last executing test programs: 2m13.967334193s ago: executing program 1 (id=207): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x0, 0x1046}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r3, 0xb, &(0x7f0000001140), 0x0) 2m12.691487417s ago: executing program 1 (id=209): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') getdents64(r0, &(0x7f00000000c0)=""/32, 0x20) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x8050) sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000440), 0xc, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0408e200"], 0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) gettid() bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0090b735053b39c700"/28], 0x48) 2m9.858601962s ago: executing program 1 (id=216): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x24004000) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000100)={&(0x7f000000c300)={{0x14}, [@NFT_MSG_NEWSET={0x34, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x5c}}, 0x0) 2m9.476490728s ago: executing program 1 (id=220): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000600)=0x8000000000000001) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r3}, 0x18) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) listen(0xffffffffffffffff, 0x0) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x6}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x80000001, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9, 0x0, 0x0, 0x2a], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x0, 0x0, 0x3, 0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81f], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf25, 0x0, 0x7], [0x1, 0x0, 0xe6c7, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x1]}, 0x45c) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000140)={0x0, 0x4, 0x541f0698}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd) ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x7040, 0x0) 2m7.688147996s ago: executing program 3 (id=222): socket$nl_route(0x10, 0x3, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"}) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000002c0)={0xffff, 0x0, 0x0, 0x7fff, 0xff, "db2d416fbecfb84b5452b768e08ee2df361089"}) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x2d) 2m7.422810848s ago: executing program 1 (id=223): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') getdents64(r0, &(0x7f00000000c0)=""/32, 0x20) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x8050) sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000440), 0xc, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0408e200"], 0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$FITHAW(r1, 0xc0045878) gettid() bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0090b735053b39c700"/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x39) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$tipc(0x1e, 0x2, 0x0) landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0) syz_usbip_server_init(0x4) 2m6.011115026s ago: executing program 3 (id=225): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0xff, 0x0, 0x0, 0x40, 0x572, 0xcb01, 0x2665, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x75, 0xb7}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_control_io$printer(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0) 2m4.683186706s ago: executing program 1 (id=231): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801c}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x81) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xed}, 0x18) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x3c1, 0x3, 0x538, 0x0, 0xffffff80, 0x178, 0x330, 0x178, 0x490, 0x230, 0x258, 0x490, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x308, 0x330, 0x340, {0x1e0002a8, 0x7203000000000c00}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x1a, 0x64, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}]}}, @common=@unspec=@cluster={{0x30}}]}, @common=@unspec=@AUDIT={0x28}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="1c00", 0x2, 0x40841, 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x7b, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000080)=0x8) accept4$inet6(r0, 0x0, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) openat$vmci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r7, 0x541b, 0x0) 2m1.288246572s ago: executing program 0 (id=236): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') getdents64(r0, &(0x7f00000000c0)=""/32, 0x20) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x8050) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0408e200"], 0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) gettid() bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0090b735053b39c700"/28], 0x48) 2m1.136329977s ago: executing program 3 (id=237): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000004d00)=[{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000440)="6f7e6eedfbe2234e36cf758ac1df1902c6", 0x11}], 0x1, 0x0, 0x0, 0x4}], 0x1, 0x4) recvmmsg$unix(r1, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000100)=""/226, 0xe2}], 0x1}}], 0x1, 0x5fcf2bd0b4a14a6, 0x0) sendmsg$kcm(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)}, 0x0) 1m59.614179344s ago: executing program 3 (id=238): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$userio(0xffffffffffffff9c, 0x0, 0x40101, 0x0) fsopen(0x0, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000140)={0x10, 0x30, 0x3, {0x0, 0x0, {0x2, 0x0, 0x0, @mcast1}}}, 0x38) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="120000002b000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000780)={r4, &(0x7f0000000640), &(0x7f00000006c0)=""/172}, 0x20) r5 = socket$nl_audit(0x10, 0x3, 0x9) r6 = socket$caif_stream(0x25, 0x1, 0x0) ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f00000000c0)={0x0, 0x0, 0x7, {0x0, 0xf8, 0x8, 0x800}}) sendmmsg$inet(r6, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x7c9ce320e12d300) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000003ac0)={'wlan0\x00', &(0x7f0000000b80)=@ethtool_regs={0x4, 0x2}}) 1m54.17770031s ago: executing program 2 (id=242): openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0xfffffffc, 0x6, 0x33524742, 0x32314742, [0xa, 0x8], [0x5, 0x7], 0x108}}) r6 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0xc0045543, 0x0) close(0x3) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x800) syz_emit_vhci(0x0, 0xf) 1m52.89429352s ago: executing program 2 (id=243): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x24004000) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000100)={&(0x7f000000c300)={{0x14}, [@NFT_MSG_NEWSET={0x30, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2000000}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x58}}, 0x0) 1m52.471780169s ago: executing program 2 (id=245): unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$xdp(0x2c, 0x3, 0x0) socket$kcm(0x2, 0xa, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000100)=ANY=[], 0xd8}}, 0x80) 1m51.923766922s ago: executing program 0 (id=246): bpf$MAP_CREATE(0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) process_mrelease(0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x4000000) r4 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x4e24, 0x0, 'rr\x00', 0x2f, 0x3, 0x9}, 0x2c) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x200000006c832, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b) socket$nl_crypto(0x10, 0x3, 0x15) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r6], 0x4c}}, 0x20004041) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, r5, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10) 1m50.814692569s ago: executing program 0 (id=248): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$TIOCL_SETSEL(r4, 0x541c, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_procfs(0x0, &(0x7f0000000080)='net/vlan/vlan0\x00') r5 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40}) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfef, 0x0) execve(&(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000580)={[&(0x7f0000000440)='/dev/radio#\x00', &(0x7f00000004c0)='/dev/radio#\x00']}) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 1m48.814819459s ago: executing program 32 (id=231): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801c}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x81) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xed}, 0x18) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x3c1, 0x3, 0x538, 0x0, 0xffffff80, 0x178, 0x330, 0x178, 0x490, 0x230, 0x258, 0x490, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x308, 0x330, 0x340, {0x1e0002a8, 0x7203000000000c00}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x1a, 0x64, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}]}}, @common=@unspec=@cluster={{0x30}}]}, @common=@unspec=@AUDIT={0x28}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="1c00", 0x2, 0x40841, 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x7b, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000080)=0x8) accept4$inet6(r0, 0x0, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) openat$vmci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r7, 0x541b, 0x0) 1m48.77280845s ago: executing program 3 (id=251): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000600)=0x8000000000000001) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r3}, 0x18) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6803e10951cd4b347113e55eb289519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x6}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x80000001, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9, 0x0, 0x0, 0x2a], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x0, 0x0, 0x3, 0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81f], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf25, 0x0, 0x7], [0x1, 0x0, 0xe6c7, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x1]}, 0x45c) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) fcntl$setsig(0xffffffffffffffff, 0xa, 0x13) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000140)={0x0, 0x4, 0x541f0698}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd) 1m48.465979323s ago: executing program 2 (id=252): personality(0x1bb2baf3005ac137) uname(&(0x7f0000000080)=""/185) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) open(0x0, 0x40, 0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x8}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x8, 0x20}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4808) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000980)='neigh_update\x00'}, 0x10) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00'], 0x400002) 1m48.002294541s ago: executing program 0 (id=253): syz_open_dev$char_usb(0xc, 0xb4, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000180)={0x81, 0x9}, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x4}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x1400200bce) r4 = syz_open_dev$tty20(0xc, 0x4, 0x0) socket$igmp6(0xa, 0x3, 0x2) ioctl$TCSETSW(r4, 0x5403, 0x0) r5 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='user\x00', &(0x7f00000000c0)='ocfs2\x00', 0x0) 1m46.790674071s ago: executing program 3 (id=254): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180)=0x80001004) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) r0 = socket(0x1d, 0x3, 0x1) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x7, 0x0, 0x20000000) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1m44.531364624s ago: executing program 0 (id=255): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x20000}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xd}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000640)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x1, 0xfff3}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0xa}]}]}]}}]}, 0x44}}, 0x4008040) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1m43.334285311s ago: executing program 2 (id=256): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1m43.079123127s ago: executing program 0 (id=257): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180)=0x80001004) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) r0 = socket(0x1d, 0x3, 0x1) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x7, 0x0, 0x20000000) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1m43.037216135s ago: executing program 2 (id=258): r0 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x0, 0x1046}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000001140), 0x0) 1m41.913034852s ago: executing program 4 (id=260): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') getdents64(r0, &(0x7f00000000c0)=""/32, 0x20) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x8050) sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000440), 0xc, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0408e200"], 0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$FITHAW(r1, 0xc0045878) gettid() bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0090b735053b39c700"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000500)="e0261554de9f8e13fc1e6e2b4c0cc5be905d823efd9815f078f92dd60f53576244cd7c93682300186b6378104b904de0a69876e07448a832db", &(0x7f0000000580)}}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$tipc(0x1e, 0x2, 0x0) landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0) syz_usbip_server_init(0x4) 1m40.376027968s ago: executing program 4 (id=261): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000700)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0xc, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x40}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1m40.140603843s ago: executing program 4 (id=262): openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000002e80), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000002ec0)={0x1, @vbi={0xfffffffc, 0x6, 0x33524742, 0x32314742, [0xa, 0x8], [0x5, 0x7], 0x108}}) r7 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0xc0045543, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x4}, @NFTA_LIMIT_UNIT={0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}}, 0x20000080) close(0x3) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x800) syz_emit_vhci(0x0, 0xf) 1m38.261402893s ago: executing program 4 (id=263): ftruncate(0xffffffffffffffff, 0x2007ffc) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0) sendmsg$rds(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) 1m37.403563199s ago: executing program 4 (id=264): socket$tipc(0x1e, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) r3 = userfaultfd(0x801) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600)) r4 = userfaultfd(0x801) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) mkdirat(0xffffffffffffff9c, &(0x7f00000020c0)='./file0\x00', 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') open(0x0, 0x1c5b42, 0x0) 1m35.941473939s ago: executing program 5 (id=250): syz_open_dev$vim2m(0x0, 0x7, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getrlimit(0xb, &(0x7f0000000780)) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_FIB_DREG={0x8}]}}}]}]}], {0x14}}, 0xc8}}, 0x0) 1m35.471738742s ago: executing program 4 (id=265): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000800)={0x1c, r0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 1m22.079834293s ago: executing program 33 (id=257): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180)=0x80001004) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) r0 = socket(0x1d, 0x3, 0x1) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x7, 0x0, 0x20000000) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1m17.328413329s ago: executing program 34 (id=258): r0 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x0, 0x1046}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000001140), 0x0) 1m16.551651056s ago: executing program 35 (id=254): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180)=0x80001004) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) r0 = socket(0x1d, 0x3, 0x1) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x7, 0x0, 0x20000000) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1m16.326065901s ago: executing program 36 (id=250): syz_open_dev$vim2m(0x0, 0x7, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getrlimit(0xb, &(0x7f0000000780)) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_FIB_DREG={0x8}]}}}]}]}], {0x14}}, 0xc8}}, 0x0) 1m15.237687357s ago: executing program 37 (id=265): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000800)={0x1c, r0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 20.626996641s ago: executing program 8 (id=275): socket$kcm(0x2, 0x200000000000001, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfb84e000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x7fffffffffffffff}, 0x18) syz_open_dev$tty20(0xc, 0x4, 0x1) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) r5 = socket$inet6(0xa, 0x3, 0x7) r6 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'sit0\x00'}) sendmsg$nl_route(r6, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000006800010000000000000000000a00000000000000280008802400010000000000000000000000040000000000fe8000000000000000000000000000aa060007000500000008000500", @ANYRES32=r2], 0x50}}, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x8100) connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_attach_bpf(r4, 0x6, 0x25, &(0x7f0000000040)=r3, 0xffffffffffffff15) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r7 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xf, 0x11012, r7, 0x0) 19.12926343s ago: executing program 8 (id=276): r0 = socket$nl_route(0x10, 0x3, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"}) r6 = syz_open_pts(r5, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f00000002c0)={0xffff, 0x0, 0x0, 0x7fff, 0xff, "db2d416fbecfb84b5452b768e08ee2df361089"}) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000140)=0x2d) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000480)='configfs\x00', 0x0, 0x0) r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r8 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000100)={0x9, "5660359c3245d1c42317afad7d48ed51000000000000000100", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f00000001c0)={0x80000, "340b7832ceefdad118cf501922d6974a270000c50f0000002ddc7d00"}) ppoll(&(0x7f0000000200)=[{r9}, {}], 0x2, 0x0, 0x0, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8, 0x1d, 0x0, 0x0, 0x6}]}}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 17.098715012s ago: executing program 8 (id=277): socket$nl_route(0x10, 0x3, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"}) r4 = syz_open_pts(r3, 0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f00000002c0)={0xffff, 0x0, 0x0, 0x7fff, 0xff, "db2d416fbecfb84b5452b768e08ee2df361089"}) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000140)=0x2d) 16.940325772s ago: executing program 8 (id=278): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300), 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/44, 0x2c}, {&(0x7f0000000340)=""/252, 0xfc}, {&(0x7f0000000040)=""/8, 0x8}], 0x3}}], 0x1, 0x2001, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0) 16.654109384s ago: executing program 8 (id=279): socket$rds(0x15, 0x5, 0x0) setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, &(0x7f0000000240)=[{0x0, 0x0, {0x0, 0xff, 0x4}}], 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$media(&(0x7f00000000c0), 0x9, 0x4002) syz_open_procfs(0x0, &(0x7f00000014c0)='smaps_rollup\x00') socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000000053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 15.447871811s ago: executing program 8 (id=280): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5ca601288763"], 0xffdd) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400}) close(r0) 0s ago: executing program 38 (id=280): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5ca601288763"], 0xffdd) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400}) close(r0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.61' (ED25519) to the list of known hosts. [ 55.147564][ T5805] cgroup: Unknown subsys name 'net' [ 55.293344][ T5805] cgroup: Unknown subsys name 'cpuset' [ 55.301653][ T5805] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 56.584188][ T5805] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 60.426437][ T5825] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 60.435668][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.442793][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 60.452164][ T5825] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 60.459536][ T5825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 60.460279][ T5827] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.467228][ T5825] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 60.481916][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.482851][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 60.492711][ T5827] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 60.496548][ T5825] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 60.505275][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 60.518224][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.519427][ T5827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 60.525809][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 60.540790][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 60.548487][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 60.555883][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 60.563267][ T5825] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 60.564700][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 60.570801][ T5827] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 60.579928][ T5832] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 60.585100][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 60.592283][ T5832] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 60.598387][ T5825] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 60.606059][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 60.612975][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 60.619715][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 60.631360][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 60.654768][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 60.964720][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 61.162841][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.170507][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.177917][ T5823] bridge_slave_0: entered allmulticast mode [ 61.186074][ T5823] bridge_slave_0: entered promiscuous mode [ 61.198287][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.205573][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.213120][ T5823] bridge_slave_1: entered allmulticast mode [ 61.219793][ T5823] bridge_slave_1: entered promiscuous mode [ 61.227109][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 61.255795][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 61.308367][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 61.324973][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.336861][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.397523][ T5823] team0: Port device team_slave_0 added [ 61.422122][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 61.435918][ T5823] team0: Port device team_slave_1 added [ 61.472857][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.480017][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.487779][ T5818] bridge_slave_0: entered allmulticast mode [ 61.495036][ T5818] bridge_slave_0: entered promiscuous mode [ 61.526833][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.536279][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.544414][ T5818] bridge_slave_1: entered allmulticast mode [ 61.551312][ T5818] bridge_slave_1: entered promiscuous mode [ 61.566453][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.573716][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.581492][ T5828] bridge_slave_0: entered allmulticast mode [ 61.588058][ T5828] bridge_slave_0: entered promiscuous mode [ 61.624282][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.633554][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.659927][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.673424][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.680772][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.706723][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.717974][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.725893][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.733257][ T5828] bridge_slave_1: entered allmulticast mode [ 61.739857][ T5828] bridge_slave_1: entered promiscuous mode [ 61.746721][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.754032][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.761323][ T5817] bridge_slave_0: entered allmulticast mode [ 61.767871][ T5817] bridge_slave_0: entered promiscuous mode [ 61.796525][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.803893][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.811603][ T5817] bridge_slave_1: entered allmulticast mode [ 61.818202][ T5817] bridge_slave_1: entered promiscuous mode [ 61.832096][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.843523][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.892691][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.904598][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.923927][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.949249][ T5818] team0: Port device team_slave_0 added [ 61.957190][ T5818] team0: Port device team_slave_1 added [ 61.972324][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.029626][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.037124][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.045966][ T5815] bridge_slave_0: entered allmulticast mode [ 62.052600][ T5815] bridge_slave_0: entered promiscuous mode [ 62.064504][ T5823] hsr_slave_0: entered promiscuous mode [ 62.071093][ T5823] hsr_slave_1: entered promiscuous mode [ 62.086479][ T5828] team0: Port device team_slave_0 added [ 62.094531][ T5828] team0: Port device team_slave_1 added [ 62.103127][ T5817] team0: Port device team_slave_0 added [ 62.111648][ T5817] team0: Port device team_slave_1 added [ 62.117659][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.125221][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.133093][ T5815] bridge_slave_1: entered allmulticast mode [ 62.140285][ T5815] bridge_slave_1: entered promiscuous mode [ 62.156489][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.163668][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.189842][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.202064][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.209049][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.235071][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.284396][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.291430][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.317543][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.340267][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.349241][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.375850][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.388874][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.396125][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.422398][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.435264][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.447031][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.457905][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.465212][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.491547][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.581186][ T5815] team0: Port device team_slave_0 added [ 62.597567][ T5818] hsr_slave_0: entered promiscuous mode [ 62.605599][ T5818] hsr_slave_1: entered promiscuous mode [ 62.611923][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.619702][ T5818] Cannot create hsr debugfs directory [ 62.637464][ T5817] hsr_slave_0: entered promiscuous mode [ 62.644213][ T5817] hsr_slave_1: entered promiscuous mode [ 62.652019][ T5817] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.659608][ T5817] Cannot create hsr debugfs directory [ 62.671007][ T5815] team0: Port device team_slave_1 added [ 62.679049][ T5828] hsr_slave_0: entered promiscuous mode [ 62.685378][ T5826] Bluetooth: hci4: command tx timeout [ 62.690861][ T5832] Bluetooth: hci0: command tx timeout [ 62.691246][ T5832] Bluetooth: hci2: command tx timeout [ 62.696877][ T5826] Bluetooth: hci1: command tx timeout [ 62.708499][ T5828] hsr_slave_1: entered promiscuous mode [ 62.714711][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.722557][ T5828] Cannot create hsr debugfs directory [ 62.761607][ T5826] Bluetooth: hci3: command tx timeout [ 62.773575][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.780659][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.807000][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.849950][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.857022][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.884121][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.973675][ T5815] hsr_slave_0: entered promiscuous mode [ 62.980032][ T5815] hsr_slave_1: entered promiscuous mode [ 62.989386][ T5815] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.997179][ T5815] Cannot create hsr debugfs directory [ 63.216666][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 63.227728][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.254987][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.274878][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.302213][ T5828] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 63.327037][ T5828] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 63.335857][ T5828] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 63.349030][ T5828] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 63.389640][ T5817] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.399563][ T5817] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 63.419188][ T5817] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 63.433123][ T5817] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 63.494560][ T5818] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 63.504074][ T5818] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 63.516996][ T5818] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 63.528437][ T5818] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 63.594969][ T5815] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.606976][ T5815] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.635016][ T5815] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.645295][ T5815] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.738786][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.762786][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.796630][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.808888][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.833315][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.840696][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.856650][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.888101][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.898842][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.905978][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.918805][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.925959][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.946391][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.969079][ T3444] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.976223][ T3444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.020030][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.031849][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.038950][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.047795][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.054910][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.088697][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.095824][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.122942][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.135053][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.142233][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.161191][ T5817] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.171987][ T5817] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.262865][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.353730][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.361023][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.396137][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.403316][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.506615][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.539162][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.636140][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.711387][ T5817] veth0_vlan: entered promiscuous mode [ 64.731576][ T5823] veth0_vlan: entered promiscuous mode [ 64.747028][ T5817] veth1_vlan: entered promiscuous mode [ 64.760760][ T5826] Bluetooth: hci1: command tx timeout [ 64.766874][ T54] Bluetooth: hci2: command tx timeout [ 64.766912][ T5832] Bluetooth: hci4: command tx timeout [ 64.772311][ T5826] Bluetooth: hci0: command tx timeout [ 64.823571][ T5823] veth1_vlan: entered promiscuous mode [ 64.851161][ T5832] Bluetooth: hci3: command tx timeout [ 64.897177][ T5817] veth0_macvtap: entered promiscuous mode [ 64.916908][ T5817] veth1_macvtap: entered promiscuous mode [ 64.946404][ T5823] veth0_macvtap: entered promiscuous mode [ 64.966043][ T5823] veth1_macvtap: entered promiscuous mode [ 64.986823][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.007137][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.028318][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.037259][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.055388][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.066436][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.078921][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.095733][ T5817] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.105009][ T5817] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.115094][ T5817] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.124712][ T5817] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.197736][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.209052][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.221082][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.238264][ T5818] veth0_vlan: entered promiscuous mode [ 65.252843][ T5823] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.262279][ T5823] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.271459][ T5823] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.280177][ T5823] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.294889][ T5828] veth0_vlan: entered promiscuous mode [ 65.338902][ T5818] veth1_vlan: entered promiscuous mode [ 65.373288][ T5815] veth0_vlan: entered promiscuous mode [ 65.385841][ T5828] veth1_vlan: entered promiscuous mode [ 65.398595][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.404898][ T5815] veth1_vlan: entered promiscuous mode [ 65.418065][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.501941][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.509796][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.527060][ T5818] veth0_macvtap: entered promiscuous mode [ 65.547260][ T5828] veth0_macvtap: entered promiscuous mode [ 65.559327][ T5828] veth1_macvtap: entered promiscuous mode [ 65.583691][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.596136][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.618923][ T5818] veth1_macvtap: entered promiscuous mode [ 65.619922][ T5817] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 65.680301][ T5815] veth0_macvtap: entered promiscuous mode [ 65.689002][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.700286][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.710875][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.726817][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.739587][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.800707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.930645][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.941534][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.963171][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.000631][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.039435][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.081984][ T5903] process 'syz.2.3' launched './file0' with NULL argv: empty string added [ 66.088402][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.167523][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.373194][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.388204][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.399094][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.410771][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.440029][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.454053][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.466529][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.475828][ T5902] @: renamed from vlan0 (while UP) [ 66.494086][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.505159][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.519382][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.539891][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.554190][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.564695][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.580826][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.590124][ T5815] veth1_macvtap: entered promiscuous mode [ 66.612448][ T5828] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.630070][ T5828] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.638941][ T5828] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.655182][ T5828] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.678483][ T5818] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.699032][ T5818] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.710098][ T5818] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.725328][ T5818] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.829450][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.845620][ T5832] Bluetooth: hci2: command tx timeout [ 66.851157][ T5832] Bluetooth: hci0: command tx timeout [ 66.851649][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.856679][ T5832] Bluetooth: hci4: command tx timeout [ 66.871872][ T5830] Bluetooth: hci1: command tx timeout [ 66.879578][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.895387][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.905379][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.917557][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.924137][ T54] Bluetooth: hci3: command tx timeout [ 66.933074][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.933098][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.959657][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.993795][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.040795][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.074274][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.096085][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.123084][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.149157][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.163808][ T5815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.206518][ T5914] CIFS: VFS: Malformed UNC in devname [ 67.220379][ T5815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.244798][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.443351][ T5815] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.520479][ T5815] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.534286][ T5815] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.546316][ T5815] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.789029][ T3444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.822152][ T3444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.877782][ T2200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.927686][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.945842][ T2200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.960883][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.054030][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.070529][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.129857][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.163656][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.183224][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 68.496648][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 68.599019][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 68.709287][ T2200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.740422][ T2200] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.947744][ T5830] Bluetooth: hci0: command tx timeout [ 68.960298][ T5830] Bluetooth: hci2: command tx timeout [ 68.966552][ T5830] Bluetooth: hci1: command tx timeout [ 69.031733][ T5832] Bluetooth: hci3: command tx timeout [ 69.037746][ T54] Bluetooth: hci4: command tx timeout [ 69.432887][ T5927] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 69.824330][ T5930] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 71.721446][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.728014][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.472124][ T5949] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 72.478843][ T5949] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 72.489780][ T5949] vhci_hcd vhci_hcd.0: Device attached [ 72.628639][ T5870] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 72.640455][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 72.695025][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 72.830134][ T5951] vhci_hcd: connection closed [ 72.833385][ T35] vhci_hcd: stop threads [ 72.892750][ T5870] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 72.906390][ T35] vhci_hcd: release socket [ 72.914654][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.001675][ T35] vhci_hcd: disconnect device [ 73.044961][ T5870] usb 3-1: Product: syz [ 73.058060][ T5870] usb 3-1: Manufacturer: syz [ 73.066480][ T5870] usb 3-1: SerialNumber: syz [ 73.088066][ T5870] usb 3-1: config 0 descriptor?? [ 73.136839][ T5958] hub 5-0:1.0: USB hub found [ 73.142520][ T5958] hub 5-0:1.0: 1 port detected [ 73.431418][ T5870] usb 3-1: ignoring: probably an ADSL modem [ 73.510556][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 73.646997][ T5870] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 73.688567][ T5870] usb 3-1: USB disconnect, device number 2 [ 73.776587][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.781328][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.810430][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.870766][ T9] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 73.879865][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.914371][ T9] usb 4-1: config 0 descriptor?? [ 74.200547][ T5871] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 74.375267][ T5871] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 74.393987][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.406740][ T5871] usb 5-1: Product: syz [ 74.415134][ T5871] usb 5-1: Manufacturer: syz [ 74.419802][ T5871] usb 5-1: SerialNumber: syz [ 75.251592][ T9] usbhid 4-1:0.0: can't add hid device: -32 [ 75.258270][ T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -32 [ 75.274633][ T9] usb 4-1: USB disconnect, device number 2 [ 75.281186][ T5871] usb 5-1: config 0 descriptor?? [ 75.351633][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 75.361690][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 75.460354][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 75.521007][ T5871] usb 5-1: ignoring: probably an ADSL modem [ 75.727614][ T5871] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 75.750460][ T5871] usb 5-1: USB disconnect, device number 2 [ 77.150584][ T5862] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 77.241781][ T5870] IPVS: starting estimator thread 0... [ 77.310498][ T5862] usb 4-1: Using ep0 maxpacket: 32 [ 77.317223][ T5862] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 77.325545][ T5862] usb 4-1: config 0 has no interface number 0 [ 77.339612][ T5862] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 77.340877][ T6011] IPVS: using max 27 ests per chain, 64800 per kthread [ 77.352335][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.428342][ T5862] usb 4-1: Product: syz [ 77.447631][ T5862] usb 4-1: Manufacturer: syz [ 77.476602][ T5862] usb 4-1: SerialNumber: syz [ 77.504975][ T5862] usb 4-1: config 0 descriptor?? [ 77.539208][ T5862] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 77.816876][ T5862] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 77.850811][ T5862] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 78.150297][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 78.163792][ T5870] usb 4-1: USB disconnect, device number 3 [ 78.204168][ T5870] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 78.264357][ T5870] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 78.317537][ T5870] quatech2 4-1:0.51: device disconnected [ 78.529737][ T6022] syzkaller0: entered promiscuous mode [ 78.574554][ T6022] syzkaller0: entered allmulticast mode [ 78.874724][ T6031] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 79.820537][ T29] audit: type=1326 audit(1734504982.981:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6024 comm="syz.1.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1cc785d29 code=0x7ffc0000 [ 79.859005][ T29] audit: type=1326 audit(1734504982.991:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6024 comm="syz.1.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1cc785d29 code=0x7ffc0000 [ 81.949500][ T977] cfg80211: failed to load regulatory.db [ 83.174143][ T5862] IPVS: starting estimator thread 0... [ 83.281331][ T6063] IPVS: using max 19 ests per chain, 45600 per kthread [ 86.150467][ T5870] IPVS: starting estimator thread 0... [ 86.250461][ T6079] IPVS: using max 26 ests per chain, 62400 per kthread [ 86.357504][ T6084] warning: `syz.1.49' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 87.573216][ T6090] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 87.579760][ T6090] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 88.453080][ T6090] vhci_hcd vhci_hcd.0: Device attached [ 90.260900][ T6118] overlayfs: failed to resolve './file1': -2 [ 90.604110][ T58] vhci_hcd: vhci_device speed not set [ 90.690488][ T58] usb 33-1: new full-speed USB device number 2 using vhci_hcd [ 90.856129][ T6091] vhci_hcd: connection reset by peer [ 90.863862][ T12] vhci_hcd: stop threads [ 90.868157][ T12] vhci_hcd: release socket [ 90.907939][ T12] vhci_hcd: disconnect device [ 91.261994][ T6134] netlink: 1788 bytes leftover after parsing attributes in process `syz.1.57'. [ 92.536746][ T977] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 93.371412][ T977] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 93.381934][ T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.386947][ T5950] IPVS: starting estimator thread 0... [ 93.490623][ T6169] IPVS: using max 20 ests per chain, 48000 per kthread [ 93.628244][ T977] usb 2-1: config 0 descriptor?? [ 95.703083][ T6191] netlink: 1788 bytes leftover after parsing attributes in process `syz.4.73'. [ 95.910477][ T58] vhci_hcd: vhci_device speed not set [ 96.772830][ T977] pegasus 2-1:0.0: probe with driver pegasus failed with error -121 [ 97.451419][ T5862] IPVS: starting estimator thread 0... [ 97.489804][ T977] usb 2-1: USB disconnect, device number 2 [ 97.560599][ T6198] IPVS: using max 25 ests per chain, 60000 per kthread [ 97.561772][ T54] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 97.576781][ T54] Bluetooth: hci1: Injecting HCI hardware error event [ 97.586377][ T54] Bluetooth: hci1: hardware error 0x00 [ 97.678664][ T6210] Zero length message leads to an empty skb [ 99.264075][ T6239] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6 [ 99.374315][ T5835] udevd[5835]: setting mode of /dev/input/mouse1 to 020660 failed: No such file or directory [ 99.475973][ T5835] udevd[5835]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory [ 100.044339][ T54] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 100.999976][ T6256] netlink: 1788 bytes leftover after parsing attributes in process `syz.0.89'. [ 101.978876][ T5830] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 101.988894][ T5830] Bluetooth: hci3: Injecting HCI hardware error event [ 101.998951][ T5830] Bluetooth: hci3: hardware error 0x00 [ 103.162527][ T5862] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 104.087534][ T5862] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 104.121332][ T5862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.829011][ T5862] usb 2-1: config 0 descriptor?? [ 104.946664][ T5862] usb 2-1: can't set config #0, error -71 [ 105.005845][ T5862] usb 2-1: USB disconnect, device number 3 [ 106.371865][ T6289] xt_policy: output policy not valid in PREROUTING and INPUT [ 107.999425][ T6313] hub 5-0:1.0: USB hub found [ 108.004426][ T6313] hub 5-0:1.0: 1 port detected [ 108.157896][ T5830] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 108.263820][ T6319] netlink: 6233 bytes leftover after parsing attributes in process `syz.3.106'. [ 108.854902][ T6325] overlayfs: failed to resolve './file1': -2 [ 111.694397][ T6343] xt_policy: output policy not valid in PREROUTING and INPUT [ 112.905498][ T6355] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7 [ 113.211231][ T6367] @: renamed from vlan0 (while UP) [ 115.798435][ T6389] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 116.397751][ T5862] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 116.580950][ T5862] usb 3-1: Using ep0 maxpacket: 32 [ 116.592447][ T5862] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 116.601040][ T5862] usb 3-1: config 0 has no interface number 0 [ 116.618647][ T5862] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 116.631528][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.648760][ T5862] usb 3-1: Product: syz [ 116.666034][ T5862] usb 3-1: Manufacturer: syz [ 116.679914][ T5862] usb 3-1: SerialNumber: syz [ 116.698380][ T5862] usb 3-1: config 0 descriptor?? [ 116.717315][ T5862] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 116.806166][ T6394] syzkaller0: entered promiscuous mode [ 116.822037][ T6394] syzkaller0: entered allmulticast mode [ 116.954366][ T5862] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 117.062924][ T5862] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 117.473621][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 117.481593][ T9] usb 3-1: USB disconnect, device number 3 [ 117.512785][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 117.577039][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 117.635263][ T9] quatech2 3-1:0.51: device disconnected [ 118.158211][ T6407] CIFS: VFS: Malformed UNC in devname [ 118.672997][ T6410] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 118.679570][ T6410] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 118.708408][ T6410] vhci_hcd vhci_hcd.0: Device attached [ 118.835833][ T6412] vhci_hcd: connection closed [ 118.836145][ T52] vhci_hcd: stop threads [ 118.870875][ T9] vhci_hcd: vhci_device speed not set [ 118.920681][ T52] vhci_hcd: release socket [ 118.959454][ T52] vhci_hcd: disconnect device [ 118.970625][ T9] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 119.023355][ T9] usb 37-1: enqueue for inactive port 0 [ 119.285514][ T9] vhci_hcd: vhci_device speed not set [ 119.641692][ T977] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 119.802800][ T977] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 119.824902][ T977] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 119.854066][ T977] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 119.863389][ T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 119.887740][ T977] usb 2-1: SerialNumber: syz [ 120.132458][ T977] usb 2-1: 0:2 : does not exist [ 120.145059][ T977] usb 2-1: unit 5 not found! [ 120.194223][ T977] usb 2-1: USB disconnect, device number 4 [ 120.382603][ T6291] udevd[6291]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 120.928848][ T6415] @: renamed from vlan0 (while UP) [ 121.059268][ T6430] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8 [ 121.258464][ T6428] netlink: 'syz.1.138': attribute type 1 has an invalid length. [ 121.267411][ T6428] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.138'. [ 123.143816][ T46] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 124.634902][ T46] usb 1-1: Using ep0 maxpacket: 32 [ 124.642140][ T46] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 124.650259][ T46] usb 1-1: config 0 has no interface number 0 [ 124.680861][ T46] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 124.690000][ T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.698441][ T46] usb 1-1: Product: syz [ 124.708567][ T46] usb 1-1: Manufacturer: syz [ 124.713270][ T46] usb 1-1: SerialNumber: syz [ 124.761962][ T46] usb 1-1: config 0 descriptor?? [ 124.889248][ T46] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 126.292992][ T46] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 126.472730][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 126.495314][ T46] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 126.522304][ T46] usb 1-1: USB disconnect, device number 2 [ 126.558895][ T46] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 126.924999][ T46] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 126.946742][ T46] quatech2 1-1:0.51: device disconnected [ 130.373623][ T6501] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 130.380176][ T6501] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 130.393022][ T6501] vhci_hcd vhci_hcd.0: Device attached [ 130.479075][ T6502] vhci_hcd: connection closed [ 130.492242][ T12] vhci_hcd: stop threads [ 130.515039][ T12] vhci_hcd: release socket [ 130.519484][ T12] vhci_hcd: disconnect device [ 130.750550][ T6162] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 131.051099][ T6162] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 131.083146][ T6162] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 131.156908][ T6162] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 131.195513][ T6162] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 131.340877][ T6162] usb 5-1: SerialNumber: syz [ 131.607251][ T6162] usb 5-1: 0:2 : does not exist [ 131.755349][ T6162] usb 5-1: unit 5 not found! [ 131.792276][ T6162] usb 5-1: USB disconnect, device number 3 [ 132.721839][ T6291] udevd[6291]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 133.049965][ T6525] netlink: 28 bytes leftover after parsing attributes in process `syz.1.164'. [ 133.088131][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.094529][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.412965][ T6533] syz.4.166 uses obsolete (PF_INET,SOCK_PACKET) [ 135.825167][ T6555] netlink: 'syz.3.173': attribute type 1 has an invalid length. [ 135.833128][ T6555] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.173'. [ 136.313145][ T6556] netlink: 'syz.2.174': attribute type 1 has an invalid length. [ 136.321222][ T6556] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.174'. [ 141.007910][ T6603] binder: BINDER_SET_CONTEXT_MGR already set [ 141.015074][ T6603] binder: 6601:6603 ioctl 4018620d 20000040 returned -16 [ 141.756225][ T6604] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 141.762818][ T6604] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 141.777793][ T6604] vhci_hcd vhci_hcd.0: Device attached [ 141.800490][ T6605] vhci_hcd: connection closed [ 141.800965][ T2200] vhci_hcd: stop threads [ 141.810050][ T2200] vhci_hcd: release socket [ 141.827482][ T2200] vhci_hcd: disconnect device [ 142.041567][ T977] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 142.050692][ T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 142.280584][ T977] usb 3-1: Using ep0 maxpacket: 32 [ 142.289829][ T977] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 142.298061][ T977] usb 3-1: config 0 has no interface number 0 [ 142.307195][ T977] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 142.316329][ T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.324589][ T977] usb 3-1: Product: syz [ 142.330213][ T977] usb 3-1: Manufacturer: syz [ 142.334970][ T977] usb 3-1: SerialNumber: syz [ 142.350518][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.362915][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.411445][ T977] usb 3-1: config 0 descriptor?? [ 142.426668][ T977] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 142.435895][ T9] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 142.445147][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.469362][ T9] usb 5-1: config 0 descriptor?? [ 142.689575][ T977] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 142.841023][ T977] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 143.111705][ T9] hid (null): bogus close delimiter [ 143.122696][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 143.168660][ T977] usb 3-1: USB disconnect, device number 4 [ 143.192047][ T977] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 143.221899][ T977] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 143.236741][ T977] quatech2 3-1:0.51: device disconnected [ 143.290573][ T9] usb 5-1: language id specifier not provided by device, defaulting to English [ 145.535351][ T9] uclogic 0003:256C:006D.0001: failed retrieving Huion firmware version: -71 [ 145.545277][ T9] uclogic 0003:256C:006D.0001: failed probing parameters: -71 [ 146.197802][ T9] uclogic 0003:256C:006D.0001: probe with driver uclogic failed with error -71 [ 146.215397][ T9] usb 5-1: USB disconnect, device number 4 [ 150.506231][ T6688] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 154.036950][ T6716] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 154.043521][ T6716] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 154.059490][ T6716] vhci_hcd vhci_hcd.0: Device attached [ 154.286145][ T6717] vhci_hcd: connection closed [ 154.316909][ T35] vhci_hcd: stop threads [ 154.369336][ T35] vhci_hcd: release socket [ 154.400158][ T35] vhci_hcd: disconnect device [ 154.411345][ T6162] vhci_hcd: vhci_device speed not set [ 155.415532][ T58] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 155.423251][ T46] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 155.684799][ T58] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 155.695000][ T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.703168][ T58] usb 1-1: Product: syz [ 155.707746][ T58] usb 1-1: Manufacturer: syz [ 155.712666][ T58] usb 1-1: SerialNumber: syz [ 155.720650][ T58] usb 1-1: config 0 descriptor?? [ 155.733832][ T46] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 155.744676][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.753557][ T46] usb 4-1: Product: syz [ 155.790849][ T46] usb 4-1: Manufacturer: syz [ 155.799168][ T46] usb 4-1: SerialNumber: syz [ 155.842870][ T46] usb 4-1: config 0 descriptor?? [ 155.956393][ T58] usb 1-1: ignoring: probably an ADSL modem [ 156.069138][ T46] usb 4-1: ignoring: probably an ADSL modem [ 158.140785][ T46] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 158.167979][ T58] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 158.182335][ T46] usb 4-1: USB disconnect, device number 4 [ 158.188700][ T58] usb 1-1: USB disconnect, device number 3 [ 167.093784][ T6780] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9 [ 171.318764][ T6809] @: renamed from vlan0 (while UP) [ 174.601510][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.619738][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.628345][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.637798][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.650586][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 174.658054][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 176.680695][ T54] Bluetooth: hci5: command tx timeout [ 178.322597][ T6831] chnl_net:caif_netlink_parms(): no params data found [ 178.760665][ T54] Bluetooth: hci5: command tx timeout [ 179.326305][ T6831] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.337791][ T6831] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.353416][ T6857] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8) [ 179.359962][ T6857] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 179.367544][ T6857] vhci_hcd vhci_hcd.0: Device attached [ 179.380598][ T6860] vhci_hcd: connection closed [ 179.381020][ T52] vhci_hcd: stop threads [ 179.400767][ T52] vhci_hcd: release socket [ 179.405249][ T52] vhci_hcd: disconnect device [ 179.450803][ T6831] bridge_slave_0: entered allmulticast mode [ 179.458623][ T6831] bridge_slave_0: entered promiscuous mode [ 179.468221][ T6831] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.484705][ T6831] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.495419][ T6831] bridge_slave_1: entered allmulticast mode [ 179.512128][ T6831] bridge_slave_1: entered promiscuous mode [ 179.573291][ T6831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.594147][ T6831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.668985][ T6831] team0: Port device team_slave_0 added [ 179.685538][ T6831] team0: Port device team_slave_1 added [ 179.747112][ T6831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.756085][ T6831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.791885][ T6831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.836867][ T6831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.849764][ T6831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.890457][ T6831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.063773][ T6831] hsr_slave_0: entered promiscuous mode [ 180.083086][ T6831] hsr_slave_1: entered promiscuous mode [ 180.089599][ T6831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.104174][ T6831] Cannot create hsr debugfs directory [ 180.761582][ T6831] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 180.797003][ T6831] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 180.840973][ T54] Bluetooth: hci5: command tx timeout [ 180.888911][ T6831] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 180.924091][ T6831] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 181.277801][ T6831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.298267][ T6831] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.319497][ T6852] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.326689][ T6852] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.377258][ T6852] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.384455][ T6852] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.695705][ T6831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.040315][ T6831] veth0_vlan: entered promiscuous mode [ 182.124801][ T6831] veth1_vlan: entered promiscuous mode [ 182.195020][ T6831] veth0_macvtap: entered promiscuous mode [ 182.747154][ T6831] veth1_macvtap: entered promiscuous mode [ 182.801916][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.835187][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.865559][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.896127][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.920808][ T54] Bluetooth: hci5: command tx timeout [ 182.940880][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.240876][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.262883][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.281951][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.298967][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.317893][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.329572][ T6831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.386573][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.411268][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.427682][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.439835][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.457172][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.468203][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.544863][ T6886] overlayfs: missing 'lowerdir' [ 183.567531][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.585314][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.620540][ T6831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.642703][ T6831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.688213][ T6831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.733990][ T6831] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.754827][ T6831] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.775079][ T6831] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.796501][ T6831] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.072156][ T3444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.096560][ T3444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.150143][ T6628] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.166840][ T6628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.440552][ T5832] Bluetooth: hci2: command 0x0406 tx timeout [ 186.446631][ T5832] Bluetooth: hci0: command 0x0406 tx timeout [ 194.533646][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.539999][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.599621][ C0] sched: DL replenish lagged too much [ 203.621892][ T5832] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 203.631229][ T5832] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 203.642684][ T5826] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 203.651174][ T5826] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 203.659909][ T5826] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 203.671136][ T5826] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 203.678696][ T5826] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 203.686067][ T5826] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 203.844486][ T5832] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 203.854726][ T5832] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 203.863356][ T5832] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 203.873295][ T5832] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 205.595450][ T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 205.606814][ T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 205.616952][ T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 205.626420][ T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 205.634316][ T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 205.810525][ T54] Bluetooth: hci7: command tx timeout [ 205.960936][ T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 205.968095][ T54] Bluetooth: hci6: command tx timeout [ 206.058931][ T6899] chnl_net:caif_netlink_parms(): no params data found [ 206.266320][ T54] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 206.277901][ T54] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 206.286254][ T54] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 206.294625][ T54] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 206.303756][ T54] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 206.311761][ T54] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 207.182834][ T5830] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 207.193839][ T5830] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 207.201984][ T5830] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 207.211227][ T5830] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 207.219633][ T5830] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 207.227671][ T5830] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 207.880536][ T5830] Bluetooth: hci7: command tx timeout [ 208.040649][ T54] Bluetooth: hci6: command tx timeout [ 208.047609][ T5830] Bluetooth: hci8: command tx timeout [ 208.440796][ T5830] Bluetooth: hci9: command tx timeout [ 209.320615][ T5830] Bluetooth: hci10: command tx timeout [ 209.960629][ T5830] Bluetooth: hci7: command tx timeout [ 210.120695][ T54] Bluetooth: hci6: command tx timeout [ 210.127304][ T5830] Bluetooth: hci8: command tx timeout [ 210.521652][ T5830] Bluetooth: hci9: command tx timeout [ 211.400570][ T5830] Bluetooth: hci10: command tx timeout [ 212.044793][ T5830] Bluetooth: hci7: command tx timeout [ 212.200649][ T54] Bluetooth: hci6: command tx timeout [ 212.206124][ T5830] Bluetooth: hci8: command tx timeout [ 212.603824][ T5830] Bluetooth: hci9: command tx timeout [ 213.480628][ T5830] Bluetooth: hci10: command tx timeout [ 214.280598][ T5830] Bluetooth: hci8: command tx timeout [ 214.680773][ T5830] Bluetooth: hci9: command tx timeout [ 215.560643][ T5830] Bluetooth: hci10: command tx timeout [ 238.165449][ T6913] chnl_net:caif_netlink_parms(): no params data found [ 238.337128][ T6913] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.355573][ T6913] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.370014][ T6913] bridge_slave_0: entered allmulticast mode [ 238.381690][ T6913] bridge_slave_0: entered promiscuous mode [ 238.389530][ T6913] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.397159][ T6913] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.405974][ T6913] bridge_slave_1: entered allmulticast mode [ 238.413377][ T6913] bridge_slave_1: entered promiscuous mode [ 238.469669][ T6913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.496252][ T6913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.565206][ T6913] team0: Port device team_slave_0 added [ 238.589282][ T6913] team0: Port device team_slave_1 added [ 238.649501][ T6913] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.660594][ T6913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.724973][ T6913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.748541][ T6913] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.763022][ T6913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.793307][ T6913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.894646][ T6913] hsr_slave_0: entered promiscuous mode [ 238.913473][ T6913] hsr_slave_1: entered promiscuous mode [ 238.922043][ T6913] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 238.941942][ T6913] Cannot create hsr debugfs directory [ 239.257308][ T6913] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 239.287066][ T6913] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 239.319574][ T6913] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 239.343668][ T6913] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 239.397418][ T6913] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.404849][ T6913] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.413293][ T6913] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.420470][ T6913] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.538819][ T6913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.573594][ T6913] 8021q: adding VLAN 0 to HW filter on device team0 [ 239.941751][ T6913] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.405030][ T6913] veth0_vlan: entered promiscuous mode [ 240.439838][ T6913] veth1_vlan: entered promiscuous mode [ 240.498012][ T6913] veth0_macvtap: entered promiscuous mode [ 240.518426][ T6913] veth1_macvtap: entered promiscuous mode [ 240.558014][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.573028][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.597817][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.613455][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.630540][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.652686][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.673947][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.697481][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.718310][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.730499][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.750484][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.771018][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.794333][ T6913] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 240.815167][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.838179][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.859639][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.879400][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.890861][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.912476][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.934433][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.953130][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.970075][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.990449][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 241.000316][ T6913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 241.032424][ T6913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 241.061424][ T6913] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 241.087117][ T6913] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.104985][ T6913] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.118375][ T6913] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.140518][ T6913] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.301760][ T6628] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.309621][ T6628] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.397123][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.414683][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.696000][ T5950] IPVS: starting estimator thread 0... [ 242.883521][ T6953] IPVS: using max 21 ests per chain, 50400 per kthread [ 255.962971][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.969311][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.255555][ T6956] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 259.460765][ T6964] netlink: 'syz.8.274': attribute type 1 has an invalid length. [ 259.468446][ T6964] netlink: 212408 bytes leftover after parsing attributes in process `syz.8.274'. [ 262.881480][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 262.890282][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 262.899280][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 262.908211][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 262.916395][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 262.925518][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 263.506221][ T6979] chnl_net:caif_netlink_parms(): no params data found [ 264.357759][ T6991] netlink: 'syz.8.279': attribute type 1 has an invalid length. [ 264.381303][ T6991] netlink: 212408 bytes leftover after parsing attributes in process `syz.8.279'. [ 264.911597][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 264.922407][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 264.931133][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 264.939050][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 264.947262][ T5830] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 264.956277][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 265.000701][ T54] Bluetooth: hci0: command tx timeout [ 265.396440][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 265.442985][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 265.485384][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 265.552688][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 265.563739][ T5830] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 265.571188][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 266.376838][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 266.385937][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 266.396552][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 266.408402][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 266.418415][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 266.426723][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 267.005884][ T54] Bluetooth: hci2: command tx timeout [ 267.080758][ T54] Bluetooth: hci0: command tx timeout [ 267.640697][ T54] Bluetooth: hci3: command tx timeout [ 268.528572][ T54] Bluetooth: hci1: command tx timeout [ 269.080730][ T54] Bluetooth: hci2: command tx timeout [ 269.160724][ T54] Bluetooth: hci0: command tx timeout [ 269.720588][ T54] Bluetooth: hci3: command tx timeout [ 270.608405][ T54] Bluetooth: hci1: command tx timeout [ 271.162700][ T54] Bluetooth: hci2: command tx timeout [ 271.240607][ T54] Bluetooth: hci0: command tx timeout [ 271.800543][ T54] Bluetooth: hci3: command tx timeout [ 272.690169][ T54] Bluetooth: hci1: command tx timeout [ 273.240599][ T54] Bluetooth: hci2: command tx timeout [ 273.880664][ T54] Bluetooth: hci3: command tx timeout [ 274.768353][ T54] Bluetooth: hci1: command tx timeout [ 282.091245][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 282.129864][ T5830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 282.142330][ T5830] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 282.150815][ T5830] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 282.165562][ T5830] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 282.173089][ T5830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 284.200571][ T5830] Bluetooth: hci4: command tx timeout [ 286.280665][ T5830] Bluetooth: hci4: command tx timeout [ 288.360756][ T5830] Bluetooth: hci4: command tx timeout [ 290.440551][ T5830] Bluetooth: hci4: command tx timeout [ 317.408425][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.415175][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.027868][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 327.036951][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 327.045068][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 327.053401][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 327.062083][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 327.069425][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 327.799668][ T5833] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 327.867264][ T5827] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 327.881564][ T5827] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 327.891442][ T5827] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 327.901278][ T5827] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 327.911445][ T5827] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 327.920747][ T5827] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 327.928915][ T5827] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 327.938855][ T5827] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 327.946645][ T5827] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 327.955060][ T5827] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 327.972953][ T5827] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 327.984971][ T5827] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 327.992586][ T5827] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 328.001686][ T5827] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 328.031039][ T5834] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 328.038559][ T5834] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 328.092548][ T5833] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 329.160520][ T5833] Bluetooth: hci5: command tx timeout [ 329.800586][ T5832] Bluetooth: hci10: command 0x0406 tx timeout [ 329.880639][ T5826] Bluetooth: hci6: command 0x0406 tx timeout [ 329.886784][ T5826] Bluetooth: hci8: command 0x0406 tx timeout [ 329.893081][ T5822] Bluetooth: hci9: command 0x0406 tx timeout [ 329.899171][ T5139] Bluetooth: hci7: command 0x0406 tx timeout [ 330.048309][ T5139] Bluetooth: hci11: command tx timeout [ 330.120849][ T5139] Bluetooth: hci12: command tx timeout [ 330.200722][ T5139] Bluetooth: hci13: command tx timeout [ 331.240668][ T5139] Bluetooth: hci5: command tx timeout [ 332.120768][ T5826] Bluetooth: hci11: command tx timeout [ 332.200681][ T5139] Bluetooth: hci12: command tx timeout [ 332.290718][ T5139] Bluetooth: hci13: command tx timeout [ 333.320542][ T5139] Bluetooth: hci5: command tx timeout [ 334.200567][ T5139] Bluetooth: hci11: command tx timeout [ 334.280584][ T5139] Bluetooth: hci12: command tx timeout [ 334.360648][ T5139] Bluetooth: hci13: command tx timeout [ 335.400568][ T5139] Bluetooth: hci5: command tx timeout [ 336.280607][ T5139] Bluetooth: hci11: command tx timeout [ 336.368446][ T5139] Bluetooth: hci12: command tx timeout [ 336.440621][ T5139] Bluetooth: hci13: command tx timeout [ 342.835902][ T5826] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 342.850784][ T5826] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 342.859134][ T5826] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 342.867245][ T5826] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 342.877571][ T5826] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 342.885139][ T5826] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 344.920589][ T5826] Bluetooth: hci14: command tx timeout [ 347.000513][ T5826] Bluetooth: hci14: command tx timeout [ 349.080710][ T5826] Bluetooth: hci14: command tx timeout [ 351.160510][ T5826] Bluetooth: hci14: command tx timeout [ 378.843304][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.849650][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.320645][ T30] INFO: task kworker/u8:1:12 blocked for more than 143 seconds. [ 383.328441][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 383.392007][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 383.410977][ T30] task:kworker/u8:1 state:D stack:20376 pid:12 tgid:12 ppid:2 flags:0x00004000 [ 383.427455][ T30] Workqueue: ipv6_addrconf addrconf_dad_work [ 383.510699][ T30] Call Trace: [ 383.514036][ T30] [ 383.516992][ T30] __schedule+0x17fb/0x4be0 [ 383.530517][ T30] ? __pfx___schedule+0x10/0x10 [ 383.535434][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.572982][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 383.578948][ T30] ? kthread_data+0x52/0xd0 [ 383.610435][ T30] ? schedule+0x90/0x320 [ 383.614748][ T30] ? wq_worker_sleeping+0x66/0x240 [ 383.619895][ T30] ? schedule+0x90/0x320 [ 383.648586][ T30] schedule+0x14b/0x320 [ 383.656617][ T30] schedule_preempt_disabled+0x13/0x30 [ 383.694742][ T30] __mutex_lock+0x7e7/0xee0 [ 383.699331][ T30] ? __mutex_lock+0x5ef/0xee0 [ 383.749442][ T30] ? addrconf_dad_work+0xd0/0x16f0 [ 383.760706][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 383.765806][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 383.799051][ T30] addrconf_dad_work+0xd0/0x16f0 [ 383.824277][ T30] ? __pfx_addrconf_dad_work+0x10/0x10 [ 383.829975][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 383.896131][ T30] ? process_scheduled_works+0x976/0x1840 [ 383.970579][ T30] process_scheduled_works+0xa66/0x1840 [ 383.976233][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 383.990621][ T30] ? assign_work+0x364/0x3d0 [ 384.005258][ T30] worker_thread+0x870/0xd30 [ 384.009935][ T30] ? __kthread_parkme+0x169/0x1d0 [ 384.030672][ T30] ? __pfx_worker_thread+0x10/0x10 [ 384.035852][ T30] kthread+0x2f0/0x390 [ 384.039960][ T30] ? __pfx_worker_thread+0x10/0x10 [ 384.060523][ T30] ? __pfx_kthread+0x10/0x10 [ 384.065192][ T30] ret_from_fork+0x4b/0x80 [ 384.069633][ T30] ? __pfx_kthread+0x10/0x10 [ 384.120537][ T30] ret_from_fork_asm+0x1a/0x30 [ 384.125389][ T30] [ 384.140604][ T30] INFO: task kworker/1:2:58 blocked for more than 144 seconds. [ 384.148215][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 384.520981][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 384.529715][ T30] task:kworker/1:2 state:D stack:20440 pid:58 tgid:58 ppid:2 flags:0x00004000 [ 384.587007][ T30] Workqueue: events switchdev_deferred_process_work [ 384.624426][ T30] Call Trace: [ 384.627762][ T30] [ 384.666806][ T30] __schedule+0x17fb/0x4be0 [ 384.709654][ T30] ? try_to_wake_up+0x959/0x1470 [ 384.719961][ T30] ? __pfx___schedule+0x10/0x10 [ 384.760386][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.766445][ T30] ? __pfx_lock_release+0x10/0x10 [ 384.826725][ T30] ? kick_pool+0x45c/0x620 [ 384.870684][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 384.875962][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 384.953731][ T30] ? schedule+0x90/0x320 [ 384.958041][ T30] schedule+0x14b/0x320 [ 385.018041][ T30] schedule_preempt_disabled+0x13/0x30 [ 385.060473][ T30] __mutex_lock+0x7e7/0xee0 [ 385.065059][ T30] ? __mutex_lock+0x5ef/0xee0 [ 385.069776][ T30] ? switchdev_deferred_process_work+0xe/0x20 [ 385.159600][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 385.182913][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 385.189152][ T30] ? process_scheduled_works+0x976/0x1840 [ 385.244676][ T30] switchdev_deferred_process_work+0xe/0x20 [ 385.290465][ T30] process_scheduled_works+0xa66/0x1840 [ 385.296113][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 385.340468][ T30] ? assign_work+0x364/0x3d0 [ 385.345139][ T30] worker_thread+0x870/0xd30 [ 385.349830][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 385.426112][ T30] ? __kthread_parkme+0x169/0x1d0 [ 385.444052][ T30] ? __pfx_worker_thread+0x10/0x10 [ 385.449232][ T30] kthread+0x2f0/0x390 [ 385.510091][ T30] ? __pfx_worker_thread+0x10/0x10 [ 385.537124][ T30] ? __pfx_kthread+0x10/0x10 [ 385.560821][ T30] ret_from_fork+0x4b/0x80 [ 385.565406][ T30] ? __pfx_kthread+0x10/0x10 [ 385.570027][ T30] ret_from_fork_asm+0x1a/0x30 [ 385.632305][ T30] [ 385.650524][ T30] INFO: task kworker/u8:6:2200 blocked for more than 145 seconds. [ 385.658387][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 385.740431][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 385.749162][ T30] task:kworker/u8:6 state:D stack:21424 pid:2200 tgid:2200 ppid:2 flags:0x00004000 [ 385.837207][ T30] Workqueue: events_unbound linkwatch_event [ 385.890456][ T30] Call Trace: [ 385.893798][ T30] [ 385.896755][ T30] __schedule+0x17fb/0x4be0 [ 385.950843][ T30] ? __pfx___schedule+0x10/0x10 [ 385.955777][ T30] ? __pfx_lock_release+0x10/0x10 [ 385.995056][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 386.030666][ T30] ? kthread_data+0x52/0xd0 [ 386.035268][ T30] ? schedule+0x90/0x320 [ 386.089833][ T30] ? wq_worker_sleeping+0x66/0x240 [ 386.106046][ T30] ? schedule+0x90/0x320 [ 386.125865][ T5139] Bluetooth: hci0: command 0x0406 tx timeout [ 386.260529][ T30] schedule+0x14b/0x320 [ 386.264770][ T30] schedule_preempt_disabled+0x13/0x30 [ 386.270265][ T30] __mutex_lock+0x7e7/0xee0 [ 386.298638][ T30] ? __mutex_lock+0x5ef/0xee0 [ 386.305717][ T30] ? linkwatch_event+0xe/0x60 [ 386.314617][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 386.319702][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 386.470680][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 386.476277][ T30] ? process_scheduled_works+0x976/0x1840 [ 386.482305][ T30] linkwatch_event+0xe/0x60 [ 386.486844][ T30] process_scheduled_works+0xa66/0x1840 [ 386.500483][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 386.506548][ T30] ? assign_work+0x364/0x3d0 [ 386.530524][ T30] worker_thread+0x870/0xd30 [ 386.535200][ T30] ? __kthread_parkme+0x169/0x1d0 [ 386.540265][ T30] ? __pfx_worker_thread+0x10/0x10 [ 386.580684][ T30] kthread+0x2f0/0x390 [ 386.584821][ T30] ? __pfx_worker_thread+0x10/0x10 [ 386.589960][ T30] ? __pfx_kthread+0x10/0x10 [ 386.665385][ T30] ret_from_fork+0x4b/0x80 [ 386.669869][ T30] ? __pfx_kthread+0x10/0x10 [ 386.710906][ T30] ret_from_fork_asm+0x1a/0x30 [ 386.715762][ T30] [ 386.740615][ T30] INFO: task syz-executor:5818 blocked for more than 146 seconds. [ 386.748490][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 386.800387][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 386.809117][ T30] task:syz-executor state:D stack:19872 pid:5818 tgid:5818 ppid:1 flags:0x00004006 [ 386.860843][ T30] Call Trace: [ 386.864180][ T30] [ 386.867134][ T30] __schedule+0x17fb/0x4be0 [ 386.894916][ T30] ? __pfx___schedule+0x10/0x10 [ 386.899845][ T30] ? __pfx_lock_release+0x10/0x10 [ 386.930386][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 386.936355][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 386.970591][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 386.977029][ T30] ? schedule+0x90/0x320 [ 387.005114][ T30] schedule+0x14b/0x320 [ 387.009347][ T30] schedule_preempt_disabled+0x13/0x30 [ 387.040462][ T30] __mutex_lock+0x7e7/0xee0 [ 387.045097][ T30] ? __mutex_lock+0x5ef/0xee0 [ 387.049809][ T30] ? tun_chr_close+0x3b/0x1b0 [ 387.090714][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 387.095824][ T30] ? __pfx_call_rcu+0x10/0x10 [ 387.126498][ T30] tun_chr_close+0x3b/0x1b0 [ 387.140528][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 387.145708][ T30] __fput+0x23c/0xa50 [ 387.149733][ T30] task_work_run+0x24f/0x310 [ 387.190670][ T30] ? __pfx_task_work_run+0x10/0x10 [ 387.195852][ T30] ? do_exit+0xa2a/0x28e0 [ 387.200220][ T30] ? do_exit+0xa2a/0x28e0 [ 387.230409][ T30] do_exit+0xa2f/0x28e0 [ 387.234643][ T30] ? __pfx_do_exit+0x10/0x10 [ 387.239257][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 387.270633][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 387.276689][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 387.310782][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 387.315972][ T30] do_group_exit+0x207/0x2c0 [ 387.348213][ T5830] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 387.363684][ T5830] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 387.378436][ T5830] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 387.386512][ T5830] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 387.394758][ T5830] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 387.430077][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 387.438934][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 387.450422][ T30] get_signal+0x16b2/0x1750 [ 387.454997][ T30] ? __pfx_get_signal+0x10/0x10 [ 387.459902][ T30] arch_do_signal_or_restart+0x96/0x860 [ 387.475336][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 387.482882][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 387.488928][ T30] ? syscall_exit_to_user_mode+0xa3/0x340 [ 387.496238][ T30] syscall_exit_to_user_mode+0xce/0x340 [ 387.502180][ T30] do_syscall_64+0x100/0x230 [ 387.506812][ T30] ? clear_bhb_loop+0x35/0x90 [ 387.512142][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.518088][ T30] RIP: 0033:0x7efc9458473c [ 387.524261][ T30] RSP: 002b:00007ffe317aa0a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 387.533025][ T30] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007efc9458473c [ 387.541377][ T30] RDX: 0000000000000030 RSI: 00007ffe317aa150 RDI: 00000000000000f9 [ 387.549383][ T30] RBP: 00007ffe317aa0fc R08: 0000000000000000 R09: 0079746972756365 [ 387.558559][ T30] R10: 00007efc947487e0 R11: 0000000000000246 R12: 0000000000000000 [ 387.566944][ T5830] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 387.600100][ T30] R13: 0000555580266590 R14: 00007ffe317aa150 R15: 0000000000000035 [ 387.609644][ T30] [ 387.613128][ T30] INFO: task syz-executor:5828 blocked for more than 147 seconds. [ 387.621287][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 387.628954][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 387.639544][ T30] task:syz-executor state:D stack:19616 pid:5828 tgid:5828 ppid:1 flags:0x00004006 [ 387.650188][ T30] Call Trace: [ 387.653857][ T30] [ 387.656831][ T30] __schedule+0x17fb/0x4be0 [ 387.661805][ T30] ? __pfx___schedule+0x10/0x10 [ 387.666696][ T30] ? __pfx_lock_release+0x10/0x10 [ 387.673613][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 387.682591][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 387.688540][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 387.702385][ T30] ? schedule+0x90/0x320 [ 387.706681][ T30] schedule+0x14b/0x320 [ 387.711575][ T30] schedule_preempt_disabled+0x13/0x30 [ 387.717072][ T30] __mutex_lock+0x7e7/0xee0 [ 387.723467][ T30] ? __mutex_lock+0x5ef/0xee0 [ 387.728190][ T30] ? tun_chr_close+0x3b/0x1b0 [ 387.733427][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 387.738566][ T30] ? __pfx_call_rcu+0x10/0x10 [ 387.743951][ T30] tun_chr_close+0x3b/0x1b0 [ 387.748532][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 387.755495][ T30] __fput+0x23c/0xa50 [ 387.759693][ T30] task_work_run+0x24f/0x310 [ 387.764680][ T30] ? __pfx_task_work_run+0x10/0x10 [ 387.769831][ T30] ? do_exit+0xa2a/0x28e0 [ 387.809701][ T30] ? do_exit+0xa2a/0x28e0 [ 387.821655][ T30] do_exit+0xa2f/0x28e0 [ 387.825881][ T30] ? __pfx_do_exit+0x10/0x10 [ 387.832153][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 387.837582][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 387.845233][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 387.852158][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 387.857319][ T30] do_group_exit+0x207/0x2c0 [ 387.890471][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 387.895737][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 387.918031][ T30] get_signal+0x16b2/0x1750 [ 387.931437][ T30] ? __pfx_get_signal+0x10/0x10 [ 387.936359][ T30] arch_do_signal_or_restart+0x96/0x860 [ 387.950752][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 387.956956][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 387.975162][ T30] ? syscall_exit_to_user_mode+0xa3/0x340 [ 387.987134][ T30] syscall_exit_to_user_mode+0xce/0x340 [ 388.000994][ T30] do_syscall_64+0x100/0x230 [ 388.005647][ T30] ? clear_bhb_loop+0x35/0x90 [ 388.024928][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.044125][ T30] RIP: 0033:0x7f83dc18473c [ 388.048599][ T30] RSP: 002b:00007ffc5fe6a400 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 388.069219][ T30] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007f83dc18473c [ 388.078971][ T30] RDX: 0000000000000030 RSI: 00007ffc5fe6a4b0 RDI: 00000000000000f9 [ 388.100433][ T30] RBP: 00007ffc5fe6a45c R08: 0000000000000000 R09: 0079746972756365 [ 388.108472][ T30] R10: 00007f83dc3487e0 R11: 0000000000000246 R12: 0000000000000057 [ 388.127250][ T30] R13: 000000000002d2a6 R14: 00007ffc5fe6a4b0 R15: 000000000000003b [ 388.150688][ T30] [ 388.153831][ T30] INFO: task syz.0.257:6845 blocked for more than 148 seconds. [ 388.173186][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 388.193233][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 388.210407][ T30] task:syz.0.257 state:D stack:24400 pid:6845 tgid:6843 ppid:5815 flags:0x00004002 [ 388.231519][ T30] Call Trace: [ 388.234848][ T30] [ 388.237802][ T30] __schedule+0x17fb/0x4be0 [ 388.250420][ T30] ? __pfx___schedule+0x10/0x10 [ 388.255340][ T30] ? __pfx_lock_release+0x10/0x10 [ 388.273391][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 388.279351][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 388.298700][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 388.310373][ T30] ? schedule+0x90/0x320 [ 388.314676][ T30] schedule+0x14b/0x320 [ 388.318865][ T30] schedule_preempt_disabled+0x13/0x30 [ 388.335055][ T30] __mutex_lock+0x7e7/0xee0 [ 388.339627][ T30] ? __mutex_lock+0x5ef/0xee0 [ 388.351699][ T30] ? tun_chr_close+0x3b/0x1b0 [ 388.356433][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 388.385814][ T30] ? __pfx_call_rcu+0x10/0x10 [ 388.398119][ T30] tun_chr_close+0x3b/0x1b0 [ 388.409957][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 388.418695][ T30] __fput+0x23c/0xa50 [ 388.430696][ T30] task_work_run+0x24f/0x310 [ 388.435358][ T30] ? __pfx_task_work_run+0x10/0x10 [ 388.446131][ T30] ? do_exit+0xa2a/0x28e0 [ 388.455106][ T30] ? do_exit+0xa2a/0x28e0 [ 388.459582][ T30] do_exit+0xa2f/0x28e0 [ 388.470643][ T30] ? __pfx_do_exit+0x10/0x10 [ 388.475298][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 388.499088][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 388.515886][ T30] ? cgroup_freezing+0x2a8/0x350 [ 388.526959][ T30] do_group_exit+0x207/0x2c0 [ 388.537496][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.548719][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 388.559905][ T30] get_signal+0x16b2/0x1750 [ 388.564892][ T30] ? __pfx___se_sys_mbind+0x10/0x10 [ 388.570131][ T30] ? __pfx_get_signal+0x10/0x10 [ 388.586258][ T30] arch_do_signal_or_restart+0x96/0x860 [ 388.598532][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 388.617614][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 388.628490][ T30] ? syscall_exit_to_user_mode+0xa3/0x340 [ 388.640439][ T30] syscall_exit_to_user_mode+0xce/0x340 [ 388.646053][ T30] do_syscall_64+0x100/0x230 [ 388.661821][ T30] ? clear_bhb_loop+0x35/0x90 [ 388.666559][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.681777][ T30] RIP: 0033:0x7f0c6b385d29 [ 388.686240][ T30] RSP: 002b:00007f0c6c223038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 388.705228][ T30] RAX: 0000000000000000 RBX: 00007f0c6b575fa0 RCX: 00007f0c6b385d29 [ 388.727944][ T30] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020001000 [ 388.740369][ T30] RBP: 00007f0c6b401a20 R08: 0000000000000000 R09: 0000000000000003 [ 388.748391][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.768239][ T30] R13: 0000000000000000 R14: 00007f0c6b575fa0 R15: 00007ffd026300d8 [ 388.781248][ T30] [ 388.784317][ T30] INFO: task syz-executor:6898 blocked for more than 148 seconds. [ 388.802386][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 388.814152][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 388.834063][ T30] task:syz-executor state:D stack:21280 pid:6898 tgid:6898 ppid:1 flags:0x00000004 [ 388.854204][ T30] Call Trace: [ 388.857538][ T30] [ 388.867541][ T30] __schedule+0x17fb/0x4be0 [ 388.876937][ T30] ? __pfx___schedule+0x10/0x10 [ 388.887658][ T30] ? __pfx_lock_release+0x10/0x10 [ 388.898567][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 388.908771][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 388.922599][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 388.928989][ T30] ? schedule+0x90/0x320 [ 388.953624][ T30] schedule+0x14b/0x320 [ 388.957848][ T30] schedule_preempt_disabled+0x13/0x30 [ 388.973493][ T30] __mutex_lock+0x7e7/0xee0 [ 388.978073][ T30] ? __mutex_lock+0x5ef/0xee0 [ 388.990633][ T30] ? rtnl_newlink+0xbcb/0x2150 [ 388.995463][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 389.012718][ T30] ? cap_capable+0x1b4/0x250 [ 389.017368][ T30] ? safesetid_security_capable+0xb2/0x1d0 [ 389.033554][ T30] ? ns_capable+0x8a/0xf0 [ 389.037947][ T30] ? rtnl_link_get_net_capable+0x168/0x340 [ 389.051530][ T30] rtnl_newlink+0xbcb/0x2150 [ 389.056203][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 389.073534][ T30] ? __pfx_validate_chain+0x10/0x10 [ 389.078814][ T30] ? validate_chain+0x11e/0x5920 [ 389.103924][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 389.109013][ T30] ? __pfx_lock_release+0x10/0x10 [ 389.127134][ T30] ? __pfx_validate_chain+0x10/0x10 [ 389.136202][ T30] ? mark_lock+0x9a/0x360 [ 389.148507][ T30] ? __lock_acquire+0x1397/0x2100 [ 389.160427][ T30] ? __pfx_lock_release+0x10/0x10 [ 389.165512][ T30] ? __lock_acquire+0x1397/0x2100 [ 389.180384][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 389.185471][ T30] rtnetlink_rcv_msg+0x791/0xcf0 [ 389.200178][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 389.205413][ T30] ? __lock_acquire+0x1397/0x2100 [ 389.215928][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 389.230388][ T30] netlink_rcv_skb+0x1e3/0x430 [ 389.235214][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 389.251482][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 389.256859][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 389.277287][ T30] netlink_unicast+0x7f6/0x990 [ 389.283674][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 389.289012][ T30] ? __virt_addr_valid+0x45f/0x530 [ 389.306416][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 389.318344][ T30] ? __check_object_size+0x47a/0x730 [ 389.330388][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 389.335221][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 389.351583][ T30] ? __might_fault+0xaa/0x120 [ 389.356325][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 389.374185][ T30] __sock_sendmsg+0x221/0x270 [ 389.378962][ T30] __sys_sendto+0x363/0x4c0 [ 389.391787][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 389.396878][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 389.424479][ T30] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 389.439971][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 389.449689][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 389.460496][ T30] __x64_sys_sendto+0xde/0x100 [ 389.465314][ T30] do_syscall_64+0xf3/0x230 [ 389.469848][ T30] ? clear_bhb_loop+0x35/0x90 [ 389.497092][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.505624][ T30] RIP: 0033:0x7f01f4d87bbc [ 389.510089][ T30] RSP: 002b:00007ffcca5b7f00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 389.530474][ T30] RAX: ffffffffffffffda RBX: 00007f01f5aa4620 RCX: 00007f01f4d87bbc [ 389.538659][ T30] RDX: 0000000000000038 RSI: 00007f01f5aa4670 RDI: 0000000000000003 [ 389.558425][ T30] RBP: 0000000000000000 R08: 00007ffcca5b7f54 R09: 000000000000000c [ 389.570303][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 389.589512][ T30] R13: 0000000000000000 R14: 00007f01f5aa4670 R15: 0000000000000000 [ 389.610442][ T30] [ 389.613602][ T30] INFO: task syz-executor:6899 blocked for more than 149 seconds. [ 389.636994][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 389.645157][ T5833] Bluetooth: hci15: command tx timeout [ 389.660632][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 389.669348][ T30] task:syz-executor state:D stack:21280 pid:6899 tgid:6899 ppid:1 flags:0x00000004 [ 389.691385][ T30] Call Trace: [ 389.694714][ T30] [ 389.697668][ T30] __schedule+0x17fb/0x4be0 [ 389.714369][ T30] ? __pfx___schedule+0x10/0x10 [ 389.719286][ T30] ? __pfx_lock_release+0x10/0x10 [ 389.736840][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 389.748554][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 389.766112][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 389.776930][ T30] ? schedule+0x90/0x320 [ 389.788100][ T30] schedule+0x14b/0x320 [ 389.796184][ T30] schedule_preempt_disabled+0x13/0x30 [ 389.809820][ T30] __mutex_lock+0x7e7/0xee0 [ 389.819963][ T30] ? __mutex_lock+0x5ef/0xee0 [ 389.836683][ T30] ? rtnl_newlink+0xbcb/0x2150 [ 389.844510][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 389.849593][ T30] ? cap_capable+0x1b4/0x250 [ 389.865705][ T30] ? safesetid_security_capable+0xb2/0x1d0 [ 389.877561][ T30] ? ns_capable+0x8a/0xf0 [ 389.887883][ T30] ? rtnl_link_get_net_capable+0x168/0x340 [ 389.898417][ T30] rtnl_newlink+0xbcb/0x2150 [ 389.910164][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 389.920207][ T30] ? __pfx_validate_chain+0x10/0x10 [ 389.932782][ T30] ? validate_chain+0x11e/0x5920 [ 389.937787][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 389.956989][ T30] ? __pfx_lock_release+0x10/0x10 [ 389.970458][ T30] ? __pfx_validate_chain+0x10/0x10 [ 389.975731][ T30] ? mark_lock+0x9a/0x360 [ 389.980097][ T30] ? __lock_acquire+0x1397/0x2100 [ 389.996850][ T30] ? __pfx_lock_release+0x10/0x10 [ 390.007750][ T30] ? __lock_acquire+0x1397/0x2100 [ 390.017513][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 390.029577][ T30] rtnetlink_rcv_msg+0x791/0xcf0 [ 390.052457][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 390.057637][ T30] ? __lock_acquire+0x1397/0x2100 [ 390.071985][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 390.077523][ T30] netlink_rcv_skb+0x1e3/0x430 [ 390.091882][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 390.097405][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 390.113250][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 390.118510][ T30] netlink_unicast+0x7f6/0x990 [ 390.131931][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 390.145322][ T30] ? __virt_addr_valid+0x45f/0x530 [ 390.158661][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 390.170371][ T30] ? __check_object_size+0x47a/0x730 [ 390.175721][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 390.193048][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 390.198404][ T30] ? __might_fault+0xaa/0x120 [ 390.216002][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 390.227254][ T30] __sock_sendmsg+0x221/0x270 [ 390.239937][ T30] __sys_sendto+0x363/0x4c0 [ 390.250467][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 390.255543][ T30] ? irqtime_account_irq+0x18e/0x1e0 [ 390.274281][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 390.291529][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 390.297926][ T30] __x64_sys_sendto+0xde/0x100 [ 390.314093][ T30] do_syscall_64+0xf3/0x230 [ 390.318663][ T30] ? clear_bhb_loop+0x35/0x90 [ 390.330412][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.336358][ T30] RIP: 0033:0x7f2389587bbc [ 390.354046][ T30] RSP: 002b:00007ffd8bf90fc0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 390.369587][ T30] RAX: ffffffffffffffda RBX: 00007f238a2a4620 RCX: 00007f2389587bbc [ 390.385504][ T30] RDX: 000000000000003c RSI: 00007f238a2a4670 RDI: 0000000000000003 [ 390.401662][ T30] RBP: 0000000000000000 R08: 00007ffd8bf91014 R09: 000000000000000c [ 390.409686][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 390.428925][ T30] R13: 0000000000000000 R14: 00007f238a2a4670 R15: 0000000000000000 [ 390.441687][ T30] [ 390.447996][ T30] INFO: task syz-executor:6909 blocked for more than 150 seconds. [ 390.474634][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 390.491708][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 390.514987][ T30] task:syz-executor state:D stack:22912 pid:6909 tgid:6909 ppid:1 flags:0x00004006 [ 390.534889][ T30] Call Trace: [ 390.538241][ T30] [ 390.547168][ T30] __schedule+0x17fb/0x4be0 [ 390.560414][ T30] ? __pfx___schedule+0x10/0x10 [ 390.565326][ T30] ? __pfx_lock_release+0x10/0x10 [ 390.580386][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 390.586346][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 390.601968][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 390.608366][ T30] ? schedule+0x90/0x320 [ 390.628018][ T30] schedule+0x14b/0x320 [ 390.637090][ T30] schedule_preempt_disabled+0x13/0x30 [ 390.649486][ T30] __mutex_lock+0x7e7/0xee0 [ 390.660376][ T30] ? __mutex_lock+0x5ef/0xee0 [ 390.665138][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 390.681714][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 390.686815][ T30] ? read_word_at_a_time+0xe/0x20 [ 390.701009][ T30] ? sized_strscpy+0x9a/0x2b0 [ 390.705767][ T30] ip_tunnel_init_net+0x20e/0x720 [ 390.725880][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 390.741548][ T30] ops_init+0x31e/0x590 [ 390.745781][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 390.760471][ T30] setup_net+0x287/0x9e0 [ 390.764787][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 390.780744][ T30] ? __pfx_setup_net+0x10/0x10 [ 390.785584][ T30] copy_net_ns+0x33f/0x570 [ 390.790050][ T30] create_new_namespaces+0x425/0x7b0 [ 390.813182][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 390.818986][ T30] ksys_unshare+0x57d/0xa70 [ 390.830382][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 390.877044][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 390.890467][ T30] ? do_syscall_64+0x100/0x230 [ 390.895582][ T30] __x64_sys_unshare+0x38/0x40 [ 390.910919][ T30] do_syscall_64+0xf3/0x230 [ 390.915486][ T30] ? clear_bhb_loop+0x35/0x90 [ 390.920193][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.938808][ T30] RIP: 0033:0x7f6122387527 [ 390.945935][ T30] RSP: 002b:00007ffd6136a928 EFLAGS: 00000202 ORIG_RAX: 0000000000000110 [ 390.972243][ T30] RAX: ffffffffffffffda RBX: 00007f6122575f40 RCX: 00007f6122387527 [ 390.980300][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 390.998477][ T30] RBP: 00007f6122576738 R08: 0000000000000000 R09: 0000000000000000 [ 391.013478][ T30] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008 [ 391.031207][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 391.039262][ T30] [ 391.053231][ T30] INFO: task syz-executor:6915 blocked for more than 151 seconds. [ 391.074993][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 391.101922][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 391.120444][ T30] task:syz-executor state:D stack:23896 pid:6915 tgid:6915 ppid:1 flags:0x00000004 [ 391.141653][ T30] Call Trace: [ 391.144983][ T30] [ 391.147936][ T30] __schedule+0x17fb/0x4be0 [ 391.167418][ T30] ? __pfx___schedule+0x10/0x10 [ 391.174104][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 391.180205][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 391.186472][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 391.201601][ T30] ? __pfx_lock_release+0x10/0x10 [ 391.206690][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 391.213010][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 391.218959][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 391.225804][ T30] ? schedule+0x90/0x320 [ 391.230078][ T30] schedule+0x14b/0x320 [ 391.234591][ T30] schedule_preempt_disabled+0x13/0x30 [ 391.240095][ T30] __mutex_lock+0x7e7/0xee0 [ 391.244914][ T30] ? __mutex_lock+0x5ef/0xee0 [ 391.249637][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 391.254886][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 391.259955][ T30] ? __might_fault+0xc6/0x120 [ 391.266427][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 391.271612][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 391.276940][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 391.282982][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 391.289422][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 391.294688][ T30] __se_sys_ioctl+0xf5/0x170 [ 391.299310][ T30] do_syscall_64+0xf3/0x230 [ 391.304038][ T30] ? clear_bhb_loop+0x35/0x90 [ 391.308742][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.314940][ T30] RIP: 0033:0x7fd08098592b [ 391.319378][ T30] RSP: 002b:00007ffebde88d00 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 391.328242][ T30] RAX: ffffffffffffffda RBX: 00007fd080b75f40 RCX: 00007fd08098592b [ 391.336378][ T30] RDX: 00007ffebde88d80 RSI: 00000000400454ca RDI: 00000000000000c8 [ 391.344525][ T30] RBP: 00007fd080b76738 R08: 0000000000000000 R09: 0000000000000000 [ 391.352847][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 391.360875][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 391.370658][ T30] [ 391.373705][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 391.425935][ T30] [ 391.425935][ T30] Showing all locks held in the system: [ 391.438895][ T30] 3 locks held by kworker/0:1/9: [ 391.449219][ T30] 3 locks held by kworker/u8:1/12: [ 391.460733][ T30] #0: ffff888030e93948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 391.500427][ T30] #1: ffffc90000117d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 391.523782][ T30] #2: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0xd0/0x16f0 [ 391.540522][ T30] 2 locks held by ksoftirqd/0/16: [ 391.545593][ T30] 1 lock held by khungtaskd/30: [ 391.560783][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 391.583315][ T30] 3 locks held by kworker/1:2/58: [ 391.588385][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 391.607267][ T30] #1: ffffc9000133fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 391.630735][ T30] #2: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 391.650410][ T30] 3 locks held by kworker/u8:6/2200: [ 391.655745][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 391.683060][ T30] #1: ffffc90005c6fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 391.701329][ T30] #2: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 391.719942][ T30] 4 locks held by kworker/u9:1/5139: [ 391.726038][ T5832] Bluetooth: hci15: command tx timeout [ 391.742040][ T30] #0: ffff888082940948 ((wq_completion)hci1#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 391.762418][ T30] #1: ffffc9000db9fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 391.788471][ T30] #2: ffff888089a04d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 [ 391.800085][ T30] #3: ffff888089a04078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1e4/0x11f0 [ 391.819770][ T30] 2 locks held by getty/5576: [ 391.824892][ T30] #0: ffff8880318960a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 391.850602][ T30] #1: ffffc9000330b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 391.872435][ T30] 1 lock held by syz-executor/5818: [ 391.889519][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 391.900149][ T30] 4 locks held by kworker/u9:2/5822: [ 391.915529][ T30] #0: ffff88804a95d148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 391.932661][ T30] #1: ffffc90003f4fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 391.956947][ T30] #2: ffff8880473ecd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 [ 391.977937][ T30] #3: ffff8880473ec078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1e4/0x11f0 [ 391.994231][ T30] 5 locks held by kworker/u9:4/5826: [ 391.999566][ T30] #0: ffff888088b78948 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 392.020425][ T30] #1: ffffc90003f7fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 392.049415][ T30] #2: ffff888061104d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 [ 392.066404][ T30] #3: ffff888061104078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1e4/0x11f0 [ 392.090470][ T30] #4: ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830 [ 392.114591][ T30] 1 lock held by syz-executor/5828: [ 392.119839][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 392.140387][ T30] 4 locks held by kworker/u9:6/5830: [ 392.145726][ T30] #0: ffff88808141b948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 392.167687][ T30] #1: ffffc90003fd7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 392.192776][ T30] #2: ffff8880364f0d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 [ 392.213793][ T30] #3: ffff8880364f0078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1e4/0x11f0 [ 392.233643][ T30] 3 locks held by kworker/1:5/5950: [ 392.238884][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 392.260374][ T30] #1: ffffc900048f7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 392.282005][ T30] #2: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x99/0xfb0 [ 392.310746][ T30] 2 locks held by syz.1.231/6743: [ 392.315823][ T30] 1 lock held by iou-sqp-6841/6846: [ 392.331962][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 392.350221][ T30] 1 lock held by syz.0.257/6845: [ 392.356838][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 392.370372][ T30] 1 lock held by syz.5.250/6889: [ 392.375351][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 392.397855][ T30] 2 locks held by syz-executor/6898: [ 392.409454][ T30] #0: ffffffff90189010 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 [ 392.429175][ T30] #1: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xbcb/0x2150 [ 392.451842][ T30] 2 locks held by syz-executor/6899: [ 392.457179][ T30] #0: ffffffff90188ba0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 [ 392.477889][ T30] #1: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xbcb/0x2150 [ 392.502548][ T30] 2 locks held by syz-executor/6909: [ 392.507880][ T30] #0: ffffffff8fc940d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 392.540432][ T30] #1: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x20e/0x720 [ 392.550013][ T30] 1 lock held by syz-executor/6915: [ 392.569179][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x48c/0x2400 [ 392.583351][ T30] 2 locks held by syz-executor/6979: [ 392.588676][ T30] #0: ffffffff90188ba0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 [ 392.609168][ T30] #1: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xbcb/0x2150 [ 392.624675][ T30] 1 lock held by syz-executor/6992: [ 392.629916][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.655499][ T30] 1 lock held by syz.8.280/6996: [ 392.668996][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x48c/0x2400 [ 392.682384][ T30] 1 lock held by syz.8.280/6997: [ 392.687706][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x48c/0x2400 [ 392.710726][ T30] 1 lock held by syz.8.280/6999: [ 392.715709][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 392.736102][ T30] 1 lock held by syz.8.280/7001: [ 392.746589][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x706/0x1340 [ 392.762800][ T30] 1 lock held by syz.8.280/7004: [ 392.771206][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x419/0x2400 [ 392.790639][ T30] 1 lock held by syz-executor/6998: [ 392.795893][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.822666][ T30] 1 lock held by syz-executor/7008: [ 392.827919][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.847259][ T30] 1 lock held by syz-executor/7011: [ 392.857362][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.875380][ T30] 1 lock held by syz-executor/7018: [ 392.888693][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.908931][ T30] 1 lock held by syz-executor/7022: [ 392.926902][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.940467][ T30] 1 lock held by syz-executor/7023: [ 392.945806][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.966626][ T30] 1 lock held by syz-executor/7026: [ 392.979155][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 392.994773][ T30] 1 lock held by syz-executor/7030: [ 393.000026][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 393.027488][ T30] 1 lock held by syz-executor/7042: [ 393.035740][ T30] #0: ffffffff8fca0588 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 393.055350][ T30] [ 393.057726][ T30] ============================================= [ 393.057726][ T30] [ 393.074767][ T30] NMI backtrace for cpu 1 [ 393.079168][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 393.089691][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 393.099777][ T30] Call Trace: [ 393.103074][ T30] [ 393.106033][ T30] dump_stack_lvl+0x241/0x360 [ 393.110739][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 393.115969][ T30] ? __pfx__printk+0x10/0x10 [ 393.120596][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 393.125563][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 393.131062][ T30] ? _printk+0xd5/0x120 [ 393.135238][ T30] ? __pfx__printk+0x10/0x10 [ 393.139848][ T30] ? __wake_up_klogd+0xcc/0x110 [ 393.144732][ T30] ? __pfx__printk+0x10/0x10 [ 393.149347][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 393.154396][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 393.160412][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 393.166418][ T30] watchdog+0xff6/0x1040 [ 393.170685][ T30] ? watchdog+0x1ea/0x1040 [ 393.175126][ T30] ? __pfx_watchdog+0x10/0x10 [ 393.179832][ T30] kthread+0x2f0/0x390 [ 393.183929][ T30] ? __pfx_watchdog+0x10/0x10 [ 393.188622][ T30] ? __pfx_kthread+0x10/0x10 [ 393.193236][ T30] ret_from_fork+0x4b/0x80 [ 393.197678][ T30] ? __pfx_kthread+0x10/0x10 [ 393.202294][ T30] ret_from_fork_asm+0x1a/0x30 [ 393.207098][ T30] [ 393.212043][ T30] Sending NMI from CPU 1 to CPUs 0: [ 393.217306][ C0] NMI backtrace for cpu 0 [ 393.217319][ C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 393.217338][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 393.217348][ C0] RIP: 0010:__netif_receive_skb_core+0x3d95/0x4690 [ 393.217376][ C0] Code: 49 39 df 0f 85 84 01 00 00 e8 57 35 10 f8 4d 85 ed 0f 84 cc 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 4c 24 10 80 3c 01 00 <74> 0d 48 8d bc 24 50 02 00 00 e8 cc 12 74 f8 4c 8b b4 24 50 02 00 [ 393.217390][ C0] RSP: 0000:ffffc90000157440 EFLAGS: 00000246 [ 393.217405][ C0] RAX: dffffc0000000000 RBX: ffff88805f3d6000 RCX: 1ffff9200002aed2 [ 393.217418][ C0] RDX: 0000000000000100 RSI: 000000000000dd86 RDI: 000000000000ca88 [ 393.217429][ C0] RBP: ffffc90000157710 R08: ffffffff898f3b09 R09: ffffffff898f0728 [ 393.217441][ C0] R10: 0000000000000002 R11: ffff88801beeda00 R12: 000000000000dd86 [ 393.217451][ C0] R13: ffffffff901a1130 R14: ffff8880ab0a9780 R15: ffff88805f3d6000 [ 393.217464][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 393.217478][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 393.217489][ C0] CR2: 000000110c2c142a CR3: 000000000e736000 CR4: 00000000003526f0 [ 393.217504][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 393.217513][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400