last executing test programs: 12.636122884s ago: executing program 4 (id=26): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x438, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xd}, {0x0, 0xfff1}}, [@TCA_CHAIN={0x8, 0xb, 0xffffffff}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8, 0xb, 0x60}, @filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_CLASSID={0x8, 0x3, {0x2, 0xfff1}}]}}, @filter_kind_options=@f_route={{0xa}, {0x3dc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xc1}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x31}, @TCA_ROUTE4_CLASSID={0x8}, @TCA_ROUTE4_ACT={0x3c0, 0x6, [@m_connmark={0xc8, 0x0, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x1, 0x20000000, 0x6, 0x3ff}, 0x4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8f70, 0xfffffffb, 0x2, 0x1, 0x3}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x14d3, 0x5, 0x1, 0x61745c9, 0x7}, 0xca4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x34, 0x68, 0x4, 0x9815, 0x9}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xffffff49, 0x3, 0x10000000, 0xb, 0x95}, 0x4}}]}, {0x9, 0x6, "39f3f47f6c"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_sample={0x140, 0x10, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x1ff}]}, {0x101, 0x6, "57eb9c56054fd807513303b3f4cf2159c55e35510c777ffa2014e7e694230809b9eb1ed7f293245aebba45a1ea878c207ab5b8ff73b3b3448048e6cac141f39cbeee17794690ddf0bca2ac2a249d9e877c1123d0f06c27f3ebee9569460b9f4d9f5b7b06cfe2883ba47b6dc50a2c7a24c96c854e7df0374432374ea02f1a278cd2549b201fcd47c4e8405d197cf796492ae564779963f8e2dc1ac00bebdd180f84413cf421d0d08ee85dd48de73726ee74cb6f594aaa44c7645d154f3842abed854c484699dc036cf24205945eaf7b6d85c0842b496dc1943550dcf4ae37ee65555edadd06e27f4f5372c472f21ce91275745c36ce61e979dcc36d8710"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_ct={0xc0, 0xf, 0x0, 0x0, {{0x7}, {0x4}, {0x95, 0x6, "f84ebe84c2d9809d98cb12f2274b5e21a4b137a60d915bfb42d02d4976ad358f638df8594bc932b13ff21d61be8614c3e0d017d21773d441648e714188ceca643a7f306544ce1be061d95d94f171717e049609b7d2b065d9b018db93c08d3479edf5f057f3b5d682c142a7be2a698456dbb28b7070774e11cf4125dc778036c189ec187ceb923d94a23e0d32f0cda5d880"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_nat={0xf4, 0x15, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x6, 0x4, 0x1, 0x2, 0x6}, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x101, 0x10, 0x10000000, 0x8000, 0x1000}, @loopback, @multicast2, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x8, 0x5, 0x1, 0x6f4f}, @remote, @private=0xa010101, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x45df, 0x7ff, 0x20000000, 0x4, 0x7}, @dev={0xac, 0x14, 0x14, 0x3d}, @loopback, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x7, 0xffffffffffffffff, 0x6, 0xfffefffd}, @broadcast, @loopback, 0xff000000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x438}, 0x1, 0x0, 0x0, 0x10}, 0x40004) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x1b0}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 12.383773327s ago: executing program 4 (id=30): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000007c0)={0x1c, &(0x7f0000000b00)={0x0, 0x0, 0x2, "ca19"}, 0x0, 0x0}) 9.156990439s ago: executing program 4 (id=48): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'hsr0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b03f6ffe0ff64000200475400f6a13bb1000000080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 8.588465397s ago: executing program 4 (id=53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc018aec0, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x20000700, &(0x7f0000001000/0x1000)=nil}) 7.996932288s ago: executing program 0 (id=57): setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e23, @private=0xa010101}}, 0x0, 0x0, 0x0, 0x0, "e541bd3d3aa6a2d875e9671e8abcb31c134f3a9db8f52e1f54fe6e079f35ac63186c7244fc3b3801e79b8e5545b90f2dbec29f15cec2fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db"}, 0xd8) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1f000000", @ANYRES16=r1, @ANYBLOB="e56e000000000000000001"], 0x68}}, 0x0) 7.707745225s ago: executing program 0 (id=59): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$bt_hci(r0, 0x84, 0x6c, &(0x7f0000000580)=""/4056, &(0x7f00000004c0)=0xfd8) 6.842022082s ago: executing program 0 (id=63): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x48}}, 0x0) 6.348950669s ago: executing program 0 (id=68): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041, 0xffffff80}) 6.300745896s ago: executing program 2 (id=70): r0 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2) ioctl$VIDIOC_DQEVENT(r0, 0x80805659, &(0x7f0000000180)={0x0, @frame_sync}) ioctl$VIDIOC_ENUMAUDIO(r0, 0xc0345641, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) 6.08971888s ago: executing program 1 (id=71): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f00000000c0)={0x20, 0x10, 0x2, {0x2, 0x7e8e703122aff25f}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 5.977370186s ago: executing program 0 (id=73): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002900)=ANY=[@ANYBLOB="020bff031a02"], 0x10d0}}, 0x80) 5.908344131s ago: executing program 2 (id=74): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f0000000080)) 5.097860678s ago: executing program 4 (id=77): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x130, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8}}, @TCA_STAB={0xf8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, {0xe, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, {0x6, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, {0x10, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x2, [0x0, 0x0]}}]}]}, 0x130}}, 0x0) 5.035974946s ago: executing program 2 (id=78): r0 = getpid() syz_pidfd_open(r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$PPPIOCNEWUNIT(r1, 0xff01, 0x0) 4.579152403s ago: executing program 2 (id=80): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x51}}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 4.480890797s ago: executing program 4 (id=82): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ipvlan1\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000780)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="4c240500000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r1], 0x44}}, 0x0) 4.149244004s ago: executing program 2 (id=83): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_io_uring_setup(0x2912, &(0x7f0000000280)={0x0, 0x4240, 0x200, 0x0, 0x184}, 0x0, 0x0) 4.115804561s ago: executing program 1 (id=84): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x30, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0) 3.63168299s ago: executing program 0 (id=86): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0x4}, {0x4}, {0x4}]}]}, 0x2c}}, 0x0) 3.613095353s ago: executing program 1 (id=87): pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup3(r1, r0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x50, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 3.329673658s ago: executing program 1 (id=88): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000100)={0x11, 0x4, r1}, 0x14) bind$packet(r0, &(0x7f0000001200)={0x11, 0x4, r1, 0x1, 0x7, 0x6, @multicast}, 0x14) 3.039746583s ago: executing program 1 (id=89): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x40, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4020aeb2, &(0x7f0000000140)={0x0, r2}) 2.661388743s ago: executing program 2 (id=90): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x3c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x100000}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x3c}}, 0x0) 2.114921597s ago: executing program 3 (id=91): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x80102, 0x0) ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)=0x10) dup2(r0, r1) 1.96601773s ago: executing program 3 (id=92): creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file3\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x2) 1.783580537s ago: executing program 3 (id=93): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x7c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6}]}]}]}, 0x7c}}, 0x0) 1.677880126s ago: executing program 3 (id=94): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000005, 0x11, r0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r1, 0x107, 0x5, 0x0, &(0x7f00000002c0)) 1.530324728s ago: executing program 3 (id=95): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @random="c5f9772bb146", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}}, 0x0) 1.428433745s ago: executing program 3 (id=96): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 0s ago: executing program 1 (id=97): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d0f20000ff01ffffffff080211000000505050505050"], 0x40}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.216' (ED25519) to the list of known hosts. [ 50.247733][ T5220] cgroup: Unknown subsys name 'net' [ 50.408710][ T5220] cgroup: Unknown subsys name 'cpuset' [ 50.417860][ T5220] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 51.670768][ T5220] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.820029][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 54.828328][ T5238] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 54.830804][ T5240] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 54.844253][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 54.854448][ T5240] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 54.855016][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 54.869026][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 54.870158][ T5240] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 54.881513][ T5241] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 54.886693][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 54.890898][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 54.905329][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 54.916022][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 54.923924][ T5241] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 54.931275][ T5241] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 54.935441][ T5240] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 54.939931][ T5242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 54.945533][ T5246] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 54.953245][ T5242] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 54.960836][ T5240] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 54.974205][ T5242] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 54.974881][ T5246] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 54.981682][ T5242] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 55.002338][ T5242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.010609][ T4626] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 55.018133][ T4626] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.025716][ T5246] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 55.034057][ T5237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 55.045553][ T4626] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 55.045675][ T5242] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 55.477525][ T5248] chnl_net:caif_netlink_parms(): no params data found [ 55.553644][ T5252] chnl_net:caif_netlink_parms(): no params data found [ 55.562445][ T5251] chnl_net:caif_netlink_parms(): no params data found [ 55.574867][ T5254] chnl_net:caif_netlink_parms(): no params data found [ 55.615091][ T5249] chnl_net:caif_netlink_parms(): no params data found [ 55.743535][ T5248] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.751748][ T5248] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.759644][ T5248] bridge_slave_0: entered allmulticast mode [ 55.769304][ T5248] bridge_slave_0: entered promiscuous mode [ 55.804226][ T5248] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.811502][ T5248] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.819337][ T5248] bridge_slave_1: entered allmulticast mode [ 55.826385][ T5248] bridge_slave_1: entered promiscuous mode [ 55.846210][ T5252] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.853354][ T5252] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.860718][ T5252] bridge_slave_0: entered allmulticast mode [ 55.867809][ T5252] bridge_slave_0: entered promiscuous mode [ 55.890303][ T5251] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.898122][ T5251] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.907833][ T5251] bridge_slave_0: entered allmulticast mode [ 55.914417][ T5251] bridge_slave_0: entered promiscuous mode [ 55.922416][ T5251] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.929867][ T5251] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.937268][ T5251] bridge_slave_1: entered allmulticast mode [ 55.944142][ T5251] bridge_slave_1: entered promiscuous mode [ 55.957462][ T5252] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.964567][ T5252] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.974305][ T5252] bridge_slave_1: entered allmulticast mode [ 55.981609][ T5252] bridge_slave_1: entered promiscuous mode [ 55.995465][ T5254] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.002566][ T5254] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.010019][ T5254] bridge_slave_0: entered allmulticast mode [ 56.017227][ T5254] bridge_slave_0: entered promiscuous mode [ 56.024365][ T5254] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.031567][ T5254] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.038924][ T5254] bridge_slave_1: entered allmulticast mode [ 56.046252][ T5254] bridge_slave_1: entered promiscuous mode [ 56.095916][ T5248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.110797][ T5251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.120380][ T5249] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.127770][ T5249] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.138726][ T5249] bridge_slave_0: entered allmulticast mode [ 56.145604][ T5249] bridge_slave_0: entered promiscuous mode [ 56.153108][ T5249] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.160420][ T5249] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.168155][ T5249] bridge_slave_1: entered allmulticast mode [ 56.174713][ T5249] bridge_slave_1: entered promiscuous mode [ 56.183579][ T5252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.204122][ T5248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.218117][ T5251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.236114][ T5252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.256379][ T5254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.268586][ T5254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.328080][ T5251] team0: Port device team_slave_0 added [ 56.340663][ T5249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.353746][ T5252] team0: Port device team_slave_0 added [ 56.370811][ T5248] team0: Port device team_slave_0 added [ 56.379763][ T5248] team0: Port device team_slave_1 added [ 56.387473][ T5251] team0: Port device team_slave_1 added [ 56.404327][ T5249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.414891][ T5252] team0: Port device team_slave_1 added [ 56.427028][ T5254] team0: Port device team_slave_0 added [ 56.473654][ T5254] team0: Port device team_slave_1 added [ 56.495876][ T5248] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.502858][ T5248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.528857][ T5248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.561746][ T5251] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.568853][ T5251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.595940][ T5251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.607973][ T5248] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.614943][ T5248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.641772][ T5248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.660455][ T5249] team0: Port device team_slave_0 added [ 56.667142][ T5252] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.674199][ T5252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.700337][ T5252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.711950][ T5254] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.719864][ T5254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.745996][ T5254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.758981][ T5251] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.766062][ T5251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.792153][ T5251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.810257][ T5249] team0: Port device team_slave_1 added [ 56.824350][ T5252] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.831738][ T5252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.857904][ T5252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.870485][ T5254] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.877524][ T5254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.903545][ T5254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.945364][ T5249] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.952344][ T5249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.978348][ T5249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.014962][ T5249] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.022021][ T5249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.048624][ T5249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.060026][ T4626] Bluetooth: hci2: command tx timeout [ 57.066414][ T5239] Bluetooth: hci0: command tx timeout [ 57.071181][ T5232] Bluetooth: hci1: command tx timeout [ 57.087008][ T5251] hsr_slave_0: entered promiscuous mode [ 57.093269][ T5251] hsr_slave_1: entered promiscuous mode [ 57.119799][ T5254] hsr_slave_0: entered promiscuous mode [ 57.126563][ T5254] hsr_slave_1: entered promiscuous mode [ 57.132635][ T5254] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.140542][ T5232] Bluetooth: hci3: command tx timeout [ 57.140794][ T5232] Bluetooth: hci4: command tx timeout [ 57.146385][ T5254] Cannot create hsr debugfs directory [ 57.170027][ T5248] hsr_slave_0: entered promiscuous mode [ 57.177234][ T5248] hsr_slave_1: entered promiscuous mode [ 57.183262][ T5248] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.191374][ T5248] Cannot create hsr debugfs directory [ 57.210131][ T5252] hsr_slave_0: entered promiscuous mode [ 57.217540][ T5252] hsr_slave_1: entered promiscuous mode [ 57.223552][ T5252] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.231352][ T5252] Cannot create hsr debugfs directory [ 57.279107][ T5249] hsr_slave_0: entered promiscuous mode [ 57.285677][ T5249] hsr_slave_1: entered promiscuous mode [ 57.291889][ T5249] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.299978][ T5249] Cannot create hsr debugfs directory [ 57.624633][ T5252] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.648006][ T5252] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.660776][ T5252] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.679332][ T5251] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 57.692057][ T5252] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.712667][ T5251] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.737046][ T5251] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.747915][ T5251] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.817475][ T5254] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 57.852970][ T5254] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 57.863670][ T5254] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 57.884457][ T5254] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 57.932330][ T5252] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.948299][ T5248] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.959414][ T5248] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.971465][ T5248] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 57.982216][ T5248] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.001784][ T5252] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.037976][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.045332][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.057661][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.064799][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.143261][ T5251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.167872][ T5249] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.186288][ T5249] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.214285][ T5249] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.234850][ T5249] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.247326][ T5252] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.272092][ T5251] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.307708][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.314905][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.346844][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.354036][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.370637][ T5248] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.391220][ T5252] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.443779][ T5254] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.454612][ T5248] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.494320][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.501439][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.534056][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.541222][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.556270][ T5254] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.572851][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.580012][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.613803][ T5251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.629588][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.636717][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.678743][ T5252] veth0_vlan: entered promiscuous mode [ 58.721655][ T5252] veth1_vlan: entered promiscuous mode [ 58.771320][ T5249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.809853][ T5248] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.829886][ T5251] veth0_vlan: entered promiscuous mode [ 58.850229][ T5249] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.861620][ T5251] veth1_vlan: entered promiscuous mode [ 58.878215][ T962] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.885367][ T962] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.908142][ T5252] veth0_macvtap: entered promiscuous mode [ 58.928520][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.935675][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.948875][ T5252] veth1_macvtap: entered promiscuous mode [ 58.961886][ T5254] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.994401][ T5252] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.020711][ T5252] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.036895][ T5248] veth0_vlan: entered promiscuous mode [ 59.058303][ T5251] veth0_macvtap: entered promiscuous mode [ 59.068059][ T5252] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.078613][ T5252] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.088571][ T5252] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.097386][ T5252] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.127811][ T5248] veth1_vlan: entered promiscuous mode [ 59.135736][ T5232] Bluetooth: hci1: command tx timeout [ 59.144486][ T5251] veth1_macvtap: entered promiscuous mode [ 59.150575][ T5232] Bluetooth: hci2: command tx timeout [ 59.152615][ T4626] Bluetooth: hci0: command tx timeout [ 59.184276][ T5254] veth0_vlan: entered promiscuous mode [ 59.207363][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.219390][ T4626] Bluetooth: hci4: command tx timeout [ 59.219641][ T5232] Bluetooth: hci3: command tx timeout [ 59.225617][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.243214][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.257159][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.268238][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.280301][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.322385][ T5251] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.332615][ T5251] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.343127][ T5251] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.352819][ T5251] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.378011][ T5254] veth1_vlan: entered promiscuous mode [ 59.402699][ T5248] veth0_macvtap: entered promiscuous mode [ 59.429248][ T962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.446210][ T962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.471048][ T5248] veth1_macvtap: entered promiscuous mode [ 59.482332][ T5249] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.502965][ T962] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.517886][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.531913][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.533249][ T962] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.542558][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.560336][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.572137][ T5248] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.592657][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.607801][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.618901][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.629536][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.644065][ T5248] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.672751][ T5248] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.683560][ T5248] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.693064][ T5248] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.702858][ T5248] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.735342][ T5252] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 59.768493][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.772040][ T5254] veth0_macvtap: entered promiscuous mode [ 59.783071][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.815439][ T5249] veth0_vlan: entered promiscuous mode [ 59.826378][ T5249] veth1_vlan: entered promiscuous mode [ 59.848800][ T5249] veth0_macvtap: entered promiscuous mode [ 59.859552][ T5249] veth1_macvtap: entered promiscuous mode [ 59.873946][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.884692][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.895160][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.905983][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.916076][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.927253][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.939211][ T5249] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.985621][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.998909][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.009470][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.025432][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.036032][ T5249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.047058][ T5249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.061293][ T5249] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.106430][ T5254] veth1_macvtap: entered promiscuous mode [ 60.143299][ T5249] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.175104][ T5249] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.183844][ T5249] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.195964][ T5249] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.238012][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.258995][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.293407][ T962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.313378][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.315243][ T962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.327103][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.341443][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.353892][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.364016][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.374960][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.405650][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.425515][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.446567][ T5254] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.486876][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.488049][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.494715][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.525554][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.545077][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.558312][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.575482][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.586349][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.597089][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.607817][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.626337][ T5254] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.698769][ T5254] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.751162][ T5254] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.792095][ T5254] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.825100][ T5254] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.922868][ T2536] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.949880][ T2536] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.061256][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.093564][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.117119][ T962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.170112][ T962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.216380][ T5232] Bluetooth: hci0: command tx timeout [ 61.216398][ T4626] Bluetooth: hci2: command tx timeout [ 61.221811][ T5232] Bluetooth: hci1: command tx timeout [ 61.243981][ T2536] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.252362][ T2536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.305351][ T5232] Bluetooth: hci4: command tx timeout [ 61.306254][ T4626] Bluetooth: hci3: command tx timeout [ 61.357506][ T5304] bridge0: port 3(vlan2) entered blocking state [ 61.363925][ T5304] bridge0: port 3(vlan2) entered disabled state [ 61.371869][ T5304] vlan2: entered allmulticast mode [ 61.396486][ T5304] vlan2: left allmulticast mode [ 61.689639][ T5313] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 61.845833][ T29] audit: type=1326 audit(1728102130.531:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5320 comm="syz.4.14" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 62.012826][ T29] audit: type=1326 audit(1728102130.701:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5320 comm="syz.4.14" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 62.059882][ T29] audit: type=1326 audit(1728102130.751:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5320 comm="syz.4.14" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 62.122942][ T29] audit: type=1326 audit(1728102130.751:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5320 comm="syz.4.14" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 62.168973][ T5329] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17'. [ 62.448718][ T5339] netlink: 201400 bytes leftover after parsing attributes in process `syz.4.22'. [ 62.545009][ T5344] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 63.129109][ T5362] loop4: detected capacity change from 0 to 7 [ 63.136988][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.145317][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.153386][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.161388][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.169488][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.177528][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.185582][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.193568][ T5362] ldm_validate_partition_table(): Disk read failed. [ 63.200512][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.208637][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.217761][ T5362] Buffer I/O error on dev loop4, logical block 0, async page read [ 63.227135][ T5362] Dev loop4: unable to read RDB block 0 [ 63.233256][ T5362] loop4: unable to read partition table [ 63.239367][ T5362] loop4: partition table beyond EOD, truncated [ 63.245943][ T5362] loop_reread_partitions: partition scan of loop4 (被xڬdƤݡ [ 63.245943][ T5362] ) failed (rc=-5) [ 63.295477][ T4626] Bluetooth: hci1: command tx timeout [ 63.301060][ T4626] Bluetooth: hci2: command tx timeout [ 63.307780][ T5232] Bluetooth: hci0: command tx timeout [ 63.376554][ T5239] Bluetooth: hci3: command tx timeout [ 63.382769][ T4626] Bluetooth: hci4: command tx timeout [ 63.456946][ T5291] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 63.625961][ T5291] usb 1-1: Using ep0 maxpacket: 8 [ 63.657039][ T5291] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 63.696412][ T5291] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 63.729542][ T5291] usb 1-1: config 0 has no interface number 0 [ 63.772859][ T5291] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 63.797212][ T5291] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 63.837354][ T5291] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 63.871167][ T5291] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 63.899815][ T5291] usb 1-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 63.950372][ T5291] usb 1-1: Product: syz [ 63.983192][ T5291] usb 1-1: config 0 descriptor?? [ 64.145911][ T5298] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 64.222555][ T5288] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 64.318013][ T5298] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 64.369262][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.432505][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.505246][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 64.543874][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.585920][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.643009][ T5291] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input5 [ 64.659032][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 64.715973][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.765209][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.813753][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 64.853471][ T5383] trusted_key: syz.2.43 sent an empty control message without MSG_MORE. [ 64.864314][ T5291] input: failed to attach handler kbd to device input5, error: -5 [ 64.885234][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.918202][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.955199][ T5291] usb 1-1: USB disconnect, device number 2 [ 65.015304][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.087131][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.152405][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.239438][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.283274][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.325123][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.366725][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.391877][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.420238][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.451959][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.485640][ T5298] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.524302][ T5298] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.562107][ T5298] usb 2-1: config 0 interface 0 has no altsetting 0 [ 65.587032][ T5298] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 65.599391][ T5390] netlink: 'syz.3.46': attribute type 12 has an invalid length. [ 65.614316][ T5298] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 65.644010][ T5390] netlink: 'syz.3.46': attribute type 11 has an invalid length. [ 65.661718][ T5298] usb 2-1: Product: syz [ 65.670028][ T5390] netlink: 190580 bytes leftover after parsing attributes in process `syz.3.46'. [ 65.690425][ T5298] usb 2-1: Manufacturer: syz [ 65.737375][ T5298] usb 2-1: SerialNumber: syz [ 65.749247][ T5298] usb 2-1: config 0 descriptor?? [ 65.857542][ T5298] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 66.541140][ T25] usb 2-1: USB disconnect, device number 2 [ 66.618151][ T25] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 67.001932][ T5408] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 69.053936][ T5439] vivid-007: disconnect [ 69.091117][ T5437] vivid-007: reconnect [ 69.144995][ C0] sched: DL replenish lagged too much [ 69.565120][ T25] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 69.759982][ T25] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 69.804418][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.863370][ T25] usb 2-1: config 0 descriptor?? [ 69.991791][ T5457] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 70.425322][ T5461] netlink: 92 bytes leftover after parsing attributes in process `syz.4.77'. [ 70.435678][ T25] [drm:udl_init] *ERROR* Selecting channel failed [ 70.467142][ T29] audit: type=1804 audit(1728102139.161:6): pid=5462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.78" name="/" dev="pidfs" ino=5760 res=1 errno=0 [ 70.539920][ T25] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 70.631044][ T25] [drm] Initialized udl on minor 2 [ 70.685212][ T25] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 70.758848][ T25] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 70.768580][ T5291] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 70.870027][ T25] usb 2-1: USB disconnect, device number 3 [ 70.899765][ T5291] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 70.959296][ T5291] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 71.344021][ T5474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.84'. [ 71.417261][ T5474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.84'. [ 71.704440][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.722868][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.314183][ T5495] process 'syz.3.92' launched './file0' with NULL argv: empty string added [ 76.842471][ T47] cfg80211: failed to load regulatory.db [ 81.279763][ T4626] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.303985][ T4626] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.315999][ T4626] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.325030][ T4626] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.333382][ T4626] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 81.346449][ T4626] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 82.202166][ T5239] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.218143][ T5239] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.230083][ T5239] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.238239][ T5239] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.247688][ T5239] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 82.265658][ T5239] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.202407][ T4626] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.213206][ T4626] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.229743][ T4626] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.237774][ T4626] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.246631][ T4626] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 83.253921][ T4626] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 83.375254][ T5239] Bluetooth: hci5: command tx timeout [ 84.210309][ T4626] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 84.219333][ T4626] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 84.231537][ T4626] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 84.239935][ T4626] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 84.247986][ T4626] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 84.255819][ T4626] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 84.335383][ T5239] Bluetooth: hci6: command tx timeout [ 85.295299][ T5239] Bluetooth: hci7: command tx timeout [ 85.460582][ T5239] Bluetooth: hci5: command tx timeout [ 85.707576][ T4626] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 85.716448][ T4626] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 85.727140][ T4626] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 85.735141][ T4626] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 85.742718][ T4626] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 85.752901][ T4626] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 86.335249][ T4626] Bluetooth: hci8: command tx timeout [ 86.417137][ T4626] Bluetooth: hci6: command tx timeout [ 87.375274][ T4626] Bluetooth: hci7: command tx timeout [ 87.536058][ T4626] Bluetooth: hci5: command tx timeout [ 87.775197][ T4626] Bluetooth: hci9: command tx timeout [ 88.415193][ T4626] Bluetooth: hci8: command tx timeout [ 88.495220][ T4626] Bluetooth: hci6: command tx timeout [ 89.455255][ T4626] Bluetooth: hci7: command tx timeout [ 89.618217][ T4626] Bluetooth: hci5: command tx timeout [ 89.855223][ T4626] Bluetooth: hci9: command tx timeout [ 90.502301][ T4626] Bluetooth: hci8: command tx timeout [ 90.575266][ T4626] Bluetooth: hci6: command tx timeout [ 91.537371][ T4626] Bluetooth: hci7: command tx timeout [ 91.935242][ T4626] Bluetooth: hci9: command tx timeout [ 92.575249][ T4626] Bluetooth: hci8: command tx timeout [ 94.015251][ T4626] Bluetooth: hci9: command tx timeout [ 133.139909][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.153832][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 145.011246][ T5239] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 145.020383][ T5239] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 145.028267][ T5239] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 145.042054][ T5239] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 145.049841][ T5239] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 145.065130][ T5239] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 145.416970][ T4626] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 145.431936][ T4626] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 145.440016][ T4626] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 145.448978][ T4626] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 145.457038][ T4626] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 145.464460][ T4626] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 145.579878][ T4626] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 145.588601][ T4626] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 145.596843][ T4626] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 145.635153][ T4626] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 145.646046][ T4626] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 145.654488][ T4626] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 145.953168][ T5239] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 145.965117][ T5239] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 145.972987][ T5239] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 145.981150][ T5239] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 145.989465][ T5239] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 145.998098][ T5239] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 146.191199][ T5239] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 146.199967][ T5239] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 146.208313][ T5239] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 146.217733][ T5239] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 146.226576][ T5239] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 146.233996][ T5239] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 147.135280][ T5239] Bluetooth: hci10: command tx timeout [ 147.535156][ T5239] Bluetooth: hci11: command tx timeout [ 147.695166][ T5239] Bluetooth: hci12: command tx timeout [ 148.095189][ T5239] Bluetooth: hci13: command tx timeout [ 148.335164][ T5239] Bluetooth: hci14: command tx timeout [ 149.215232][ T5239] Bluetooth: hci10: command tx timeout [ 149.615218][ T5239] Bluetooth: hci11: command tx timeout [ 149.775238][ T5239] Bluetooth: hci12: command tx timeout [ 150.185358][ T5239] Bluetooth: hci13: command tx timeout [ 150.415237][ T5239] Bluetooth: hci14: command tx timeout [ 151.295089][ T5239] Bluetooth: hci10: command tx timeout [ 151.701002][ T5239] Bluetooth: hci11: command tx timeout [ 151.855119][ T5239] Bluetooth: hci12: command tx timeout [ 152.255299][ T5239] Bluetooth: hci13: command tx timeout [ 152.495273][ T5239] Bluetooth: hci14: command tx timeout [ 153.375254][ T5239] Bluetooth: hci10: command tx timeout [ 153.775181][ T5239] Bluetooth: hci11: command tx timeout [ 153.935181][ T5239] Bluetooth: hci12: command tx timeout [ 154.335221][ T5239] Bluetooth: hci13: command tx timeout [ 154.575208][ T5239] Bluetooth: hci14: command tx timeout [ 181.319647][ T5240] Bluetooth: hci0: command 0x0406 tx timeout [ 181.330055][ T5246] Bluetooth: hci3: command 0x0406 tx timeout [ 181.336190][ T55] Bluetooth: hci4: command 0x0406 tx timeout [ 181.342232][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 181.348318][ T5241] Bluetooth: hci1: command 0x0406 tx timeout [ 194.581984][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.588685][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.529348][ T5232] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 203.544600][ T5232] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 203.555108][ T5232] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 203.563433][ T5232] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 203.580309][ T5232] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 203.588937][ T5232] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 203.769496][ T5232] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 203.786187][ T5232] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 203.797471][ T5232] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 203.806748][ T5232] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 203.815431][ T5232] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 203.823049][ T5232] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 204.392353][ T5232] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 204.401362][ T5232] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 204.410038][ T5232] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 204.427158][ T5232] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 204.435932][ T5232] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 204.446060][ T5232] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 205.615228][ T5239] Bluetooth: hci15: command tx timeout [ 205.855154][ T5239] Bluetooth: hci16: command tx timeout [ 205.933908][ T5237] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 205.943134][ T5237] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 205.951855][ T5237] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 205.959979][ T5237] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 205.968735][ T5237] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 205.978435][ T5237] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 206.382675][ T5239] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 206.396606][ T5239] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 206.404731][ T5239] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 206.414527][ T5239] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 206.422550][ T5239] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 206.432165][ T5239] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 206.495253][ T5237] Bluetooth: hci17: command tx timeout [ 206.915066][ T5237] Bluetooth: hci7: command 0x0406 tx timeout [ 206.921219][ T5239] Bluetooth: hci5: command 0x0406 tx timeout [ 206.927424][ T5246] Bluetooth: hci6: command 0x0406 tx timeout [ 206.933463][ T5246] Bluetooth: hci8: command 0x0406 tx timeout [ 207.695066][ T55] Bluetooth: hci15: command tx timeout [ 207.935153][ T55] Bluetooth: hci16: command tx timeout [ 208.015226][ T55] Bluetooth: hci18: command tx timeout [ 208.495283][ T55] Bluetooth: hci19: command tx timeout [ 208.575240][ T55] Bluetooth: hci17: command tx timeout [ 209.775116][ T55] Bluetooth: hci15: command tx timeout [ 210.015080][ T55] Bluetooth: hci16: command tx timeout [ 210.095194][ T55] Bluetooth: hci18: command tx timeout [ 210.575205][ T55] Bluetooth: hci19: command tx timeout [ 210.655204][ T55] Bluetooth: hci17: command tx timeout [ 211.855061][ T55] Bluetooth: hci15: command tx timeout [ 212.015238][ T55] Bluetooth: hci9: command 0x0406 tx timeout [ 212.105589][ T5232] Bluetooth: hci16: command tx timeout [ 212.175349][ T5232] Bluetooth: hci18: command tx timeout [ 212.655398][ T5232] Bluetooth: hci19: command tx timeout [ 212.735121][ T5232] Bluetooth: hci17: command tx timeout [ 214.255209][ T5232] Bluetooth: hci18: command tx timeout [ 214.735113][ T5232] Bluetooth: hci19: command tx timeout [ 234.260573][ T30] INFO: task kworker/1:1:47 blocked for more than 143 seconds. [ 234.268956][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 234.295135][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 234.303892][ T30] task:kworker/1:1 state:D stack:22832 pid:47 tgid:47 ppid:2 flags:0x00004000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 234.424952][ T30] Workqueue: events request_firmware_work_func [ 234.431615][ T30] Call Trace: [ 234.528644][ T30] [ 234.532067][ T30] __schedule+0x1895/0x4b30 [ 234.564988][ T30] ? __pfx___schedule+0x10/0x10 [ 234.569924][ T30] ? __pfx_lock_release+0x10/0x10 [ 234.621448][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 234.645339][ T30] ? kthread_data+0x52/0xd0 [ 234.649927][ T30] ? schedule+0x90/0x320 [ 234.654208][ T30] ? wq_worker_sleeping+0x66/0x240 [ 234.714957][ T30] ? schedule+0x90/0x320 [ 234.719457][ T30] schedule+0x14b/0x320 [ 234.723646][ T30] schedule_preempt_disabled+0x13/0x30 [ 234.794963][ T30] __mutex_lock+0x6a7/0xd70 [ 234.799542][ T30] ? __mutex_lock+0x52a/0xd70 [ 234.804336][ T30] ? regdb_fw_cb+0x82/0x1c0 [ 234.854964][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 234.860071][ T30] ? lock_acquire+0x264/0x550 [ 234.864791][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 234.918994][ T30] regdb_fw_cb+0x82/0x1c0 [ 234.923491][ T30] ? __pfx_regdb_fw_cb+0x10/0x10 [ 234.965037][ T30] request_firmware_work_func+0x1a4/0x280 [ 234.970836][ T30] ? __pfx_request_firmware_work_func+0x10/0x10 [ 235.004954][ T30] ? process_scheduled_works+0x976/0x1850 [ 235.010742][ T30] process_scheduled_works+0xa63/0x1850 [ 235.063062][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 235.080467][ T30] ? assign_work+0x364/0x3d0 [ 235.095110][ T30] worker_thread+0x870/0xd30 [ 235.099780][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 235.135554][ T30] ? __kthread_parkme+0x169/0x1d0 [ 235.140656][ T30] ? __pfx_worker_thread+0x10/0x10 [ 235.188793][ T30] kthread+0x2f0/0x390 [ 235.192936][ T30] ? __pfx_worker_thread+0x10/0x10 [ 235.229444][ T30] ? __pfx_kthread+0x10/0x10 [ 235.234104][ T30] ret_from_fork+0x4b/0x80 [ 235.264292][ T30] ? __pfx_kthread+0x10/0x10 [ 235.291399][ T30] ret_from_fork_asm+0x1a/0x30 [ 235.301249][ T30] [ 235.316645][ T30] INFO: task syz.4.82:5470 blocked for more than 144 seconds. [ 235.324170][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 235.347498][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 235.365164][ T30] task:syz.4.82 state:D stack:21936 pid:5470 tgid:5469 ppid:5254 flags:0x20004004 [ 235.382146][ T30] Call Trace: [ 235.385770][ T30] [ 235.388735][ T30] __schedule+0x1895/0x4b30 [ 235.393289][ T30] ? __pfx___schedule+0x10/0x10 [ 235.404673][ T30] ? __pfx_lock_release+0x10/0x10 [ 235.410122][ T30] ? schedule+0x90/0x320 [ 235.414408][ T30] schedule+0x14b/0x320 [ 235.424726][ T30] schedule_timeout+0xb0/0x310 [ 235.429878][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 235.441115][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 235.449585][ T30] ? wait_for_completion+0x2fe/0x620 [ 235.462776][ T30] ? wait_for_completion+0x2fe/0x620 [ 235.468450][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 235.473701][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 235.484286][ T30] ? wait_for_completion+0x2fe/0x620 [ 235.491629][ T30] wait_for_completion+0x355/0x620 [ 235.501712][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 235.535447][ T30] ? __flush_work+0xe7/0xc50 [ 235.540457][ T30] __flush_work+0xa37/0xc50 [ 235.630467][ T30] ? __flush_work+0xe7/0xc50 [ 235.640235][ T30] ? __pfx___flush_work+0x10/0x10 [ 235.646865][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 235.652221][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 235.664568][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 235.673180][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 235.683176][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 235.693067][ T30] ? notifier_call_chain+0x3bf/0x3e0 [ 235.704625][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 235.712965][ T30] ? __netdev_upper_dev_unlink+0x752/0x8e0 [ 235.723620][ T30] ? __pfx___netdev_upper_dev_unlink+0x10/0x10 [ 235.731808][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 235.742056][ T30] unregister_netdevice_queue+0x303/0x370 [ 235.749330][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 235.760009][ T30] ? macsec_del_dev+0x2f9/0x310 [ 235.767652][ T30] macsec_newlink+0xd5f/0x1100 [ 235.772570][ T30] ? __pfx_macsec_newlink+0x10/0x10 [ 235.783555][ T30] ? read_word_at_a_time+0xe/0x20 [ 235.791434][ T30] ? sized_strscpy+0x8d/0x220 [ 235.800014][ T30] ? alloc_netdev_mqs+0xcda/0x1000 [ 235.808341][ T30] ? validate_linkmsg+0x71e/0x900 [ 235.813415][ T30] ? rtnl_create_link+0x91c/0xc20 [ 235.821225][ T30] ? __pfx_macsec_newlink+0x10/0x10 [ 235.830088][ T30] rtnl_newlink+0x1591/0x20a0 [ 235.838278][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 235.843351][ T30] ? __pfx___mutex_trylock_common+0x10/0x10 [ 235.857491][ T30] ? rcu_is_watching+0x15/0xb0 [ 235.863212][ T30] ? trace_contention_end+0x3c/0x120 [ 235.872287][ T30] ? __mutex_lock+0x2ef/0xd70 [ 235.879559][ T30] ? __pfx_lock_release+0x10/0x10 [ 235.884651][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 235.897173][ T30] rtnetlink_rcv_msg+0x73f/0xcf0 [ 235.902182][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 235.911106][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 235.919342][ T30] ? ref_tracker_free+0x643/0x7e0 [ 235.924423][ T30] netlink_rcv_skb+0x1e3/0x430 [ 235.933247][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 235.943318][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 235.952920][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 235.960727][ T30] netlink_unicast+0x7f6/0x990 [ 235.969931][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 235.977956][ T30] ? __virt_addr_valid+0x183/0x530 [ 235.983116][ T30] ? __check_object_size+0x48e/0x900 [ 235.992443][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 236.000748][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.009801][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.015173][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 236.020151][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.033249][ T30] __sock_sendmsg+0x221/0x270 [ 236.038326][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 236.043146][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.054625][ T30] __sys_sendmsg+0x292/0x380 [ 236.059669][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 236.065594][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 236.073041][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 236.084376][ T30] __do_fast_syscall_32+0xb4/0x110 [ 236.089875][ T30] ? exc_page_fault+0x590/0x8c0 [ 236.094879][ T30] do_fast_syscall_32+0x34/0x80 [ 236.108008][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 236.114729][ T30] RIP: 0023:0xf7fd1579 [ 236.127748][ T30] RSP: 002b:00000000f575656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 236.141046][ T30] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280 [ 236.150623][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 236.163572][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 236.174002][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 236.190241][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.202308][ T30] [ 236.210782][ T30] INFO: task syz.0.86:5481 blocked for more than 145 seconds. [ 236.224959][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 236.232639][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 236.249019][ T30] task:syz.0.86 state:D stack:25696 pid:5481 tgid:5479 ppid:5252 flags:0x20000004 [ 236.264056][ T30] Call Trace: [ 236.274492][ T30] [ 236.278939][ T30] __schedule+0x1895/0x4b30 [ 236.283580][ T30] ? __pfx___schedule+0x10/0x10 [ 236.295341][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.300428][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 236.311521][ T30] ? schedule+0x90/0x320 [ 236.316938][ T30] schedule+0x14b/0x320 [ 236.321146][ T30] schedule_preempt_disabled+0x13/0x30 [ 236.332774][ T30] __mutex_lock+0x6a7/0xd70 [ 236.339113][ T30] ? __mutex_lock+0x52a/0xd70 [ 236.343842][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 236.354979][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 236.360156][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 236.372486][ T30] ? __nla_parse+0x40/0x60 [ 236.377964][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 236.382801][ T30] genl_rcv_msg+0xaaa/0xec0 [ 236.393314][ T30] ? mark_lock+0x9a/0x360 [ 236.398469][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.403565][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 236.416491][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 236.422008][ T30] ? __pfx_nl80211_set_tid_config+0x10/0x10 [ 236.433086][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 236.439104][ T30] ? __pfx___might_resched+0x10/0x10 [ 236.444448][ T30] netlink_rcv_skb+0x1e3/0x430 [ 236.455244][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.460494][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 236.473122][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 236.481525][ T30] genl_rcv+0x28/0x40 [ 236.491452][ T30] netlink_unicast+0x7f6/0x990 [ 236.497664][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 236.503171][ T30] ? __virt_addr_valid+0x183/0x530 [ 236.515787][ T30] ? __check_object_size+0x48e/0x900 [ 236.521139][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 236.530786][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.538936][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.544018][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 236.553966][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.560738][ T30] __sock_sendmsg+0x221/0x270 [ 236.570197][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 236.576543][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.582554][ T30] __sys_sendmsg+0x292/0x380 [ 236.592131][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 236.600139][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 236.610920][ T30] ? call_rcu+0x731/0xa70 [ 236.617575][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 236.624215][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 236.634788][ T30] __do_fast_syscall_32+0xb4/0x110 [ 236.641404][ T30] ? exc_page_fault+0x590/0x8c0 [ 236.650970][ T30] do_fast_syscall_32+0x34/0x80 [ 236.658490][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 236.664873][ T30] RIP: 0023:0xf745d579 [ 236.676674][ T30] RSP: 002b:00000000f574656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 236.690613][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 236.700697][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 236.713525][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 236.724109][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 236.738786][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.751197][ T30] [ 236.754341][ T30] INFO: task syz.2.90:5491 blocked for more than 145 seconds. [ 236.765156][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 236.772851][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 236.788257][ T30] task:syz.2.90 state:D stack:25696 pid:5491 tgid:5490 ppid:5248 flags:0x20000004 [ 236.802339][ T30] Call Trace: [ 236.811687][ T30] [ 236.814666][ T30] __schedule+0x1895/0x4b30 [ 236.822939][ T30] ? __pfx___schedule+0x10/0x10 [ 236.831467][ T30] ? __pfx_lock_release+0x10/0x10 [ 236.839144][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 236.844656][ T30] ? schedule+0x90/0x320 [ 236.852603][ T30] schedule+0x14b/0x320 [ 236.859811][ T30] schedule_preempt_disabled+0x13/0x30 [ 236.870810][ T30] __mutex_lock+0x6a7/0xd70 [ 236.877919][ T30] ? __mutex_lock+0x52a/0xd70 [ 236.882644][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 236.891946][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 236.899961][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 236.909964][ T30] ? __nla_parse+0x40/0x60 [ 236.914425][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 236.921903][ T30] genl_rcv_msg+0xaaa/0xec0 [ 236.930855][ T30] ? mark_lock+0x9a/0x360 [ 236.939561][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.944747][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 236.953679][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 236.961705][ T30] ? __pfx_nl80211_channel_switch+0x10/0x10 [ 236.971696][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 236.979955][ T30] ? __pfx___might_resched+0x10/0x10 [ 236.989136][ T30] netlink_rcv_skb+0x1e3/0x430 [ 236.993954][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 237.003320][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 237.011202][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 237.021188][ T30] genl_rcv+0x28/0x40 [ 237.027771][ T30] netlink_unicast+0x7f6/0x990 [ 237.032587][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 237.041667][ T30] ? __virt_addr_valid+0x183/0x530 [ 237.049437][ T30] ? __check_object_size+0x48e/0x900 [ 237.054781][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 237.064953][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.070294][ T30] ? __pfx_lock_release+0x10/0x10 [ 237.082207][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 237.087513][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.093505][ T30] __sock_sendmsg+0x221/0x270 [ 237.104130][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 237.109350][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 237.114685][ T30] __sys_sendmsg+0x292/0x380 [ 237.123604][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 237.133128][ T30] ? fput+0x1a8/0x230 [ 237.142095][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 237.152454][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 237.160309][ T30] __do_fast_syscall_32+0xb4/0x110 [ 237.169088][ T30] ? exc_page_fault+0x590/0x8c0 [ 237.173998][ T30] do_fast_syscall_32+0x34/0x80 [ 237.181779][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 237.192378][ T30] RIP: 0023:0xf7fb5579 [ 237.201139][ T30] RSP: 002b:00000000f573656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 237.213265][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 237.224938][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 237.245373][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 237.253405][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 237.268780][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 237.280575][ T30] [ 237.283807][ T30] INFO: task syz.3.96:5505 blocked for more than 146 seconds. [ 237.294044][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 237.314328][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.323909][ T30] task:syz.3.96 state:D stack:26816 pid:5505 tgid:5504 ppid:5249 flags:0x20000004 [ 237.344459][ T30] Call Trace: [ 237.348202][ T30] [ 237.351247][ T30] __schedule+0x1895/0x4b30 [ 237.361822][ T30] ? __pfx___schedule+0x10/0x10 [ 237.369458][ T30] ? __pfx_lock_release+0x10/0x10 [ 237.374551][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 237.385381][ T30] ? schedule+0x90/0x320 [ 237.389722][ T30] schedule+0x14b/0x320 [ 237.393928][ T30] schedule_preempt_disabled+0x13/0x30 [ 237.408001][ T30] __mutex_lock+0x6a7/0xd70 [ 237.412584][ T30] ? __mutex_lock+0x52a/0xd70 [ 237.422707][ T30] ? dev_ethtool+0x21e/0x1bc0 [ 237.428928][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 237.435264][ T30] ? __kasan_kmalloc+0x98/0xb0 [ 237.440086][ T30] ? dev_ethtool+0x145/0x1bc0 [ 237.444789][ T30] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 237.455478][ T30] dev_ethtool+0x21e/0x1bc0 [ 237.460052][ T30] ? dev_load+0x21/0x1f0 [ 237.464322][ T30] ? __pfx_dev_ethtool+0x10/0x10 [ 237.476336][ T30] ? dev_load+0x21/0x1f0 [ 237.480645][ T30] dev_ioctl+0x785/0x1340 [ 237.491165][ T30] compat_sock_ioctl+0xb7e/0xf20 [ 237.496507][ T30] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 237.502608][ T30] ? __fget_files+0x29/0x470 [ 237.513388][ T30] ? __fget_files+0x3f3/0x470 [ 237.518548][ T30] __se_compat_sys_ioctl+0x510/0xc90 [ 237.523901][ T30] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 237.536773][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 237.543651][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 237.557683][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 237.564359][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 237.572403][ T30] __do_fast_syscall_32+0xb4/0x110 [ 237.581331][ T30] ? exc_page_fault+0x590/0x8c0 [ 237.588841][ T30] do_fast_syscall_32+0x34/0x80 [ 237.593751][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 237.606236][ T30] RIP: 0023:0xf741d579 [ 237.610361][ T30] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 237.622929][ T30] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008946 [ 237.633526][ T30] RDX: 0000000020000900 RSI: 0000000000000000 RDI: 0000000000000000 [ 237.648588][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 237.660676][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 237.672364][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 237.683061][ T30] [ 237.690057][ T30] INFO: task syz.1.97:5507 blocked for more than 146 seconds. [ 237.702252][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 237.714277][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.731568][ T30] task:syz.1.97 state:D stack:25696 pid:5507 tgid:5506 ppid:5251 flags:0x20000004 [ 237.744226][ T30] Call Trace: [ 237.752669][ T30] [ 237.757181][ T30] __schedule+0x1895/0x4b30 [ 237.761755][ T30] ? __pfx___schedule+0x10/0x10 [ 237.771918][ T30] ? __pfx_lock_release+0x10/0x10 [ 237.778855][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 237.784379][ T30] ? schedule+0x90/0x320 [ 237.794515][ T30] schedule+0x14b/0x320 [ 237.800405][ T30] schedule_preempt_disabled+0x13/0x30 [ 237.811242][ T30] __mutex_lock+0x6a7/0xd70 [ 237.817371][ T30] ? __mutex_lock+0x52a/0xd70 [ 237.822097][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 237.832056][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 237.838665][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 237.850476][ T30] ? __nla_parse+0x40/0x60 [ 237.858746][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 237.863578][ T30] genl_rcv_msg+0xaaa/0xec0 [ 237.872887][ T30] ? mark_lock+0x9a/0x360 [ 237.878790][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 237.883903][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 237.893854][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 237.900789][ T30] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 237.910782][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 237.918613][ T30] ? __pfx___might_resched+0x10/0x10 [ 237.923958][ T30] netlink_rcv_skb+0x1e3/0x430 [ 237.933971][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 237.941748][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 237.951508][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 237.959743][ T30] genl_rcv+0x28/0x40 [ 237.963779][ T30] netlink_unicast+0x7f6/0x990 [ 237.972711][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 237.980827][ T30] ? __virt_addr_valid+0x183/0x530 [ 237.991007][ T30] ? __check_object_size+0x48e/0x900 [ 237.998968][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 238.003791][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.013433][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.021418][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 238.030094][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.038007][ T30] __sock_sendmsg+0x221/0x270 [ 238.042744][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 238.051345][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.061634][ T30] __sys_sendmsg+0x292/0x380 [ 238.069868][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.078036][ T30] ? fput+0x1a8/0x230 [ 238.082098][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 238.092508][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 238.100397][ T30] __do_fast_syscall_32+0xb4/0x110 [ 238.109180][ T30] ? exc_page_fault+0x590/0x8c0 [ 238.114086][ T30] do_fast_syscall_32+0x34/0x80 [ 238.124135][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 238.134254][ T30] RIP: 0023:0xf746d579 [ 238.141015][ T30] RSP: 002b:00000000f575656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 238.154047][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 238.164786][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 238.175203][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 238.183312][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 238.201260][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 238.212157][ T30] [ 238.219539][ T30] INFO: task syz-executor:5512 blocked for more than 147 seconds. [ 238.229951][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 238.241392][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.253018][ T30] task:syz-executor state:D stack:26528 pid:5512 tgid:5512 ppid:1 flags:0x20004004 [ 238.273607][ T30] Call Trace: [ 238.279782][ T30] [ 238.282818][ T30] __schedule+0x1895/0x4b30 [ 238.294951][ T30] ? __pfx___schedule+0x10/0x10 [ 238.299863][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.310947][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 238.318222][ T30] ? schedule+0x90/0x320 [ 238.323466][ T30] schedule+0x14b/0x320 [ 238.333773][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.342704][ T30] __mutex_lock+0x6a7/0xd70 [ 238.353203][ T30] ? __mutex_lock+0x52a/0xd70 [ 238.358301][ T30] ? register_nexthop_notifier+0x84/0x290 [ 238.364077][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 238.376112][ T30] ? __asan_memset+0x23/0x50 [ 238.380775][ T30] register_nexthop_notifier+0x84/0x290 [ 238.391177][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 238.399894][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 238.410987][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 238.419231][ T30] ? __asan_memset+0x23/0x50 [ 238.424650][ T30] ops_init+0x31e/0x590 [ 238.433861][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 238.440767][ T30] setup_net+0x287/0x9e0 [ 238.449860][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 238.456977][ T30] ? __pfx_setup_net+0x10/0x10 [ 238.461892][ T30] copy_net_ns+0x33f/0x570 [ 238.474012][ T30] create_new_namespaces+0x425/0x7b0 [ 238.480813][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 238.491574][ T30] ksys_unshare+0x57d/0xa70 [ 238.497551][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 238.502623][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.513908][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 238.522012][ T30] __ia32_sys_unshare+0x37/0x40 [ 238.532655][ T30] __do_fast_syscall_32+0xb4/0x110 [ 238.540561][ T30] ? exc_page_fault+0x590/0x8c0 [ 238.550255][ T30] do_fast_syscall_32+0x34/0x80 [ 238.557451][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 238.563824][ T30] RIP: 0023:0xf7f43579 [ 238.572912][ T30] RSP: 002b:00000000f752ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 238.583922][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 238.594925][ T30] RDX: 00000000f73cbff4 RSI: 00000000f72a224b RDI: 0000000030000000 [ 238.602950][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 238.618010][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 238.630414][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 238.641564][ T30] [ 238.644706][ T30] INFO: task syz-executor:5515 blocked for more than 147 seconds. [ 238.657275][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 238.671635][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.682886][ T30] task:syz-executor state:D stack:26368 pid:5515 tgid:5515 ppid:1 flags:0x20004006 [ 238.696866][ T30] Call Trace: [ 238.700187][ T30] [ 238.703229][ T30] __schedule+0x1895/0x4b30 [ 238.711870][ T30] ? __pfx___schedule+0x10/0x10 [ 238.720837][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.731453][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 238.741289][ T30] ? schedule+0x90/0x320 [ 238.748616][ T30] schedule+0x14b/0x320 [ 238.752832][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.762013][ T30] __mutex_lock+0x6a7/0xd70 [ 238.770114][ T30] ? __mutex_lock+0x52a/0xd70 [ 238.774841][ T30] ? register_nexthop_notifier+0x84/0x290 [ 238.780901][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 238.793648][ T30] ? __asan_memset+0x23/0x50 [ 238.798578][ T30] register_nexthop_notifier+0x84/0x290 [ 238.804400][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 238.814928][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 238.821220][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 238.833471][ T30] ? __asan_memset+0x23/0x50 [ 238.838581][ T30] ops_init+0x31e/0x590 [ 238.842779][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 238.854307][ T30] setup_net+0x287/0x9e0 [ 238.861082][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 238.872916][ T30] ? __pfx_setup_net+0x10/0x10 [ 238.878688][ T30] copy_net_ns+0x33f/0x570 [ 238.883147][ T30] create_new_namespaces+0x425/0x7b0 [ 238.893309][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 238.900577][ T30] ksys_unshare+0x57d/0xa70 [ 238.909919][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 238.916414][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.922795][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 238.936332][ T30] __ia32_sys_unshare+0x37/0x40 [ 238.941231][ T30] __do_fast_syscall_32+0xb4/0x110 [ 238.951308][ T30] ? exc_page_fault+0x590/0x8c0 [ 238.956547][ T30] do_fast_syscall_32+0x34/0x80 [ 238.961429][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 238.974997][ T30] RIP: 0023:0xf7f56579 [ 238.979203][ T30] RSP: 002b:00000000f753ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 238.994931][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 239.002947][ T30] RDX: 00000000f73dbff4 RSI: 00000000f72b224b RDI: 0000000030000000 [ 239.017141][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 239.028842][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 239.039987][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.053301][ T30] [ 239.059025][ T30] INFO: task syz-executor:5518 blocked for more than 148 seconds. [ 239.071880][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 239.082528][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.096555][ T30] task:syz-executor state:D stack:25552 pid:5518 tgid:5518 ppid:1 flags:0x20004004 [ 239.112643][ T30] Call Trace: [ 239.119653][ T30] [ 239.122627][ T30] __schedule+0x1895/0x4b30 [ 239.133403][ T30] ? __pfx___schedule+0x10/0x10 [ 239.139593][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.144679][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 239.155422][ T30] ? schedule+0x90/0x320 [ 239.159726][ T30] schedule+0x14b/0x320 [ 239.163932][ T30] schedule_preempt_disabled+0x13/0x30 [ 239.176170][ T30] __mutex_lock+0x6a7/0xd70 [ 239.180741][ T30] ? __mutex_lock+0x52a/0xd70 [ 239.192208][ T30] ? register_nexthop_notifier+0x84/0x290 [ 239.199451][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 239.204528][ T30] ? __asan_memset+0x23/0x50 [ 239.214075][ T30] register_nexthop_notifier+0x84/0x290 [ 239.223312][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 239.234079][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 239.244131][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 239.254983][ T30] ? __asan_memset+0x23/0x50 [ 239.259650][ T30] ops_init+0x31e/0x590 [ 239.263847][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 239.274579][ T30] setup_net+0x287/0x9e0 [ 239.279275][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 239.291699][ T30] ? __pfx_setup_net+0x10/0x10 [ 239.300466][ T30] copy_net_ns+0x33f/0x570 [ 239.311104][ T30] create_new_namespaces+0x425/0x7b0 [ 239.318605][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 239.324415][ T30] ksys_unshare+0x57d/0xa70 [ 239.334950][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 239.340036][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.353186][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 239.360233][ T30] __ia32_sys_unshare+0x37/0x40 [ 239.371013][ T30] __do_fast_syscall_32+0xb4/0x110 [ 239.381466][ T30] ? exc_page_fault+0x590/0x8c0 [ 239.392332][ T30] do_fast_syscall_32+0x34/0x80 [ 239.397599][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 239.403969][ T30] RIP: 0023:0xf7fb1579 [ 239.414513][ T30] RSP: 002b:00000000f759ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 239.423377][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 239.437327][ T30] RDX: 00000000f743bff4 RSI: 00000000f731224b RDI: 0000000030000000 [ 239.451507][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 239.462309][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 239.474137][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.485581][ T30] [ 239.488736][ T30] INFO: task syz-executor:5521 blocked for more than 148 seconds. [ 239.501937][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 239.512939][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.525208][ T30] task:syz-executor state:D stack:26304 pid:5521 tgid:5521 ppid:1 flags:0x20004004 [ 239.541041][ T30] Call Trace: [ 239.544364][ T30] [ 239.547803][ T30] __schedule+0x1895/0x4b30 [ 239.553076][ T30] ? __pfx___schedule+0x10/0x10 [ 239.563971][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.571060][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 239.583962][ T30] ? schedule+0x90/0x320 [ 239.589411][ T30] schedule+0x14b/0x320 [ 239.593717][ T30] schedule_preempt_disabled+0x13/0x30 [ 239.604933][ T30] __mutex_lock+0x6a7/0xd70 [ 239.609579][ T30] ? __mutex_lock+0x52a/0xd70 [ 239.614370][ T30] ? register_nexthop_notifier+0x84/0x290 [ 239.626532][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 239.631623][ T30] ? __asan_memset+0x23/0x50 [ 239.641976][ T30] register_nexthop_notifier+0x84/0x290 [ 239.650163][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 239.660437][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 239.669333][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 239.680041][ T30] ? __asan_memset+0x23/0x50 [ 239.684700][ T30] ops_init+0x31e/0x590 [ 239.691592][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 239.700917][ T30] setup_net+0x287/0x9e0 [ 239.709414][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 239.718752][ T30] ? __pfx_setup_net+0x10/0x10 [ 239.723585][ T30] copy_net_ns+0x33f/0x570 [ 239.730679][ T30] create_new_namespaces+0x425/0x7b0 [ 239.739833][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 239.748561][ T30] ksys_unshare+0x57d/0xa70 [ 239.753877][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 239.762961][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.773628][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 239.786881][ T30] __ia32_sys_unshare+0x37/0x40 [ 239.791788][ T30] __do_fast_syscall_32+0xb4/0x110 [ 239.800769][ T30] ? exc_page_fault+0x590/0x8c0 [ 239.808454][ T30] do_fast_syscall_32+0x34/0x80 [ 239.813353][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 239.823479][ T30] RIP: 0023:0xf7fb3579 [ 239.830152][ T30] RSP: 002b:00000000f759ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 239.843491][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 239.854071][ T30] RDX: 00000000f743bff4 RSI: 00000000f731224b RDI: 0000000030000000 [ 239.867541][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 239.878146][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 239.890339][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.902582][ T30] [ 239.908169][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 239.920960][ T30] INFO: task syz-executor:5524 blocked for more than 149 seconds. [ 239.931989][ T30] Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 239.943496][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.954786][ T30] task:syz-executor state:D stack:26464 pid:5524 tgid:5524 ppid:1 flags:0x20004004 [ 239.977936][ T30] Call Trace: [ 239.981270][ T30] [ 239.984224][ T30] __schedule+0x1895/0x4b30 [ 239.994009][ T30] ? __pfx___schedule+0x10/0x10 [ 240.000104][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.011024][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 240.024832][ T30] ? schedule+0x90/0x320 [ 240.029192][ T30] schedule+0x14b/0x320 [ 240.033387][ T30] schedule_preempt_disabled+0x13/0x30 [ 240.046262][ T30] __mutex_lock+0x6a7/0xd70 [ 240.050830][ T30] ? __mutex_lock+0x52a/0xd70 [ 240.059479][ T30] ? register_nexthop_notifier+0x84/0x290 [ 240.068437][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 240.073524][ T30] ? __asan_memset+0x23/0x50 [ 240.082517][ T30] register_nexthop_notifier+0x84/0x290 [ 240.090659][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 240.101268][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 240.111816][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 240.121684][ T30] ? __asan_memset+0x23/0x50 [ 240.128894][ T30] ops_init+0x31e/0x590 [ 240.133114][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 240.142422][ T30] setup_net+0x287/0x9e0 [ 240.149355][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 240.158613][ T30] ? __pfx_setup_net+0x10/0x10 [ 240.164132][ T30] copy_net_ns+0x33f/0x570 [ 240.173133][ T30] create_new_namespaces+0x425/0x7b0 [ 240.182415][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 240.191237][ T30] ksys_unshare+0x57d/0xa70 [ 240.199584][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 240.204653][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 240.214597][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 240.225003][ T30] __ia32_sys_unshare+0x37/0x40 [ 240.229906][ T30] __do_fast_syscall_32+0xb4/0x110 [ 240.242327][ T30] ? exc_page_fault+0x590/0x8c0 [ 240.247827][ T30] do_fast_syscall_32+0x34/0x80 [ 240.252725][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 240.266094][ T30] RIP: 0023:0xf7f62579 [ 240.270213][ T30] RSP: 002b:00000000f754ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 240.284294][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 240.292716][ T30] RDX: 00000000f73ebff4 RSI: 00000000f72c224b RDI: 0000000030000000 [ 240.307952][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 240.320747][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 240.332431][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 240.345007][ T30] [ 240.348171][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 240.363215][ T30] [ 240.363215][ T30] Showing all locks held in the system: [ 240.372197][ T30] 3 locks held by kworker/0:0/8: [ 240.384739][ T30] 3 locks held by kworker/0:1/9: [ 240.390080][ T30] 1 lock held by khungtaskd/30: [ 240.400885][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 240.412521][ T30] 3 locks held by kworker/1:1/47: [ 240.425350][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 240.446027][ T30] #1: ffffc90000b77d00 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 240.464104][ T30] #2: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: regdb_fw_cb+0x82/0x1c0 [ 240.474164][ T30] 3 locks held by kworker/0:4/1572: [ 240.485238][ T30] 3 locks held by kworker/u8:8/2536: [ 240.490563][ T30] #0: ffff88814b962148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 240.510115][ T30] #1: ffffc90009027d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 240.526965][ T30] #2: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 240.540358][ T30] 2 locks held by getty/4991: [ 240.547596][ T30] #0: ffff88814d5400a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 240.561084][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 240.579885][ T30] 6 locks held by kworker/0:5/5285: [ 240.585464][ T30] 5 locks held by kworker/0:7/5288: [ 240.590689][ T30] 3 locks held by kworker/1:6/5298: [ 240.601903][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 240.615563][ T30] #1: ffffc90003dd7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 240.632752][ T30] #2: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 240.644580][ T30] 2 locks held by syz.4.82/5470: [ 240.655748][ T30] #0: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 240.671191][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 240.684687][ T30] 2 locks held by syz.0.86/5481: [ 240.694482][ T30] #0: ffffffff8fd377b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 240.706755][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 240.720840][ T30] 2 locks held by syz.2.90/5491: [ 240.727377][ T30] #0: ffffffff8fd377b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 240.740449][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 240.751268][ T30] 1 lock held by syz.3.96/5505: [ 240.761131][ T30] #0: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ethtool+0x21e/0x1bc0 [ 240.773649][ T30] 2 locks held by syz.1.97/5507: [ 240.783968][ T30] #0: ffffffff8fd377b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 240.793796][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 240.808044][ T30] 2 locks held by syz-executor/5512: [ 240.813410][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 240.829431][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 240.847168][ T30] 2 locks held by syz-executor/5515: [ 240.852589][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 240.868403][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 240.881112][ T30] 2 locks held by syz-executor/5518: [ 240.891139][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 240.904347][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 240.918222][ T30] 2 locks held by syz-executor/5521: [ 240.923543][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 240.936497][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 240.950317][ T30] 2 locks held by syz-executor/5524: [ 240.958154][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 240.971405][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 240.986291][ T30] 2 locks held by syz-executor/5536: [ 240.991616][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.005461][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.021357][ T30] 2 locks held by syz-executor/5540: [ 241.028149][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.043880][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.055584][ T30] 2 locks held by syz-executor/5543: [ 241.060908][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.075913][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.091597][ T30] 2 locks held by syz-executor/5545: [ 241.099934][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.114638][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.131584][ T30] 2 locks held by syz-executor/5547: [ 241.137522][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.152882][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.165040][ T30] 2 locks held by syz-executor/5555: [ 241.170365][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.185936][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.201473][ T30] 2 locks held by syz-executor/5557: [ 241.208308][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.223086][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.236935][ T30] 2 locks held by syz-executor/5560: [ 241.242264][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.256869][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.270930][ T30] 2 locks held by syz-executor/5563: [ 241.279026][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.293235][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.310516][ T30] 2 locks held by syz-executor/5566: [ 241.319532][ T30] #0: ffffffff8fcc4f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 241.332918][ T30] #1: ffffffff8fcd1a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 241.345787][ T30] [ 241.348146][ T30] ============================================= [ 241.348146][ T30] [ 241.363921][ T30] NMI backtrace for cpu 1 [ 241.368317][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 241.378846][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 241.388924][ T30] Call Trace: [ 241.392217][ T30] [ 241.395166][ T30] dump_stack_lvl+0x241/0x360 [ 241.399874][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.405094][ T30] ? __pfx__printk+0x10/0x10 [ 241.409719][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 241.414699][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 241.420180][ T30] ? _printk+0xd5/0x120 [ 241.424366][ T30] ? __pfx__printk+0x10/0x10 [ 241.428983][ T30] ? __wake_up_klogd+0xcc/0x110 [ 241.433859][ T30] ? __pfx__printk+0x10/0x10 [ 241.438478][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 241.443629][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 241.449633][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 241.455640][ T30] watchdog+0xff4/0x1040 [ 241.459908][ T30] ? watchdog+0x1ea/0x1040 [ 241.464351][ T30] ? __pfx_watchdog+0x10/0x10 [ 241.469051][ T30] kthread+0x2f0/0x390 [ 241.473139][ T30] ? __pfx_watchdog+0x10/0x10 [ 241.477842][ T30] ? __pfx_kthread+0x10/0x10 [ 241.482451][ T30] ret_from_fork+0x4b/0x80 [ 241.486976][ T30] ? __pfx_kthread+0x10/0x10 [ 241.491586][ T30] ret_from_fork_asm+0x1a/0x30 [ 241.496387][ T30] [ 241.500068][ T30] Sending NMI from CPU 1 to CPUs 0: [ 241.505551][ C0] NMI backtrace for cpu 0 [ 241.505565][ C0] CPU: 0 UID: 0 PID: 5285 Comm: kworker/0:5 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 241.505585][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 241.505596][ C0] Workqueue: events nsim_dev_trap_report_work [ 241.505619][ C0] RIP: 0010:lockdep_hardirqs_on_prepare+0x2b0/0x780 [ 241.505643][ C0] Code: 00 00 00 fc ff df 85 c0 0f 84 9d 01 00 00 49 ff c5 41 0f b6 04 17 84 c0 75 33 49 63 06 48 83 c3 28 49 83 c4 28 49 39 c5 7c 95 60 44 89 e1 80 e1 07 80 c1 03 38 c1 7c 9f 4c 89 e7 e8 19 7c 8e [ 241.505662][ C0] RSP: 0018:ffffc90000006f40 EFLAGS: 00000046 [ 241.505676][ C0] RAX: 0000000000000006 RBX: ffff88802d5f47d0 RCX: ffffffff8170bd8a [ 241.505687][ C0] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffffff942c58e8 [ 241.505699][ C0] RBP: ffffc90000006fe8 R08: ffffffff942c58ef R09: 1ffffffff2858b1d [ 241.505711][ C0] R10: dffffc0000000000 R11: fffffbfff2858b1e R12: ffff88802d5f47f0 [ 241.505723][ C0] R13: 0000000000000006 R14: ffff88802d5f46d8 R15: 1ffff11005abe8db [ 241.505734][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 241.505748][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.505760][ C0] CR2: 000000000c2eef8b CR3: 000000000e734000 CR4: 00000000003526f0 [ 241.505773][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 241.505783][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 241.505793][ C0] Call Trace: [ 241.505799][ C0] [ 241.505806][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 241.505824][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 241.505845][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 241.505867][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 241.505886][ C0] ? nmi_handle+0x14f/0x5a0 [ 241.505902][ C0] ? nmi_handle+0x2a/0x5a0 [ 241.505918][ C0] ? lockdep_hardirqs_on_prepare+0x2b0/0x780 [ 241.505938][ C0] ? default_do_nmi+0x63/0x160 [ 241.505956][ C0] ? exc_nmi+0x123/0x1f0 [ 241.505972][ C0] ? end_repeat_nmi+0xf/0x53 [ 241.505989][ C0] ? mark_lock+0x9a/0x360 [ 241.506005][ C0] ? lockdep_hardirqs_on_prepare+0x2b0/0x780 [ 241.506025][ C0] ? lockdep_hardirqs_on_prepare+0x2b0/0x780 [ 241.506046][ C0] ? lockdep_hardirqs_on_prepare+0x2b0/0x780 [ 241.506066][ C0] [ 241.506071][ C0] [ 241.506078][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.506100][ C0] ? rcu_is_watching+0x15/0xb0 [ 241.506117][ C0] trace_hardirqs_on+0x28/0x40 [ 241.506135][ C0] call_rcu+0x731/0xa70 [ 241.506154][ C0] ? __pfx_call_rcu+0x10/0x10 [ 241.506169][ C0] ? rcuref_put+0x1e3/0x240 [ 241.506185][ C0] ? __pfx_rcuref_put+0x10/0x10 [ 241.506203][ C0] skb_release_head_state+0x73/0x250 [ 241.506220][ C0] consume_skb+0x60/0xf0 [ 241.506234][ C0] nft_synproxy_eval_v4+0x3d2/0x610 [ 241.506257][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 241.506276][ C0] ? NF_HOOK+0x29e/0x450 [ 241.506293][ C0] ? nf_ip_checksum+0x13a/0x500 [ 241.506314][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 241.506335][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 241.506355][ C0] ? __lock_acquire+0x1384/0x2050 [ 241.506375][ C0] ? __pfx_validate_chain+0x10/0x10 [ 241.506395][ C0] nft_do_chain+0x4ad/0x1da0 [ 241.506419][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 241.506438][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 241.506469][ C0] nft_do_chain_inet+0x418/0x6b0 [ 241.506495][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 241.506514][ C0] ? ipt_do_table+0x312/0x1860 [ 241.506539][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 241.506557][ C0] nf_hook_slow+0xc3/0x220 [ 241.506575][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 241.506591][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 241.506608][ C0] NF_HOOK+0x29e/0x450 [ 241.506624][ C0] ? NF_HOOK+0x9a/0x450 [ 241.506639][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 241.506656][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 241.506674][ C0] ? ip_rcv_finish+0x406/0x560 [ 241.506691][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 241.506707][ C0] NF_HOOK+0x3a4/0x450 [ 241.506721][ C0] ? __lock_acquire+0x1384/0x2050 [ 241.506742][ C0] ? NF_HOOK+0x9a/0x450 [ 241.506757][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 241.506771][ C0] ? ip_rcv_core+0x801/0xd10 [ 241.506788][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 241.506806][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 241.506822][ C0] __netif_receive_skb+0x2bf/0x650 [ 241.506840][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 241.506859][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 241.506876][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 241.506896][ C0] ? __pfx_lock_release+0x10/0x10 [ 241.506916][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 241.506939][ C0] process_backlog+0x662/0x15b0 [ 241.506958][ C0] ? process_backlog+0x33b/0x15b0 [ 241.506979][ C0] ? __pfx_process_backlog+0x10/0x10 [ 241.506996][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 241.507017][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.507038][ C0] __napi_poll+0xcb/0x490 [ 241.507056][ C0] net_rx_action+0x89b/0x1240 [ 241.507081][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 241.507100][ C0] ? sched_clock+0x4a/0x70 [ 241.507124][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.507147][ C0] handle_softirqs+0x2c5/0x980 [ 241.507167][ C0] ? do_softirq+0x11b/0x1e0 [ 241.507186][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 241.507207][ C0] do_softirq+0x11b/0x1e0 [ 241.507225][ C0] [ 241.507230][ C0] [ 241.507235][ C0] ? __pfx_do_softirq+0x10/0x10 [ 241.507253][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 241.507274][ C0] ? rcu_is_watching+0x15/0xb0 [ 241.507291][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 241.507309][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 241.507326][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 241.507344][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 241.507363][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 241.507381][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 241.507403][ C0] ? process_scheduled_works+0x976/0x1850 [ 241.507422][ C0] process_scheduled_works+0xa63/0x1850 [ 241.507450][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 241.507471][ C0] ? assign_work+0x364/0x3d0 [ 241.507495][ C0] worker_thread+0x870/0xd30 [ 241.507516][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 241.507537][ C0] ? __kthread_parkme+0x169/0x1d0 [ 241.507557][ C0] ? __pfx_worker_thread+0x10/0x10 [ 241.507576][ C0] kthread+0x2f0/0x390 [ 241.507590][ C0] ? __pfx_worker_thread+0x10/0x10 [ 241.507609][ C0] ? __pfx_kthread+0x10/0x10 [ 241.507623][ C0] ret_from_fork+0x4b/0x80 [ 241.507642][ C0] ? __pfx_kthread+0x10/0x10 [ 241.507657][ C0] ret_from_fork_asm+0x1a/0x30 [ 241.507681][ C0] [ 242.200420][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 242.207323][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 242.217862][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.227946][ T30] Call Trace: [ 242.231283][ T30] [ 242.234229][ T30] dump_stack_lvl+0x241/0x360 [ 242.238930][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.244152][ T30] ? __pfx__printk+0x10/0x10 [ 242.248767][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.254782][ T30] ? vscnprintf+0x5d/0x90 [ 242.259136][ T30] panic+0x349/0x880 [ 242.263056][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 242.269235][ T30] ? __pfx_panic+0x10/0x10 [ 242.273676][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 242.279069][ T30] ? __irq_work_queue_local+0x137/0x410 [ 242.284653][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 242.290074][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 242.296260][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 242.302456][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 242.308649][ T30] watchdog+0x1033/0x1040 [ 242.313011][ T30] ? watchdog+0x1ea/0x1040 [ 242.317461][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.322161][ T30] kthread+0x2f0/0x390 [ 242.326252][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.330953][ T30] ? __pfx_kthread+0x10/0x10 [ 242.335565][ T30] ret_from_fork+0x4b/0x80 [ 242.340010][ T30] ? __pfx_kthread+0x10/0x10 [ 242.344623][ T30] ret_from_fork_asm+0x1a/0x30 [ 242.349430][ T30] [ 242.352710][ T30] Kernel Offset: disabled [ 242.357039][ T30] Rebooting in 86400 seconds..