last executing test programs: 2m4.800276851s ago: executing program 0 (id=181): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10) 2m4.700320949s ago: executing program 0 (id=183): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@bridge_delneigh={0x1c, 0x1c, 0xc07, 0x2000, 0x0, {0x2, 0x0, 0x0, 0x0, 0x10, 0xb0}}, 0x1c}}, 0x20024090) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 2m4.515286254s ago: executing program 0 (id=184): r0 = socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r2}, 0xe) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x2}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x80000000}]}}}]}, 0x44}}, 0x0) 2m3.657071434s ago: executing program 0 (id=191): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = dup(r1) io_setup(0x19, &(0x7f00000009c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, r2}]) 2m3.450345921s ago: executing program 0 (id=194): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x0, 0x4d032, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) r1 = socket$netlink(0x10, 0x3, 0x15) write(r1, &(0x7f0000000b80)="2f00000014000f3f00000000120f0a0011000000009a67ec53f737bf1739078682ee6e8d06e500000000638c7b9916", 0x2f) 2m3.328816651s ago: executing program 0 (id=196): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16) 1m58.493627765s ago: executing program 3 (id=232): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x8, 0x0, 0x0, 0x0, 0x8, 0x1001a}}, 0x1c}}, 0x0) r0 = io_uring_setup(0x4, &(0x7f0000000040)={0x0, 0x36e, 0xc000, 0xb, 0x20002f7}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xe) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1m58.382585665s ago: executing program 3 (id=234): r0 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r3 = syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xb08e, 0x80, 0x1, 0x34d}, &(0x7f00000001c0), &(0x7f00000003c0)) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x28, 0x0, @fd, 0xc000000, 0x0, 0x0, 0xd, 0x0, {0x0, r4}}) io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0) 1m58.238390566s ago: executing program 3 (id=236): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000180)={0x0, @in={{0x2, 0x0, @private=0xa010100}}, 0x6}, 0x90) 1m57.309339092s ago: executing program 3 (id=247): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000080)=0x4716, 0x3) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) 1m57.194019231s ago: executing program 3 (id=249): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 1m56.308412334s ago: executing program 3 (id=255): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000100)="a92e81d0991808e33c2330164cf023df", 0xfffffc81}], 0x1, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001) recvmmsg(r1, &(0x7f0000004a40)=[{{0x0, 0x0, &(0x7f0000004640)=[{&(0x7f0000004300)=""/158, 0x9e}, {&(0x7f0000000fc0)=""/49, 0x31}], 0x2}, 0x7}], 0x1, 0xc1, 0x0) 1m48.197841335s ago: executing program 32 (id=196): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16) 1m42.769325888s ago: executing program 2 (id=379): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x8001, 0x1) r3 = eventfd(0x5) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x1, 0x0, 0x0, r3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x25a, 0x0, 0x0, r2, 0x5}) 1m42.62650559s ago: executing program 2 (id=381): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000100)={{@my=0x0}, 0x0, 0x1}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000140)={0x3ff, 0x4, 0xff, 0x8, 0x7489, 0x3}) 1m42.528070047s ago: executing program 2 (id=382): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='tlb_flush\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000800000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) 1m42.425858586s ago: executing program 2 (id=383): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x46}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6=r2}]}}}]}, 0x38}, 0x1, 0xba01}, 0x0) close_range(r2, r2, 0x0) 1m42.316618345s ago: executing program 2 (id=384): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x8}}}]}]}]}}]}, 0x50}}, 0x0) 1m42.111698831s ago: executing program 2 (id=385): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff]}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 1m41.042771908s ago: executing program 33 (id=255): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000100)="a92e81d0991808e33c2330164cf023df", 0xfffffc81}], 0x1, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001) recvmmsg(r1, &(0x7f0000004a40)=[{{0x0, 0x0, &(0x7f0000004640)=[{&(0x7f0000004300)=""/158, 0x9e}, {&(0x7f0000000fc0)=""/49, 0x31}], 0x2}, 0x7}], 0x1, 0xc1, 0x0) 1m26.638397183s ago: executing program 34 (id=385): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff]}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 525.740877ms ago: executing program 1 (id=900): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r0, &(0x7f0000000300)="f7b920e49a48d1", 0x7) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=[0x1, 0x7], 0x0, 0x0, 0x2}}, 0x40) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0) 489.97884ms ago: executing program 1 (id=901): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="12"], 0x48) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000000)=0xfffffff8, 0x4) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, 0x0, &(0x7f0000000040)) 417.278936ms ago: executing program 1 (id=902): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x85}, &(0x7f0000000400)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r0], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0, 0x0, 0x8}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 416.801546ms ago: executing program 1 (id=903): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000000c0)={r0, 0x800, {0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a7ddf8a69ea917ded5ba193b3e7772fd29f35239d2", "530bf65043114b2e53000006000000000010e200", [0x1000000000]}}) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38) 81.633693ms ago: executing program 1 (id=904): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 0s ago: executing program 1 (id=905): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, r2}, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.68' (ED25519) to the list of known hosts. [ 65.384117][ T5770] cgroup: Unknown subsys name 'net' [ 65.515900][ T5770] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.865591][ T5770] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.871847][ T5791] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.876469][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.887462][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.890627][ T5792] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.894906][ T5796] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.903595][ T5792] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.910456][ T5794] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.917624][ T5792] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.930802][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.931996][ T5792] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.938122][ T5794] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.946655][ T5792] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.953744][ T5794] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.960889][ T5792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.967194][ T5794] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.975159][ T5792] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.987612][ T5794] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.988505][ T5792] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.995103][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.003124][ T5792] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.009424][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.017424][ T5792] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.023354][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.030896][ T5792] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.524228][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 69.537681][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 69.634631][ T5779] chnl_net:caif_netlink_parms(): no params data found [ 69.680974][ T5781] chnl_net:caif_netlink_parms(): no params data found [ 69.754789][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.762860][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.771128][ T5780] bridge_slave_0: entered allmulticast mode [ 69.778510][ T5780] bridge_slave_0: entered promiscuous mode [ 69.803720][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.811592][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.818927][ T5782] bridge_slave_0: entered allmulticast mode [ 69.825602][ T5782] bridge_slave_0: entered promiscuous mode [ 69.833303][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.840551][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.847712][ T5782] bridge_slave_1: entered allmulticast mode [ 69.854602][ T5782] bridge_slave_1: entered promiscuous mode [ 69.862000][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.869257][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.876404][ T5780] bridge_slave_1: entered allmulticast mode [ 69.883317][ T5780] bridge_slave_1: entered promiscuous mode [ 69.972564][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.979945][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.987245][ T5779] bridge_slave_0: entered allmulticast mode [ 69.994630][ T5779] bridge_slave_0: entered promiscuous mode [ 70.006145][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.018104][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.030466][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.042488][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.058566][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.066460][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.073961][ T5779] bridge_slave_1: entered allmulticast mode [ 70.081557][ T5779] bridge_slave_1: entered promiscuous mode [ 70.108280][ T5781] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.115641][ T5781] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.123135][ T5781] bridge_slave_0: entered allmulticast mode [ 70.130538][ T5781] bridge_slave_0: entered promiscuous mode [ 70.172950][ T5780] team0: Port device team_slave_0 added [ 70.180909][ T5781] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.188049][ T5781] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.195356][ T5781] bridge_slave_1: entered allmulticast mode [ 70.203288][ T5781] bridge_slave_1: entered promiscuous mode [ 70.237704][ T5782] team0: Port device team_slave_0 added [ 70.246990][ T5782] team0: Port device team_slave_1 added [ 70.255250][ T5780] team0: Port device team_slave_1 added [ 70.293001][ T5781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.304835][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.326136][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.333393][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.360090][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.373891][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.380978][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.406937][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.419882][ T5781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.442417][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.503916][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.511205][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.537987][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.550750][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.557765][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.583795][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.598888][ T5779] team0: Port device team_slave_0 added [ 70.606668][ T5779] team0: Port device team_slave_1 added [ 70.616587][ T5781] team0: Port device team_slave_0 added [ 70.626854][ T5781] team0: Port device team_slave_1 added [ 70.723770][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.731058][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.757532][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.770470][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.777427][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.803907][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.818364][ T5780] hsr_slave_0: entered promiscuous mode [ 70.825306][ T5780] hsr_slave_1: entered promiscuous mode [ 70.833014][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.840211][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.866608][ T5781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.899539][ T5782] hsr_slave_0: entered promiscuous mode [ 70.905753][ T5782] hsr_slave_1: entered promiscuous mode [ 70.912713][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.921289][ T5782] Cannot create hsr debugfs directory [ 70.941446][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.948423][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.975012][ T5781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.070190][ T5788] Bluetooth: hci0: command tx timeout [ 71.070202][ T50] Bluetooth: hci2: command tx timeout [ 71.071968][ T5779] hsr_slave_0: entered promiscuous mode [ 71.076032][ T5792] Bluetooth: hci1: command tx timeout [ 71.093279][ T5779] hsr_slave_1: entered promiscuous mode [ 71.101765][ T5779] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.109779][ T5779] Cannot create hsr debugfs directory [ 71.125947][ T5781] hsr_slave_0: entered promiscuous mode [ 71.132340][ T5781] hsr_slave_1: entered promiscuous mode [ 71.138606][ T5781] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.146505][ T5781] Cannot create hsr debugfs directory [ 71.152115][ T5792] Bluetooth: hci3: command tx timeout [ 71.489454][ T5780] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.502419][ T5780] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.512818][ T5780] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.523729][ T5780] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.587131][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.607164][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.622860][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.635815][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.642373][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.656151][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.739241][ T5779] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.750694][ T5779] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.761363][ T5779] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.788016][ T5779] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.862691][ T5781] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.873343][ T5781] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.883061][ T5781] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.901365][ T5781] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.931433][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.982649][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.018505][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.036540][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.054303][ T3540] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.061612][ T3540] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.109018][ T3469] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.116184][ T3469] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.126263][ T3469] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.133397][ T3469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.145543][ T3469] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.152739][ T3469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.252219][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.275921][ T5782] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.311500][ T5781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.332516][ T5779] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.381673][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.389144][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.404076][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.411280][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.422300][ T5781] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.465912][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.473136][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.488403][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.495598][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.773572][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.795116][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.890876][ T5782] veth0_vlan: entered promiscuous mode [ 72.954733][ T5782] veth1_vlan: entered promiscuous mode [ 73.027781][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.037216][ T5780] veth0_vlan: entered promiscuous mode [ 73.046851][ T5781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.080590][ T5780] veth1_vlan: entered promiscuous mode [ 73.087524][ T5782] veth0_macvtap: entered promiscuous mode [ 73.103737][ T5782] veth1_macvtap: entered promiscuous mode [ 73.150744][ T5788] Bluetooth: hci1: command tx timeout [ 73.150757][ T50] Bluetooth: hci0: command tx timeout [ 73.156224][ T5792] Bluetooth: hci2: command tx timeout [ 73.177486][ T5779] veth0_vlan: entered promiscuous mode [ 73.190916][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.202547][ T5779] veth1_vlan: entered promiscuous mode [ 73.226249][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.243321][ T5792] Bluetooth: hci3: command tx timeout [ 73.252602][ T5780] veth0_macvtap: entered promiscuous mode [ 73.271039][ T5780] veth1_macvtap: entered promiscuous mode [ 73.280035][ T5782] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.292402][ T5782] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.302302][ T5782] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.311614][ T5782] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.351206][ T5781] veth0_vlan: entered promiscuous mode [ 73.362288][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.374755][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.386986][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.402465][ T5779] veth0_macvtap: entered promiscuous mode [ 73.419043][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.429712][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.442204][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.452249][ T5779] veth1_macvtap: entered promiscuous mode [ 73.474548][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.485272][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.496982][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.507590][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.518505][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.532833][ T5780] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.542100][ T5780] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.552603][ T5780] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.561630][ T5780] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.588791][ T5781] veth1_vlan: entered promiscuous mode [ 73.603436][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.614002][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.624390][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.637300][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.649251][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.661171][ T5779] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.670113][ T5779] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.679038][ T5779] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.687836][ T5779] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.747369][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.757657][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.839482][ T5781] veth0_macvtap: entered promiscuous mode [ 73.851824][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.853533][ T5781] veth1_macvtap: entered promiscuous mode [ 73.865548][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.885581][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.899706][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.978363][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.993964][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.005102][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.016213][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.026304][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.038376][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.053731][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.072513][ T134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.081535][ T134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.093113][ T134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.118606][ T134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.127298][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.144522][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.179654][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.191667][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.202050][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.214113][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.226313][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.247978][ T5781] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.256942][ T5781] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.267472][ T5781] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.277477][ T5781] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.312176][ T3483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.330978][ T3483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.539118][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.546989][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.685104][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.732119][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.196837][ T5901] syz.1.11[5901]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 75.230406][ T5792] Bluetooth: hci2: command tx timeout [ 75.235868][ T5792] Bluetooth: hci0: command tx timeout [ 75.245515][ T5792] Bluetooth: hci1: command tx timeout [ 75.248419][ T5901] loop1: detected capacity change from 0 to 2048 [ 75.305844][ T5901] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 75.315543][ T5792] Bluetooth: hci3: command tx timeout [ 75.749634][ T5908] veth0_to_bridge: entered promiscuous mode [ 75.800440][ T5904] veth0_to_bridge: left promiscuous mode [ 75.887675][ T5911] input: syz0 as /devices/virtual/input/input5 [ 75.927518][ T5914] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17'. [ 76.065004][ T5918] Illegal XDP return value 4294967274 on prog (id 7) dev N/A, expect packet loss! [ 76.105179][ T5919] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17'. [ 76.207289][ T5919] nbd: device at index 64 is going down [ 76.383159][ T5798] udevd[5798]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 76.445915][ T5798] udevd[5798]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 77.309045][ T50] Bluetooth: hci0: command tx timeout [ 77.311652][ T5788] Bluetooth: hci2: command tx timeout [ 77.314831][ T5792] Bluetooth: hci1: command tx timeout [ 77.389434][ T5792] Bluetooth: hci3: command tx timeout [ 78.022893][ T5962] loop0: detected capacity change from 0 to 4096 [ 78.153572][ T5966] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 78.171357][ T5962] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 78.236656][ T5962] NILFS (loop0): mounting fs with errors [ 78.260946][ T5157] udevd[5157]: worker [5793] terminated by signal 33 (Unknown signal 33) [ 78.277790][ T5157] udevd[5157]: worker [5793] failed while handling '/devices/virtual/block/loop1' [ 78.316584][ T5157] udevd[5157]: worker [5798] terminated by signal 33 (Unknown signal 33) [ 78.337186][ T5969] warning: `syz.2.38' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 78.356320][ T5157] udevd[5157]: worker [5798] failed while handling '/devices/virtual/block/loop0' [ 78.527696][ T5971] loop1: detected capacity change from 0 to 4096 [ 78.629144][ T5975] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 78.755926][ T5971] NILFS error (device loop1): nilfs_lookup: deleted inode referenced: 12 [ 78.768452][ T5971] Remounting filesystem read-only [ 78.831780][ T5782] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 78.868896][ T5782] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 78.898104][ T5782] NILFS (loop1): discard dirty block: blocknr=14, size=4096 [ 78.921091][ T5782] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 78.937158][ T5782] NILFS (loop1): discard dirty block: blocknr=23, size=4096 [ 78.959222][ T5782] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 78.972392][ T5782] NILFS (loop1): discard dirty block: blocknr=24, size=4096 [ 78.984905][ T5782] NILFS (loop1): discard dirty page: offset=8192, ino=6 [ 78.992515][ T5782] NILFS (loop1): discard dirty block: blocknr=25, size=4096 [ 79.003600][ T5782] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 79.020690][ T5782] NILFS (loop1): discard dirty block: blocknr=28, size=4096 [ 79.030119][ T5782] NILFS (loop1): discard dirty page: offset=4096, ino=3 [ 79.040284][ T5782] NILFS (loop1): discard dirty block: blocknr=29, size=4096 [ 79.055029][ T5782] NILFS (loop1): discard dirty page: offset=532480, ino=3 [ 79.062661][ T5782] NILFS (loop1): discard dirty block: blocknr=33, size=4096 [ 79.238199][ T5989] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.573402][ T5985] loop3: detected capacity change from 0 to 32768 [ 79.581871][ T5998] loop1: detected capacity change from 0 to 64 [ 79.734328][ T28] audit: type=1800 audit(1754101616.061:2): pid=5998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.49" name="bus" dev="loop1" ino=22 res=0 errno=0 [ 79.739243][ T5998] hfs: request for non-existent node 1573 in B*Tree [ 79.799414][ T5998] hfs: request for non-existent node 1573 in B*Tree [ 79.823258][ T28] audit: type=1800 audit(1754101616.151:3): pid=5985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.44" name="file1" dev="loop3" ino=7 res=0 errno=0 [ 79.879320][ T6001] hfs: request for non-existent node 1573 in B*Tree [ 79.908768][ T6001] hfs: request for non-existent node 1573 in B*Tree [ 80.040909][ T58] hfs: request for non-existent node 1573 in B*Tree [ 80.047683][ T58] hfs: request for non-existent node 1573 in B*Tree [ 80.384584][ T28] audit: type=1326 audit(1754101616.711:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.0.58" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7febf7b8eb69 code=0x0 [ 80.549516][ T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 80.582277][ T6024] loop3: detected capacity change from 0 to 128 [ 80.698411][ T58] kworker/u4:4: attempt to access beyond end of device [ 80.698411][ T58] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 80.768760][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.781373][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.791504][ T8] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 80.802138][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.816713][ T8] usb 3-1: config 0 descriptor?? [ 80.948109][ T6032] loop3: detected capacity change from 0 to 64 [ 80.978740][ T28] audit: type=1800 audit(1754101617.301:5): pid=6032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.62" name="file1" dev="loop3" ino=21 res=0 errno=0 [ 81.292737][ T8] hid-steam 0003:28DE:1142.0001: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0 [ 81.325653][ T6040] input: syz1 as /devices/virtual/input/input6 [ 81.400308][ T8] hid-steam 0003:28DE:1142.0001: Steam wireless receiver connected [ 81.424761][ T8] hid-steam 0003:28DE:1142.0002: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0 [ 81.563512][ T6053] loop1: detected capacity change from 0 to 256 [ 81.874904][ T27] cfg80211: failed to load regulatory.db [ 82.115078][ T8] usb 3-1: USB disconnect, device number 2 [ 82.137901][ T8] hid-steam 0003:28DE:1142.0001: Steam wireless receiver disconnected [ 82.531081][ T6069] netlink: 830 bytes leftover after parsing attributes in process `syz.0.76'. [ 82.873034][ T6081] loop1: detected capacity change from 0 to 512 [ 82.950072][ T6081] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.82: iget: bad i_size value: 38620345925642 [ 82.981513][ T6088] tls_set_device_offload: netdev not found [ 82.991824][ T6081] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.82: couldn't read orphan inode 15 (err -117) [ 83.027449][ T6081] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.037694][ T6089] loop0: detected capacity change from 0 to 1024 [ 83.077024][ T6089] ======================================================= [ 83.077024][ T6089] WARNING: The mand mount option has been deprecated and [ 83.077024][ T6089] and is ignored by this kernel. Remove the mand [ 83.077024][ T6089] option from the mount to silence this warning. [ 83.077024][ T6089] ======================================================= [ 83.138865][ T6089] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 83.205674][ T6081] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.82: bg 0: block 5: invalid block bitmap [ 83.235282][ T6089] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.85: Invalid block bitmap block 0 in block_group 0 [ 83.255359][ T6081] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 36 with max blocks 1 with error 28 [ 83.269147][ T6081] EXT4-fs (loop1): This should not happen!! Data will be lost [ 83.269147][ T6081] [ 83.285356][ T6081] EXT4-fs (loop1): Total free blocks count 0 [ 83.306852][ T6089] Quota error (device loop0): write_blk: dquota write failed [ 83.317352][ T6097] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.328824][ T6081] EXT4-fs (loop1): Free/Dirty block details [ 83.349149][ T6089] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 83.358888][ T6081] EXT4-fs (loop1): free_blocks=0 [ 83.364304][ T6081] EXT4-fs (loop1): dirty_blocks=37 [ 83.369731][ T6081] EXT4-fs (loop1): Block reservation details [ 83.376288][ T6081] EXT4-fs (loop1): i_reserved_data_blocks=37 [ 83.384398][ T6089] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.85: Failed to acquire dquot type 0 [ 83.400130][ T6089] EXT4-fs error (device loop0): ext4_free_blocks:6681: comm syz.0.85: Freeing blocks not in datazone - block = 0, count = 4096 [ 83.457319][ T6089] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.85: Invalid inode bitmap blk 0 in block_group 0 [ 83.473785][ T134] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-7 [ 83.501236][ T6089] EXT4-fs error (device loop0) in ext4_free_inode:363: Corrupt filesystem [ 83.518932][ T134] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:5: Failed to release dquot type 0 [ 83.541053][ T6089] EXT4-fs (loop0): 1 orphan inode deleted [ 83.548078][ T6089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.574257][ T6081] syz.1.82 (6081) used greatest stack depth: 20880 bytes left [ 83.585570][ T58] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 36 with error 28 [ 83.772505][ T6089] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 83.834496][ T6089] syz.0.85 (6089) used greatest stack depth: 20656 bytes left [ 83.939093][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.939955][ T6113] bridge0: entered promiscuous mode [ 83.956457][ T6113] batman_adv: batadv0: Adding interface: macsec1 [ 83.968460][ T6113] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.977339][ T6114] loop3: detected capacity change from 0 to 256 [ 84.019903][ T6114] exfat: Deprecated parameter 'namecase' [ 84.045812][ T6114] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x18d51376, utbl_chksum : 0xe619d30d) [ 84.052702][ T6113] batman_adv: batadv0: Interface activated: macsec1 [ 84.376089][ T28] audit: type=1326 audit(1754101620.701:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.3.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878cf8eb69 code=0x7ffc0000 [ 84.452067][ T28] audit: type=1326 audit(1754101620.701:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.3.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878cf8eb69 code=0x7ffc0000 [ 84.485817][ T28] audit: type=1326 audit(1754101620.741:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.3.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f878cf8eb69 code=0x7ffc0000 [ 84.770326][ T6140] loop3: detected capacity change from 0 to 1024 [ 84.798407][ T6140] EXT4-fs: Ignoring removed nobh option [ 84.817600][ T6140] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 84.903861][ T6140] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.987664][ T6148] netlink: 24 bytes leftover after parsing attributes in process `syz.2.111'. [ 85.159623][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.333076][ T6155] loop2: detected capacity change from 0 to 512 [ 85.357494][ T6158] loop3: detected capacity change from 0 to 512 [ 85.398548][ T6158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.428927][ T6158] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.447407][ T6155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.530302][ T6155] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.767554][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.137252][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.551846][ T6198] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 86.597811][ T6198] syz_tun: entered promiscuous mode [ 86.613662][ T6198] syz_tun: left promiscuous mode [ 86.664717][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 87.058841][ T964] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 87.251936][ T964] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.277541][ T964] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.305815][ T964] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 87.325429][ T964] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.345733][ T964] usb 3-1: config 0 descriptor?? [ 87.624363][ T6232] process 'syz.0.146' launched './file1' with NULL argv: empty string added [ 87.720440][ T6220] loop3: detected capacity change from 0 to 40427 [ 87.786656][ T6220] F2FS-fs (loop3): invalid crc value [ 87.807040][ T6209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 87.828397][ T6209] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 87.886888][ T964] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 87.906964][ T6220] F2FS-fs (loop3): Found nat_bits in checkpoint [ 87.924244][ T964] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 87.952509][ T964] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0003/input/input7 [ 88.079969][ T964] cm6533_jd 0003:0D8C:0022.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 88.114998][ T6220] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 88.140685][ T964] usb 3-1: USB disconnect, device number 3 [ 88.303198][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 88.303213][ T28] audit: type=1800 audit(1754101624.631:10): pid=6220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.142" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 88.327018][ T6245] fido_id[6245]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 88.544738][ T5779] syz-executor: attempt to access beyond end of device [ 88.544738][ T5779] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 88.568100][ T5779] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 88.776733][ T6256] loop1: detected capacity change from 0 to 1024 [ 88.827160][ T6256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.182747][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.647618][ T6280] sctp: [Deprecated]: syz.3.164 (pid 6280) Use of struct sctp_assoc_value in delayed_ack socket option. [ 89.647618][ T6280] Use struct sctp_sack_info instead [ 89.815162][ T6282] Bluetooth: MGMT ver 1.22 [ 89.857629][ T6284] syz.3.167 uses obsolete (PF_INET,SOCK_PACKET) [ 89.993067][ T6288] loop2: detected capacity change from 0 to 4096 [ 90.037025][ T6288] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 90.119263][ T6288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.247116][ T6298] EXT4-fs (loop2): shut down requested (1) [ 90.275485][ T6288] fs-verity: sha512 using implementation "sha512-avx2" [ 90.487452][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.972851][ T6326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.183'. [ 90.989327][ T6326] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 91.008808][ T6326] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (133) [ 91.029345][ T6326] Zero length message leads to an empty skb [ 91.053842][ T6324] loop2: detected capacity change from 0 to 4096 [ 91.083408][ T6324] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 91.201700][ T6324] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 91.761825][ T6328] bridge1: entered promiscuous mode [ 92.071550][ T6348] loop3: detected capacity change from 0 to 128 [ 92.228016][ T6352] netlink: 11 bytes leftover after parsing attributes in process `syz.0.194'. [ 92.906211][ T6367] loop3: detected capacity change from 0 to 32768 [ 92.913036][ T6375] input: syz0 as /devices/virtual/input/input8 [ 92.955635][ T6367] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.199 (6367) [ 93.074663][ T6367] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 93.139192][ T6367] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 93.183607][ T6367] BTRFS info (device loop3): use zlib compression, level 3 [ 93.214882][ T6367] BTRFS info (device loop3): using free space tree [ 93.357639][ T6383] loop2: detected capacity change from 0 to 4096 [ 93.462212][ T6402] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 93.511182][ T6367] BTRFS info (device loop3): enabling ssd optimizations [ 93.547051][ T6367] BTRFS info (device loop3): auto enabling async discard [ 94.140845][ T5779] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 94.649201][ T9] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 94.847078][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 94.868508][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.889246][ T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 94.918556][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.956403][ T9] usb 3-1: config 0 descriptor?? [ 95.271347][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 95.291087][ T9] usbhid: probe of 3-1:0.0 failed with error -71 [ 95.327907][ T9] usb 3-1: USB disconnect, device number 4 [ 95.427149][ T6455] loop3: detected capacity change from 0 to 4096 [ 95.471216][ T6455] NILFS (loop3): invalid segment: Checksum error in segment payload [ 95.499021][ T6455] NILFS (loop3): trying rollback from an earlier position [ 95.542685][ T6455] NILFS (loop3): recovery complete [ 95.561519][ T6460] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 96.059144][ T6471] xt_CT: No such helper "pptp" [ 97.433940][ T6540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.235'. [ 98.104856][ T6567] bridge1: entered promiscuous mode [ 98.161803][ T6569] netlink: 'syz.1.245': attribute type 9 has an invalid length. [ 98.169719][ T6569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 98.182646][ T6569] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.192027][ T6569] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.200859][ T6569] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.209827][ T6569] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.221790][ T6569] netlink: 'syz.1.245': attribute type 9 has an invalid length. [ 98.229728][ T6569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 98.751366][ T5787] libceph: connect (1)[c::]:6789 error -101 [ 98.760290][ T5787] libceph: mon0 (1)[c::]:6789 connect error [ 98.768025][ T5787] libceph: connect (1)[c::]:6789 error -101 [ 98.774161][ T5787] libceph: mon0 (1)[c::]:6789 connect error [ 98.798083][ T5787] libceph: connect (1)[c::]:6789 error -101 [ 98.805228][ T5787] libceph: mon0 (1)[c::]:6789 connect error [ 99.041930][ T5787] libceph: connect (1)[c::]:6789 error -101 [ 99.048052][ T5787] libceph: mon0 (1)[c::]:6789 connect error [ 99.069408][ T5855] libceph: connect (1)[c::]:6789 error -101 [ 99.075460][ T5855] libceph: mon0 (1)[c::]:6789 connect error [ 99.559316][ T27] libceph: connect (1)[c::]:6789 error -101 [ 99.565384][ T27] libceph: mon0 (1)[c::]:6789 connect error [ 99.584718][ T6589] ceph: No mds server is up or the cluster is laggy [ 99.584864][ T6592] ceph: No mds server is up or the cluster is laggy [ 99.593319][ T5787] libceph: connect (1)[c::]:6789 error -101 [ 99.604751][ T5787] libceph: mon0 (1)[c::]:6789 connect error [ 100.348866][ T5787] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 100.532760][ T5787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.544348][ T5787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.554273][ T5787] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 100.563462][ T5787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.577747][ T5787] usb 3-1: config 0 descriptor?? [ 100.896971][ T6613] 9pnet: p9_errstr2errno: server reported unknown error Çpî‘AçÁ›¬ž;KZì44§/@®qæžkøp [ 100.896971][ T6613] éC<+¨ [ 100.997205][ T5787] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 101.023993][ T5787] cp2112 0003:10C4:EA90.0004: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 101.195156][ T5787] cp2112 0003:10C4:EA90.0004: Part Number: 0x00 Device Version: 0x00 [ 101.400583][ T5787] cp2112 0003:10C4:EA90.0004: error requesting SMBus config [ 101.420802][ T5787] cp2112: probe of 0003:10C4:EA90.0004 failed with error -32 [ 101.438507][ T5787] usb 3-1: USB disconnect, device number 5 [ 102.432077][ T6643] mmap: syz.1.277 (6643) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.522496][ T5835] usb 3-1: new low-speed USB device number 6 using dummy_hcd [ 102.710370][ T5835] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 102.720073][ T5835] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.731186][ T5835] usb 3-1: config 0 descriptor?? [ 103.221481][ T6657] sctp: [Deprecated]: syz.1.283 (pid 6657) Use of struct sctp_assoc_value in delayed_ack socket option. [ 103.221481][ T6657] Use struct sctp_sack_info instead [ 103.289062][ T6659] overlayfs: failed to clone upperpath [ 103.300539][ T6659] capability: warning: `syz.1.284' uses deprecated v2 capabilities in a way that may be insecure [ 103.314114][ T6659] overlayfs: failed to clone upperpath [ 103.760035][ T6675] netlink: 'syz.1.291': attribute type 39 has an invalid length. [ 103.963007][ T5835] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 103.980493][ T5835] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 103.993533][ T5835] asix: probe of 3-1:0.0 failed with error -71 [ 104.012216][ T5835] usb 3-1: USB disconnect, device number 6 [ 104.254386][ T6688] netlink: 96 bytes leftover after parsing attributes in process `syz.1.296'. [ 104.584187][ T6699] loop2: detected capacity change from 0 to 1024 [ 104.607191][ T6699] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 104.650356][ T6699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.667641][ T6699] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.800471][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.857050][ T6711] netlink: 12 bytes leftover after parsing attributes in process `syz.1.306'. [ 104.944921][ T6711] bond1: (slave vti0): The slave device specified does not support setting the MAC address [ 104.962053][ T6711] bond1: (slave vti0): Error -95 calling set_mac_address [ 108.998753][ T5787] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 109.193535][ T5787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.205419][ T5787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.219652][ T5787] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 109.233237][ T5787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.256345][ T5787] usb 3-1: config 0 descriptor?? [ 109.475376][ T6797] overlayfs: failed to clone upperpath [ 109.676714][ T5787] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 109.684599][ T5787] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 109.692078][ T5787] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 109.699988][ T5787] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 109.708041][ T5787] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 109.716185][ T5787] cm6533_jd 0003:0D8C:0022.0005: No inputs registered, leaving [ 109.727259][ T5787] cm6533_jd 0003:0D8C:0022.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 109.952140][ T5787] usb 3-1: USB disconnect, device number 7 [ 110.648953][ T6814] netlink: 'syz.2.348': attribute type 39 has an invalid length. [ 111.215701][ T6831] overlayfs: failed to clone upperpath [ 111.363322][ T6837] loop2: detected capacity change from 0 to 8192 [ 111.376989][ T6837] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.398132][ T6837] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 111.407887][ T6837] REISERFS (device loop2): using ordered data mode [ 111.414515][ T6837] reiserfs: using flush barriers [ 111.421970][ T6837] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.439906][ T6837] REISERFS (device loop2): checking transaction log (loop2) [ 111.511510][ T6837] REISERFS (device loop2): Using tea hash to sort names [ 111.521907][ T6837] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 112.565623][ T6872] block nbd2: shutting down sockets [ 112.652209][ T6879] netlink: 1347 bytes leftover after parsing attributes in process `syz.1.376'. [ 116.792007][ T6924] sctp: [Deprecated]: syz.1.398 (pid 6924) Use of int in max_burst socket option deprecated. [ 116.792007][ T6924] Use struct sctp_assoc_value instead [ 129.463086][ T6935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.403'. [ 129.472019][ T6935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'. [ 131.601822][ T6968] overlayfs: failed to clone upperpath [ 131.612138][ T6968] overlayfs: failed to clone upperpath [ 132.692258][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'. [ 132.705252][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'. [ 133.075621][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.086551][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.178933][ T6987] netlink: 'syz.1.426': attribute type 1 has an invalid length. [ 133.186612][ T6987] netlink: 'syz.1.426': attribute type 4 has an invalid length. [ 133.194759][ T6987] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.426'. [ 135.740858][ T7046] netlink: 'syz.1.452': attribute type 10 has an invalid length. [ 135.756994][ T7046] team0: Device hsr_slave_0 failed to register rx_handler [ 137.107691][ T7059] netlink: 'syz.1.458': attribute type 4 has an invalid length. [ 137.141574][ T7059] syz.1.458 (7059) used greatest stack depth: 20584 bytes left [ 138.803494][ T7072] overlayfs: failed to clone upperpath [ 138.945466][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'. [ 138.954450][ T7080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.468'. [ 138.964241][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'. [ 138.973259][ T7080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.468'. [ 143.564020][ C0] vcan0: j1939_tp_rxtimer: 0xffff888020f80000: rx timeout, send abort [ 144.073470][ C0] vcan0: j1939_tp_rxtimer: 0xffff888020f80000: abort rx timeout. Force session deactivation [ 148.393801][ T7139] wireguard0: entered promiscuous mode [ 148.399347][ T7139] wireguard0: entered allmulticast mode [ 148.759259][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'. [ 148.768072][ T7148] netlink: 'syz.1.500': attribute type 30 has an invalid length. [ 148.830755][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'. [ 148.839798][ T7148] netlink: 'syz.1.500': attribute type 30 has an invalid length. [ 151.256036][ T7188] overlayfs: failed to clone upperpath [ 152.158435][ T7203] netlink: 156 bytes leftover after parsing attributes in process `syz.1.523'. [ 152.773821][ T7235] "syz.1.537" (7235) uses obsolete ecb(arc4) skcipher [ 152.782139][ T7235] trusted_key: syz.1.537 sent an empty control message without MSG_MORE. [ 155.759242][ T28] audit: type=1326 audit(1754101692.081:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7fc00000 [ 156.382187][ T28] audit: type=1326 audit(1754101692.711:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7ce018eb69 code=0x7fc00000 [ 161.956823][ T7315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.572'. [ 163.000574][ T7327] vlan2: entered allmulticast mode [ 163.005727][ T7327] dummy0: entered allmulticast mode [ 163.233631][ T7331] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 163.233631][ T7331] The task syz.1.579 (7331) triggered the difference, watch for misbehavior. [ 164.081663][ T7336] netlink: 'syz.1.581': attribute type 12 has an invalid length. [ 164.586178][ T7348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'. [ 164.595031][ T7348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.587'. [ 164.604425][ T7348] netlink: 'syz.1.587': attribute type 18 has an invalid length. [ 164.613442][ T7348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'. [ 166.916405][ T7379] overlayfs: failed to resolve './file0': -2 [ 168.890501][ T1150] libceph: connect (1)[c::]:6789 error -101 [ 168.896615][ T1150] libceph: mon0 (1)[c::]:6789 connect error [ 168.941629][ T1150] libceph: connect (1)[c::]:6789 error -101 [ 168.947712][ T1150] libceph: mon0 (1)[c::]:6789 connect error [ 169.159172][ T1150] libceph: connect (1)[c::]:6789 error -101 [ 169.165242][ T1150] libceph: mon0 (1)[c::]:6789 connect error [ 169.209156][ T5855] libceph: connect (1)[c::]:6789 error -101 [ 169.215239][ T5855] libceph: mon0 (1)[c::]:6789 connect error [ 169.690101][ T5855] libceph: connect (1)[c::]:6789 error -101 [ 169.696320][ T5855] libceph: mon0 (1)[c::]:6789 connect error [ 169.723569][ T7398] ceph: No mds server is up or the cluster is laggy [ 169.723746][ T7401] ceph: No mds server is up or the cluster is laggy [ 169.740239][ T5855] libceph: connect (1)[c::]:6789 error -101 [ 169.746563][ T5855] libceph: mon0 (1)[c::]:6789 connect error [ 169.973292][ T28] audit: type=1326 audit(1754101706.301:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7413 comm="syz.1.613" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x0 [ 172.011979][ T7431] netlink: 8 bytes leftover after parsing attributes in process `syz.1.619'. [ 174.488920][ T7465] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 174.496432][ T7464] IPVS: stopping master sync thread 7465 ... [ 174.544041][ T7467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.636'. [ 174.553188][ T7467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.636'. [ 175.398695][ T7482] netlink: 16 bytes leftover after parsing attributes in process `syz.1.642'. [ 175.407677][ T7482] netlink: 'syz.1.642': attribute type 1 has an invalid length. [ 175.415884][ T7482] netlink: 'syz.1.642': attribute type 2 has an invalid length. [ 175.513071][ T7487] veth3: entered allmulticast mode [ 178.516923][ T7520] overlayfs: failed to resolve './file0': -2 [ 179.831910][ T28] audit: type=1326 audit(1754101716.161:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.854381][ T28] audit: type=1326 audit(1754101716.161:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.878045][ T28] audit: type=1326 audit(1754101716.161:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.901610][ T28] audit: type=1326 audit(1754101716.161:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.924101][ T28] audit: type=1326 audit(1754101716.161:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.949474][ T28] audit: type=1326 audit(1754101716.161:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.972851][ T28] audit: type=1326 audit(1754101716.271:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 179.998767][ T28] audit: type=1326 audit(1754101716.281:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 180.021399][ T28] audit: type=1326 audit(1754101716.301:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 180.051251][ T28] audit: type=1326 audit(1754101716.301:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x7ffc0000 [ 182.656903][ T7585] netlink: 4 bytes leftover after parsing attributes in process `syz.1.687'. [ 182.730355][ T7587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.688'. [ 187.089023][ T7640] 9pnet_fd: Insufficient options for proto=fd [ 187.097934][ T7640] overlayfs: failed to clone upperpath [ 188.171285][ T7652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.716'. [ 191.141230][ T7692] io-wq is not configured for unbound workers [ 191.324509][ T1150] kernel write not supported for file bpf-prog (pid: 1150 comm: kworker/1:2) [ 191.514013][ T7707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.739'. [ 193.952277][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 193.952290][ T28] audit: type=1326 audit(1754101730.281:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7721 comm="syz.1.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ce018eb69 code=0x0 [ 194.518407][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.525630][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.118947][ T7730] netlink: 44 bytes leftover after parsing attributes in process `syz.1.749'. [ 195.128196][ T7730] netlink: 43 bytes leftover after parsing attributes in process `syz.1.749'. [ 195.139121][ T7730] netlink: 'syz.1.749': attribute type 6 has an invalid length. [ 195.147335][ T7730] netlink: 'syz.1.749': attribute type 5 has an invalid length. [ 195.156945][ T7730] netlink: 43 bytes leftover after parsing attributes in process `syz.1.749'. [ 195.886129][ T7742] netlink: 4 bytes leftover after parsing attributes in process `syz.1.755'. [ 197.444716][ T7762] netlink: 'syz.1.765': attribute type 64 has an invalid length. [ 197.452560][ T7762] netlink: 32 bytes leftover after parsing attributes in process `syz.1.765'. [ 197.517287][ T7763] netlink: 'syz.1.765': attribute type 64 has an invalid length. [ 197.525624][ T7763] netlink: 32 bytes leftover after parsing attributes in process `syz.1.765'. [ 198.545277][ T7776] x_tables: duplicate entry at hook 3 [ 200.541187][ T7813] 9pnet: p9_errstr2errno: server reported unknown error @íÎ [ 201.271182][ T7832] 9pnet_fd: Insufficient options for proto=fd [ 202.045311][ T7847] cgroup: name respecified [ 202.475380][ T7860] syz.1.810 (7860) used greatest stack depth: 20176 bytes left [ 203.360625][ T7880] netlink: 'syz.1.820': attribute type 12 has an invalid length. [ 203.368429][ T7880] netlink: 'syz.1.820': attribute type 29 has an invalid length. [ 203.376231][ T7880] netlink: 148 bytes leftover after parsing attributes in process `syz.1.820'. [ 203.385309][ T7880] netlink: 16 bytes leftover after parsing attributes in process `syz.1.820'. [ 205.701020][ T7916] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 205.718971][ T7916] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.728097][ T7916] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.758505][ T7995] netlink: 104 bytes leftover after parsing attributes in process `syz.1.870'. [ 211.626504][ T8019] bond0: entered promiscuous mode [ 211.631722][ T8019] bond_slave_0: entered promiscuous mode [ 211.637483][ T8019] bond_slave_1: entered promiscuous mode [ 211.643905][ T8019] bond0: entered allmulticast mode [ 211.649282][ T8019] bond_slave_0: entered allmulticast mode [ 211.655327][ T8019] bond_slave_1: entered allmulticast mode [ 211.839945][ T8029] netlink: 104 bytes leftover after parsing attributes in process `syz.1.886'. [ 215.023909][ T8058] bond0: left allmulticast mode [ 215.028958][ T8058] bond_slave_0: left allmulticast mode [ 215.034428][ T8058] bond_slave_1: left allmulticast mode [ 249.548976][ T29] INFO: task kworker/0:0:8 blocked for more than 143 seconds. [ 249.556497][ T29] Not tainted 6.6.101-syzkaller #0 [ 249.562364][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 249.571104][ T29] task:kworker/0:0 state:D stack:21224 pid:8 ppid:2 flags:0x00004000 [ 249.580421][ T29] Workqueue: events rfkill_global_led_trigger_worker [ 249.587171][ T29] Call Trace: [ 249.590635][ T29] [ 249.593604][ T29] __schedule+0x14d2/0x44d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 249.598145][ T29] ? lock_chain_count+0x20/0x20 [ 249.603271][ T29] ? preempt_schedule_common+0x82/0xc0 [ 249.609616][ T29] ? asan.module_dtor+0x20/0x20 [ 249.614879][ T29] ? preempt_schedule+0xab/0xc0 [ 249.619830][ T29] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 249.626022][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 249.631629][ T29] schedule+0xbd/0x170 [ 249.668749][ T29] schedule_preempt_disabled+0x13/0x20 [ 249.674276][ T29] __mutex_lock+0x6b7/0xcc0 [ 249.698693][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 249.703714][ T29] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 249.711002][ T29] ? mutex_lock_nested+0x20/0x20 [ 249.716014][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 249.722553][ T29] ? read_lock_is_recursive+0x20/0x20 [ 249.727959][ T29] ? process_scheduled_works+0x957/0x15b0 [ 249.735212][ T29] rfkill_global_led_trigger_worker+0x27/0xd0 [ 249.741660][ T29] ? process_scheduled_works+0x957/0x15b0 [ 249.747414][ T29] process_scheduled_works+0xa45/0x15b0 [ 249.753079][ T29] ? assign_work+0x400/0x400 [ 249.757780][ T29] ? assign_work+0x39e/0x400 [ 249.762454][ T29] worker_thread+0xa55/0xfc0 [ 249.767135][ T29] kthread+0x2fa/0x390 [ 249.771345][ T29] ? pr_cont_work+0x560/0x560 [ 249.776572][ T29] ? kthread_blkcg+0xd0/0xd0 [ 249.781250][ T29] ret_from_fork+0x48/0x80 [ 249.785685][ T29] ? kthread_blkcg+0xd0/0xd0 [ 249.790538][ T29] ret_from_fork_asm+0x11/0x20 [ 249.796207][ T29] [ 249.802263][ T29] INFO: task kworker/0:2:964 blocked for more than 143 seconds. [ 249.810360][ T29] Not tainted 6.6.101-syzkaller #0 [ 249.816004][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 249.829759][ T29] task:kworker/0:2 state:D stack:22064 pid:964 ppid:2 flags:0x00004000 [ 249.844205][ T29] Workqueue: events rfkill_op_handler [ 249.851956][ T29] Call Trace: [ 249.855364][ T29] [ 249.858314][ T29] __schedule+0x14d2/0x44d0 [ 249.867504][ T29] ? lock_chain_count+0x20/0x20 [ 249.874261][ T29] ? preempt_schedule_common+0x82/0xc0 [ 249.884228][ T29] ? asan.module_dtor+0x20/0x20 [ 249.889658][ T29] ? preempt_schedule+0xab/0xc0 [ 249.894536][ T29] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 249.906665][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 249.912428][ T29] schedule+0xbd/0x170 [ 249.916537][ T29] schedule_preempt_disabled+0x13/0x20 [ 249.926802][ T29] __mutex_lock+0x6b7/0xcc0 [ 249.931628][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 249.936344][ T29] ? nfc_rfkill_set_block+0x50/0x2e0 [ 249.946487][ T29] ? mutex_lock_nested+0x20/0x20 [ 249.952144][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 249.957374][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 249.970191][ T29] ? _raw_spin_unlock+0x40/0x40 [ 249.975171][ T29] ? kobject_uevent_env+0x363/0x8c0 [ 249.982995][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 249.988559][ T29] nfc_rfkill_set_block+0x50/0x2e0 [ 249.995114][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 250.001200][ T29] rfkill_set_block+0x1c6/0x420 [ 250.006091][ T29] rfkill_epo+0x79/0x180 [ 250.011089][ T29] ? process_scheduled_works+0x957/0x15b0 [ 250.016840][ T29] rfkill_op_handler+0x84/0x240 [ 250.022120][ T29] process_scheduled_works+0xa45/0x15b0 [ 250.027728][ T29] ? assign_work+0x400/0x400 [ 250.032867][ T29] ? assign_work+0x39e/0x400 [ 250.037519][ T29] worker_thread+0xa55/0xfc0 [ 250.042680][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 250.048620][ T29] ? _raw_spin_unlock+0x40/0x40 [ 250.054004][ T29] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 250.064860][ T29] kthread+0x2fa/0x390 [ 250.069289][ T29] ? pr_cont_work+0x560/0x560 [ 250.073992][ T29] ? kthread_blkcg+0xd0/0xd0 [ 250.078600][ T29] ret_from_fork+0x48/0x80 [ 250.084513][ T29] ? kthread_blkcg+0xd0/0xd0 [ 250.089545][ T29] ret_from_fork_asm+0x11/0x20 [ 250.094351][ T29] [ 250.106779][ T29] INFO: task syz.0.196:6355 blocked for more than 143 seconds. [ 250.115764][ T29] Not tainted 6.6.101-syzkaller #0 [ 250.123973][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 250.134404][ T29] task:syz.0.196 state:D stack:27016 pid:6355 ppid:5780 flags:0x00004006 [ 250.145063][ T29] Call Trace: [ 250.148358][ T29] [ 250.154913][ T29] __schedule+0x14d2/0x44d0 [ 250.159918][ T29] ? __kernfs_remove+0x720/0x840 [ 250.164896][ T29] ? asan.module_dtor+0x20/0x20 [ 250.174560][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 250.179624][ T29] ? __mutex_trylock_common+0x84/0x250 [ 250.185114][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 250.197028][ T29] schedule+0xbd/0x170 [ 250.201473][ T29] schedule_preempt_disabled+0x13/0x20 [ 250.206959][ T29] __mutex_lock+0x6b7/0xcc0 [ 250.218059][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 250.223102][ T29] ? rfkill_unregister+0xc8/0x220 [ 250.228159][ T29] ? mutex_lock_nested+0x20/0x20 [ 250.238921][ T29] ? kill_device+0x160/0x160 [ 250.243557][ T29] ? nfc_genl_device_removed+0x22e/0x320 [ 250.250042][ T29] ? destroy_workqueue+0x898/0xf20 [ 250.255193][ T29] ? nfc_genl_setup_device_added+0x320/0x320 [ 250.266197][ T29] ? destroy_workqueue+0xd80/0xf20 [ 250.273077][ T29] ? destroy_workqueue+0x898/0xf20 [ 250.278225][ T29] rfkill_unregister+0xc8/0x220 [ 250.288142][ T29] nfc_unregister_device+0x96/0x2a0 [ 250.293743][ T29] ? virtual_ncidev_open+0x1a0/0x1a0 [ 250.299548][ T29] virtual_ncidev_close+0x59/0x90 [ 250.304661][ T29] __fput+0x234/0x970 [ 250.314829][ T29] task_work_run+0x1ce/0x250 [ 250.322711][ T29] ? task_work_cancel+0x240/0x240 [ 250.327796][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 250.338246][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 250.343968][ T29] exit_to_user_mode_prepare+0xb1/0x140 [ 250.355925][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 250.361738][ T29] do_syscall_64+0x61/0xb0 [ 250.366176][ T29] ? clear_bhb_loop+0x40/0x90 [ 250.375839][ T29] ? clear_bhb_loop+0x40/0x90 [ 250.380935][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 250.386870][ T29] RIP: 0033:0x7febf7b8eb69 [ 250.391829][ T29] RSP: 002b:00007ffc535efaa8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 250.400567][ T29] RAX: 0000000000000000 RBX: 00007febf7db7ba0 RCX: 00007febf7b8eb69 [ 250.408555][ T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 250.416645][ T29] RBP: 00007febf7db7ba0 R08: 00000000000087d4 R09: 00000006535efd9f [ 250.424695][ T29] R10: 00007febf7db7ac0 R11: 0000000000000246 R12: 0000000000016bc6 [ 250.432836][ T29] R13: 00007febf7db6080 R14: ffffffffffffffff R15: 00007ffc535efbc0 [ 250.441077][ T29] [ 250.444233][ T29] INFO: task syz.3.222:6485 blocked for more than 144 seconds. [ 250.453617][ T29] Not tainted 6.6.101-syzkaller #0 [ 250.459317][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 250.468049][ T29] task:syz.3.222 state:D stack:26160 pid:6485 ppid:5779 flags:0x00004006 [ 250.477374][ T29] Call Trace: [ 250.480739][ T29] [ 250.483661][ T29] __schedule+0x14d2/0x44d0 [ 250.488162][ T29] ? __kernfs_remove+0x720/0x840 [ 250.493218][ T29] ? asan.module_dtor+0x20/0x20 [ 250.498096][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 250.502875][ T29] ? __mutex_trylock_common+0x84/0x250 [ 250.508359][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 250.514632][ T29] schedule+0xbd/0x170 [ 250.518901][ T29] schedule_preempt_disabled+0x13/0x20 [ 250.524403][ T29] __mutex_lock+0x6b7/0xcc0 [ 250.528966][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 250.533648][ T29] ? rfkill_unregister+0xc8/0x220 [ 250.538735][ T29] ? mutex_lock_nested+0x20/0x20 [ 250.543698][ T29] ? kill_device+0x160/0x160 [ 250.548296][ T29] ? hci_sock_dev_event+0x424/0x600 [ 250.553566][ T29] ? hci_send_monitor_ctrl_event+0x5f0/0x5f0 [ 250.559617][ T29] rfkill_unregister+0xc8/0x220 [ 250.564481][ T29] hci_unregister_dev+0x374/0x510 [ 250.569591][ T29] vhci_release+0x83/0xd0 [ 250.573934][ T29] ? vhci_open+0x360/0x360 [ 250.578342][ T29] __fput+0x234/0x970 [ 250.582393][ T29] task_work_run+0x1ce/0x250 [ 250.586994][ T29] ? task_work_cancel+0x240/0x240 [ 250.592080][ T29] ? do_exit+0x906/0x23c0 [ 250.596432][ T29] ? kmem_cache_free+0xf8/0x280 [ 250.601373][ T29] do_exit+0x90b/0x23c0 [ 250.605545][ T29] ? put_task_struct+0xc0/0xc0 [ 250.610379][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 250.616368][ T29] ? get_signal+0x1255/0x1400 [ 250.621138][ T29] ? lock_chain_count+0x20/0x20 [ 250.626013][ T29] do_group_exit+0x21b/0x2d0 [ 250.630809][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 250.636026][ T29] get_signal+0x12fc/0x1400 [ 250.640607][ T29] arch_do_signal_or_restart+0x96/0x780 [ 250.646184][ T29] ? __remove_hrtimer+0x470/0x470 [ 250.651362][ T29] ? get_sigframe_size+0x20/0x20 [ 250.656313][ T29] ? __se_sys_clock_nanosleep+0x2ea/0x370 [ 250.662148][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 250.667621][ T29] exit_to_user_mode_loop+0x70/0x110 [ 250.673012][ T29] exit_to_user_mode_prepare+0xb1/0x140 [ 250.678566][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 250.684308][ T29] do_syscall_64+0x61/0xb0 [ 250.689050][ T29] ? clear_bhb_loop+0x40/0x90 [ 250.693758][ T29] ? clear_bhb_loop+0x40/0x90 [ 250.698461][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 250.704427][ T29] RIP: 0033:0x7f878cfc1425 [ 250.708935][ T29] RSP: 002b:00007f878de7ff80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 250.717343][ T29] RAX: fffffffffffffdfc RBX: 00007f878d1b5fa0 RCX: 00007f878cfc1425 [ 250.725416][ T29] RDX: 00007f878de7ffc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 250.733468][ T29] RBP: 00007f878d011df1 R08: 0000000000000000 R09: 0000000000000000 [ 250.741625][ T29] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 250.749658][ T29] R13: 0000000000000000 R14: 00007f878d1b5fa0 R15: 00007ffe564438c8 [ 250.757664][ T29] [ 250.760860][ T29] [ 250.760860][ T29] Showing all locks held in the system: [ 250.768832][ T29] 3 locks held by kworker/0:0/8: [ 250.773777][ T29] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 250.784860][ T29] #1: ffffc900000d7d00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 250.798432][ T29] #2: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 250.809849][ T29] 1 lock held by khungtaskd/29: [ 250.814727][ T29] #0: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 250.824652][ T29] 4 locks held by kworker/0:2/964: [ 250.829912][ T29] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 250.841100][ T29] #1: ffffc900040dfd00 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 250.852251][ T29] #2: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_epo+0x47/0x180 [ 250.861794][ T29] #3: ffff888025274100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 250.871611][ T29] 2 locks held by kworker/u4:7/3469: [ 250.876926][ T29] #0: ffff8880b8f3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 250.887029][ T29] #1: ffff8880b8f288c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x316/0x6d0 [ 250.898546][ T29] 2 locks held by kworker/u4:8/3483: [ 250.903915][ T29] 2 locks held by getty/5545: [ 250.908588][ T29] #0: ffff88802e1eb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 250.918498][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 250.928861][ T29] 2 locks held by syz.0.196/6355: [ 250.933902][ T29] #0: ffff888025274100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0 [ 250.943733][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 250.953900][ T29] 1 lock held by syz.3.222/6485: [ 250.958998][ T29] #0: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 250.969167][ T29] 2 locks held by syz-executor/6778: [ 250.974434][ T29] #0: ffff888025f9f118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 250.984592][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 250.994654][ T29] 2 locks held by syz.2.385/6900: [ 250.999790][ T29] #0: ffff88805dbf30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 251.009705][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.019800][ T29] 2 locks held by syz-executor/6902: [ 251.025102][ T29] #0: ffff88807e136918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.035319][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.045400][ T29] 2 locks held by syz-executor/6932: [ 251.050759][ T29] #0: ffff88802409d918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.060821][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.071078][ T29] 2 locks held by syz-executor/7385: [ 251.076373][ T29] #0: ffff88807d749918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.086665][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.096736][ T29] 2 locks held by syz-executor/7477: [ 251.102047][ T29] #0: ffff88807ca0f918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.112129][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.122114][ T29] 2 locks held by syz-executor/7666: [ 251.127394][ T29] #0: ffff88807e452118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.137477][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.147479][ T29] 1 lock held by syz.1.866/7987: [ 251.152731][ T29] #0: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 251.163198][ T29] 2 locks held by syz-executor/8078: [ 251.168489][ T29] #0: ffff88807ab3b118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.178563][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.188744][ T29] 2 locks held by syz-executor/8083: [ 251.194013][ T29] #0: ffff88807dd3a918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.204073][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.214102][ T29] 2 locks held by syz-executor/8086: [ 251.219453][ T29] #0: ffff888077076118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6e0 [ 251.229640][ T29] #1: ffffffff8e296f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 251.239703][ T29] [ 251.242030][ T29] ============================================= [ 251.242030][ T29] [ 251.251251][ T29] NMI backtrace for cpu 0 [ 251.255619][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 251.263493][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.273540][ T29] Call Trace: [ 251.276809][ T29] [ 251.279724][ T29] dump_stack_lvl+0x16c/0x230 [ 251.284385][ T29] ? preempt_count_add+0x91/0x1a0 [ 251.289399][ T29] ? show_regs_print_info+0x20/0x20 [ 251.294579][ T29] ? load_image+0x3b0/0x3b0 [ 251.299070][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 251.303993][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 251.310140][ T29] ? _printk+0xd0/0x110 [ 251.314313][ T29] ? load_image+0x3b0/0x3b0 [ 251.318820][ T29] ? load_image+0x3b0/0x3b0 [ 251.323331][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 251.329394][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 251.335382][ T29] watchdog+0xf41/0xf80 [ 251.339533][ T29] ? watchdog+0x1e1/0xf80 [ 251.343879][ T29] kthread+0x2fa/0x390 [ 251.347939][ T29] ? hungtask_pm_notify+0x90/0x90 [ 251.352957][ T29] ? kthread_blkcg+0xd0/0xd0 [ 251.357534][ T29] ret_from_fork+0x48/0x80 [ 251.361942][ T29] ? kthread_blkcg+0xd0/0xd0 [ 251.366524][ T29] ret_from_fork_asm+0x11/0x20 [ 251.371300][ T29] [ 251.374555][ T29] Sending NMI from CPU 0 to CPUs 1: [ 251.379882][ C1] NMI backtrace for cpu 1 [ 251.379897][ C1] CPU: 1 PID: 3469 Comm: kworker/u4:7 Not tainted 6.6.101-syzkaller #0 [ 251.379912][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.379920][ C1] Workqueue: bat_events batadv_nc_worker [ 251.379942][ C1] RIP: 0010:lock_release+0x143/0x8b0 [ 251.379962][ C1] Code: 83 3b 00 0f 85 51 04 00 00 4c 89 74 24 10 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 48 8b 84 24 a0 00 00 00 <48> 89 44 24 50 fa 48 c7 c7 20 c7 aa 8a e8 8b a3 05 09 65 ff 05 ac [ 251.379973][ C1] RSP: 0018:ffffc9000ccb79c0 EFLAGS: 00000246 [ 251.379984][ C1] RAX: 0000000000000246 RBX: ffff88802ef8e4dc RCX: e1369c494ff14c00 [ 251.379995][ C1] RDX: 0000000000000000 RSI: ffffffff8afc6760 RDI: ffffffff8afc6720 [ 251.380004][ C1] RBP: ffffc9000ccb7ae0 R08: ffffffff8e4a84ef R09: 1ffffffff1c9509d [ 251.380014][ C1] R10: dffffc0000000000 R11: fffffbfff1c9509e R12: ffffffff8a35ee1a [ 251.380024][ C1] R13: dffffc0000000000 R14: ffff88802ef8da00 R15: 1ffff92001996f44 [ 251.380034][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 251.380045][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 251.380055][ C1] CR2: 0000559cf853f000 CR3: 000000000cb30000 CR4: 00000000003506e0 [ 251.380067][ C1] Call Trace: [ 251.380073][ C1] [ 251.380082][ C1] ? batadv_nc_process_nc_paths+0xba/0x390 [ 251.380101][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 251.380118][ C1] ? do_raw_spin_unlock+0x121/0x230 [ 251.380149][ C1] ? batadv_nc_purge_paths+0x311/0x3a0 [ 251.380165][ C1] ? batadv_nc_to_purge_nc_path_coding+0x120/0x120 [ 251.380182][ C1] ? batadv_nc_fwd_flush+0x330/0x330 [ 251.380199][ C1] ? batadv_nc_fwd_flush+0x330/0x330 [ 251.380217][ C1] batadv_nc_process_nc_paths+0x2f7/0x390 [ 251.380236][ C1] ? batadv_nc_process_nc_paths+0xba/0x390 [ 251.380254][ C1] batadv_nc_worker+0x52b/0x610 [ 251.380272][ C1] ? process_scheduled_works+0x957/0x15b0 [ 251.380290][ C1] process_scheduled_works+0xa45/0x15b0 [ 251.380320][ C1] ? assign_work+0x400/0x400 [ 251.380338][ C1] ? assign_work+0x39e/0x400 [ 251.380356][ C1] worker_thread+0xa55/0xfc0 [ 251.380385][ C1] kthread+0x2fa/0x390 [ 251.380397][ C1] ? pr_cont_work+0x560/0x560 [ 251.380413][ C1] ? kthread_blkcg+0xd0/0xd0 [ 251.380426][ C1] ret_from_fork+0x48/0x80 [ 251.380441][ C1] ? kthread_blkcg+0xd0/0xd0 [ 251.380454][ C1] ret_from_fork_asm+0x11/0x20 [ 251.380480][ C1] [ 251.381749][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 251.627284][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 251.635169][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.645212][ T29] Call Trace: [ 251.648477][ T29] [ 251.651396][ T29] dump_stack_lvl+0x16c/0x230 [ 251.656065][ T29] ? show_regs_print_info+0x20/0x20 [ 251.661254][ T29] ? load_image+0x3b0/0x3b0 [ 251.665754][ T29] panic+0x2c0/0x710 [ 251.669655][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 251.675277][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 251.679770][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 251.685307][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 251.691489][ T29] watchdog+0xf80/0xf80 [ 251.695641][ T29] ? watchdog+0x1e1/0xf80 [ 251.699962][ T29] kthread+0x2fa/0x390 [ 251.704016][ T29] ? hungtask_pm_notify+0x90/0x90 [ 251.709030][ T29] ? kthread_blkcg+0xd0/0xd0 [ 251.713607][ T29] ret_from_fork+0x48/0x80 [ 251.718018][ T29] ? kthread_blkcg+0xd0/0xd0 [ 251.722597][ T29] ret_from_fork_asm+0x11/0x20 [ 251.727368][ T29] [ 251.730618][ T29] Kernel Offset: disabled [ 251.734930][ T29] Rebooting in 86400 seconds..