last executing test programs: 48.389718714s ago: executing program 0 (id=17): r0 = io_uring_setup(0xbbc, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x0, 0x15a}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) io_uring_enter(r0, 0x100000, 0x2, 0xf, &(0x7f0000000000), 0x18) 47.614966118s ago: executing program 0 (id=18): unshare(0xc020680) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r0, 0x0, 0x0, 0x4}, 0x20) 40.072118526s ago: executing program 0 (id=23): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xd}, &(0x7f00000000c0)=0x8) 39.601266416s ago: executing program 0 (id=25): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000200)={0x9, 0x0, 0xfffffff9, 0x5}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc1105511, &(0x7f0000000040)={0x9, 0x0, 0x40, 0x10000, 'syz1\x00', 0x4000000}) 39.223960705s ago: executing program 0 (id=26): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x14, 0x3, "840011000000000002000f116b61979e"}, @NFTA_MATCH_NAME={0x9, 0x1, 'l2tp\x00'}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 34.019646387s ago: executing program 1 (id=36): r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x2dd}, &(0x7f0000000100)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r0, 0x81, &(0x7f00000003c0), 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 33.25942839s ago: executing program 1 (id=37): r0 = syz_open_procfs(0x0, &(0x7f0000000400)='fd\x00') getdents(r0, &(0x7f0000000000)=""/39, 0x27) getdents(r0, 0xffffffffffffffff, 0x5a) 33.259248008s ago: executing program 1 (id=38): r0 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000040), 0x4) 33.198323859s ago: executing program 1 (id=39): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) 32.172087261s ago: executing program 1 (id=40): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000008000120000000800060002000000080009000000000018000180140002007665746830"], 0x3c}}, 0x0) 30.07870576s ago: executing program 0 (id=42): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000500940c03080002", 0x24) 28.225549049s ago: executing program 1 (id=43): r0 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0) 28.223020754s ago: executing program 3 (id=45): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x3c, r0, 0x1, 0x0, 0x0, {0x54}, [{{@nsim={{0xe, 0x2}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0) 28.222829102s ago: executing program 3 (id=46): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc1105511, &(0x7f0000000040)={0x3, 0x3, 0x4000ffff, 0xfff, 'syz1\x00', 0x2}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0xc1105511, &(0x7f0000000040)) 28.222178215s ago: executing program 3 (id=47): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x3, @empty}}, 0x1e) 24.498263498s ago: executing program 3 (id=48): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000001}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x48, 0x5a, 0x1, 0x40000, 0x0, {0x2}, [{0x34, 0x1, [@m_gact={0x30, 0x20, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000804}, 0x2004e080) 24.142668657s ago: executing program 3 (id=49): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x19, 0x4, 0x8, 0x8}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 14.714782461s ago: executing program 3 (id=50): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) 14.622191881s ago: executing program 32 (id=42): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000500940c03080002", 0x24) 14.453820928s ago: executing program 33 (id=43): r0 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0) 0s ago: executing program 34 (id=50): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.66' (ED25519) to the list of known hosts. [ 78.080337][ T5822] cgroup: Unknown subsys name 'net' [ 78.333504][ T5822] cgroup: Unknown subsys name 'cpuset' [ 78.389170][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 80.003656][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 82.854589][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.886878][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.902612][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.903819][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.903920][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.906316][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.907703][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.918023][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.920858][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 82.920949][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.923589][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.924262][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.926188][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.927138][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.930782][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.938938][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.940236][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.959829][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.985416][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.001171][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.003533][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.008100][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.009983][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.050544][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.058829][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.925595][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 83.946928][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 84.002497][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 84.225669][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 84.351010][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 84.981351][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.982396][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.982728][ T5833] bridge_slave_0: entered allmulticast mode [ 84.984308][ T5833] bridge_slave_0: entered promiscuous mode [ 85.022368][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.022506][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.022732][ T5847] bridge_slave_0: entered allmulticast mode [ 85.024912][ T5847] bridge_slave_0: entered promiscuous mode [ 85.040222][ T5848] Bluetooth: hci1: command tx timeout [ 85.040356][ T5848] Bluetooth: hci0: command tx timeout [ 85.040605][ T5839] Bluetooth: hci2: command tx timeout [ 85.102751][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.102889][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.103408][ T5833] bridge_slave_1: entered allmulticast mode [ 85.106054][ T5833] bridge_slave_1: entered promiscuous mode [ 85.118953][ T5850] Bluetooth: hci4: command tx timeout [ 85.119114][ T5839] Bluetooth: hci3: command tx timeout [ 85.131541][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.131678][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.131884][ T5847] bridge_slave_1: entered allmulticast mode [ 85.137465][ T5847] bridge_slave_1: entered promiscuous mode [ 85.138937][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.139064][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.139532][ T5836] bridge_slave_0: entered allmulticast mode [ 85.142175][ T5836] bridge_slave_0: entered promiscuous mode [ 85.430976][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.431116][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.431292][ T5836] bridge_slave_1: entered allmulticast mode [ 85.434048][ T5836] bridge_slave_1: entered promiscuous mode [ 85.895037][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.895281][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.895474][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.895662][ T5832] bridge_slave_0: entered allmulticast mode [ 85.897346][ T5832] bridge_slave_0: entered promiscuous mode [ 85.906016][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.971588][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.971729][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.971910][ T5834] bridge_slave_0: entered allmulticast mode [ 85.974672][ T5834] bridge_slave_0: entered promiscuous mode [ 85.984490][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.984940][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.985085][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.985597][ T5832] bridge_slave_1: entered allmulticast mode [ 85.988116][ T5832] bridge_slave_1: entered promiscuous mode [ 85.994233][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.000338][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.000725][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.002056][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.002225][ T5834] bridge_slave_1: entered allmulticast mode [ 86.004907][ T5834] bridge_slave_1: entered promiscuous mode [ 86.429513][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.804729][ T31] cfg80211: failed to load regulatory.db [ 86.883470][ T5833] team0: Port device team_slave_0 added [ 86.887556][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.895769][ T5847] team0: Port device team_slave_0 added [ 86.987275][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.000033][ T5833] team0: Port device team_slave_1 added [ 87.002775][ T5847] team0: Port device team_slave_1 added [ 87.006792][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.010443][ T5836] team0: Port device team_slave_0 added [ 87.038542][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.118908][ T5850] Bluetooth: hci0: command tx timeout [ 87.118946][ T5850] Bluetooth: hci1: command tx timeout [ 87.119072][ T5839] Bluetooth: hci2: command tx timeout [ 87.198785][ T5848] Bluetooth: hci4: command tx timeout [ 87.198873][ T5839] Bluetooth: hci3: command tx timeout [ 87.268180][ T5836] team0: Port device team_slave_1 added [ 87.852213][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.852230][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.852253][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.855391][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.855406][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.855448][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.859889][ T5832] team0: Port device team_slave_0 added [ 88.023415][ T5834] team0: Port device team_slave_0 added [ 88.025735][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.025748][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.025771][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.027383][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.027396][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.027418][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.032570][ T5832] team0: Port device team_slave_1 added [ 88.034396][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.034406][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.034429][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.042651][ T5834] team0: Port device team_slave_1 added [ 88.212687][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.212703][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.212716][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.445507][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.445523][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.445535][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.449668][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.449683][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.449712][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.604201][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.604212][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.604225][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.702157][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.702174][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.702197][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.996362][ T5833] hsr_slave_0: entered promiscuous mode [ 88.997489][ T5833] hsr_slave_1: entered promiscuous mode [ 89.021351][ T5847] hsr_slave_0: entered promiscuous mode [ 89.022744][ T5847] hsr_slave_1: entered promiscuous mode [ 89.023794][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 89.023899][ T5847] Cannot create hsr debugfs directory [ 89.128754][ T5836] hsr_slave_0: entered promiscuous mode [ 89.130088][ T5836] hsr_slave_1: entered promiscuous mode [ 89.131042][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 89.131065][ T5836] Cannot create hsr debugfs directory [ 89.198907][ T5848] Bluetooth: hci1: command tx timeout [ 89.198940][ T5848] Bluetooth: hci0: command tx timeout [ 89.199075][ T5839] Bluetooth: hci2: command tx timeout [ 89.288914][ T5850] Bluetooth: hci4: command tx timeout [ 89.289004][ T5839] Bluetooth: hci3: command tx timeout [ 89.619024][ T5832] hsr_slave_0: entered promiscuous mode [ 89.620370][ T5832] hsr_slave_1: entered promiscuous mode [ 89.621247][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 89.621269][ T5832] Cannot create hsr debugfs directory [ 89.650686][ T5834] hsr_slave_0: entered promiscuous mode [ 89.652052][ T5834] hsr_slave_1: entered promiscuous mode [ 89.658286][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 89.658310][ T5834] Cannot create hsr debugfs directory [ 91.278853][ T5850] Bluetooth: hci0: command tx timeout [ 91.278880][ T5850] Bluetooth: hci1: command tx timeout [ 91.278927][ T5839] Bluetooth: hci2: command tx timeout [ 91.316733][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.359429][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.368858][ T5848] Bluetooth: hci4: command tx timeout [ 91.368904][ T5839] Bluetooth: hci3: command tx timeout [ 91.406846][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.458471][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.602495][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.636318][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.683454][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.734053][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.886101][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.938713][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.987968][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.034116][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.199491][ T5847] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 92.241188][ T5847] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 92.271752][ T5847] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 92.329536][ T5847] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 92.474234][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.511873][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.554675][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.607186][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.654517][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.711670][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.731470][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.786913][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.787373][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.846865][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.847219][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.872431][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.915765][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.916015][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.958080][ T2868] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.959268][ T2868] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.995659][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.127390][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.157619][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.178308][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.178437][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.248315][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.248470][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.361716][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.446554][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.453188][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.458836][ T3565] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.539673][ T3565] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.539829][ T3565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.657550][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.714861][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.715673][ T3565] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.777191][ T3565] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.777330][ T3565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.878869][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.967773][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.182273][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.261783][ T5833] veth0_vlan: entered promiscuous mode [ 94.330975][ T5836] veth0_vlan: entered promiscuous mode [ 94.333141][ T5833] veth1_vlan: entered promiscuous mode [ 94.416823][ T5836] veth1_vlan: entered promiscuous mode [ 94.544242][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.564401][ T5832] veth0_vlan: entered promiscuous mode [ 94.630394][ T5833] veth0_macvtap: entered promiscuous mode [ 94.635829][ T5836] veth0_macvtap: entered promiscuous mode [ 94.637321][ T5832] veth1_vlan: entered promiscuous mode [ 94.670526][ T5833] veth1_macvtap: entered promiscuous mode [ 94.674188][ T5836] veth1_macvtap: entered promiscuous mode [ 94.705384][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.823038][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.825788][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.872409][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.896412][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.979199][ T5847] veth0_vlan: entered promiscuous mode [ 94.984447][ T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.018029][ T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.031341][ T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.044383][ T5832] veth0_macvtap: entered promiscuous mode [ 95.051707][ T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.084600][ T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.101477][ T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.106696][ T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.107919][ T5832] veth1_macvtap: entered promiscuous mode [ 95.160655][ T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.161400][ T5847] veth1_vlan: entered promiscuous mode [ 95.451946][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.500849][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.580506][ T43] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.588516][ T43] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.614793][ T3565] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.614817][ T3565] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.650245][ T43] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.675867][ T43] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.714861][ T5847] veth0_macvtap: entered promiscuous mode [ 95.726900][ T1306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.726918][ T1306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.794561][ T5834] veth0_vlan: entered promiscuous mode [ 95.821402][ T5847] veth1_macvtap: entered promiscuous mode [ 95.892103][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.892123][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.964746][ T5834] veth1_vlan: entered promiscuous mode [ 96.031134][ T2868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.031153][ T2868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.104640][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.186232][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.208840][ T2868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.208859][ T2868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.304233][ T1306] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.322087][ T1306] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.405265][ T1306] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.417716][ T1306] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.531941][ T5834] veth0_macvtap: entered promiscuous mode [ 96.634155][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.634175][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.664566][ T5834] veth1_macvtap: entered promiscuous mode [ 96.884663][ T5968] syz.0.10 (5968) used greatest stack depth: 18968 bytes left [ 97.016646][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.037299][ T3565] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.037319][ T3565] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.085088][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.191285][ T67] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.287670][ T67] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.308802][ T43] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.377602][ T43] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.308166][ T1306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.308185][ T1306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.999135][ T1808] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 103.168862][ T1808] usb 4-1: Using ep0 maxpacket: 16 [ 103.178118][ T1808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.178167][ T1808] usb 4-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 103.178189][ T1808] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.242699][ T1808] usb 4-1: config 0 descriptor?? [ 103.823477][ T1808] waltop 0003:172F:0501.0001: unknown main item tag 0x0 [ 103.823517][ T1808] waltop 0003:172F:0501.0001: unknown main item tag 0x0 [ 103.823543][ T1808] waltop 0003:172F:0501.0001: unknown main item tag 0x0 [ 103.823567][ T1808] waltop 0003:172F:0501.0001: unknown main item tag 0x0 [ 103.823591][ T1808] waltop 0003:172F:0501.0001: unknown main item tag 0x0 [ 103.898834][ T1808] waltop 0003:172F:0501.0001: hidraw0: USB HID v0.08 Device [HID 172f:0501] on usb-dummy_hcd.3-1/input0 [ 104.042073][ T1808] usb 4-1: USB disconnect, device number 2 [ 104.235375][ T5997] fido_id[5997]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 104.958843][ T1808] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 105.108763][ T1808] usb 4-1: Using ep0 maxpacket: 32 [ 105.111469][ T1808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.111504][ T1808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.111541][ T1808] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 105.111563][ T1808] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.197017][ T1808] usb 4-1: config 0 descriptor?? [ 105.235254][ T1808] hub 4-1:0.0: USB hub found [ 105.438130][ T1808] hub 4-1:0.0: config failed, can't read hub descriptor (err -90) [ 105.678085][ T1808] usbhid 4-1:0.0: can't add hid device: -71 [ 105.678209][ T1808] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 105.732090][ T1808] usb 4-1: USB disconnect, device number 3 [ 107.378434][ T6015] xt_l2tp: v2 tid > 0xffff: 1114244 [ 110.051551][ T6011] vxcan1: entered allmulticast mode [ 112.645314][ T6034] netlink: 'syz.1.35': attribute type 11 has an invalid length. [ 113.778698][ T37] audit: type=1326 audit(1758846222.776:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6042 comm="syz.1.39" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f0183c05d67 code=0x0 [ 119.588596][ C0] sched: DL replenish lagged too much [ 122.255087][ T6069] netlink: 'syz.3.48': attribute type 1 has an invalid length. [ 132.899785][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.899882][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.554843][ T5848] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 133.567989][ T5848] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 133.575994][ T5848] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 133.577254][ T5848] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 133.578769][ T5848] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 133.766340][ T5848] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 133.781616][ T5848] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 133.782579][ T5848] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 133.784163][ T5848] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 133.784998][ T5848] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 135.678846][ T5848] Bluetooth: hci5: command tx timeout [ 135.918963][ T5848] Bluetooth: hci6: command tx timeout [ 137.759129][ T5848] Bluetooth: hci5: command tx timeout [ 137.998984][ T5848] Bluetooth: hci6: command tx timeout [ 139.845153][ T5848] Bluetooth: hci5: command tx timeout [ 140.078932][ T5848] Bluetooth: hci6: command tx timeout [ 141.928792][ T5848] Bluetooth: hci5: command tx timeout [ 142.158835][ T5848] Bluetooth: hci6: command tx timeout [ 144.561832][ T5839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 144.567336][ T5839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 144.568235][ T5839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 144.591206][ T5839] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 144.598937][ T5839] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 144.764500][ T5848] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 144.778276][ T5848] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 144.786870][ T5848] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 144.798840][ T5848] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 144.804821][ T5848] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 146.718895][ T5848] Bluetooth: hci7: command tx timeout [ 146.878897][ T5848] Bluetooth: hci8: command tx timeout [ 147.740249][ T5839] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 147.745652][ T5839] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 147.747178][ T5839] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 147.780178][ T5839] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 147.783544][ T5839] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 148.798730][ T5848] Bluetooth: hci7: command tx timeout [ 148.958849][ T5848] Bluetooth: hci8: command tx timeout [ 149.838899][ T5848] Bluetooth: hci9: command tx timeout [ 150.889188][ T5848] Bluetooth: hci7: command tx timeout [ 151.038820][ T5848] Bluetooth: hci8: command tx timeout [ 151.919019][ T5848] Bluetooth: hci9: command tx timeout [ 152.958882][ T5848] Bluetooth: hci7: command tx timeout [ 153.128731][ T5848] Bluetooth: hci8: command tx timeout [ 153.999150][ T5848] Bluetooth: hci9: command tx timeout [ 156.086326][ T5848] Bluetooth: hci9: command tx timeout [ 193.260245][ T5839] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 193.277975][ T5839] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 193.297340][ T5839] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 193.306500][ T5839] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 193.307868][ T5839] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 193.975708][ T5848] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 193.991139][ T5848] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 193.992287][ T5848] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 193.993809][ T5848] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 193.994723][ T5848] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 194.346583][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.346675][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.441835][ T5848] Bluetooth: hci10: command tx timeout [ 196.078940][ T5848] Bluetooth: hci11: command tx timeout [ 197.518877][ T5848] Bluetooth: hci10: command tx timeout [ 198.158981][ T5848] Bluetooth: hci11: command tx timeout [ 199.598894][ T5848] Bluetooth: hci10: command tx timeout [ 200.238909][ T5848] Bluetooth: hci11: command tx timeout [ 201.678911][ T5848] Bluetooth: hci10: command tx timeout [ 202.328831][ T5848] Bluetooth: hci11: command tx timeout [ 204.503599][ T5839] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 204.506342][ T5839] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 204.507281][ T5839] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 204.520358][ T5839] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 204.542169][ T5839] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 205.771851][ T5837] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 205.881531][ T5837] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 205.883932][ T5837] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 205.908048][ T5837] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 205.919071][ T5837] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 206.649359][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 206.649398][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 208.216430][ T5837] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 208.233253][ T5837] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 208.234260][ T5837] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 208.256516][ T5837] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 208.257625][ T5837] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 215.600334][ T6109] chnl_net:caif_netlink_parms(): no params data found [ 215.838301][ T6122] chnl_net:caif_netlink_parms(): no params data found [ 222.532653][ T6115] chnl_net:caif_netlink_parms(): no params data found [ 222.709154][ T6119] chnl_net:caif_netlink_parms(): no params data found [ 222.809825][ T6111] chnl_net:caif_netlink_parms(): no params data found [ 224.569225][ T5839] Bluetooth: hci13: command tx timeout [ 224.569489][ T5839] Bluetooth: hci12: command tx timeout [ 226.639304][ T5154] Bluetooth: hci12: command tx timeout [ 226.639335][ T5154] Bluetooth: hci13: command tx timeout [ 228.719083][ T5839] Bluetooth: hci13: command tx timeout [ 228.719113][ T5839] Bluetooth: hci12: command tx timeout [ 230.799298][ T5154] Bluetooth: hci12: command tx timeout [ 230.799329][ T5154] Bluetooth: hci13: command tx timeout [ 234.221865][ T5837] Bluetooth: hci14: command tx timeout [ 236.240873][ T5837] Bluetooth: hci14: command tx timeout [ 238.318886][ T5837] Bluetooth: hci14: command tx timeout [ 240.402401][ T5837] Bluetooth: hci14: command tx timeout [ 253.317976][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 253.342544][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 253.343521][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 253.344687][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 253.345803][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 254.789653][ T5154] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 254.791801][ T5154] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 254.792951][ T5154] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 254.794096][ T5154] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 254.794859][ T5154] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 255.790833][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.790918][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.810400][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 264.816111][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 264.817039][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 264.818198][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 264.853931][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 265.210396][ T5848] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 265.216325][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 265.242847][ T5848] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 265.245156][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 265.245959][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 269.383279][ T5843] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 269.399161][ T5843] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 269.400429][ T5843] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 269.401739][ T5843] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 269.405801][ T5843] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 282.640823][ T38] INFO: task kworker/u8:6:1008 blocked for more than 143 seconds. [ 282.640851][ T38] Not tainted syzkaller #0 [ 282.640861][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 282.640870][ T38] task:kworker/u8:6 state:D stack:22216 pid:1008 tgid:1008 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 282.641096][ T38] Workqueue: events_unbound bpf_map_free_deferred [ 282.641137][ T38] Call Trace: [ 282.641166][ T38] [ 282.641181][ T38] __schedule+0x16f3/0x4c20 [ 282.641229][ T38] ? validate_chain+0x897/0x2140 [ 282.641264][ T38] ? __lock_acquire+0xab9/0xd20 [ 282.641286][ T38] ? __pfx___schedule+0x10/0x10 [ 282.641326][ T38] ? schedule+0x91/0x360 [ 282.641352][ T38] schedule+0x165/0x360 [ 282.641377][ T38] schedule_timeout+0x9a/0x270 [ 282.641400][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 282.641432][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 282.641456][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 282.641477][ T38] ? wait_for_completion+0x267/0x5d0 [ 282.641503][ T38] wait_for_completion+0x2bf/0x5d0 [ 282.641540][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 282.641571][ T38] ? __init_swait_queue_head+0xa9/0x150 [ 282.641597][ T38] rcu_barrier+0x463/0x570 [ 282.641626][ T38] dev_map_free+0x11f/0x6a0 [ 282.641659][ T38] bpf_map_free_deferred+0x110/0x140 [ 282.641678][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 282.641701][ T38] process_scheduled_works+0xade/0x17b0 [ 282.641752][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 282.641792][ T38] worker_thread+0x8a0/0xda0 [ 282.641817][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 282.641850][ T38] ? __kthread_parkme+0x7b/0x200 [ 282.641883][ T38] kthread+0x70e/0x8a0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 282.641910][ T38] ? __pfx_worker_thread+0x10/0x10 [ 282.641930][ T38] ? __pfx_kthread+0x10/0x10 [ 282.641974][ T38] ? __pfx_kthread+0x10/0x10 [ 282.641999][ T38] ret_from_fork+0x436/0x7d0 [ 282.642024][ T38] ? __pfx[ 282.642024][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 282.642052][ T38] ? __switch_to_asm+0x39/0x70 [ 282.642068][ T38] ? __switch_to_asm+0x33/0x70 [ 282.642084][ T38] ? __pfx_kthread+0x10/0x10 [ 282.642108][ T38] ret_from_fork_asm+0x1a/0x30 [ 282.642143][ T38] [ 282.642279][ T38] [ 282.642279][ T38] Showing all locks held in the system: [ 282.642288][ T38] 8 locks held by ktimers/0/16: [ 282.642300][ T38] 2 locks held by rcuc/0/20: [ 282.642311][ T38] 1 lock held by khungtaskd/38: [ 282.642321][ T38] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 282.642366][ T38] 3 locks held by kworker/u8:3/57: [ 282.642376][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.642421][ T38] #1: ffffc9000123fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.642465][ T38] #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 282.642507][ T38] 3 locks held by kworker/u8:4/67: [ 282.642518][ T38] #0: ffff88814cb7c938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.642562][ T38] #1: ffffc9000152fbc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.642606][ T38] #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x119/0x15a0 [ 282.642652][ T38] 3 locks held by kworker/1:2/991: [ 282.642663][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.642706][ T38] #1: ffffc90004897bc0 (reg_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.642749][ T38] #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: reg_todo+0x1c/0x8c0 [ 282.642788][ T38] 3 locks held by kworker/u8:6/1008: [ 282.642798][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.642842][ T38] #1: ffffc9000485fbc0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.642886][ T38] #2: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 282.642929][ T38] 3 locks held by kworker/u8:7/1306: [ 282.642950][ T38] 4 locks held by kworker/u9:1/5154: [ 282.642959][ T38] #0: ffff888037637138 ((wq_completion)hci3#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.643008][ T38] #1: ffffc900100d7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.643052][ T38] #2: ffff88803bb940a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 282.643097][ T38] #3: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 282.643141][ T38] 2 locks held by getty/5591: [ 282.643151][ T38] #0: ffff88823bf340a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 282.643197][ T38] #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 282.643248][ T38] 1 lock held by syz-executor/5834: [ 282.643258][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 282.643304][ T38] 4 locks held by kworker/u9:2/5837: [ 282.643314][ T38] #0: ffff8880828d9138 ((wq_completion)hci1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.643362][ T38] #1: ffffc90004a77bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.643406][ T38] #2: ffff88808330c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 282.643449][ T38] #3: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 282.643493][ T38] 4 locks held by kworker/u9:3/5839: [ 282.643503][ T38] #0: ffff888063016938 ((wq_completion)hci2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.643551][ T38] #1: ffffc90004ad7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.643595][ T38] #2: ffff88804ecc40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 282.643637][ T38] #3: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 282.643681][ T38] 4 locks held by kworker/u9:5/5843: [ 282.643691][ T38] #0: ffff88806007d138 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.643739][ T38] #1: ffffc90004b77bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.643783][ T38] #2: ffff8880527180a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 282.643826][ T38] #3: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 282.643870][ T38] 1 lock held by syz-executor/5847: [ 282.643879][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 282.643924][ T38] 4 locks held by kworker/u9:8/5850: [ 282.643934][ T38] #0: ffff88807c5c3138 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 282.643979][ T38] #1: ffffc90004bd7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 282.644023][ T38] #2: ffff888063bb00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 282.644066][ T38] #3: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 282.644113][ T38] 2 locks held by kworker/0:9/5994: [ 282.644123][ T38] 1 lock held by syz.1.43/6050: [ 282.644133][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 282.644178][ T38] 1 lock held by syz.0.42/6051: [ 282.644187][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 282.644237][ T38] 1 lock held by syz.3.50/6076: [ 282.644247][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 282.644288][ T38] 3 locks held by syz-executor/6079: [ 282.644297][ T38] #0: ffff88805cbece80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.644340][ T38] #1: ffff88805cbec0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.644386][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.644427][ T38] 3 locks held by syz-executor/6082: [ 282.644438][ T38] #0: ffff8880388e8e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.644480][ T38] #1: ffff8880388e80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.644524][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.644566][ T38] 3 locks held by syz-executor/6086: [ 282.644576][ T38] #0: ffff8880354c8e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.644619][ T38] #1: ffff8880354c80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.644664][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.644705][ T38] 4 locks held by syz-executor/6089: [ 282.644715][ T38] #0: ffff888026a7ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.644758][ T38] #1: ffff888026a7c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.644803][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.644844][ T38] #3: ffff888063099b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 282.644887][ T38] 3 locks held by syz-executor/6094: [ 282.644897][ T38] #0: ffff888060b10e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.644939][ T38] #1: ffff888060b100a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.644983][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.645025][ T38] 2 locks held by syz-executor/6109: [ 282.645035][ T38] #0: ffffffff8e43b9e0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 282.645086][ T38] #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 282.645129][ T38] 3 locks held by syz-executor/6111: [ 282.645139][ T38] #0: ffff888081618e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 282.645182][ T38] #1: ffff8880816180a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 282.645232][ T38] #2: ffffffff8ee3b3d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 282.645272][ T38] 2 locks held by syz-executor/6115: [ 282.645282][ T38] #0: ffffffff8f1d7ce8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 282.645332][ T38] #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 282.645376][ T38] 2 locks held by syz-executor/6119: [ 282.645386][ T38] #0: ffffffff8e448be0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 282.645435][ T38] #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 282.645479][ T38] 2 locks held by syz-executor/6122: [ 282.645489][ T38] #0: ffffffff8f1d7ce8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 282.645545][ T38] #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 282.645590][ T38] 1 lock held by syz-executor/6163: [ 282.645600][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 282.645642][ T38] 1 lock held by syz-executor/6166: [ 282.645651][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 282.645693][ T38] 1 lock held by syz-executor/6171: [ 282.645703][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 282.645744][ T38] 1 lock held by syz-executor/6174: [ 282.645754][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 282.645796][ T38] 1 lock held by syz-executor/6178: [ 282.645806][ T38] #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 282.645847][ T38] [ 282.645852][ T38] ============================================= [ 282.645852][ T38] [ 282.645870][ T38] NMI backtrace for cpu 1 [ 282.645897][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 282.645944][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 282.645962][ T38] Call Trace: [ 282.645969][ T38] [ 282.645976][ T38] dump_stack_lvl+0x189/0x250 [ 282.646008][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.646030][ T38] ? __pfx__printk+0x10/0x10 [ 282.646061][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 282.646085][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 282.646108][ T38] ? __pfx__printk+0x10/0x10 [ 282.646131][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 282.646154][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 282.646178][ T38] watchdog+0xf93/0xfe0 [ 282.646211][ T38] ? watchdog+0x1de/0xfe0 [ 282.646237][ T38] kthread+0x70e/0x8a0 [ 282.646262][ T38] ? __pfx_watchdog+0x10/0x10 [ 282.646282][ T38] ? __pfx_kthread+0x10/0x10 [ 282.646310][ T38] ? __pfx_kthread+0x10/0x10 [ 282.646334][ T38] ret_from_fork+0x436/0x7d0 [ 282.646357][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 282.646384][ T38] ? __switch_to_asm+0x39/0x70 [ 282.646399][ T38] ? __switch_to_asm+0x33/0x70 [ 282.646414][ T38] ? __pfx_kthread+0x10/0x10 [ 282.646438][ T38] ret_from_fork_asm+0x1a/0x30 [ 282.646470][ T38] [ 282.646477][ T38] Sending NMI from CPU 1 to CPUs 0: [ 282.646507][ C0] NMI backtrace for cpu 0 [ 282.646520][ C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 282.646537][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 282.646546][ C0] RIP: 0010:check_preemption_disabled+0x49/0x120 [ 282.646564][ C0] Code: 8b 0d fb f4 fe 06 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d db f4 fe 06 48 3b 4c 24 08 0f 85 cc 00 00 00 48 83 c4 10 5b 41 5e 41 5f <5d> e9 41 95 03 00 cc 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 [ 282.646575][ C0] RSP: 0018:ffffc90000156668 EFLAGS: 00000286 [ 282.646588][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 65b3ad9dccba8b00 [ 282.646599][ C0] RDX: 0000000000000000 RSI: ffffffff8b621660 RDI: ffffffff8b621620 [ 282.646609][ C0] RBP: ffffffff8172c165 R08: 0000000000000000 R09: 0000000000000000 [ 282.646619][ C0] R10: ffffc90000156858 R11: ffffffff81aaf450 R12: 0000000000000002 [ 282.646629][ C0] R13: ffffffff8d9a8d80 R14: 0000000000000000 R15: 0000000000000000 [ 282.646638][ C0] FS: 0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000 [ 282.646651][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.646661][ C0] CR2: 00007f0a14f76048 CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 282.646675][ C0] Call Trace: [ 282.646681][ C0] [ 282.646686][ C0] ? unwind_next_frame+0xa5/0x2390 [ 282.646703][ C0] rcu_is_watching+0x15/0xb0 [ 282.646723][ C0] lock_acquire+0x5f/0x360 [ 282.646743][ C0] ? unwind_next_frame+0xa5/0x2390 [ 282.646760][ C0] ? NF_HOOK+0x206/0x3a0 [ 282.646777][ C0] ? unwind_next_frame+0xa5/0x2390 [ 282.646794][ C0] unwind_next_frame+0xc2/0x2390 [ 282.646810][ C0] ? unwind_next_frame+0xa5/0x2390 [ 282.646830][ C0] ? unwind_next_frame+0xa5/0x2390 [ 282.646847][ C0] ? nf_hook_slow+0xc5/0x220 [ 282.646867][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 282.646883][ C0] arch_stack_walk+0x11c/0x150 [ 282.646903][ C0] ? NF_HOOK+0x206/0x3a0 [ 282.646922][ C0] stack_trace_save+0x9c/0xe0 [ 282.646936][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 282.646950][ C0] ? do_raw_spin_lock+0x121/0x290 [ 282.646979][ C0] kasan_save_track+0x3e/0x80 [ 282.646994][ C0] ? kasan_save_track+0x3e/0x80 [ 282.647008][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 282.647023][ C0] ? kmem_cache_alloc_noprof+0x143/0x310 [ 282.647040][ C0] ? fill_pool+0x100/0x570 [ 282.647056][ C0] ? debug_objects_fill_pool+0x107/0x120 [ 282.647072][ C0] ? debug_object_activate+0x6c/0x3a0 [ 282.647088][ C0] ? call_rcu+0xaa/0x9c0 [ 282.647100][ C0] ? skb_release_head_state+0x71/0x250 [ 282.647119][ C0] ? consume_skb+0x60/0xf0 [ 282.647139][ C0] ? nft_synproxy_eval_v4+0x376/0x560 [ 282.647154][ C0] ? nft_synproxy_do_eval+0x345/0x570 [ 282.647167][ C0] ? nft_do_chain+0x409/0x1920 [ 282.647181][ C0] ? nft_do_chain_inet+0x25d/0x340 [ 282.647194][ C0] ? nf_hook_slow+0xc5/0x220 [ 282.647210][ C0] ? NF_HOOK+0x206/0x3a0 [ 282.647245][ C0] ? fill_pool+0x100/0x570 [ 282.647262][ C0] __kasan_slab_alloc+0x6c/0x80 [ 282.647278][ C0] ? fill_pool+0x100/0x570 [ 282.647294][ C0] kmem_cache_alloc_noprof+0x143/0x310 [ 282.647313][ C0] fill_pool+0x100/0x570 [ 282.647331][ C0] ? debug_objects_fill_pool+0xdf/0x120 [ 282.647348][ C0] ? __pfx_fill_pool+0x10/0x10 [ 282.647368][ C0] ? debug_objects_fill_pool+0xdf/0x120 [ 282.647384][ C0] ? debug_objects_fill_pool+0xdf/0x120 [ 282.647401][ C0] debug_objects_fill_pool+0x107/0x120 [ 282.647418][ C0] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 282.647440][ C0] debug_object_activate+0x6c/0x3a0 [ 282.647460][ C0] ? __pfx_dst_destroy_rcu+0x10/0x10 [ 282.647475][ C0] call_rcu+0xaa/0x9c0 [ 282.647493][ C0] ? rcuref_put+0x1b7/0x210 [ 282.647507][ C0] ? __pfx_call_rcu+0x10/0x10 [ 282.647520][ C0] ? percpu_counter_add_batch+0xea/0x1e0 [ 282.647540][ C0] ? dst_release+0x126/0x1b0 [ 282.647555][ C0] skb_release_head_state+0x71/0x250 [ 282.647575][ C0] consume_skb+0x60/0xf0 [ 282.647593][ C0] nft_synproxy_eval_v4+0x376/0x560 [ 282.647611][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 282.647627][ C0] ? nf_ip_checksum+0x13c/0x510 [ 282.647644][ C0] nft_synproxy_do_eval+0x345/0x570 [ 282.647662][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 282.647677][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 282.647700][ C0] nft_do_chain+0x409/0x1920 [ 282.647722][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 282.647750][ C0] ? try_to_take_rt_mutex+0x840/0xb00 [ 282.647771][ C0] nft_do_chain_inet+0x25d/0x340 [ 282.647785][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 282.647799][ C0] ? __lock_acquire+0xab9/0xd20 [ 282.647820][ C0] ? NF_HOOK+0x9a/0x3a0 [ 282.647837][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 282.647852][ C0] nf_hook_slow+0xc5/0x220 [ 282.647872][ C0] NF_HOOK+0x206/0x3a0 [ 282.647890][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 282.647907][ C0] ? NF_HOOK+0x9a/0x3a0 [ 282.647923][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 282.647939][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 282.647964][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 282.647982][ C0] ? skb_dst+0x4f/0xd0 [ 282.647999][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 282.648017][ C0] NF_HOOK+0x309/0x3a0 [ 282.648035][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 282.648051][ C0] ? NF_HOOK+0x9a/0x3a0 [ 282.648067][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 282.648085][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 282.648107][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 282.648123][ C0] __netif_receive_skb+0x143/0x380 [ 282.648140][ C0] ? rt_spin_unlock+0x65/0x80 [ 282.648158][ C0] ? process_backlog+0x27b/0x900 [ 282.648174][ C0] process_backlog+0x31e/0x900 [ 282.648197][ C0] __napi_poll+0xb6/0x540 [ 282.648215][ C0] net_rx_action+0x707/0xe00 [ 282.648241][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 282.648274][ C0] handle_softirqs+0x22f/0x710 [ 282.648295][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 282.648317][ C0] run_ktimerd+0xcf/0x190 [ 282.648334][ C0] ? __pfx_run_ktimerd+0x10/0x10 [ 282.648356][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 282.648371][ C0] smpboot_thread_fn+0x53f/0xa60 [ 282.648388][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 282.648408][ C0] kthread+0x70e/0x8a0 [ 282.648427][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 282.648443][ C0] ? __pfx_kthread+0x10/0x10 [ 282.648463][ C0] ? __pfx_kthread+0x10/0x10 [ 282.648482][ C0] ret_from_fork+0x436/0x7d0 [ 282.648499][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 282.648519][ C0] ? __switch_to_asm+0x39/0x70 [ 282.648532][ C0] ? __switch_to_asm+0x33/0x70 [ 282.648544][ C0] ? __pfx_kthread+0x10/0x10 [ 282.648563][ C0] ret_from_fork_asm+0x1a/0x30 [ 282.648586][ C0] [ 282.891009][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 282.891030][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 282.891051][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 282.891061][ T38] Call Trace: [ 282.891069][ T38] [ 282.891077][ T38] dump_stack_lvl+0x99/0x250 [ 282.891106][ T38] ? __asan_memcpy+0x40/0x70 [ 282.891125][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.891148][ T38] ? __pfx__printk+0x10/0x10 [ 282.891180][ T38] vpanic+0x281/0x750 [ 282.891205][ T38] ? __pfx_vpanic+0x10/0x10 [ 282.891225][ T38] ? irqentry_exit+0x74/0x90 [ 282.891247][ T38] ? preempt_schedule+0xae/0xc0 [ 282.891271][ T38] ? preempt_schedule_common+0x83/0xd0 [ 282.891300][ T38] panic+0xb9/0xc0 [ 282.891322][ T38] ? __pfx_panic+0x10/0x10 [ 282.891346][ T38] ? preempt_schedule_thunk+0x16/0x30 [ 282.891372][ T38] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 282.891395][ T38] watchdog+0xfd2/0xfe0 [ 282.891422][ T38] ? watchdog+0x1de/0xfe0 [ 282.891448][ T38] kthread+0x70e/0x8a0 [ 282.891475][ T38] ? __pfx_watchdog+0x10/0x10 [ 282.891495][ T38] ? __pfx_kthread+0x10/0x10 [ 282.891523][ T38] ? __pfx_kthread+0x10/0x10 [ 282.891546][ T38] ret_from_fork+0x436/0x7d0 [ 282.891570][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 282.891597][ T38] ? __switch_to_asm+0x39/0x70 [ 282.891612][ T38] ? __switch_to_asm+0x33/0x70 [ 282.891627][ T38] ? __pfx_kthread+0x10/0x10 [ 282.891651][ T38] ret_from_fork_asm+0x1a/0x30 [ 282.891683][ T38] [ 282.891949][ T38] Kernel Offset: disabled