyberjack 1-1:0.69: device disconnected [ 2305.335346][ T63] Bluetooth: Error in BCSP hdr checksum [ 2306.217960][ T3020] Bluetooth: Error in BCSP hdr checksum [ 2306.662783][ T1053] Bluetooth: Error in BCSP hdr checksum [ 2307.128835][T19246] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2263'. [ 2307.687553][T16792] Bluetooth: Error in BCSP hdr checksum [ 2307.695284][T16792] Bluetooth: Error in BCSP hdr checksum [ 2310.265830][ T5292] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 2310.422573][ T5292] usb 1-1: device descriptor read/64, error -71 [ 2310.676857][ T5292] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 2310.805974][ T6806] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 2310.816791][ T5292] usb 1-1: device descriptor read/64, error -71 [ 2310.926751][ T5292] usb usb1-port1: attempt power cycle [ 2310.984063][ T6806] usb 3-1: config 0 has an invalid interface number: 69 but max is 0 [ 2311.013033][ T6806] usb 3-1: config 0 has no interface number 0 [ 2311.032132][ T6806] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 2311.060001][ T6806] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2311.082935][ T6806] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 2311.097572][ T6806] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2311.107888][ T6806] usb 3-1: Product: syz [ 2311.113738][ T6806] usb 3-1: Manufacturer: syz [ 2311.133081][ T6806] usb 3-1: SerialNumber: syz [ 2311.157273][ T6806] usb 3-1: config 0 descriptor?? [ 2311.163108][T19266] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 2311.176236][ T6806] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 2311.308360][ T5292] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 2311.713450][ T6806] cyberjack ttyUSB0: usb_submit_urb(read int) failed [ 2311.786564][ T5292] usb 1-1: device descriptor read/8, error -71 [ 2311.803982][ T6806] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 2311.835395][ T6806] usb 3-1: USB disconnect, device number 27 [ 2311.909827][ T6806] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 2311.956764][ T6806] cyberjack 3-1:0.69: device disconnected [ 2312.035840][ T5292] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 2312.086521][ T5292] usb 1-1: device descriptor read/8, error -71 [ 2312.216786][ T5292] usb usb1-port1: unable to enumerate USB device [ 2312.786176][ T6806] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 2313.828788][ T6806] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 2313.838101][ T6806] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2313.849637][ T6806] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 2313.871805][ T6806] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87 [ 2314.020479][ T6806] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 2314.078168][ T6806] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 2314.096966][ T6806] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 2314.113371][ T6806] usb 4-1: Product: syz [ 2314.117855][ T6806] usb 4-1: Manufacturer: syz [ 2314.131941][ T6806] cdc_wdm 4-1:1.0: skipping garbage [ 2314.137446][ T6806] cdc_wdm 4-1:1.0: skipping garbage [ 2314.142875][ T6806] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 2314.592629][T19297] can0: slcan on ptm0. [ 2315.269667][ T6806] usb 4-1: USB disconnect, device number 22 [ 2315.417708][T19293] can0 (unregistered): slcan off ptm0. [ 2317.336685][T19342] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2285'. [ 2321.536030][T18964] Bluetooth: hci6: command 0x0406 tx timeout [ 2324.680797][T18964] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2324.790940][T18964] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2324.812458][T18964] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2324.838936][T18964] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2324.859560][T18964] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 2324.877904][T18964] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2325.727178][T16691] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 2325.737090][T16691] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 2325.747451][T16691] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 2325.768299][T16691] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 2325.798705][T16691] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 2325.816074][T16691] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 2325.852091][T19396] chnl_net:caif_netlink_parms(): no params data found [ 2326.015932][ T5285] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 2326.081220][T19396] bridge0: port 1(bridge_slave_0) entered blocking state [ 2326.095924][T19396] bridge0: port 1(bridge_slave_0) entered disabled state [ 2326.103342][T19396] bridge_slave_0: entered allmulticast mode [ 2326.117176][T19396] bridge_slave_0: entered promiscuous mode [ 2326.170108][T19396] bridge0: port 2(bridge_slave_1) entered blocking state [ 2326.177747][ T5285] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2326.190594][ T5285] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2326.193885][T19396] bridge0: port 2(bridge_slave_1) entered disabled state [ 2326.212129][ T5285] usb 3-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 2326.221741][T19396] bridge_slave_1: entered allmulticast mode [ 2326.229087][T19396] bridge_slave_1: entered promiscuous mode [ 2326.252320][ T5285] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2326.303208][ T5285] usb 3-1: config 0 descriptor?? [ 2326.393922][T19396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2326.406877][T19396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2326.543221][T19396] team0: Port device team_slave_0 added [ 2326.597954][T19396] team0: Port device team_slave_1 added [ 2326.758934][T19396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2326.796131][T19396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2326.889870][T19396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2326.928300][T19396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2326.945027][T19396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2326.978502][ T5285] usbhid 3-1:0.0: can't add hid device: -71 [ 2326.985042][ T5285] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 2327.004456][ T5285] usb 3-1: USB disconnect, device number 28 [ 2327.093507][T18964] Bluetooth: hci5: command tx timeout [ 2327.346175][T19396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2327.564217][T19411] chnl_net:caif_netlink_parms(): no params data found [ 2327.783309][T19396] hsr_slave_0: entered promiscuous mode [ 2327.802390][T19396] hsr_slave_1: entered promiscuous mode [ 2327.813735][T19396] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2327.853514][T19396] Cannot create hsr debugfs directory [ 2327.885836][T18964] Bluetooth: hci7: command tx timeout [ 2328.069419][T19430] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2303'. [ 2328.098730][T19411] bridge0: port 1(bridge_slave_0) entered blocking state [ 2328.115985][T19411] bridge0: port 1(bridge_slave_0) entered disabled state [ 2328.126351][T19411] bridge_slave_0: entered allmulticast mode [ 2328.134953][T19411] bridge_slave_0: entered promiscuous mode [ 2328.411151][T19411] bridge0: port 2(bridge_slave_1) entered blocking state [ 2328.429160][T19411] bridge0: port 2(bridge_slave_1) entered disabled state [ 2328.455320][T19411] bridge_slave_1: entered allmulticast mode [ 2328.568884][T19411] bridge_slave_1: entered promiscuous mode [ 2329.225617][T18964] Bluetooth: hci5: command tx timeout [ 2329.347613][T19411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2329.442254][T19411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2329.623771][T19411] team0: Port device team_slave_0 added [ 2329.667192][T19411] team0: Port device team_slave_1 added [ 2329.861321][T19396] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2330.036304][T18964] Bluetooth: hci7: command tx timeout [ 2330.109739][T19411] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2330.144226][T19411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2330.992807][T19411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2331.099009][T19396] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2331.158750][T19411] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2331.167694][T19411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2331.195495][T19411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2331.246952][T18964] Bluetooth: hci5: command tx timeout [ 2331.301129][T19396] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2331.488800][T19396] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2331.534271][T19411] hsr_slave_0: entered promiscuous mode [ 2331.557986][T19411] hsr_slave_1: entered promiscuous mode [ 2331.574074][T19411] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2331.593228][T19411] Cannot create hsr debugfs directory [ 2332.152204][T18964] Bluetooth: hci7: command tx timeout [ 2333.325924][T18964] Bluetooth: hci5: command tx timeout [ 2333.357530][T19396] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2333.505489][T19396] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2333.542972][T19396] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2333.701812][T19411] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2333.735578][T19396] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2334.836076][T18964] Bluetooth: hci7: command tx timeout [ 2334.908943][T19396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2335.030067][T19411] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2335.093562][T19396] 8021q: adding VLAN 0 to HW filter on device team0 [ 2335.180201][T19411] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2335.236065][T16792] bridge0: port 1(bridge_slave_0) entered blocking state [ 2335.243319][T16792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2335.300263][T16792] bridge0: port 2(bridge_slave_1) entered blocking state [ 2335.307549][T16792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2335.548080][T19411] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2335.826139][T19482] can0: slcan on ptm0. [ 2336.606811][T19478] can0 (unregistered): slcan off ptm0. [ 2336.878056][T19411] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2336.912206][T19411] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2336.944432][T19411] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2336.978631][T19411] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2337.147605][T19396] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2337.239998][T19411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2337.311093][T19411] 8021q: adding VLAN 0 to HW filter on device team0 [ 2337.352158][ T5458] bridge0: port 1(bridge_slave_0) entered blocking state [ 2337.359394][ T5458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2337.397046][T16792] bridge0: port 2(bridge_slave_1) entered blocking state [ 2337.404252][T16792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2337.638026][T19500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2317'. [ 2337.677410][T19500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2317'. [ 2337.699155][T19396] veth0_vlan: entered promiscuous mode [ 2337.741857][T19396] veth1_vlan: entered promiscuous mode [ 2337.813802][T19396] veth0_macvtap: entered promiscuous mode [ 2337.863938][T19411] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2337.888962][T19396] veth1_macvtap: entered promiscuous mode [ 2337.942392][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2337.974739][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2337.996889][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.013949][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.024953][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.037164][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.047252][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.058486][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.068611][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.079257][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.089322][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.099899][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.113137][T19396] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2338.155487][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.173370][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.183564][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.201594][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.213555][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.230519][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.244674][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.261111][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.274149][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.285128][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.295422][T19396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2338.306590][T19396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.318364][T19396] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2338.333981][T19396] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2338.343944][T19396] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2338.354909][T19396] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2338.363903][T19396] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2338.508054][T19411] veth0_vlan: entered promiscuous mode [ 2338.514865][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2338.531278][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2338.531811][T19411] veth1_vlan: entered promiscuous mode [ 2338.598121][ T6612] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2338.611106][ T6612] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2338.635399][T19411] veth0_macvtap: entered promiscuous mode [ 2338.677809][T19411] veth1_macvtap: entered promiscuous mode [ 2338.733285][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.771903][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.795919][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.812585][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.824054][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.835313][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.857959][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.872454][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.883437][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.901218][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2338.928993][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2338.968669][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.001578][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2339.039889][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.147477][T19411] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2339.464087][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.522978][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.575884][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.586790][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.597000][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.615867][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.631553][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.652567][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.672645][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.694891][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.708378][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.719339][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.730137][T19411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2339.741981][T19411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2339.754396][T19411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2339.779580][T19411] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2339.791325][T19411] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2339.800437][T19411] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2339.823880][T19411] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2339.946811][ T6806] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 2340.044997][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2340.072342][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2340.117112][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2340.126838][ T6806] usb 3-1: Using ep0 maxpacket: 8 [ 2340.134218][ T6806] usb 3-1: no configurations [ 2340.138869][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2340.168514][ T6806] usb 3-1: can't read configurations, error -22 [ 2340.316655][ T6806] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 2340.476714][ T6806] usb 3-1: Using ep0 maxpacket: 8 [ 2340.496971][ T6806] usb 3-1: no configurations [ 2340.501601][ T6806] usb 3-1: can't read configurations, error -22 [ 2340.518634][ T6806] usb usb3-port1: attempt power cycle [ 2340.801147][T18964] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 2340.814162][T18964] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 2340.823563][T18964] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 2340.833956][T18964] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 2340.842016][T18964] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 2340.856420][T18964] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 2340.896865][ T6806] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 2340.979454][ T6806] usb 3-1: Using ep0 maxpacket: 8 [ 2341.000882][ T6806] usb 3-1: no configurations [ 2341.019285][ T6806] usb 3-1: can't read configurations, error -22 [ 2341.176877][ T6806] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 2341.911638][T19526] chnl_net:caif_netlink_parms(): no params data found [ 2342.127815][ T6806] usb 3-1: Using ep0 maxpacket: 8 [ 2342.134684][ T6806] usb 3-1: no configurations [ 2342.139507][ T6806] usb 3-1: can't read configurations, error -22 [ 2342.150604][ T6806] usb usb3-port1: unable to enumerate USB device [ 2342.168943][T19526] bridge0: port 1(bridge_slave_0) entered blocking state [ 2342.177459][T19526] bridge0: port 1(bridge_slave_0) entered disabled state [ 2342.184846][T19526] bridge_slave_0: entered allmulticast mode [ 2342.193328][T19526] bridge_slave_0: entered promiscuous mode [ 2342.202156][T19526] bridge0: port 2(bridge_slave_1) entered blocking state [ 2342.210249][T19526] bridge0: port 2(bridge_slave_1) entered disabled state [ 2342.217652][T19526] bridge_slave_1: entered allmulticast mode [ 2342.227385][T19526] bridge_slave_1: entered promiscuous mode [ 2342.270881][T19526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2342.297779][T19539] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2324'. [ 2342.311304][ T29] audit: type=1400 audit(1728400370.862:390): avc: denied { write } for pid=4659 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2342.351100][ T29] audit: type=1400 audit(1728400370.862:391): avc: denied { remove_name } for pid=4659 comm="syslogd" name="messages" dev="tmpfs" ino=14 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2342.351922][T19526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2342.394849][ T29] audit: type=1400 audit(1728400370.862:392): avc: denied { add_name } for pid=4659 comm="syslogd" name="messages.0" dev="tmpfs" ino=13 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2342.564748][T19526] team0: Port device team_slave_0 added [ 2342.608947][T19526] team0: Port device team_slave_1 added [ 2342.643314][T19526] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2342.650539][T19526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2342.677495][T19526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2342.748857][T19526] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2342.781864][T19526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2342.830222][T19526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2342.928151][T16691] Bluetooth: hci8: command tx timeout [ 2342.943973][T19526] hsr_slave_0: entered promiscuous mode [ 2342.952947][T19526] hsr_slave_1: entered promiscuous mode [ 2342.972940][T19526] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2342.986391][T19526] Cannot create hsr debugfs directory [ 2343.629467][T19526] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2343.968936][T19526] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2344.212004][T19526] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2345.165952][T16691] Bluetooth: hci8: command tx timeout [ 2345.200047][T19526] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2345.575597][T19558] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2329'. [ 2345.629529][T19558] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2329'. [ 2345.729098][T19526] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2345.798886][T19526] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2345.838973][T19526] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2345.924127][T19526] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2346.573216][T19526] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2346.621275][T19526] 8021q: adding VLAN 0 to HW filter on device team0 [ 2346.701126][T16792] bridge0: port 1(bridge_slave_0) entered blocking state [ 2346.708452][T16792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2346.747761][T16792] bridge0: port 2(bridge_slave_1) entered blocking state [ 2346.754926][T16792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2347.184554][ T29] audit: type=1400 audit(1728400375.732:393): avc: denied { create } for pid=19566 comm="syz.0.2331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 2347.242507][ T29] audit: type=1400 audit(1728400375.792:394): avc: denied { bind } for pid=19566 comm="syz.0.2331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 2347.266424][T18964] Bluetooth: hci8: command tx timeout [ 2347.343994][ T29] audit: type=1400 audit(1728400375.862:395): avc: denied { setopt } for pid=19566 comm="syz.0.2331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 2347.416805][ T29] audit: type=1400 audit(1728400375.862:396): avc: denied { accept } for pid=19566 comm="syz.0.2331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 2347.495362][T19526] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2347.666545][T19526] veth0_vlan: entered promiscuous mode [ 2347.696077][T19526] veth1_vlan: entered promiscuous mode [ 2347.754640][T16691] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 2347.770244][T16691] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 2347.785797][T16691] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 2347.796778][T16691] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 2347.817459][T19526] veth0_macvtap: entered promiscuous mode [ 2347.847448][T19526] veth1_macvtap: entered promiscuous mode [ 2347.898974][T16691] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 2347.907931][T16691] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 2348.005512][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.059888][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.072109][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.095392][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.107029][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.255937][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.337487][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.424064][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.523436][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.687532][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.705737][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.735942][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.755732][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.775808][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.803702][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2348.821680][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.843981][T19526] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2348.876792][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2348.900671][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.925762][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2348.955867][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.965969][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2348.976553][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2348.987223][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2348.999500][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2349.010534][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2349.023680][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2349.033686][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2349.044221][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2349.054239][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2349.064788][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2349.074972][T19526] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2349.085501][T19526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2349.098799][T19526] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2349.149539][T19526] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2349.158620][T19526] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2349.167795][T19526] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2349.177214][T19526] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2349.246251][T17121] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 2349.326723][T16691] Bluetooth: hci8: command tx timeout [ 2349.414415][T16774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2349.425482][T17121] usb 3-1: Using ep0 maxpacket: 8 [ 2349.441616][T16774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2349.450713][T17121] usb 3-1: no configurations [ 2349.455413][T17121] usb 3-1: can't read configurations, error -22 [ 2349.516421][T16774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2349.524305][T16774] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2349.532737][T16446] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 2349.548473][T19577] chnl_net:caif_netlink_parms(): no params data found [ 2349.616011][T17121] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 2349.708790][T16446] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2349.726412][T16446] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2349.759262][T16446] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 2349.776207][T16446] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2349.802029][T17121] usb 3-1: Using ep0 maxpacket: 8 [ 2349.813129][T17121] usb 3-1: no configurations [ 2349.833491][T17121] usb 3-1: can't read configurations, error -22 [ 2349.851159][T17121] usb usb3-port1: attempt power cycle [ 2349.858858][T16446] usb 1-1: config 0 descriptor?? [ 2349.940770][T19577] bridge0: port 1(bridge_slave_0) entered blocking state [ 2349.948307][T19577] bridge0: port 1(bridge_slave_0) entered disabled state [ 2349.956454][T19577] bridge_slave_0: entered allmulticast mode [ 2349.964502][T19577] bridge_slave_0: entered promiscuous mode [ 2349.974089][T19577] bridge0: port 2(bridge_slave_1) entered blocking state [ 2350.010724][T19577] bridge0: port 2(bridge_slave_1) entered disabled state [ 2350.056057][T19577] bridge_slave_1: entered allmulticast mode [ 2350.069528][T19577] bridge_slave_1: entered promiscuous mode [ 2350.107676][T18964] Bluetooth: hci9: command tx timeout [ 2350.171723][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 2350.190001][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 2350.700587][T19577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2350.738383][T19577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2350.842503][T19577] team0: Port device team_slave_0 added [ 2350.866652][T19577] team0: Port device team_slave_1 added [ 2350.955974][T17121] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 2350.986530][T17121] usb 3-1: Using ep0 maxpacket: 8 [ 2350.992967][T17121] usb 3-1: no configurations [ 2350.994610][T19577] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2350.999445][T17121] usb 3-1: can't read configurations, error -22 [ 2351.024946][T19577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2351.063581][T19577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2351.080144][T19577] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2351.094346][T19577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2351.223555][T16446] usbhid 1-1:0.0: can't add hid device: -71 [ 2351.234948][T16446] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 2351.262117][T19577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2351.345767][T17121] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 2351.492097][T17121] usb 3-1: Using ep0 maxpacket: 8 [ 2351.541385][T16446] usb 1-1: USB disconnect, device number 51 [ 2351.675402][T17121] usb 3-1: no configurations [ 2351.706751][T17121] usb 3-1: can't read configurations, error -22 [ 2351.731284][T17121] usb usb3-port1: unable to enumerate USB device [ 2351.797494][T19577] hsr_slave_0: entered promiscuous mode [ 2351.804566][T19577] hsr_slave_1: entered promiscuous mode [ 2351.822920][T19577] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2351.840985][T19577] Cannot create hsr debugfs directory [ 2352.225744][T18964] Bluetooth: hci9: command tx timeout [ 2352.355603][T19577] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2352.800553][T19577] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2353.013686][T19618] can0: slcan on ptm0. [ 2353.952733][T19577] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2353.965563][T16691] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 2353.994995][T16691] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 2354.004694][T16691] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 2354.017489][T16691] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 2354.040645][T16691] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 2354.048753][T16691] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 2354.116111][T19615] can0 (unregistered): slcan off ptm0. [ 2354.173456][T19577] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2354.286743][T18964] Bluetooth: hci9: command tx timeout [ 2355.386611][T19577] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2355.403586][T19577] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2356.204505][T18964] Bluetooth: hci10: command tx timeout [ 2356.511029][T18964] Bluetooth: hci9: command tx timeout [ 2356.550804][T19577] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2356.617172][T19577] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2356.686332][T19619] chnl_net:caif_netlink_parms(): no params data found [ 2357.926873][T19619] bridge0: port 1(bridge_slave_0) entered blocking state [ 2357.944383][T19619] bridge0: port 1(bridge_slave_0) entered disabled state [ 2357.991412][T19619] bridge_slave_0: entered allmulticast mode [ 2358.016274][T19619] bridge_slave_0: entered promiscuous mode [ 2358.058343][T19619] bridge0: port 2(bridge_slave_1) entered blocking state [ 2358.066865][T19619] bridge0: port 2(bridge_slave_1) entered disabled state [ 2358.074244][T19619] bridge_slave_1: entered allmulticast mode [ 2358.091725][T19619] bridge_slave_1: entered promiscuous mode [ 2358.286302][T18964] Bluetooth: hci10: command tx timeout [ 2358.486993][T19619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2359.320795][T19656] netlink: 'syz.2.2350': attribute type 4 has an invalid length. [ 2359.328746][T19656] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2350'. [ 2359.452840][T19619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2359.628806][T19619] team0: Port device team_slave_0 added [ 2359.675450][T19619] team0: Port device team_slave_1 added [ 2360.083638][T19619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2360.113721][T19619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2360.388940][T18964] Bluetooth: hci10: command tx timeout [ 2360.436924][T19619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2360.526741][T19619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2360.557844][T19619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2360.773780][T19619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2360.902350][T19577] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2362.446051][T16691] Bluetooth: hci10: command tx timeout [ 2362.487647][T19577] 8021q: adding VLAN 0 to HW filter on device team0 [ 2362.523411][T19619] hsr_slave_0: entered promiscuous mode [ 2362.613453][T19619] hsr_slave_1: entered promiscuous mode [ 2362.661803][T19619] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2362.669903][T19619] Cannot create hsr debugfs directory [ 2363.246767][ T5458] bridge0: port 1(bridge_slave_0) entered blocking state [ 2363.254009][ T5458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2363.705951][T19681] netlink: 'syz.3.2356': attribute type 4 has an invalid length. [ 2363.714023][T19681] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2356'. [ 2363.998650][T19577] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2364.025294][T19577] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2364.059305][ T1053] bridge0: port 2(bridge_slave_1) entered blocking state [ 2364.066578][ T1053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2364.145830][ T6806] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 2364.295866][ T6806] usb 4-1: Using ep0 maxpacket: 8 [ 2364.341747][ T6806] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 2364.344306][T19619] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2364.355812][ T6806] usb 4-1: config 0 has no interface number 0 [ 2365.223288][T19619] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2365.225774][ T6806] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2365.243728][ T6806] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 2365.253321][ T6806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2365.295838][ T6806] usb 4-1: config 0 descriptor?? [ 2365.337619][ T6806] iowarrior 4-1:0.1: no interrupt-in endpoint found [ 2365.597284][T16446] usb 4-1: USB disconnect, device number 23 [ 2365.759005][T19619] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2366.474549][T19577] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2366.608444][T19619] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2366.793055][ T29] audit: type=1400 audit(1728400395.342:397): avc: denied { write } for pid=19702 comm="syz.2.2361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 2366.885929][T19577] veth0_vlan: entered promiscuous mode [ 2366.932439][T19577] veth1_vlan: entered promiscuous mode [ 2367.275235][T19619] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2367.290704][T19619] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2368.228459][T19577] veth0_macvtap: entered promiscuous mode [ 2368.236963][T19619] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2368.348095][T19619] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2368.384203][T19577] veth1_macvtap: entered promiscuous mode [ 2368.568765][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2368.615906][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2368.664398][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2368.728538][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2368.750215][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2368.775824][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2368.977221][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.048220][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.475813][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.512459][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.545306][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.569356][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.595303][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.618020][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.638696][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.661125][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.671151][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2369.683922][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.697339][T19577] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2369.707773][T19720] netlink: 'syz.3.2364': attribute type 4 has an invalid length. [ 2369.715745][T19720] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2364'. [ 2369.725305][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2369.793824][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.804141][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2369.815119][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.825538][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2369.864718][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.892219][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2369.906769][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.916939][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2369.927817][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2369.938255][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2370.928274][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2370.952978][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2371.235932][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2371.265037][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2371.279527][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2371.428121][T19577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2371.473566][T19577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2371.515443][T19577] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2372.079579][T19577] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2372.249976][T19577] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2372.632335][T19577] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2372.641682][T19577] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2372.657453][T19740] netlink: 'syz.2.2368': attribute type 4 has an invalid length. [ 2372.665343][T19740] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2368'. [ 2373.031485][T19619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2373.066148][ T5458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2373.079485][ T5458] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2373.450013][T19619] 8021q: adding VLAN 0 to HW filter on device team0 [ 2373.719603][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2373.733088][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2373.738423][ T6612] bridge0: port 1(bridge_slave_0) entered blocking state [ 2373.747714][ T6612] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2373.804408][ T6612] bridge0: port 2(bridge_slave_1) entered blocking state [ 2373.811663][ T6612] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2375.065720][T19619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2377.270742][T19619] veth0_vlan: entered promiscuous mode [ 2377.310429][T19619] veth1_vlan: entered promiscuous mode [ 2377.393215][T19619] veth0_macvtap: entered promiscuous mode [ 2377.403510][T19619] veth1_macvtap: entered promiscuous mode [ 2377.421640][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.432323][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.442482][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.453095][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.463841][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.474957][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.484937][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.496362][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.507244][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.517941][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.527891][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.538538][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.548499][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.559724][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.570365][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.580967][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.590929][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.601757][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.611833][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2377.622384][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.634163][T19619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2377.644440][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.655387][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.666220][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.677310][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.688393][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.703929][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.714068][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.724671][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.734680][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.745356][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.755383][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.766811][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.778038][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.788868][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.798796][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.809317][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.819493][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.831053][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.841118][T19619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2377.852077][T19619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2377.863920][T19619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2377.888166][T19802] can0: slcan on ptm0. [ 2377.924323][T19619] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2377.933590][T19619] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2377.942687][T19619] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2377.952053][T19619] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2378.164442][ T6612] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2378.228186][ T6612] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2380.956430][ T6612] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2380.964706][ T6612] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2381.026124][T19800] can0 (unregistered): slcan off ptm0. [ 2384.455288][T19868] netlink: 'syz.1.2392': attribute type 4 has an invalid length. [ 2384.463273][T19868] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2392'. [ 2386.151174][T19876] can0: slcan on ptm0. [ 2386.439312][ T6806] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 2386.875847][ T6806] usb 2-1: Using ep0 maxpacket: 8 [ 2386.900994][ T6806] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2386.942301][ T6806] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 2387.035818][ T6806] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 2387.046932][T19872] can0 (unregistered): slcan off ptm0. [ 2387.344545][T19889] netlink: 'syz.3.2396': attribute type 4 has an invalid length. [ 2387.352493][T19889] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2396'. [ 2387.997992][ T6806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2388.384674][ T6806] usb 2-1: config 0 descriptor?? [ 2388.404702][ T6806] usb 2-1: can't set config #0, error -71 [ 2388.437041][ T6806] usb 2-1: USB disconnect, device number 31 [ 2388.810057][T11614] Bluetooth: hci3: command 0x0406 tx timeout [ 2388.817327][T11614] Bluetooth: hci2: command 0x0406 tx timeout [ 2394.231653][T16691] Bluetooth: hci1: command 0x0406 tx timeout [ 2395.350426][T19953] can0: slcan on ptm0. [ 2396.095811][T16446] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 2396.866928][T19943] can0 (unregistered): slcan off ptm0. [ 2397.145860][T16446] usb 2-1: Using ep0 maxpacket: 8 [ 2397.162419][T16446] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2397.185867][T16446] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 2397.245325][T16446] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2398.840912][T16446] usb 2-1: config 0 descriptor?? [ 2399.084012][T16691] Bluetooth: hci4: command 0x0406 tx timeout [ 2399.512149][T16446] usb 2-1: can't set config #0, error -71 [ 2399.519796][T16446] usb 2-1: USB disconnect, device number 32 [ 2401.595551][T19993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2418'. [ 2407.241344][T20025] netlink: 'syz.3.2426': attribute type 4 has an invalid length. [ 2407.249433][T20025] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2426'. [ 2407.516880][T20026] can0: slcan on ptm0. [ 2408.386744][T20013] can0 (unregistered): slcan off ptm0. [ 2408.456025][T17121] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 2409.046044][T17121] usb 4-1: Using ep0 maxpacket: 8 [ 2409.062533][T17121] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2409.125854][T17121] usb 4-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 2409.175778][T17121] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2409.297596][T17121] usb 4-1: config 0 descriptor?? [ 2409.360555][T17121] hso 4-1:0.0: Not our interface [ 2409.926119][ T5285] usb 4-1: USB disconnect, device number 24 [ 2410.092981][T20055] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2432'. [ 2410.296811][ T30] INFO: task syz.4.2219:18948 blocked for more than 143 seconds. [ 2410.304783][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2410.316959][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2410.446248][ T30] task:syz.4.2219 state:D stack:27424 pid:18948 tgid:18923 ppid:16060 flags:0x00004002 [ 2410.456669][ T30] Call Trace: [ 2410.460009][ T30] [ 2410.463546][ T30] __schedule+0xef5/0x5750 [ 2410.468293][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 2410.473769][ T30] ? __pfx___schedule+0x10/0x10 [ 2410.478768][ T30] ? schedule+0x298/0x350 [ 2410.483325][ T30] ? __pfx_lock_release+0x10/0x10 [ 2410.488556][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 2410.493938][ T30] ? lock_acquire+0x2f/0xb0 [ 2410.499243][ T30] ? schedule+0x1fd/0x350 [ 2410.503757][ T30] schedule+0xe7/0x350 [ 2410.507993][ T30] schedule_preempt_disabled+0x13/0x30 [ 2410.513568][ T30] __mutex_lock+0x5b8/0x9c0 [ 2410.518383][ T30] ? remove_inode_hugepages+0x30a/0xeb0 [ 2410.524368][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 2410.529726][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2410.536506][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 2410.541885][ T30] ? remove_inode_hugepages+0x30a/0xeb0 [ 2410.548297][ T30] remove_inode_hugepages+0x30a/0xeb0 [ 2410.553868][ T30] ? __lock_acquire+0x163e/0x3ce0 [ 2410.559166][ T30] ? __pfx_remove_inode_hugepages+0x10/0x10 [ 2410.565272][ T30] ? lock_acquire+0x2f/0xb0 [ 2410.570050][ T30] ? __pfx_hugetlbfs_evict_inode+0x10/0x10 [ 2410.576114][ T30] hugetlbfs_evict_inode+0x22/0x70 [ 2410.581310][ T30] evict+0x409/0x970 [ 2410.585274][ T30] ? __pfx_evict+0x10/0x10 [ 2410.589907][ T30] iput+0x530/0x890 [ 2410.593792][ T30] dentry_unlink_inode+0x29c/0x480 [ 2410.599160][ T30] __dentry_kill+0x1d0/0x600 [ 2410.603831][ T30] dput.part.0+0x4b1/0x9b0 [ 2410.608449][ T30] dput+0x1f/0x30 [ 2410.612150][ T30] __fput+0x513/0xb60 [ 2410.616385][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 2410.621681][ T30] task_work_run+0x14e/0x250 [ 2410.626448][ T30] ? __pfx_task_work_run+0x10/0x10 [ 2410.631637][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 2410.637735][ T30] do_exit+0xadd/0x2d70 [ 2410.641978][ T30] ? get_signal+0x8f2/0x2770 [ 2410.647405][ T30] ? __pfx_do_exit+0x10/0x10 [ 2410.652085][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 2410.657240][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2410.665742][ T30] do_group_exit+0xd3/0x2a0 [ 2410.670435][ T30] get_signal+0x25fb/0x2770 [ 2410.675015][ T30] ? __pfx_get_signal+0x10/0x10 [ 2410.680244][ T30] ? __pfx_do_futex+0x10/0x10 [ 2410.685006][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 2410.690751][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2410.698478][ T30] ? rcu_is_watching+0x12/0xc0 [ 2410.703349][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 2410.709418][ T30] do_syscall_64+0xda/0x250 [ 2410.714013][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2410.720294][ T30] RIP: 0033:0x7f433f57dff9 [ 2410.724768][ T30] RSP: 002b:00007f433f3b70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2410.733543][ T30] RAX: fffffffffffffe00 RBX: 00007f433f736138 RCX: 00007f433f57dff9 [ 2410.742340][ T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f433f736138 [ 2410.755673][ T30] RBP: 00007f433f736130 R08: 0000000000000000 R09: 0000000000000000 [ 2410.763710][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f433f73613c [ 2410.788206][ T30] R13: 0000000000000000 R14: 00007fff1594c940 R15: 00007fff1594ca28 [ 2410.796359][ T30] [ 2410.799468][ T30] INFO: task syz.0.2224:18945 blocked for more than 143 seconds. [ 2410.807357][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2410.815072][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2410.823927][ T30] task:syz.0.2224 state:D stack:25824 pid:18945 tgid:18945 ppid:16817 flags:0x00000004 [ 2410.834433][ T30] Call Trace: [ 2410.837811][ T30] [ 2410.842029][ T30] __schedule+0xef5/0x5750 [ 2410.846926][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 2410.872563][ T30] ? __pfx___schedule+0x10/0x10 [ 2410.877566][ T30] ? schedule+0x298/0x350 [ 2410.881952][ T30] ? __pfx_lock_release+0x10/0x10 [ 2410.887118][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 2410.892398][ T30] ? lock_acquire+0x2f/0xb0 [ 2410.897019][ T30] ? schedule+0x1fd/0x350 [ 2410.901461][ T30] schedule+0xe7/0x350 [ 2410.905819][ T30] io_schedule+0xbf/0x130 [ 2410.910218][ T30] folio_wait_bit_common+0x3d8/0x9b0 [ 2410.915569][ T30] ? folio_wait_bit_common+0x13c/0x9b0 [ 2410.921200][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 2410.928094][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 2410.933720][ T30] ? __pfx___might_resched+0x10/0x10 [ 2410.939608][ T30] ? _raw_spin_unlock+0x28/0x50 [ 2410.945966][ T30] ? __vma_reservation_common+0x270/0x740 [ 2410.951777][ T30] __filemap_get_folio+0x6a4/0xaf0 [ 2410.957078][ T30] ? huge_pte_alloc+0x22e/0x3a0 [ 2410.962012][ T30] hugetlb_fault+0x16ff/0x2fa0 [ 2410.966951][ T30] ? __pfx_hugetlb_fault+0x10/0x10 [ 2410.972156][ T30] handle_mm_fault+0x930/0xaa0 [ 2410.977106][ T30] do_user_addr_fault+0x60d/0x13f0 [ 2410.982288][ T30] exc_page_fault+0x5c/0xc0 [ 2410.986975][ T30] asm_exc_page_fault+0x26/0x30 [ 2410.991914][ T30] RIP: 0033:0x7fd234851629 [ 2410.996738][ T30] RSP: 002b:00007ffd146a5690 EFLAGS: 00010246 [ 2411.002879][ T30] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffffff7fffff [ 2411.011264][ T30] RDX: a0310b5cf546156a RSI: 0000000020800000 RDI: 0000555594ebd3c8 [ 2411.019464][ T30] RBP: 00007fd234b37a80 R08: 00007fd234800000 R09: 0000000000000008 [ 2411.027669][ T30] R10: 0000000000000000 R11: 0000000000000003 R12: 00000000002287a9 [ 2411.035784][ T30] R13: 00007ffd146a5790 R14: 0000000000000032 R15: fffffffffffffffe [ 2411.045143][ T30] [ 2411.048491][ T30] INFO: task syz.0.2224:18946 blocked for more than 144 seconds. [ 2411.132510][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2411.140630][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2411.149599][ T30] task:syz.0.2224 state:D stack:26560 pid:18946 tgid:18945 ppid:16817 flags:0x00004006 [ 2411.160803][ T30] Call Trace: [ 2411.164136][ T30] [ 2411.168323][ T30] __schedule+0xef5/0x5750 [ 2411.173707][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 2411.179047][ T30] ? __pfx___schedule+0x10/0x10 [ 2411.184052][ T30] ? schedule+0x298/0x350 [ 2411.188689][ T30] ? __pfx_lock_release+0x10/0x10 [ 2411.193956][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 2411.199316][ T30] ? lock_acquire+0x2f/0xb0 [ 2411.203900][ T30] ? schedule+0x1fd/0x350 [ 2411.213120][ T30] schedule+0xe7/0x350 [ 2411.217535][ T30] schedule_preempt_disabled+0x13/0x30 [ 2411.223064][ T30] __mutex_lock+0x5b8/0x9c0 [ 2411.227888][ T30] ? hugetlb_wp+0x1b4a/0x3320 [ 2411.232635][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 2411.237833][ T30] ? hugetlb_wp+0x1b4a/0x3320 [ 2411.242583][ T30] hugetlb_wp+0x1b4a/0x3320 [ 2411.247407][ T30] ? __pfx_hugetlb_wp+0x10/0x10 [ 2411.253635][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2411.259196][ T30] ? lock_acquire+0x2f/0xb0 [ 2411.263760][ T30] ? hugetlb_fault+0x1141/0x2fa0 [ 2411.268853][ T30] hugetlb_fault+0x2248/0x2fa0 [ 2411.273696][ T30] ? __pfx_hugetlb_fault+0x10/0x10 [ 2411.279016][ T30] ? find_vma+0xc0/0x140 [ 2411.283323][ T30] ? __pfx_find_vma+0x10/0x10 [ 2411.288209][ T30] ? rep_movs_alternative+0x33/0x70 [ 2411.293487][ T30] handle_mm_fault+0x930/0xaa0 [ 2411.298415][ T30] do_user_addr_fault+0x7a3/0x13f0 [ 2411.303628][ T30] exc_page_fault+0x5c/0xc0 [ 2411.308325][ T30] asm_exc_page_fault+0x26/0x30 [ 2411.313273][ T30] RIP: 0010:rep_movs_alternative+0x33/0x70 [ 2411.319284][ T30] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb [ 2411.339286][ T30] RSP: 0018:ffffc9000913fc48 EFLAGS: 00050246 [ 2411.345730][ T30] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008 [ 2411.355113][ T30] RDX: fffff52001227f98 RSI: ffffc9000913fcb8 RDI: 000000002001e588 [ 2411.363360][ T30] RBP: 000000002001e588 R08: 0000000000000000 R09: fffff52001227f97 [ 2411.371472][ T30] R10: ffffc9000913fcbf R11: 0000000000000000 R12: ffffc9000913fcb8 [ 2411.379612][ T30] R13: 000000002001e590 R14: 0000000000000000 R15: 0000000020019680 [ 2411.387741][ T30] _copy_to_user+0xac/0xc0 [ 2411.392236][ T30] msr_read+0x14f/0x250 [ 2411.396556][ T30] ? __pfx_msr_read+0x10/0x10 [ 2411.401310][ T30] ? bpf_lsm_file_permission+0x9/0x10 [ 2411.406861][ T30] ? security_file_permission+0x71/0x210 [ 2411.412572][ T30] ? __pfx_msr_read+0x10/0x10 [ 2411.417418][ T30] vfs_read+0x1ce/0xbd0 [ 2411.421659][ T30] ? __fget_files+0x23a/0x3f0 [ 2411.426535][ T30] ? __pfx_lock_release+0x10/0x10 [ 2411.431621][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 2411.436994][ T30] ? __pfx_vfs_read+0x10/0x10 [ 2411.441752][ T30] ? lock_acquire+0x2f/0xb0 [ 2411.446420][ T30] ? __fget_files+0x40/0x3f0 [ 2411.451087][ T30] ? __fget_files+0x244/0x3f0 [ 2411.456682][ T30] ksys_read+0x12f/0x260 [ 2411.461010][ T30] ? __pfx_ksys_read+0x10/0x10 [ 2411.466509][ T30] do_syscall_64+0xcd/0x250 [ 2411.471093][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2411.477153][ T30] RIP: 0033:0x7fd23497dff9 [ 2411.481641][ T30] RSP: 002b:00007fd2356cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2411.490324][ T30] RAX: ffffffffffffffda RBX: 00007fd234b35f80 RCX: 00007fd23497dff9 [ 2411.498469][ T30] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000004 [ 2411.506598][ T30] RBP: 00007fd2349f0296 R08: 0000000000000000 R09: 0000000000000000 [ 2411.514710][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2411.522825][ T30] R13: 0000000000000000 R14: 00007fd234b35f80 R15: 00007ffd146a5528 [ 2411.531061][ T30] [ 2411.534179][ T30] [ 2411.534179][ T30] Showing all locks held in the system: [ 2411.542148][ T30] 1 lock held by rcu_exp_gp_kthr/19: [ 2411.547631][ T30] 1 lock held by khungtaskd/30: [ 2411.552529][ T30] #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 2411.563296][ T30] 2 locks held by getty/4977: [ 2411.573529][ T30] #0: ffff88814bd090a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 2411.584441][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 2411.594794][ T30] 3 locks held by kworker/1:6/5285: [ 2411.600246][ T30] 3 locks held by kworker/u8:13/5455: [ 2411.605781][ T30] 2 locks held by kworker/u8:20/6612: [ 2411.611212][ T30] 1 lock held by syz.4.2219/18948: [ 2411.616573][ T30] #0: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x30a/0xeb0 [ 2411.628280][ T30] 3 locks held by syz.0.2224/18945: [ 2411.633533][ T30] #0: ffff8880533f6730 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x13e/0x980 [ 2411.644102][ T30] #1: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x307/0x2fa0 [ 2411.655225][ T30] #2: ffff888056f2a4e8 (&resv_map->rw_sema){++++}-{3:3}, at: hugetlb_vma_lock_read+0x105/0x140 [ 2411.666585][ T30] 2 locks held by syz.0.2224/18946: [ 2411.671834][ T30] #0: ffff888043c37398 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x3a9/0x6a0 [ 2411.682688][ T30] #1: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_wp+0x1b4a/0x3320 [ 2411.693616][ T30] 2 locks held by syz.4.2272/19271: [ 2411.699002][ T30] #0: ffff88806b622b68 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x13e/0x980 [ 2411.709565][ T30] #1: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x307/0x2fa0 [ 2411.720580][ T30] 2 locks held by syz.0.2279/19291: [ 2411.726000][ T30] #0: ffff88807e91bb68 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x13e/0x980 [ 2411.726280][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 2411.736504][ T30] #1: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x307/0x2fa0 [ 2411.753878][ T30] 1 lock held by syz-executor/19411: [ 2411.756741][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 2411.759243][ T30] 3 locks held by syz.3.2306/19441: [ 2411.771463][ T30] #0: ffff88801b1ba420 (sb_writers#17){.+.+}-{0:0}, at: __x64_sys_fallocate+0xd9/0x150 [ 2411.782385][ T30] #1: ffff88804b6b0148 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: hugetlbfs_fallocate+0x2b6/0xfc0 [ 2411.793764][ T30] #2: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlbfs_fallocate+0x577/0xfc0 [ 2411.805264][ T30] 2 locks held by syz.1.2316/19483: [ 2411.810874][ T30] #0: ffff88806209ec40 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x13e/0x980 [ 2411.821659][ T30] #1: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x307/0x2fa0 [ 2411.832658][ T30] 3 locks held by syz.4.2325/19543: [ 2411.838038][ T30] #0: ffff88801b1ba420 (sb_writers#17){.+.+}-{0:0}, at: __x64_sys_fallocate+0xd9/0x150 [ 2411.848006][ T30] #1: ffff88806e1f8b68 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: hugetlbfs_fallocate+0x2b6/0xfc0 [ 2411.859379][ T30] #2: ffff888141af2608 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlbfs_fallocate+0x577/0xfc0 [ 2411.871895][ T30] 3 locks held by syz-executor/19619: [ 2411.878392][ T30] #0: ffff88805a428d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 2411.888530][ T30] #1: ffff88805a428078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 2411.898704][ T30] #2: ffffffff90149928 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 2411.909305][ T30] 1 lock held by syz.1.2431/20046: [ 2411.914566][ T30] #0: ffffc90013fd70a8 (&kvm->slots_lock){+.+.}-{3:3}, at: kvm_vm_ioctl+0x150b/0x3de0 [ 2411.924795][ T30] 3 locks held by syz.2.2432/20051: [ 2411.930311][ T30] #0: ffff88806e8f0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 2411.940157][ T30] #1: ffff88806e8f0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 2411.950227][ T30] #2: ffffffff90149928 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 2411.960556][ T30] 1 lock held by rm/20062: [ 2411.965842][ T30] [ 2411.968221][ T30] ============================================= [ 2411.968221][ T30] [ 2411.977539][ T30] NMI backtrace for cpu 0 [ 2411.981933][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2411.992506][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2412.002887][ T30] Call Trace: [ 2412.006211][ T30] [ 2412.009293][ T30] dump_stack_lvl+0x116/0x1f0 [ 2412.014052][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 2412.019057][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2412.025129][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 2412.031186][ T30] watchdog+0xf0c/0x1240 [ 2412.035502][ T30] ? __pfx_watchdog+0x10/0x10 [ 2412.040244][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 2412.045521][ T30] ? __kthread_parkme+0x148/0x220 [ 2412.050622][ T30] ? __pfx_watchdog+0x10/0x10 [ 2412.055345][ T30] kthread+0x2c1/0x3a0 [ 2412.059455][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 2412.064698][ T30] ? __pfx_kthread+0x10/0x10 [ 2412.069334][ T30] ret_from_fork+0x45/0x80 [ 2412.074131][ T30] ? __pfx_kthread+0x10/0x10 [ 2412.078770][ T30] ret_from_fork_asm+0x1a/0x30 [ 2412.083694][ T30] [ 2412.087600][ T30] Sending NMI from CPU 0 to CPUs 1: [ 2412.092873][ C1] NMI backtrace for cpu 1 [ 2412.092892][ C1] CPU: 1 UID: 0 PID: 20031 Comm: syz.3.2430 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2412.092927][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2412.092944][ C1] RIP: 0010:hlock_class+0x1d/0x130 [ 2412.092988][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 48 b8 00 00 00 00 00 fc ff df 53 48 89 fb 48 83 c7 20 48 89 fa 48 c1 ea 03 0f b6 04 02 <84> c0 74 08 3c 03 0f 8e da 00 00 00 0f b7 5b 20 66 81 e3 ff 1f 0f [ 2412.093015][ C1] RSP: 0018:ffffc90012f2f350 EFLAGS: 00000806 [ 2412.093037][ C1] RAX: 0000000000000000 RBX: ffff888027d6e508 RCX: 0000000000000002 [ 2412.093056][ C1] RDX: 1ffff11004fadca5 RSI: ffff888027d6e508 RDI: ffff888027d6e528 [ 2412.093075][ C1] RBP: ffffc90012f2f498 R08: 0000000000000000 R09: 0000000000000006 [ 2412.093093][ C1] R10: ffffffff96e26c47 R11: 0000000000000002 R12: ffff888027d6da00 [ 2412.093111][ C1] R13: 0000000000000200 R14: 0000000000000009 R15: 1ffff920025e5e72 [ 2412.093129][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 2412.093156][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2412.093176][ C1] CR2: 00007fdb6bc653b0 CR3: 000000000df7c000 CR4: 00000000003526f0 [ 2412.093195][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2412.093212][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2412.093230][ C1] Call Trace: [ 2412.093238][ C1] [ 2412.093247][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 2412.093278][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 2412.093326][ C1] ? nmi_handle+0x1a9/0x5c0 [ 2412.093354][ C1] ? hlock_class+0x1d/0x130 [ 2412.093389][ C1] ? default_do_nmi+0x6a/0x160 [ 2412.093431][ C1] ? exc_nmi+0x170/0x1e0 [ 2412.093472][ C1] ? end_repeat_nmi+0xf/0x53 [ 2412.093510][ C1] ? hlock_class+0x1d/0x130 [ 2412.093545][ C1] ? hlock_class+0x1d/0x130 [ 2412.093581][ C1] ? hlock_class+0x1d/0x130 [ 2412.093617][ C1] [ 2412.093625][ C1] [ 2412.093634][ C1] mark_lock+0xb5/0xc60 [ 2412.093661][ C1] ? __pfx_mark_lock+0x10/0x10 [ 2412.093687][ C1] ? hlock_class+0x4e/0x130 [ 2412.093721][ C1] ? __lock_acquire+0x163e/0x3ce0 [ 2412.093754][ C1] __lock_acquire+0x906/0x3ce0 [ 2412.093787][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 2412.093813][ C1] ? __pfx_mark_lock+0x10/0x10 [ 2412.093837][ C1] ? __pfx_lock_release+0x10/0x10 [ 2412.093863][ C1] ? trace_lock_acquire+0x14a/0x1d0 [ 2412.093900][ C1] lock_acquire.part.0+0x11b/0x380 [ 2412.093927][ C1] ? is_bpf_text_address+0x30/0x1a0 [ 2412.093970][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 2412.093998][ C1] ? rcu_is_watching+0x12/0xc0 [ 2412.094032][ C1] ? trace_lock_acquire+0x14a/0x1d0 [ 2412.094067][ C1] ? is_bpf_text_address+0x30/0x1a0 [ 2412.094111][ C1] ? lock_acquire+0x2f/0xb0 [ 2412.094135][ C1] ? is_bpf_text_address+0x30/0x1a0 [ 2412.094177][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 2412.094213][ C1] is_bpf_text_address+0x36/0x1a0 [ 2412.094254][ C1] ? is_bpf_text_address+0x30/0x1a0 [ 2412.094295][ C1] kernel_text_address+0x8d/0x100 [ 2412.094329][ C1] __kernel_text_address+0xd/0x40 [ 2412.094355][ C1] unwind_get_return_address+0x59/0xa0 [ 2412.094386][ C1] arch_stack_walk+0xa7/0x100 [ 2412.094424][ C1] stack_trace_save+0x95/0xd0 [ 2412.094456][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 2412.094494][ C1] save_stack+0x162/0x1f0 [ 2412.094519][ C1] ? __pfx_save_stack+0x10/0x10 [ 2412.094542][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 2412.094569][ C1] ? free_unref_page+0x5f4/0xdc0 [ 2412.094598][ C1] ? vfree+0x17a/0x890 [ 2412.094624][ C1] ? kcov_put+0x2a/0x40 [ 2412.094661][ C1] ? kcov_close+0xd/0x20 [ 2412.094699][ C1] ? __fput+0x3f6/0xb60 [ 2412.094727][ C1] ? task_work_run+0x14e/0x250 [ 2412.094751][ C1] ? do_exit+0xadd/0x2d70 [ 2412.094787][ C1] ? do_group_exit+0xd3/0x2a0 [ 2412.094825][ C1] ? get_signal+0x25fb/0x2770 [ 2412.094855][ C1] ? arch_do_signal_or_restart+0x90/0x7e0 [ 2412.094893][ C1] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 2412.094927][ C1] ? do_syscall_64+0xda/0x250 [ 2412.094960][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2412.094997][ C1] __reset_page_owner+0x8d/0x400 [ 2412.095023][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 2412.095053][ C1] free_unref_page+0x5f4/0xdc0 [ 2412.095086][ C1] vfree+0x17a/0x890 [ 2412.095113][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2412.095145][ C1] ? __pfx_kcov_close+0x10/0x10 [ 2412.095184][ C1] kcov_put+0x2a/0x40 [ 2412.095222][ C1] kcov_close+0xd/0x20 [ 2412.095259][ C1] __fput+0x3f6/0xb60 [ 2412.095289][ C1] ? cleanup_mnt+0x266/0x450 [ 2412.095329][ C1] task_work_run+0x14e/0x250 [ 2412.095354][ C1] ? __pfx_task_work_run+0x10/0x10 [ 2412.095384][ C1] do_exit+0xadd/0x2d70 [ 2412.095422][ C1] ? get_signal+0x8f2/0x2770 [ 2412.095453][ C1] ? __pfx_do_exit+0x10/0x10 [ 2412.095490][ C1] ? do_raw_spin_lock+0x12d/0x2c0 [ 2412.095521][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2412.095557][ C1] do_group_exit+0xd3/0x2a0 [ 2412.095596][ C1] get_signal+0x25fb/0x2770 [ 2412.095635][ C1] ? hrtimer_nanosleep+0x176/0x370 [ 2412.095670][ C1] ? __pfx_get_signal+0x10/0x10 [ 2412.095708][ C1] ? __pfx_do_futex+0x10/0x10 [ 2412.095748][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 2412.095792][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2412.095840][ C1] ? rcu_is_watching+0x12/0xc0 [ 2412.095883][ C1] syscall_exit_to_user_mode+0x150/0x2a0 [ 2412.095926][ C1] do_syscall_64+0xda/0x250 [ 2412.095969][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2412.096008][ C1] RIP: 0033:0x7fc71557dff9 [ 2412.096033][ C1] Code: Unable to access opcode bytes at 0x7fc71557dfcf. [ 2412.096048][ C1] RSP: 002b:00007fc7162ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2412.096078][ C1] RAX: fffffffffffffe00 RBX: 00007fc715735f88 RCX: 00007fc71557dff9 [ 2412.096101][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc715735f88 [ 2412.096122][ C1] RBP: 00007fc715735f80 R08: 0000000000000000 R09: 0000000000000000 [ 2412.096144][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc715735f8c [ 2412.096165][ C1] R13: 0000000000000000 R14: 00007ffed59e9370 R15: 00007ffed59e9458 [ 2412.096196][ C1] [ 2412.096392][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 2412.096413][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 2412.096455][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2412.096476][ T30] Call Trace: [ 2412.096488][ T30] [ 2412.096503][ T30] dump_stack_lvl+0x3d/0x1f0 [ 2412.096567][ T30] panic+0x71d/0x800 [ 2412.096620][ T30] ? __pfx_panic+0x10/0x10 [ 2412.096671][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 2412.096715][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2412.096770][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 2412.096811][ T30] ? watchdog+0xd76/0x1240 [ 2412.096843][ T30] ? watchdog+0xd69/0x1240 [ 2412.096884][ T30] watchdog+0xd87/0x1240 [ 2412.096924][ T30] ? __pfx_watchdog+0x10/0x10 [ 2412.096957][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 2412.097004][ T30] ? __kthread_parkme+0x148/0x220 [ 2412.097052][ T30] ? __pfx_watchdog+0x10/0x10 [ 2412.097087][ T30] kthread+0x2c1/0x3a0 [ 2412.097129][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 2412.097169][ T30] ? __pfx_kthread+0x10/0x10 [ 2412.097215][ T30] ret_from_fork+0x45/0x80 [ 2412.097248][ T30] ? __pfx_kthread+0x10/0x10 [ 2412.097294][ T30] ret_from_fork_asm+0x1a/0x30 [ 2412.097362][ T30] [ 2412.832682][ T30] Kernel Offset: disabled [ 2412.837032][ T30] Rebooting in 86400 seconds..