last executing test programs: 2m31.172971064s ago: executing program 3 (id=282): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='oom_adj\x00') pread64(r0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000003380)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d010000000100bf000000003bbd424c6e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e460a000517ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab71587a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f000000000000000055211c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb372713255012e028cb2654d493a0b4b35faae176f99b745eda2967199cc93685bb537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ae2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b419a6248029d33d61dd5c844024ba757371867a79b31c6617fc3327191fbf514573f1e30d1fd2d763f3ee9218b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc97def5f07f2980005a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c534187a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74f1ffdaccf0ea5f02e03a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01efada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b00110635376413c29f7c6f7b7e29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000bc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5b98e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22adef9546abb7a2d9c085b189b5fd1f30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd03870c39d1ad12c750837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a103ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de08bacecfff2d58437f422df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dcddab8f38f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bbe0f10521862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94993157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d703dd29ad77f54836779600bb0db3ecfbd36fa8164999898e4aaa56324e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d30edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a730000000000000000001ed58cd2c684667178576dbb57345b63c313e4a8fcfefe511e084c24b31a2e693946748bb73511695bc0eec1553b0f67d50678fb29ad13d2104fdd7a992574d475d3e51652fb3fda6a9fc0458f10b6d121bd48664858b51a9054d7c1d310af6a043e4b99472fbff86fea83924059419d54f07da0b6b7d6e6d61e680f15"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) r3 = socket$kcm(0x29, 0x5, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet(r3, &(0x7f0000008dc0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)="888303263a9e1cd1b50fc2efc626709c96bcab98beeaa9077149fd4ffeb7b7859b0a68c39e8881cab4fdf65d791358ed734acb07149c487b4f50c5f917139e9ddd44ad39181491d09461f20f51503283b41f6018eb59e878178075bbae9936080a53e68b3cabbb85ca082bf489fa6b1abd74c346ff049623fa21722d20463695f81a234de702e58d0b7a3fcd183be373c73e607e8cfe2b65abd2cc3b97daca65b674bbd651de2ace292d1db665ae1bd9575bfd33675399566e7c5c56d3d7232a307b496f311ca8d3d15ec4c824ed0f4a672c6855c86e0d8d2ec8291a82a3f15e2cce9e", 0xe3}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000006c0)="9de6d3750349c2f3847fa4a05f94adb3d21fc68c161aea97b382463136de885846c0513c1d9af3f721cad5a7a753816b79e9af459a7719536932401f194b7c3cdd1b9f5b281e875b96304c31f9aa021642552f18aa7d269bceb614a8895c589cebc5deea722bc9efaf97ab2f098d99b96210c991e8496eae1a0558cc759f3886cc735c0cea5119c10be69068addbd4986f7a7b503ff93af91dd3d173d20ea095e56d3b9bf62b6d547efc4b5cf94bd633ef418ece871a5bdb42", 0xb9}, {&(0x7f00000002c0)="468acdb4e4cf0427161e4b334f4c94ebd825850e7c132a1217aa3b5547f1dcc73efdc575d16f90985e478231fe76ee24fcfe9799497db0cbe5954acded7a24622c2463bae7529c05a6c81e33ee93869fd7c57feff17c9cd809b1be241edcede17e4643efc8c2baed1e2442f3a236fe60e4685d2971077e625dce6f0b6c216ffcebecd763c39e87eb641e7046dd68949acc02", 0x92}, {&(0x7f0000000880)="52a67f4b2e3245fb", 0x8}, {&(0x7f00000008c0)="910173d811a77377207b361dd63bd456ea8e58a1e55699c4fd0206e27161045d62989959f8fa93a3437f4a33e558ce924e3be64fd73c92b733b2c178599b60cf9f37b97362210516665be1e110544d2a87c7750450a6a73dea6172b7d9766705", 0x60}, {&(0x7f0000001500)="cd07e85142f8ead499f3ef72f2227c53dd9255de4766b5f33ef218a7c39a97bbd4f8385f1852a08a0e900c7f9183f6c74e7e3407bac0d64f2fe763278fbc7ea1e7111be746ae2748fc96288a8b288a6d1baf35514905bee7b70175dd6a5b1b43735e06d236ee53c79aa6f817e833618ba7321afdf30656589fb5d92a67f70e2cb1dd98e48ff65bb2569a258f78bca3682750e0584ea00629c67c6411cd532d62be01f143fe9ce39012147357e8abe37baa6cfad28b949c343c17567015b2811ea8dfd577749855bcc1cbdae064318ac83c505129a407543c355a4e902e6d43e92cf7d4a538400b7741304b9179bc8357b82081d7141a388f8659108dbd3142dca4483efd112eae795c780aa14fde5d3ad8a29f57cbbe4929ced3ec0c45c4964e627d283b4c8302ab1eac4796a40ff79106ab2b28a1a72028a56a6b4e7e44f9578970f37fc3edfdf4b51bece98270e1b3b8da8f4bad2d38d0d04220f53e70f88f9431cd8184995253d38f27fbece66f45558a0941277de0308ed8a3bd8cbaa2f12406458086f37d447d9cb471c3b075bef79673e3b27d707f1483be8949600e9259a4edb962ff5e2a47a369468814971d2a81bbdf6222dfd7334912d33b51080cecb1eb5ca9ee573abc277b75e15b8fe9b242abd74ea74a4f83bd96e3b1ae924d927bb45a7b4b879f6a689f4977d0dbd4eaa0cfe64dacb82cf3784e21cd4e136ee610c2672eaedf35918d3c82eec28ea5753ea137f8a5d2f2f8a7aceffa1d71ac75bef177945d757ddc904c46a8a69336861cf08a5c51996807008e58ebf23a7e597bb07cce48e40b8a172144c4e649090fba0ec62152f85c3c4b843bde0f6eafbaa12bd1449801d2c4bfb51317bbc4d521ea1015e73a8c9146eb37eb9583a2443d8eea2293c808efc19a5735408281f16f590e00415c43ac2ce1c3432d41525dd0137eb991d9c56c163c0d4ab2d4ce2a418ff537bf20e6152bbd81d4a2a3570a7c3053f2ceb5e9797d2c60fb069cdcb03e06aedf63ff47f7ef9551e26cf08740c74b273bcda959a1e9a84c0fa05416b99d73d402fb81754e1ccf796d9da53399d6dce3ce83303ccb4166cf36ccb0c9bddbe0e34dfbcae31b4ce8fe513570e036844ab516cf4d6293bdd388112084e6aefcc6e7967fe99aabd72a207bb4ec8fc02d5bc229ca68c9db99529208146f49f29fda53c49707d76a649aa5df7607c3ee514eb820f4d0cc55d547ecd3193c4946525af9f68f8ec2d0a6b0ccfbd8ae0a265249255c98e9e6ab3d8d82dbfb8c15a8ef69b78cc9b4f0ad5a2ce9d6793ada0b6163d9d1ed3e50f9c819ca46b40ff40b375f5e2ce6caa996af36324cbbaa63635b0e107ad01174baa553b86dba12e8ad9586727a70aee6785121e9edb5a98e01b7848734d3e044c494a4061493e1ae7fd73a2ed9b83d286e24a732966faee7705d8a2d360159acbdf18616028134c25d1a92bb45f06207701454390b87d5bcb66ec73d8c3c53049f42c85de0acc45a9379302203be199ce55154b739bfb3d27929b12163e2078905137774974b90c07960fd410fd58394bc53e7745f5627de2f0361418173763c69f8a11d93a104ad382cf385b0c6c7c3c5fc8236e6f18ae9be0543d28d54050b9e60f2f774a16be4904243d482ad3252edaccce56dcd350b6e249fe686d5adc07bc57c71aebdc243eac56f29fa24e69b8d444c54a95522beafac6230a3c4e89c6d55654a4a077f7f854d6b24f8b45da2baa5dc3e4df15c56263c7fa80642789ea712a9562a70379afe5ac584c891178d71a558e73456e53e7f9256f4c0b27daa3eab32f1e56b3dd9280053c1ec57e86fd87a725ab9a5d93e3f8e6e848afbdadb859c744f40a86486fbbd1da6a18c834bf43594aac9d0340521dea06befad18bb868e9e63578ed66c70ecfeb31ce55755a5d48de4113c7e29975643cbc53f114ed522231e410f1fe4b910e6af3d4b56918952f7f25204813b3283e20a54fd285a80988494576bd738e685edda5177eeb0e2c9816dac60302b12ec046c9feb770dec403fd4fadd1628aa4978647e8dac1825166a5be8b580b195387d901ecbf03b70d4301f6de69f691009a659c03186b8431e226022f811a6d2ce73c8bce19b09e04728b739da06054690f30c71bb3326f8d4fc80cf654a42fc6134967206e110558a6f9e9c434bf175def183da8a5c135975dd7eac8fcea1343710cd92fdcba2152b32e014cb8e87d3c500e8f439e1522da6866105e937663d8044527982d147df983ca83eaa7fb4dd5c0c79232dd687e02dc135d3067547cafb1934b5769114472beb906646ffdc44291289bc27478262295c2fa517ccd553804e73eb9150f5d451afd79f175e14b563a5e6c86e9a0eacd450be530a3e506297a751bc5800f3c45a3e18b93c21aa8c0f2d144122803361d4b59e2a21bb462c0b8bf9d8f4c91610c633fefced62b8de88bd2e56e58eb538f30b1710f8cf5e6e54db33adc53d2519351696028edda2e915a3f575ee3488b6ac2d96856fe5742ae57679e11e7baeeb7446aa3d92a834086b8b2eba58a16e54a2df19f4be02fb9ed80f9547c327ca69bfc027852c0f54eea05b0982f0a08548f16a80d17121b5c3536d072b6dd78965d7fcb1d13d8435c003050de3900f43ec378070ff24e9fe463451cd2ca1d81532121fa6a010df9e471dbd068c9de5698eb986a43640843e6ab2ae9c849603cc1ed6799cd80a9dc8937127ef006edd442b68fc79a7d31d80f255ce9593e12a219d4a38a84c2a77ae3c604ac33614aea6c8523e4f553866b801cfdbf3545370555685f2f6ae4a05745713bac8452e86536807b986037d28953cc093122c7e400f4ebd876282e831b5e45c2e2dab9c7620ef9aa3c3f733baef8eee8242e0edfc20c9f58127739c978fbda24af4068e36a0c556cf2e60be433e6c86fcaafaab94124385c14dff932713044432cfc6ce7c6ae88c1fe32097d2e223616818eb1df981cd70a9a35ad7776745b660dec25e93cf5d6157cc161b808097f49a7713c5a164cd5cd61cb44b155edd38b72c5788b5328a1090cc366fb114d658eb4f045740fa95c19a9b6fc4c758036b9ba3d566e93073a5387f850f70db48d7c4a071d2b6bcdc67113b242688fbddffcff2c369680a4f5e7f0bafc27241a95695ff39c828f5d2b4e2a5955414aae21358971a9bd5d27fb3b4980d7a2058f5a686a65a95245aa418df589d6191ddf8e2a75b80c78dece49e7cdb6dc038944c8badeb86ab903a7a2db35cff18dd46ffbc02c36461205df47e93ab492ee2c49b489c22e9d0a44766f855cc1bc37622c72ab452908860cc054e9cd245cef29667e078e09403f395a0ff222272fd39bcf8c657de071fa6b02efb062e133f4ca14dbc3041fc3d0d7f44a30c955fbe5088ec222355d0b533f506ac75cadbb646b437eccdffef7f521ff14b3716f945c3a0b532616e3fa4dd88ecff416b0c91798aac7072c610adef4e076f5609bc0a4431de4de4a7318115a3f45dd7105f0d25cf2f2eccfb949b7e9b1c6f051f1c8f61b95f665c219d1f32b7af585818e51a937f5d90b0dd2d1e68f4a9f94f8da2ab42b3c91c95871537d94fc2a191862cbbe28433c7773a3dabe82a371c47c905e46f74f4964fe4ff3551588cb97d089465d1df16daaf5617d5b677e2e77541f64ea33ad75611e1516f230d4f207f58494458b3e25a3ce1d1d098ae8a8db11fbb7783d6f3960e237c0a24e33043c21a552cedc8aa7a0838cb034070a5af237acaaacf0a4398b036cf32ddd2d614d26c53a3fdbd0fe8cd1e0064c8777ac8f9755e02ca4bf869bc94cd6bea3bab112f57aecc27e6011d4b4c8c3926abf995a39b4384f9bf410c4e3525a47d4db05f3c6c253c8adb2678c5f86dd2e5e3ffca798b5b756c0207e65a248449cd09abad3b3b8fcda337124bb66079dd1ac77949f3c8ddac7396eaf8348544164edb99e178d59c13878b8b8dbd0759cbf4b6b6d3dcb5adb4b6bf8402b93aa4a6b53789b627f68b772618cb8a9689ad282a230d6e5e125da910b4f26f72caf1eca8362b977f83bc16a798e05dfc6c7675cac8262e781db9db2250958ab6bda85ebd7c4d06681ee0f30bd062a08294ce0d459e10e3a0c2323373ec84ac3e6d99ec6134ee395b6ca8ad6e6a53dfba9a07747944cb2be0ed2fcac5c4e7c43a5da76031cec5169b3f445099322b704a5198c1018a3bce33a155e7881fac59fc526c32e954a700c4b6db8f25467b714d4b723224c1f1bcf59b2b75c577fe4acd95aea1c8ec9075945442a129a3efd5e64aa3d668be55e3c43580526e596a74baf605576606c7bab5005957371f075dbe44333465564af0eb35dfe14465d87035ee896e6fe8138ee43bc2d383e6ee51fe4ed62341d2a68ed64385ec31867f28ab33a8e0e0da7c6587432df0286d44a24ca0e85ae151307a24222fffc971b476e412a450c58d69b7b4a5d89c5f55170dc5f3689089f49894cf6d034f680067b28582ca2066d2578dec3528041289c7340355425064441b647a51bb4be746c165c10c0a2a82c8644a832a32877ea81e24a50c2e3f0fbc5b763656b6c7278cc83a94c65bbca431cefde888cd42b03299b591c756aca38f03ca7a8f61aa9a69de2ca81d7e5005fbd6c328493e2833d45fcb68cdfa761842b48aebf3570cec220dab6ab3b58e1214cf843b7201a8387077b5c1462f2b025f9c6a56f8", 0xd0b}], 0x5}}], 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000bc0)=0x1, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f00000001c0)={r4, r2}) close_range(r3, r2, 0x2) write(r3, 0x0, 0x0) syz_clone(0x0, &(0x7f00000007c0)="b847a6c2271871006c86237fd3eeef04700475945fa510704d86846e651eaa316c163b9c44b2fa7adba8ca06cb4b459c9b352f6981d9dddf984c262fce720fb096459c712e22e4eae2145e65a1c1cc38d84d5f18507a92b42ae7ce0c9be01862bc7182fbc5f945e21542c59219122d5ced7c9925eadb362a0b17ad391bae5c379eecceff6c488335be73", 0x8a, &(0x7f0000000480), &(0x7f0000000640), &(0x7f0000002240)="24f5e777c834ce95ed1fe8052979e96f32cdc72183024b8ac0b6936535e4ff463216e2cebeda93c73693cfd6e819454ebd6acc1af4d1354502c6a4958162d7334d75666222af267655cf419fada84ebb972282aa93fc088f010a453dff1d94d794487df59d0dcd017dbfeb4f53a39cf9f900375a535bec99ef7c3ff2b3c46b2bf301830ffa402a79059f6baa153df4eaeaae176ca53a893812bb1b9705a9d5cecb864297c30312b011c9e866d9e0cc8a2fea80163ee94d01b325b0968de6b51e16f9f268b79db0384e600f38ec59e2f84dae9e9ba9e54048edf1f56a68b64070d222fb2ae3e7bd6e36b1ac11d84b8cab5394786c6caf2562e34bb5e2b32e72ddf9f604d6e9322ac671b57e7fb8a0f3520fc8fd88a3187f8e9c6b2eda3e6b5d940a89f7b187376e38e02919dc38a14583a9345b9c667b0bd9e9051be18a7deb100ccab29a316e66e488f6e9518b86fd8e9ec9db58c421fa668897c3566849bf69efd845e63e8db9a91a353c796b477b61b7541c2838703e444b9ec0a3f7b0b0b506a55eed59f6f11e3b83431460558c9f1435f107d80e0e284ad86b5c61b2dac0aea87f02618c7813323309b19ca9243dbda5a778db5de9528ef4ba89dbd262afe79e70b8597ea324f06a879b84886af61a6984aaaf5e5fd851bf617bbf10d9b6e63cb20ea01f7aa0edfe6143f0ec24a68f7c5468411f840121312c88baa25158f7993013a29b19a73bc12b4e2fd95e404f09a69b1c85a359e856a0619417069514dc00d5d50231cf092f2059c10d78f87422ecb32309333431250b2f1ffe345e96d690481900a1f6b41f2f27f838b607bf69025086006ed22c0b2ca7c5166621848640a48c93b7e885709cedd052b9f137b7fac9e889177960ae9b715d6b8dad789a22da02cc3874d81a74a9bc3cfe6d20d3bf53be8e3bf3e4df18c5773888da147a9713b7ff8563f78c771905af6d71e3305313ff6a1b7a1d787008cf3081b9853b9a4486a95e671179440d2d77cc5bb01ef9c414461792a0305c3b5ff0b35df79d797febdad86577bc6a77b9b4fac364fea958482a578d5c099567ecc5bbef2cd113176b53d096cb09980569862c804277af6efdef9ccdcceb57b834e4f8753a42725e38cdbef1baf88e8dba770f5343b278aabb164b1ec1fe99880f017e4a1b704dcf9be17769e5de37e37aaba988f30e43fdf83e6285426a01e3556a15b0fdc340eb82b1c6df88aa8be447b86976e9810ee3bd0b225453b44bdb592de6c37a2e68810157c2f8a2798bd313a2ef36e1d43789560ea5217af3fbff26a84d0b38d36df1c22572c4eace31a44c74c627a3f0d25c35b1660dfbbbe3e062c4185c4a291792a0b91435af59f1dc504a92380da164d2b4c4edaa05d21d3bbddd2dd3010e0c52ba06645316e445bd90ec8fc892e9a5528ef902233de319cb299374a96ce3010ae4c13e8ac165ba311111027994d44aef7555a55e8b859373d8cb35141fb33009eda0148d375486db419edb12dfbeed22bc97a50fb11c744e9d932df68ff6c119c936b7391d23428a7533a80dc76fd88eef1fe2989b1166f285cb04a1212322e59811e69e466db831bdb3aa65baa35e5c71260aaf35290c1ffb4e4d7e53ea57e3e6eedb2b84740d0ce8d1265be666e28c8a348bf31eaea9aad24701850d721c508af8045a40a91af337ddaf0c743a23f4f130f89fcf1675f7bbb3964bade4955eefed9aec7e97a8b3331bb54f1344f3ff1cb83274e44bcb4e47ddf80bd22f7c669eed39c5c47a7bd978bc4b4da6c162cbe1f5f949332fa9bcf519c6a4422afd5c51135dfab0b5fc1e7a970457dac0f60175ff3c5b03316e8a6292ca88b52e18d098d4bcb6d7cf92c0eaa427e5321977454f0433b5bd948fe6ccf5fcd3b0583ed8fd95fd1dcc1b932d02985791f5394e0a4321c41342b28b2e503122d5dedb8744e1bfb6aea23317d078b24b4618d0921fd535deb38a9d26ed16b529e4a72c0297292f17c5a7c4b6c6960ba19130cb9413fa320d9c2a1dfc1d0e661c41cb33367d6d029e71d2559123567bcff493516f158fec7d47c5428d705d4d8eadd0b425a6a6b70f81495afabdaf242980cdbbc8526a1141eda0c97301e119df307e7cc5f457deb0d5ee6f1fdef13614dadf0ab9d375440eb3b9c079a282c5c7832114b224f054bae41764d3f530bc406a951486330eb72158b593965ee293f44e80f15297ba8935ebb5f40dbed5f5cbd7291901cd94857ec288f50b509e187729f43f6c314bb4584a9902521fd25cbd8fbc55aaccd2ffb93b00e5e7bdc07741c475f74432cc81ac8579fde49d4053abb7a928cafc99871d413336a6f09baec66bf949da7fc0e9c216071179678cf1c708a3954ebf2fcf3fc8e11c12535ac3023187f2e55d4ab16b2ac06ca87250b674e4b1a3c2269d509b3983394717ee5b1cf118b5360827758bc3b47e744a2408b348512f1197ccb16744aa5679f60bfda27d6a259faf41453dc662aed65bd30874c59760095029e3d2ce84971af126f2bc214dfb5a43cc7a9f4f5dd4b4b17f32d13cbd4408a354e9f389fa8d5b8ea8c708ed4f2a737620a8a3a0f05e47c97a98e3079273f16e50edfd19378143559bce009e07a680a0bace4b433c04ce840de9661eea570a4d2745fd8b7942bf48389800ffb9bab2fce030fa69f1fc036154c5ce1b846cf8b93108ddafb6e788472f0adb60e5c1f962d0563ef511c5f79194c394f984718e2984f49e80ab96f7455c88c47860e16e4b542cec0ce4744915ebb155f76ad6fc287e0ec5aedc4b9bf8a4738b52bf39e7a4e553fe3e6d9a09c0ca3aa135c2abd50c3d06291561da6b8aff4dec5b7553c63ac7e3760f09611c1001ac8fd349fe3899e14ee267e45fcbe5c2f04940f9cdde7752c854a42416ba716cf6e74f72bc11e93049c16492ea4412ff0edfa2f1e3ebae5b646a3de4f54a0bb3d247d5a9177cdd8862964469636029e259c961845868484d00c3ec88565f348cb0a8dfa8c17af5e5c8810403b5a65149d46c87329c7bfaa2e12915f04d38ef047903951440edc0b30188affd875be6f448134f0dd604b24266f393a4c4a55d3cfbe2057ae78e8ee84e18c7ea1d1695a90cec8938f0a2dadddd3e3883feb6c9a11a1881cd0aae404b0d67ecf1cb31098c2d75caeeae08c8aa2a933eabc1e8db4b4f2a357b8935812b03953174138ba56f91a59b7f9c2b95f6001c3026da42f77bc7558ff0c312f50906ac572b1bb577d303dd17c52e5c824b4d78a2d48cd11c9c36d4fbe4bcf37cc7ee02d7dd6b2ea9cc89e70005a9c5385fbb0d75e20634681ab25630d1027ab75fc2a915935eeb55095650b1fa48c7bd23c628f8f340bf3431571f60c28ea8922b1fce4783a347862748d2f5db0204466f8418ded9b86726831b112acb3a40d0e4956b23a24cdce1b70d6652bf87b70e6857a1790e4450d67fd850a6c3fe45549f40802b14e71a412b3d99e9abfb87495c339255cbb9a1237f0f2bd6e0423eca1fdb68b87b4246ee62a219d13b7f068e70457759e9f52c85ce5b48fa36e7683ad088da4a25330818e626b010f674ec06d76af9a6f76ba41f68038a2a0c0dc6af899581c8c61e209f80403fb5715e0f6622f51391cb7430a12928fb48edc257db9110fb55ee6f85768f28899334cb60d9cfc62c6f72e62cf8e36dbfaaabdab6033e88d16e504e9034b6070ecb83973c419bd5d2b277b06eec02992a99b033e2a90c052d0c57bf2681247a98192da005fb5b80c3f25d3e14b47c0f9845b2edec359030e9abc91dca663462bd020db6e99c344fd34f18ed5890b4fee2106a3c654070fe9c0bdc6e6d332f4839d5fe2c479254622c0981741ca7f1d41d41aa26f06d12dd38960b710aeaf8eb975d735b3de0ab48f15905b4324b6765382d122840ba90f9f574e045dc21cee2aa55d03a99aba1c41b7e0fcb914413c82b2bf78502d455ef31e3c30e014e2c548cc31bafe8a48dc8cd05c77ce7c2b998c10dc01f9f5b748ae2055cfd7ebdce9ff3eaf7f68b0206244fa716d64bd0c5ba5d041d694c8cdc65f8a082fd8c9b8989093e46d66fac035bb9f84993450cfb0b96fe8f958d4648482dfdce2c2842f0e0b0f0c70cb62ef685a8029929dbc2b7f9767cd5211dcce95d58a15e8be7e03d640f9def77254cf19da6ccb1fe86e5198b938e04886e495edd6467ae044362e604afdd5831fa880699f68f4c9ca39e8b4fa8fc63a7bf73b223aab0acc8fa44f0c3c9f844af6c60f12abc114e72978e0609166398b42c2176176c93a6e295e958ceb7f7b5ca36a812327304b9311b5bf91e896e54168e39eb21ef2f662a0dbc82acb1d7267fce5e08e744fc9d6531805e572b6d055979077ff58049470e6b4964d26afd8dc7ae10a1ece3ccfb89834d1817992ad160305b8ae06f75db1fee31f776ca5479097024f6d60bef0c271df49e14b3154c0c86f94285247f166a32c64c3ac1085d9ffcaf3c5cd9f972fece516aec299eb21ee7473ef2da96721e9f6bea418caa4836faed9315ccca888a84cb4efd0ebb77a57a63d4c20cf71a42323dec2757172641ca0a1f3090dc181df045fb109e60113bdb078e34a54e4e721dc7192368d69d68a21af3761607eec07d765388097ce531e4fc91dad5862f19d8ccf1c40b241a825060704a678580fe724ae83bde21341b0aa7a6af3d507327654ba433f3889b9ba9e39c182a71a383d1fe909fee5cfd17ece03c407d4f6da84f296cf5b59fc8433a2550704f86fd7a59d3ae9c007c26cd823e0a9660c311d7ab512fc36d6a646b0bd220a55f7e406c6402f923a1c2d97cddc51328bacffd0e764a492bd7cec434b013c10f8aebfcfe2cec5e0e488127fcfb71391e6135f6f0bc9cf05ed620943d20ee6c8e9af16dbdee65264845aa1494c3d7528bb64fc814250e54573b5492e7527ebe8dbb558a604e2e488326e7adb38713524c2e5e08405fe126ab00656cc769d18c37363f772a35d5c090a03ef8ba358b774b177592d6a0bbda6326f8f30b7dd59a38a78784b6fef257845210ac88cbaf3ed5b11589c360594f981937532fa410409d3e8aec16c6f09a4d2f572f5a0e5b0646c9d7399ec7c2c25a97320b6a78de0bf952ccc20536563282584d54f564b03cbd04f5689364b2a26694b6465d7595707d9b1af52c33a570b932c181f3a4f7f410d5c6a94d29e6afabfac742a7dbe5ac582457342f8fd4a17598dd283e3b30094259d2f9684890bfc80bd549d50d9c5d1cea5cbe7a3dd4b38a88a880c599abcedb0375105cefe6dbf09cbfb384b9baad5e7ac377e609c422076c886119e19404e20dd2bfbd269b69098b8386aa62c36f2b45a05cd691cacd4f4ab384540fa8c466cda85d17961f164d3ae875f2a7c8a14416a0ff16a1eeb8e81e9e9d6e6e5298a62fc1c9b7f3ea19ae9c78517792eae0ceb1c9327a095b6aedf82a732e363344e6ec8dfc09dde0140323ccc0d27402d21d4db897b7141b4bccd67d63ef6709b9e17f81e59bd2271a3ea672cfa455d5faa34285f4dbdd4cee8188c9d151041c44aecd0e415a78d8d86441cd5d2ad7400f1e8179497a4cba859d07f8df2f8817262aa892ff8458fbca5615612162638ca159c8564c533cf72dbf4531a2cb141733bee0fc346acb6d9820f4ed148c98ba512e5a43e1745ee9097db3753b914acce2672d78d2ed3052f0fad631bc122ca3a48ece0ad0eba985a9b18bb280811b9be2d0613c9119738228a470dff1a5427b365e583b664c7cbc685cf74f7d39caf9545893deb42524f546f43db0") 2m30.729487391s ago: executing program 3 (id=286): r0 = socket$unix(0x1, 0x2, 0x0) r1 = dup2(r0, r0) bind$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) 1m42.513109113s ago: executing program 3 (id=286): r0 = socket$unix(0x1, 0x2, 0x0) r1 = dup2(r0, r0) bind$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) 1m13.771217929s ago: executing program 3 (id=286): r0 = socket$unix(0x1, 0x2, 0x0) r1 = dup2(r0, r0) bind$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) 44.898783131s ago: executing program 3 (id=286): r0 = socket$unix(0x1, 0x2, 0x0) r1 = dup2(r0, r0) bind$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) 39.01599647s ago: executing program 1 (id=638): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000040)=@raw=[@ldst={0x3, 0x2, 0x0, 0x7, 0xb, 0x30}, @snprintf, @ldst={0x0, 0x2, 0x3, 0x2, 0x0, 0xffffffffffffffea}, @jmp={0x5, 0x0, 0x1, 0x4, 0x3, 0x6}], 0x0, 0x0, 0x95, &(0x7f0000000140)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000240)=[{0x0, 0x5, 0x6, 0x5}, {0x3, 0x5, 0x9, 0xc}, {0x1, 0x1, 0x6, 0x4}, {0x0, 0x2, 0x9, 0xc}, {0x5, 0x3, 0xb, 0xa}, {0x2, 0x3, 0x0, 0x1}, {0x0, 0x2, 0x7, 0x6}], 0x10, 0x9}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='ext4_es_remove_extent\x00'}, 0x10) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000100ffff000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x18, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"}) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) sendto$inet6(r2, &(0x7f0000000300), 0xfdef, 0x0, 0x0, 0xfffffffffffffdfd) 38.018861609s ago: executing program 1 (id=642): socket$kcm(0x10, 0x3, 0x10) open(0x0, 0x169042, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0) setresgid(0xee01, 0x0, 0xffffffffffffffff) socket$inet_udplite(0x2, 0x2, 0x88) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, &(0x7f0000000300), 0x20000000}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000240), 0x0}, 0x20) 36.693514138s ago: executing program 1 (id=643): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000500)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) 32.773671357s ago: executing program 1 (id=654): socket$nl_xfrm(0x10, 0x3, 0x6) openat$cuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) setsockopt$nfc_llcp_NFC_LLCP_MIUX(0xffffffffffffffff, 0x118, 0x1, &(0x7f0000000080), 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00'}, 0x48) socket$kcm(0x2, 0x1, 0x0) close(0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0xfffbffffffffff57}, @TCA_CAKE_DIFFSERV_MODE={0x8}]}}]}, 0x48}}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c00000000000000000000004700000044aa00210a2101"], 0x230}, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) 31.557347827s ago: executing program 1 (id=661): timer_create(0x0, 0x0, 0x0) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000002000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="40070101"], 0x4) 30.96940451s ago: executing program 1 (id=665): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad0000000000", 0x6) recvmmsg(r2, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 16.102520455s ago: executing program 3 (id=286): r0 = socket$unix(0x1, 0x2, 0x0) r1 = dup2(r0, r0) bind$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) 13.484741669s ago: executing program 2 (id=720): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8], [0x0, 0xffffffff], [0xfb]], '\x00', [], '\x00', 0x0, 0x0, 0x0, 0x2}) r1 = getpid() syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f0000000000)="3b000300010010", 0x7) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_robust_list(&(0x7f0000000200), 0x18) r7 = accept4(r6, 0x0, 0x0, 0x0) recvmmsg(r7, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0xffd8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x90}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 11.841843755s ago: executing program 2 (id=721): r0 = socket(0x1e, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1400020000000503000033ed6febd20000000000008bca0a35464577738c6b3acbf13557c36151b01c5ef7807bb948f14e6b89c3ad18d1"], 0x14}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0xfff, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r8 = accept4(r7, 0x0, 0x0, 0x0) recvmmsg(r8, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0) readv(r8, &(0x7f0000000300)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r8) sendmsg$ETHTOOL_MSG_DEBUG_SET(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x24048050) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) r9 = socket$inet(0x2, 0x2, 0x0) connect$inet(r9, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r10 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r10, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x300}}) setsockopt$inet_int(r9, 0x0, 0x13, &(0x7f0000000140)=0x7, 0x4) socket$packet(0x11, 0x0, 0x300) getsockopt$IPT_SO_GET_REVISION_TARGET(r9, 0x0, 0x43, &(0x7f00000000c0)={'NETMAP\x00'}, &(0x7f0000000100)=0x1e) socket$nl_route(0x10, 0x3, 0x0) 10.669181032s ago: executing program 2 (id=724): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000500)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) 10.440386769s ago: executing program 4 (id=726): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000040)=@raw=[@ldst={0x3, 0x2, 0x0, 0x7, 0xb, 0x30}, @snprintf, @ldst={0x0, 0x2, 0x3, 0x2, 0x0, 0xffffffffffffffea}, @jmp={0x5, 0x0, 0x1, 0x4, 0x3, 0x6}], 0x0, 0x0, 0x95, &(0x7f0000000140)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000240)=[{0x0, 0x5, 0x6, 0x5}, {0x3, 0x5, 0x9, 0xc}, {0x1, 0x1, 0x6, 0x4}, {0x0, 0x2, 0x9, 0xc}, {0x5, 0x3, 0xb, 0xa}, {0x2, 0x3, 0x0, 0x1}, {0x0, 0x2, 0x7, 0x6}], 0x10, 0x9}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='ext4_es_remove_extent\x00'}, 0x10) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000100ffff000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x18, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"}) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0) sendto$inet6(r3, &(0x7f0000000300), 0xfdef, 0x0, 0x0, 0xfffffffffffffdfd) 9.505294923s ago: executing program 2 (id=728): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}}}, 0x7) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6) syz_emit_vhci(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 9.362250339s ago: executing program 4 (id=730): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8], [0x0, 0xffffffff], [0xfb]], '\x00', [], '\x00', 0x0, 0x0, 0x0, 0x2}) r1 = getpid() syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f0000000000)="3b000300010010", 0x7) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) set_robust_list(&(0x7f0000000200), 0x18) r7 = accept4(r6, 0x0, 0x0, 0x0) recvmmsg(r7, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0xffd8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x90}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 8.176194902s ago: executing program 2 (id=732): ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f00000002c0)={{}, 0x0, 0x0, @inherit={0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000ff0f00"/72]}, @devid}) ioctl$VHOST_VDPA_GET_CONFIG(0xffffffffffffffff, 0x8008af73, &(0x7f00000012c0)={0x0, 0x85, ""/133}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000d000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv6_getroute={0x24, 0x1a, 0x115, 0x0, 0x0, {0x2}, [@RTA_UID={0x8}]}, 0x24}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 7.351262358s ago: executing program 4 (id=733): r0 = socket(0x1e, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1400020000000503000033ed6febd20000000000008bca0a35464577738c6b3acbf13557c36151b01c5ef7807bb948f14e6b89c3ad18d1"], 0x14}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0xfff, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r8 = accept4(r7, 0x0, 0x0, 0x0) recvmmsg(r8, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0) readv(r8, &(0x7f0000000300)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r8) sendmsg$ETHTOOL_MSG_DEBUG_SET(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x24048050) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) r9 = socket$inet(0x2, 0x2, 0x0) connect$inet(r9, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r10 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r10, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x300}}) setsockopt$inet_int(r9, 0x0, 0x13, &(0x7f0000000140)=0x7, 0x4) socket$packet(0x11, 0x0, 0x300) getsockopt$IPT_SO_GET_REVISION_TARGET(r9, 0x0, 0x43, &(0x7f00000000c0)={'NETMAP\x00'}, &(0x7f0000000100)=0x1e) socket$nl_route(0x10, 0x3, 0x0) 7.160564187s ago: executing program 2 (id=735): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003400)=""/4096, 0xfffffe09}, {&(0x7f0000001180)=""/135, 0x87}], 0x2}, 0x0) recvmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400) recvmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 6.371160451s ago: executing program 4 (id=737): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x42202) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) getpgid(0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) shutdown(0xffffffffffffffff, 0x2) futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000080)=0x6) futex(&(0x7f000000cffc), 0x6, 0x3d, 0x0, 0x0, 0x2) futex(0x0, 0x4, 0xffffffbe, &(0x7f0000000280)={0x77359400}, 0x0, 0x4000001) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000007, 0x10010, r1, 0xe5050000) r4 = syz_clone(0x0, 0x0, 0x5a, 0x0, 0x0, 0x0) ptrace(0x10, r4) ptrace$setregset(0x18, r4, 0x0, &(0x7f00000000c0)={0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r5) dup2(0xffffffffffffffff, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="0500000000001d0063110c000000000085ba10000002feff0085e40000000500000095e35d93f0acb5b8454df76ac9c8762e77cecce7fe30e82c80bd01c64d25db37292600661b0783f8c24330ef85b45abdf605cb2accad3a5320e5427183f5433487c97e99fd15d0d8196b9d339c625ce1f4e2b7b1198b491db9dfb46b93d521f2649ededa4eab43587985c6a73faba68232c21b5c2326bfa8e7216e375e19900f746cee9874"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) 6.279967465s ago: executing program 0 (id=738): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0), 0x0) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010700000000000000002000000008000300", @ANYRES32=r2], 0x1c}}, 0x0) 4.650800129s ago: executing program 4 (id=739): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000040)=@raw=[@ldst={0x3, 0x2, 0x0, 0x7, 0xb, 0x30}, @snprintf, @ldst={0x0, 0x2, 0x3, 0x2, 0x0, 0xffffffffffffffea}, @jmp={0x5, 0x0, 0x1, 0x4, 0x3, 0x6}], 0x0, 0x0, 0x95, &(0x7f0000000140)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000240)=[{0x0, 0x5, 0x6, 0x5}, {0x3, 0x5, 0x9, 0xc}, {0x1, 0x1, 0x6, 0x4}, {0x0, 0x2, 0x9, 0xc}, {0x5, 0x3, 0xb, 0xa}, {0x2, 0x3, 0x0, 0x1}, {0x0, 0x2, 0x7, 0x6}], 0x10, 0x9}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='ext4_es_remove_extent\x00'}, 0x10) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000100ffff000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x18, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"}) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0) sendto$inet6(r3, &(0x7f0000000300), 0xfdef, 0x0, 0x0, 0xfffffffffffffdfd) 4.16372385s ago: executing program 0 (id=740): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x42}], 0x1, 0x0, 0x0) 3.881268501s ago: executing program 0 (id=741): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}}}, 0x7) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6) syz_emit_vhci(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.818647179s ago: executing program 4 (id=742): r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = socket$rxrpc(0x21, 0x2, 0x0) open(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) chdir(0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x60) fanotify_init(0x0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$rxrpc(r1, &(0x7f0000000080)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x28}, 0xa}}, 0x24) listen(r0, 0x0) capset(0x0, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000000)={@cgroup, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x0) 2.469472314s ago: executing program 0 (id=743): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_proto_private(r0, 0x89ef, &(0x7f0000004bc0)) 2.189336476s ago: executing program 0 (id=744): socket$pppl2tp(0x18, 0x1, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/vlan0\x00') syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x8, [{{0x9, 0x2, 0xfffffea7}}]}}, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000f04"], 0x0, 0x28}, 0x20) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r2}, 0x48) ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'macsec0\x00', 0x7}) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080)={0x80}, 0x1) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CONNECT(r3, &(0x7f0000000340)={0x6, 0x118, 0xfa00, {{0x7, 0x37, "49d23fa4d194dd66f7872b424dc03add1d6243207fa21135fd5cd4546acb209fcb7e1e180d24029d841027579ffbe2f69bc45c13962adefdcaf6c8b1b75253b5887eeb53a7f631ce8fb8d9917ffdc4a2af9a926b0ddecfd194aa1ef85c8e8dfef9fa5a21e4aef4051695c767a6f444cdbed24ebfa294aa10d2436d51eac230263ce1d55252d067f4d4142673801ce9002273eee29d994ab3fccc4f16a32a628231c27b6f79ea3cc81fca1bccfda654740db79deda4125d41b6b6acc07093e9e6cfc51421d9911c915d908490d3236ddc497dbbfdbc29089180c510f94361c89129138ab5e626d2c26d1cbe4a01ca7d3ec798e358b67ce6def5e1ec958964a5ff"}}}, 0x120) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x6, 0x0, 0x1, 0x200000}, {0x3, 0x1, 0x6, 0x3}]}) socket$packet(0x11, 0x0, 0x300) 0s ago: executing program 0 (id=745): r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f00000000c0)=0xffffffffffffff9c, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0) connect$vsock_stream(r0, &(0x7f0000000380)={0x28, 0x0, 0x0, @hyper}, 0x10) syz_init_net_socket$llc(0x1a, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) write$ppp(r1, &(0x7f0000000480)="00004de3bf7f46665617cb8c9eca6d509ef4f35e0851ca8ec6ae15b270b75c8b5c04a2a08ac937dc9e402d80b194edbcdb70621eb283c52b05188aa9696b89e1f4a2d984a8aa8a904d1bb01a80b1b5a3e349f1017de5373be1efc05bbdd5ca8642e30fca0ea6ca7bd4c1501680c9698b589314b38e59d288", 0x78) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x7}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x31}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$inet(0x2, 0x0, 0x84) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38) r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}}, 0x800) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000001020301020000000000000000000000100800010001000000"], 0x1c}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010200000000000000000100000009000100e5559c1973797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000038000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000000400038008000740000000011c0000000b0a0103000000000000000005000004080008400000000114000000100001000000000000000000"], 0xf4}}, 0x0) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) kernel console output (not intermixed with test programs): 7 comm="syz.3.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 157.841966][ T5661] team0: Port device team_slave_0 added [ 157.922677][ T5661] team0: Port device team_slave_1 added [ 158.251682][ T5661] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.292105][ T5661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.406363][ T5661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.468843][ T5661] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.475933][ T5661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.557920][ T784] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 158.637748][ T5661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.792028][ T784] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.862252][ T784] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.901475][ T784] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.946695][ T784] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.997168][ T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.050433][ T784] usb 2-1: config 0 descriptor?? [ 159.098902][ T5661] hsr_slave_0: entered promiscuous mode [ 159.136524][ T5661] hsr_slave_1: entered promiscuous mode [ 159.157824][ T5661] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.196854][ T5661] Cannot create hsr debugfs directory [ 159.231568][ T5088] Bluetooth: hci5: command tx timeout [ 159.338054][ T5137] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 159.556490][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.568750][ T5137] usb 3-1: Using ep0 maxpacket: 32 [ 159.604922][ T5137] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.605477][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.666851][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.684535][ T5137] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.705629][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.718660][ T5137] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 159.725594][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.776706][ T5137] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 159.787316][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.823328][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.831252][ T5137] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 159.862303][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.898001][ T5137] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 159.903041][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.907085][ T5137] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.959531][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 159.987489][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 160.012321][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 160.017809][ T5137] usb 3-1: Product: syz [ 160.031313][ T5137] usb 3-1: Manufacturer: syz [ 160.035973][ T5137] usb 3-1: SerialNumber: syz [ 160.046611][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 160.074876][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 160.082619][ T5136] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 160.121183][ T784] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 160.154150][ T784] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 160.274458][ T784] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 160.328265][ T5136] usb 4-1: no configurations [ 160.337882][ T5136] usb 4-1: can't read configurations, error -22 [ 160.396974][ T5661] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.427001][ T784] usb 2-1: USB disconnect, device number 3 [ 160.559367][ T5136] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 160.638078][ T5137] cdc_ncm 3-1:1.0: bind() failure [ 160.672703][ T5137] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 160.757864][ T5137] cdc_ncm 3-1:1.1: bind() failure [ 160.849595][ T5137] usb 3-1: USB disconnect, device number 4 [ 160.955678][ T5661] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.562579][ T5661] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.995997][ T5661] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.204821][ T5099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 162.216239][ T5099] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 162.237931][ T5099] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 162.259599][ T5099] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 162.272026][ T5099] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 162.281730][ T5099] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 162.338994][ T29] audit: type=1400 audit(1720499058.523:281): avc: denied { read } for pid=5746 comm="syz.2.188" name="loop-control" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 162.401600][ T29] audit: type=1400 audit(1720499058.563:282): avc: denied { open } for pid=5746 comm="syz.2.188" path="/dev/loop-control" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 162.837594][ T5749] Cannot find set identified by id 0 to match [ 163.055775][ T2472] bridge_slave_1: left allmulticast mode [ 163.077828][ T2472] bridge_slave_1: left promiscuous mode [ 163.099627][ T2472] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.259737][ T2472] bridge_slave_0: left allmulticast mode [ 163.265493][ T2472] bridge_slave_0: left promiscuous mode [ 163.338530][ T2472] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.370827][ T5136] usb 4-1: device descriptor read/all, error -71 [ 163.399804][ T5136] usb usb4-port1: attempt power cycle [ 164.013183][ T29] audit: type=1400 audit(1720499060.183:283): avc: denied { setopt } for pid=5746 comm="syz.2.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 164.348383][ T5099] Bluetooth: hci6: command tx timeout [ 165.054588][ T2472] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 165.070850][ T2472] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 165.083506][ T2472] bond0 (unregistering): Released all slaves [ 166.398075][ T2472] hsr_slave_0: left promiscuous mode [ 166.428257][ T5099] Bluetooth: hci6: command tx timeout [ 166.478550][ T2472] hsr_slave_1: left promiscuous mode [ 166.545569][ T2472] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.568228][ T2472] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.619974][ T2472] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.627464][ T2472] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.828079][ T2472] veth1_macvtap: left promiscuous mode [ 166.834474][ T2472] veth0_macvtap: left promiscuous mode [ 166.868134][ T2472] veth1_vlan: left promiscuous mode [ 166.874025][ T2472] veth0_vlan: left promiscuous mode [ 168.508669][ T5099] Bluetooth: hci6: command tx timeout [ 168.584723][ T2472] team0 (unregistering): Port device team_slave_1 removed [ 168.633075][ T2472] team0 (unregistering): Port device team_slave_0 removed [ 169.073782][ T5099] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 169.090321][ T5099] Bluetooth: hci0: Injecting HCI hardware error event [ 169.099694][ T5088] Bluetooth: hci0: hardware error 0x00 [ 169.197554][ T5661] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 169.382186][ T5661] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 169.592225][ T5661] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 169.637352][ T5661] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 170.177923][ T5743] chnl_net:caif_netlink_parms(): no params data found [ 170.575303][ T5831] netlink: 'syz.3.216': attribute type 9 has an invalid length. [ 170.587916][ T5099] Bluetooth: hci6: command tx timeout [ 170.605645][ T5831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.216'. [ 170.995135][ T5743] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.025030][ T5743] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.044884][ T5743] bridge_slave_0: entered allmulticast mode [ 171.071662][ T5743] bridge_slave_0: entered promiscuous mode [ 171.125871][ T5743] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.157907][ T5743] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.161963][ T5088] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 171.169481][ T5743] bridge_slave_1: entered allmulticast mode [ 171.210241][ T5743] bridge_slave_1: entered promiscuous mode [ 171.248042][ T5836] loop0: detected capacity change from 0 to 7 [ 171.261671][ T5836] Dev loop0: unable to read RDB block 7 [ 171.267740][ T5836] loop0: unable to read partition table [ 171.273916][ T5836] loop0: partition table beyond EOD, truncated [ 171.280426][ T5836] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 171.280426][ T5836] ) failed (rc=-5) [ 171.914502][ T2472] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.993365][ T5743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.024172][ T5743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.167636][ T2472] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.319059][ T5661] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.326275][ T5853] netlink: 'syz.2.226': attribute type 9 has an invalid length. [ 172.345541][ T5853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.226'. [ 172.461607][ T2472] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.535001][ T5743] team0: Port device team_slave_0 added [ 172.587561][ T5743] team0: Port device team_slave_1 added [ 172.762843][ T2472] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.824116][ T5860] loop0: detected capacity change from 0 to 7 [ 172.861784][ T5860] Dev loop0: unable to read RDB block 7 [ 172.883869][ T5860] loop0: unable to read partition table [ 172.901832][ T5860] loop0: partition table beyond EOD, truncated [ 172.928016][ T5860] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 172.928016][ T5860] ) failed (rc=-5) [ 172.930531][ T5743] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.954776][ T5743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.002183][ T5743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.061992][ T5743] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.096824][ T5743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.132370][ T5743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.370639][ T5661] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.560144][ T5743] hsr_slave_0: entered promiscuous mode [ 173.655208][ T5743] hsr_slave_1: entered promiscuous mode [ 173.879021][ T29] audit: type=1400 audit(1720499070.033:284): avc: denied { ioctl } for pid=5869 comm="syz.2.233" path="socket:[10094]" dev="sockfs" ino=10094 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 173.893504][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.910823][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.934818][ T29] audit: type=1400 audit(1720499070.033:285): avc: denied { bind } for pid=5869 comm="syz.2.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 173.977819][ T29] audit: type=1400 audit(1720499070.043:286): avc: denied { write } for pid=5869 comm="syz.2.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 174.181942][ T5873] Cannot find set identified by id 0 to match [ 174.186584][ T5137] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.195355][ T5137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.286271][ T5875] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 174.292869][ T5875] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 174.429436][ T5875] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 174.468152][ T5875] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 174.530666][ T2472] bridge_slave_1: left allmulticast mode [ 174.543990][ T2472] bridge_slave_1: left promiscuous mode [ 174.563332][ T5875] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 174.566259][ T2472] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.598200][ T5875] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 174.617476][ T2472] bridge_slave_0: left allmulticast mode [ 174.624272][ T2472] bridge_slave_0: left promiscuous mode [ 174.632421][ T5875] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 174.635133][ T2472] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.659624][ T5875] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 175.153614][ T29] audit: type=1400 audit(1720499071.333:287): avc: denied { bind } for pid=5882 comm="syz.1.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 175.265656][ T29] audit: type=1400 audit(1720499071.443:288): avc: denied { connect } for pid=5882 comm="syz.1.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 176.098131][ T2472] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.166471][ T2472] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.229332][ T2472] bond0 (unregistering): Released all slaves [ 176.545605][ T29] audit: type=1400 audit(1720499072.723:289): avc: denied { search } for pid=4748 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 176.577820][ T29] audit: type=1400 audit(1720499072.753:290): avc: denied { read } for pid=4748 comm="dhcpcd" name="n68" dev="tmpfs" ino=2364 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 176.606344][ T29] audit: type=1400 audit(1720499072.753:291): avc: denied { open } for pid=4748 comm="dhcpcd" path="/run/udev/data/n68" dev="tmpfs" ino=2364 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 176.631721][ T29] audit: type=1400 audit(1720499072.753:292): avc: denied { getattr } for pid=4748 comm="dhcpcd" path="/run/udev/data/n68" dev="tmpfs" ino=2364 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 177.407133][ T29] audit: type=1400 audit(1720499073.583:293): avc: denied { read } for pid=5902 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1410 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 177.551374][ T2472] hsr_slave_0: left promiscuous mode [ 177.604702][ T2472] hsr_slave_1: left promiscuous mode [ 177.628454][ T2472] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.658226][ T2472] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.690936][ T2472] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.712601][ T2472] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.844750][ T2472] veth1_macvtap: left promiscuous mode [ 177.864964][ T2472] veth0_macvtap: left promiscuous mode [ 177.871847][ T2472] veth1_vlan: left promiscuous mode [ 177.878662][ T2472] veth0_vlan: left promiscuous mode [ 177.913695][ T5911] vivid-007: disconnect [ 177.934174][ T5909] vivid-007: reconnect [ 179.953138][ T2472] team0 (unregistering): Port device team_slave_1 removed [ 180.095973][ T2472] team0 (unregistering): Port device team_slave_0 removed [ 181.098904][ T5661] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 182.439209][ T5661] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.488028][ T5743] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 182.528640][ T5743] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 182.592837][ T5743] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 182.724288][ T5743] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 183.028458][ T5661] veth0_vlan: entered promiscuous mode [ 183.185057][ T5661] veth1_vlan: entered promiscuous mode [ 183.196262][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 183.196284][ T29] audit: type=1400 audit(1720499079.363:303): avc: denied { getopt } for pid=5969 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 183.363616][ T5661] veth0_macvtap: entered promiscuous mode [ 183.461846][ T5661] veth1_macvtap: entered promiscuous mode [ 183.484312][ T29] audit: type=1400 audit(1720499079.663:304): avc: denied { read write } for pid=5972 comm="syz.3.259" name="uhid" dev="devtmpfs" ino=1083 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 183.539207][ T5743] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.568138][ T29] audit: type=1400 audit(1720499079.693:305): avc: denied { open } for pid=5972 comm="syz.3.259" path="/dev/uhid" dev="devtmpfs" ino=1083 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 183.591684][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.591877][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.591911][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.591944][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.591978][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.592011][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.592043][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.673774][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.735546][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.736233][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.766776][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.769841][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.797769][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.827766][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.840425][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.848230][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.855811][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.863821][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.871632][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.886884][ T5661] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.957865][ T5142] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 183.965353][ T5743] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.969222][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 183.999004][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.022169][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.027739][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.057724][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.057969][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.076133][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.099588][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.107061][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.125523][ T5661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.136813][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.147443][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.157717][ T5661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.169171][ T5142] usb 4-1: config 0 has no interfaces? [ 184.174741][ T5142] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 184.187898][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.189163][ T5661] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.195488][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.195528][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.267882][ T5142] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.285350][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.294716][ T5142] usb 4-1: config 0 descriptor?? [ 184.299670][ T5661] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.299764][ T5661] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.299808][ T5661] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.299850][ T5661] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.316192][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.329962][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.335145][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 184.342573][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.406414][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.424281][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.435022][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.443219][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.461204][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.480609][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.488022][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 184.519134][ T5138] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 184.571712][ T5138] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz0 [ 184.819136][ T9] usb 4-1: USB disconnect, device number 6 [ 185.254036][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.278047][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.449513][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.487818][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.517727][ T29] audit: type=1400 audit(1720499081.693:306): avc: denied { mount } for pid=5661 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 186.049183][ T5743] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.175167][ T6008] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.155'. [ 186.259123][ T6008] net_ratelimit: 192 callbacks suppressed [ 186.259145][ T6008] netlink: zone id is out of range [ 186.310096][ T6008] netlink: zone id is out of range [ 186.360411][ T6008] netlink: zone id is out of range [ 186.389461][ T6008] netlink: zone id is out of range [ 186.394715][ T6008] netlink: zone id is out of range [ 186.487942][ T6008] netlink: zone id is out of range [ 186.573358][ T6008] netlink: zone id is out of range [ 186.599821][ T6008] netlink: zone id is out of range [ 186.615842][ T6008] netlink: zone id is out of range [ 186.638499][ T6008] netlink: zone id is out of range [ 187.546212][ T5743] veth0_vlan: entered promiscuous mode [ 187.594350][ T5743] veth1_vlan: entered promiscuous mode [ 187.751592][ T5743] veth0_macvtap: entered promiscuous mode [ 187.795494][ T5743] veth1_macvtap: entered promiscuous mode [ 187.928010][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.960535][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.997944][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.019707][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.053512][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.084440][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.128512][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.150238][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.190679][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.250556][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.279149][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.290142][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.307828][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.351231][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.367809][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.396445][ T6041] syz.2.271[6041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.396687][ T6041] syz.2.271[6041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.397471][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.493780][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.531653][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.641400][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.667208][ T5743] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.685052][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.699349][ T5743] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.707880][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.730341][ T5743] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.748704][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.758232][ T5743] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.787559][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.820393][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.840728][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.859821][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.883568][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.919656][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.944765][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 188.952668][ T5136] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 188.993949][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.029139][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.072284][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.100319][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.148366][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.158589][ T5136] usb 3-1: config 0 has no interfaces? [ 189.164094][ T5136] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 189.197780][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.212406][ T2472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.230778][ T5136] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.244216][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.254323][ T2472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.262612][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.283880][ T5136] usb 3-1: config 0 descriptor?? [ 189.302098][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.329491][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.369768][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.409415][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.446738][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.487839][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.487913][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.487983][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.488020][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.488057][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.488094][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.488130][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.488167][ T784] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 189.515540][ T784] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 189.882004][ T5136] usb 3-1: USB disconnect, device number 5 [ 189.989583][ T2472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.053278][ T2472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.168914][ T6051] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.274'. [ 191.245136][ T29] audit: type=1400 audit(1720499087.423:307): avc: denied { name_bind } for pid=6074 comm="syz.0.283" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 191.545130][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.811413][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.960535][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.209925][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.929564][ T6093] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.290'. [ 193.260448][ T61] bridge_slave_1: left allmulticast mode [ 193.306875][ T61] bridge_slave_1: left promiscuous mode [ 193.351326][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.453179][ T61] bridge_slave_0: left allmulticast mode [ 193.480106][ T61] bridge_slave_0: left promiscuous mode [ 193.508335][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.545459][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 193.559514][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 193.569663][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 193.581032][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 193.589013][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 193.596469][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 195.091758][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 195.118906][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 195.143797][ T61] bond0 (unregistering): Released all slaves [ 195.629524][ T5088] Bluetooth: hci1: command tx timeout [ 196.344823][ T6142] netlink: 820 bytes leftover after parsing attributes in process `syz.1.308'. [ 196.627716][ T61] hsr_slave_0: left promiscuous mode [ 196.652321][ T61] hsr_slave_1: left promiscuous mode [ 196.682192][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 196.701444][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.725591][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 196.747493][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 196.860886][ T61] veth1_macvtap: left promiscuous mode [ 196.885081][ T61] veth0_macvtap: left promiscuous mode [ 196.896509][ T61] veth1_vlan: left promiscuous mode [ 197.708022][ T5088] Bluetooth: hci1: command tx timeout [ 199.789744][ T5088] Bluetooth: hci1: command tx timeout [ 199.918144][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.924906][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.905722][ T61] team0 (unregistering): Port device team_slave_1 removed [ 201.112531][ T61] team0 (unregistering): Port device team_slave_0 removed [ 201.877846][ T5088] Bluetooth: hci1: command tx timeout [ 202.094037][ T6191] Cannot find set identified by id 0 to match [ 203.110884][ T6172] veth0_vlan: entered allmulticast mode [ 204.297091][ T29] audit: type=1400 audit(1720499100.463:308): avc: denied { shutdown } for pid=6201 comm="syz.1.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 205.145074][ T6098] chnl_net:caif_netlink_parms(): no params data found [ 206.663521][ T6098] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.728647][ T6098] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.763917][ T6098] bridge_slave_0: entered allmulticast mode [ 206.803673][ T6098] bridge_slave_0: entered promiscuous mode [ 206.881903][ T6098] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.907963][ T6098] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.915214][ T6098] bridge_slave_1: entered allmulticast mode [ 207.003340][ T6098] bridge_slave_1: entered promiscuous mode [ 207.585959][ T6098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.681544][ T6098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.344929][ T6098] team0: Port device team_slave_0 added [ 209.460449][ T6098] team0: Port device team_slave_1 added [ 209.769442][ T5099] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 209.789681][ T5099] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 209.808095][ T5099] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 209.917480][ T5099] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 209.928879][ T5099] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 209.937640][ T5099] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.272014][ T6098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.318180][ T6098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.476903][ T6098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.649670][ T6098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.656692][ T6098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.778905][ T6098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.031638][ T5088] Bluetooth: hci2: command tx timeout [ 212.111207][ T6098] hsr_slave_0: entered promiscuous mode [ 212.121772][ T6098] hsr_slave_1: entered promiscuous mode [ 213.267991][ T6098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.337896][ T6098] Cannot create hsr debugfs directory [ 214.107350][ T138] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 214.122277][ T5088] Bluetooth: hci2: command tx timeout [ 214.584738][ T138] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 214.833208][ T138] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.311293][ T138] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.355442][ T29] audit: type=1400 audit(1720499111.533:309): avc: denied { read } for pid=6320 comm="syz.2.351" name="sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 215.446166][ T29] audit: type=1400 audit(1720499111.533:310): avc: denied { open } for pid=6320 comm="syz.2.351" path="/dev/sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 215.501986][ T29] audit: type=1400 audit(1720499111.593:311): avc: denied { rename } for pid=4516 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 215.532269][ T29] audit: type=1400 audit(1720499111.593:312): avc: denied { unlink } for pid=4516 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 215.609557][ T29] audit: type=1400 audit(1720499111.593:313): avc: denied { create } for pid=4516 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 215.656140][ T6327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.351'. [ 215.804839][ T29] audit: type=1400 audit(1720499111.953:314): avc: denied { read } for pid=6320 comm="syz.2.351" name="usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 215.888662][ T29] audit: type=1400 audit(1720499111.953:315): avc: denied { open } for pid=6320 comm="syz.2.351" path="/dev/usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 215.974104][ T29] audit: type=1400 audit(1720499112.023:316): avc: denied { map } for pid=6320 comm="syz.2.351" path="/dev/usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 216.187890][ T5088] Bluetooth: hci2: command tx timeout [ 216.635501][ T6265] chnl_net:caif_netlink_parms(): no params data found [ 218.237674][ C1] sched: RT throttling activated [ 218.375166][ T5088] Bluetooth: hci2: command tx timeout [ 221.105906][ T138] bridge_slave_1: left allmulticast mode [ 221.130596][ T138] bridge_slave_1: left promiscuous mode [ 221.168352][ T138] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.225017][ T138] bridge_slave_0: left allmulticast mode [ 221.249680][ T138] bridge_slave_0: left promiscuous mode [ 221.276445][ T138] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.164879][ T6386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.365'. [ 223.906114][ T138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 223.927581][ T138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 223.978249][ T138] bond0 (unregistering): Released all slaves [ 224.024782][ T6265] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.077361][ T6265] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.118413][ T6265] bridge_slave_0: entered allmulticast mode [ 224.126843][ T6265] bridge_slave_0: entered promiscuous mode [ 224.182676][ T6265] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.207377][ T6265] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.239142][ T6265] bridge_slave_1: entered allmulticast mode [ 224.247258][ T6265] bridge_slave_1: entered promiscuous mode [ 224.699372][ T6405] netlink: 24 bytes leftover after parsing attributes in process `syz.2.371'. [ 224.825254][ T6402] netlink: 12 bytes leftover after parsing attributes in process `syz.2.371'. [ 224.827760][ T29] audit: type=1400 audit(1720499121.003:317): avc: denied { getopt } for pid=6399 comm="syz.2.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 224.872155][ T6402] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.371'. [ 224.909073][ T6402] net_ratelimit: 394 callbacks suppressed [ 224.909096][ T6402] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 224.910018][ T6265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.997287][ T6265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.486280][ T6417] netlink: 'syz.2.377': attribute type 10 has an invalid length. [ 226.766346][ T6417] batman_adv: batadv0: Adding interface: team0 [ 226.851347][ T6417] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.901604][ T6417] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 226.954433][ T6265] team0: Port device team_slave_0 added [ 227.023407][ T6265] team0: Port device team_slave_1 added [ 227.177247][ T29] audit: type=1400 audit(1720499123.353:318): avc: denied { name_bind } for pid=6430 comm="syz.1.381" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 227.236495][ T6098] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 227.304676][ T29] audit: type=1400 audit(1720499123.453:319): avc: denied { create } for pid=6430 comm="syz.1.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 227.409024][ T6098] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 227.674832][ T29] audit: type=1400 audit(1720499123.853:320): avc: denied { read } for pid=6437 comm="syz.2.384" name="cec2" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 227.737832][ T138] hsr_slave_0: left promiscuous mode [ 227.777860][ T29] audit: type=1400 audit(1720499123.853:321): avc: denied { open } for pid=6437 comm="syz.2.384" path="/dev/cec2" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 227.827830][ T138] hsr_slave_1: left promiscuous mode [ 227.851083][ T29] audit: type=1400 audit(1720499123.883:322): avc: denied { append } for pid=6437 comm="syz.2.384" name="cec2" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 227.918018][ T138] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 227.928262][ T138] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 227.957042][ T29] audit: type=1400 audit(1720499123.883:323): avc: denied { ioctl } for pid=6437 comm="syz.2.384" path="/dev/cec2" dev="devtmpfs" ino=879 ioctlcmd=0x6105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 227.989535][ T138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 227.999660][ T138] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 228.052905][ T29] audit: type=1400 audit(1720499124.233:324): avc: denied { write } for pid=6441 comm="syz.1.386" name="virtual_nci" dev="devtmpfs" ino=683 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 228.251396][ T138] veth1_macvtap: left promiscuous mode [ 228.257048][ T138] veth0_macvtap: left promiscuous mode [ 228.288728][ T138] veth1_vlan: left promiscuous mode [ 228.295250][ T138] veth0_vlan: left promiscuous mode [ 228.807877][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 229.025218][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 229.038937][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.073527][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.104302][ T8] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 229.134913][ T8] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 229.159942][ T8] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 229.195679][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 229.212884][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.241944][ T8] usb 3-1: Product: syz [ 229.247419][ T8] usb 3-1: Manufacturer: syz [ 229.265754][ T8] usb 3-1: SerialNumber: syz [ 230.141049][ T138] team0 (unregistering): Port device team_slave_1 removed [ 230.281284][ T138] team0 (unregistering): Port device team_slave_0 removed [ 231.815188][ T6265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.850435][ T6265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.914580][ T6265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.933047][ T6098] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 231.946455][ T6484] netlink: 20 bytes leftover after parsing attributes in process `syz.1.401'. [ 231.978690][ T6098] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 232.028095][ T6265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 232.060517][ T6265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 232.089395][ T8] cdc_ncm 3-1:1.0: bind() failure [ 232.122597][ T8] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 232.146342][ T8] cdc_ncm 3-1:1.1: bind() failure [ 232.157959][ T6265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 232.179790][ T8] usb 3-1: USB disconnect, device number 6 [ 232.653938][ T6265] hsr_slave_0: entered promiscuous mode [ 232.695397][ T6265] hsr_slave_1: entered promiscuous mode [ 233.112504][ T29] audit: type=1400 audit(1720499129.293:325): avc: denied { read } for pid=6504 comm="syz.2.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 233.555295][ T29] audit: type=1400 audit(1720499129.733:326): avc: denied { getopt } for pid=6504 comm="syz.2.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 234.020525][ T6098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.221183][ T6098] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.554283][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.561599][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.671793][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.679126][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.967966][ T29] audit: type=1400 audit(1720499131.143:327): avc: denied { create } for pid=6534 comm="syz.2.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 234.997017][ T6098] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 235.041396][ T6535] Zero length message leads to an empty skb [ 235.554743][ T6265] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 235.629027][ T6265] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 235.707187][ T6265] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 235.810728][ T6265] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 236.072941][ T6098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 236.201465][ T6560] Cannot find set identified by id 0 to match [ 236.427120][ T6098] veth0_vlan: entered promiscuous mode [ 236.566005][ T6098] veth1_vlan: entered promiscuous mode [ 236.970349][ T6098] veth0_macvtap: entered promiscuous mode [ 237.040267][ T6098] veth1_macvtap: entered promiscuous mode [ 237.126981][ T6265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.266929][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.320363][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.337922][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.367030][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.407899][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.430343][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.452976][ T6098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 237.499288][ T6265] 8021q: adding VLAN 0 to HW filter on device team0 [ 237.547526][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.578844][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.601530][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.627056][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.672982][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.724715][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.783713][ T6098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 237.861379][ T6598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.426'. [ 237.974830][ T6098] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.992364][ T6098] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.001372][ T6098] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.010218][ T6098] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.025278][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.032637][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.125190][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.132651][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.671661][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.712950][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.952529][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.006741][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.525542][ T6265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 239.675771][ T6624] kvm: emulating exchange as write [ 239.913866][ T1102] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.400326][ T1102] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.525433][ T6639] netlink: 24 bytes leftover after parsing attributes in process `syz.0.432'. [ 240.580410][ T29] audit: type=1400 audit(1720499136.763:328): avc: denied { write } for pid=6640 comm="syz.1.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 240.609082][ T6642] netlink: 8 bytes leftover after parsing attributes in process `syz.1.433'. [ 240.681214][ T1102] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.914509][ T1102] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.631356][ T6265] veth0_vlan: entered promiscuous mode [ 241.690575][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 241.702545][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 241.712289][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 241.743074][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 241.751519][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 241.762495][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 242.066004][ T6265] veth1_vlan: entered promiscuous mode [ 242.200395][ T1102] bridge_slave_1: left allmulticast mode [ 242.206126][ T1102] bridge_slave_1: left promiscuous mode [ 242.238378][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.345615][ T1102] bridge_slave_0: left allmulticast mode [ 242.363340][ T1102] bridge_slave_0: left promiscuous mode [ 242.412010][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.430941][ T29] audit: type=1400 audit(1720499138.593:329): avc: denied { map } for pid=6680 comm="syz.1.444" path="socket:[14937]" dev="sockfs" ino=14937 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 242.453636][ T6687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.445'. [ 242.715072][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.447'. [ 243.728785][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 243.790149][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 243.828895][ T1102] bond0 (unregistering): Released all slaves [ 243.868800][ T5088] Bluetooth: hci1: command tx timeout [ 245.663792][ T6727] vivid-007: disconnect [ 245.708503][ T6726] vivid-007: reconnect [ 245.852655][ T6734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.456'. [ 245.942577][ T6265] veth0_macvtap: entered promiscuous mode [ 245.969136][ T5088] Bluetooth: hci1: command tx timeout [ 246.159546][ T29] audit: type=1400 audit(1720499142.343:330): avc: denied { getopt } for pid=6737 comm="syz.0.457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 246.164848][ T6265] veth1_macvtap: entered promiscuous mode [ 246.275104][ T1102] hsr_slave_0: left promiscuous mode [ 246.298679][ T1102] hsr_slave_1: left promiscuous mode [ 246.350714][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 246.367940][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.409215][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 246.448827][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 246.561079][ T29] audit: type=1400 audit(1720499142.743:331): avc: denied { ioctl } for pid=6748 comm="syz.1.460" path="/dev/vhost-net" dev="devtmpfs" ino=1084 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 246.591970][ T1102] veth1_macvtap: left promiscuous mode [ 246.618012][ T1102] veth0_macvtap: left promiscuous mode [ 246.623876][ T1102] veth1_vlan: left promiscuous mode [ 246.647943][ T1102] veth0_vlan: left promiscuous mode [ 247.600961][ T6738] syz.0.457: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 247.621969][ T6738] CPU: 1 PID: 6738 Comm: syz.0.457 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 247.632050][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 247.642172][ T6738] Call Trace: [ 247.645485][ T6738] [ 247.648424][ T6738] dump_stack_lvl+0x16c/0x1f0 [ 247.653138][ T6738] warn_alloc+0x24d/0x3a0 [ 247.657611][ T6738] ? __pfx_warn_alloc+0x10/0x10 [ 247.662508][ T6738] ? xt_alloc_entry_offsets+0x3a/0x60 [ 247.667916][ T6738] ? __get_vm_area_node+0x190/0x2d0 [ 247.673158][ T6738] ? __get_vm_area_node+0x1bc/0x2d0 [ 247.678398][ T6738] __vmalloc_node_range_noprof+0xff7/0x1520 [ 247.684374][ T6738] ? xt_alloc_entry_offsets+0x3a/0x60 [ 247.689809][ T6738] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 247.696198][ T6738] ? trace_kmalloc+0x2d/0xe0 [ 247.700823][ T6738] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 247.706568][ T6738] ? xt_alloc_entry_offsets+0x3a/0x60 [ 247.711984][ T6738] kvmalloc_node_noprof+0x14f/0x1a0 [ 247.717214][ T6738] ? xt_alloc_entry_offsets+0x3a/0x60 [ 247.722617][ T6738] xt_alloc_entry_offsets+0x3a/0x60 [ 247.727855][ T6738] translate_table+0x22e/0x1710 [ 247.732773][ T6738] ? __pfx_lock_release+0x10/0x10 [ 247.737862][ T6738] ? __pfx___might_resched+0x10/0x10 [ 247.743170][ T6738] ? __pfx_translate_table+0x10/0x10 [ 247.748491][ T6738] do_ipt_set_ctl+0x605/0xc30 [ 247.753221][ T6738] ? trace_contention_end+0xea/0x140 [ 247.758527][ T6738] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 247.763774][ T6738] ? __pfx___mutex_lock+0x10/0x10 [ 247.768821][ T6738] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 247.774833][ T6738] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 247.780857][ T6738] nf_setsockopt+0x8a/0xf0 [ 247.785333][ T6738] ip_setsockopt+0xcb/0xf0 [ 247.789769][ T6738] tcp_setsockopt+0xa4/0x100 [ 247.794380][ T6738] smc_setsockopt+0x1b4/0xa00 [ 247.799186][ T6738] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 247.805128][ T6738] ? __pfx_smc_setsockopt+0x10/0x10 [ 247.810350][ T6738] ? selinux_socket_setsockopt+0x6a/0x80 [ 247.816011][ T6738] ? __pfx_smc_setsockopt+0x10/0x10 [ 247.821230][ T6738] do_sock_setsockopt+0x222/0x480 [ 247.826284][ T6738] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 247.831890][ T6738] ? __fget_light+0x173/0x210 [ 247.836634][ T6738] __sys_setsockopt+0x1a4/0x270 [ 247.841543][ T6738] ? __pfx___sys_setsockopt+0x10/0x10 [ 247.846941][ T6738] ? xfd_validate_state+0x5d/0x180 [ 247.852084][ T6738] __x64_sys_setsockopt+0xbd/0x160 [ 247.857221][ T6738] ? do_syscall_64+0x91/0x250 [ 247.861924][ T6738] ? lockdep_hardirqs_on+0x7c/0x110 [ 247.867141][ T6738] do_syscall_64+0xcd/0x250 [ 247.871723][ T6738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.877668][ T6738] RIP: 0033:0x7f64fbf75bd9 [ 247.882144][ T6738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.901797][ T6738] RSP: 002b:00007f64fcc8d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 247.910237][ T6738] RAX: ffffffffffffffda RBX: 00007f64fc103f60 RCX: 00007f64fbf75bd9 [ 247.918226][ T6738] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 247.926213][ T6738] RBP: 00007f64fbfe4e60 R08: 0000000000000298 R09: 0000000000000000 [ 247.934203][ T6738] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000000 [ 247.942202][ T6738] R13: 000000000000000b R14: 00007f64fc103f60 R15: 00007ffde446e1b8 [ 247.950213][ T6738] [ 247.958230][ T6738] Mem-Info: [ 247.961403][ T6738] active_anon:4473 inactive_anon:0 isolated_anon:0 [ 247.961403][ T6738] active_file:13008 inactive_file:38457 isolated_file:0 [ 247.961403][ T6738] unevictable:768 dirty:147 writeback:0 [ 247.961403][ T6738] slab_reclaimable:9901 slab_unreclaimable:95474 [ 247.961403][ T6738] mapped:13877 shmem:1233 pagetables:837 [ 247.961403][ T6738] sec_pagetables:0 bounce:0 [ 247.961403][ T6738] kernel_misc_reclaimable:0 [ 247.961403][ T6738] free:1380900 free_pcp:1273 free_cma:0 [ 248.014511][ T6738] Node 0 active_anon:17892kB inactive_anon:0kB active_file:52032kB inactive_file:153756kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:55508kB dirty:584kB writeback:0kB shmem:3396kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10068kB pagetables:3348kB sec_pagetables:0kB all_unreclaimable? no [ 248.048937][ T5088] Bluetooth: hci1: command tx timeout [ 248.058774][ T6738] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 248.092945][ T6738] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 248.122005][ T6738] lowmem_reserve[]: 0 2565 2567 0 0 [ 248.127350][ T6738] Node 0 DMA32 free:1556076kB boost:0kB min:35052kB low:43812kB high:52572kB reserved_highatomic:0KB active_anon:17864kB inactive_anon:0kB active_file:52032kB inactive_file:151940kB unevictable:1536kB writepending:580kB present:3129332kB managed:2654748kB mlocked:0kB bounce:0kB free_pcp:5120kB local_pcp:312kB free_cma:0kB [ 248.160825][ T6738] lowmem_reserve[]: 0 0 1 0 0 [ 248.165654][ T6738] Node 0 Normal free:24kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:1816kB unevictable:0kB writepending:4kB present:1048576kB managed:1896kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:28kB free_cma:0kB [ 248.202079][ T6738] lowmem_reserve[]: 0 0 0 0 0 [ 248.207104][ T6738] Node 1 Normal free:3952336kB boost:0kB min:54828kB low:68532kB high:82236kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 248.239761][ T6738] lowmem_reserve[]: 0 0 0 0 0 [ 248.244577][ T6738] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 248.262564][ T6738] Node 0 DMA32: 785*4kB (UME) 794*8kB (ME) 703*16kB (UME) 483*32kB (UME) 346*64kB (UME) 48*128kB (ME) 14*256kB (M) 13*512kB (UME) 3*1024kB (UM) 4*2048kB (UM) 359*4096kB (M) = 1556452kB [ 248.282870][ T6738] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 248.295479][ T6738] Node 1 Normal: 2*4kB (UM) 5*8kB (UM) 4*16kB (UM) 9*32kB (UM) 3*64kB (U) 3*128kB (U) 5*256kB (UM) 3*512kB (UM) 2*1024kB (U) 1*2048kB (U) 963*4096kB (UM) = 3952336kB [ 248.315314][ T6738] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 248.332505][ T6738] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 248.344687][ T6738] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 248.355734][ T6738] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 248.365320][ T6738] 52698 total pagecache pages [ 248.370222][ T6738] 0 pages in swap cache [ 248.374416][ T6738] Free swap = 124728kB [ 248.378861][ T6738] Total swap = 124996kB [ 248.383091][ T6738] 2097051 pages RAM [ 248.386937][ T6738] 0 pages HighMem/MovableOnly [ 248.391835][ T6738] 401770 pages reserved [ 248.396175][ T6738] 0 pages cma reserved [ 248.457159][ T1102] team0 (unregistering): Port device team_slave_1 removed [ 248.516271][ T1102] team0 (unregistering): Port device team_slave_0 removed [ 250.108429][ T5088] Bluetooth: hci1: command tx timeout [ 250.202522][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.208338][ T6773] vivid-007: disconnect [ 250.231498][ T6772] vivid-007: reconnect [ 250.244260][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.285205][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.325701][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.351696][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.384901][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.424742][ T6265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.530876][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.597822][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.619484][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.635672][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.654896][ T6265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.666834][ T6265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.874451][ T6265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 251.225470][ T6667] chnl_net:caif_netlink_parms(): no params data found [ 251.605449][ T6786] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 251.638537][ T6265] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.647305][ T6265] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.767812][ T6265] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.797050][ T6265] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.979521][ T6795] sctp: [Deprecated]: syz.1.471 (pid 6795) Use of struct sctp_assoc_value in delayed_ack socket option. [ 251.979521][ T6795] Use struct sctp_sack_info instead [ 252.117778][ T1154] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 252.236649][ T6667] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.263313][ T6667] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.278752][ T6667] bridge_slave_0: entered allmulticast mode [ 252.379456][ T6667] bridge_slave_0: entered promiscuous mode [ 252.614848][ T6667] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.629605][ T1154] usb 1-1: config 0 has no interfaces? [ 252.637785][ T1154] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 252.646882][ T1154] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.656159][ T6667] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.682353][ T1154] usb 1-1: config 0 descriptor?? [ 252.685466][ T6667] bridge_slave_1: entered allmulticast mode [ 252.753629][ T6667] bridge_slave_1: entered promiscuous mode [ 252.901632][ T1154] usb 1-1: USB disconnect, device number 2 [ 253.046187][ T6667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.081128][ T6667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.253750][ T6667] team0: Port device team_slave_0 added [ 253.395072][ T6667] team0: Port device team_slave_1 added [ 253.731526][ T6667] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.750874][ T6667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.797136][ T6667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.852566][ T6667] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.877905][ T6667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.938019][ T5142] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 253.950579][ T6667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.008484][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.016390][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.158800][ T5142] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 254.174785][ T5142] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.241771][ T5142] usb 1-1: config 0 descriptor?? [ 254.262359][ T5142] cp210x 1-1:0.0: cp210x converter detected [ 254.340681][ T6667] hsr_slave_0: entered promiscuous mode [ 254.366353][ T6667] hsr_slave_1: entered promiscuous mode [ 254.377036][ T6667] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 254.395169][ T6667] Cannot create hsr debugfs directory [ 254.405822][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.428215][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.687837][ T5142] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 254.991174][ T5142] usb 1-1: cp210x converter now attached to ttyUSB0 [ 255.142401][ T5142] usb 1-1: USB disconnect, device number 3 [ 255.196016][ T5142] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 255.233727][ T6835] netlink: 12 bytes leftover after parsing attributes in process `syz.4.333'. [ 255.270224][ T5142] cp210x 1-1:0.0: device disconnected [ 256.169720][ T29] audit: type=1400 audit(1720499152.323:332): avc: denied { ioctl } for pid=6851 comm="syz.2.478" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 256.263353][ T6853] binder: 6851:6853 ioctl 5514 0 returned -22 [ 256.331093][ T6853] binder: 6851:6853 ioctl c0306201 0 returned -14 [ 256.416760][ T29] audit: type=1400 audit(1720499152.323:333): avc: denied { set_context_mgr } for pid=6851 comm="syz.2.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 256.469090][ T6858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.479'. [ 256.516312][ T29] audit: type=1400 audit(1720499152.423:334): avc: denied { map } for pid=6851 comm="syz.2.478" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 256.731941][ T6863] sctp: [Deprecated]: syz.2.481 (pid 6863) Use of struct sctp_assoc_value in delayed_ack socket option. [ 256.731941][ T6863] Use struct sctp_sack_info instead [ 257.278106][ T1154] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 259.895225][ T1154] usb 2-1: config 0 has no interfaces? [ 259.898384][ T6877] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 259.907701][ T6877] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 259.909990][ T1154] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 259.937795][ T1154] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.109168][ T6877] vhci_hcd vhci_hcd.0: Device attached [ 260.151986][ T1154] usb 2-1: config 0 descriptor?? [ 260.223071][ T1154] usb 2-1: can't set config #0, error -71 [ 260.326826][ T1154] usb 2-1: USB disconnect, device number 4 [ 260.357976][ T5141] vhci_hcd: vhci_device speed not set [ 260.390729][ T6667] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 260.461987][ T6667] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 260.487845][ T5141] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 260.523064][ T6667] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 260.602039][ T6667] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 261.024249][ T6891] netlink: 12 bytes leftover after parsing attributes in process `syz.1.487'. [ 261.316887][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.324738][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.387750][ T6884] vhci_hcd: connection reset by peer [ 261.448581][ T2472] vhci_hcd: stop threads [ 261.454434][ T2472] vhci_hcd: release socket [ 261.507152][ T2472] vhci_hcd: disconnect device [ 261.580708][ T6667] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.795165][ T6667] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.902266][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.909634][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.970925][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.978247][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.303588][ T6667] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 263.748077][ T29] audit: type=1400 audit(1720499159.923:335): avc: denied { read } for pid=6922 comm="syz.4.495" name="nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 263.854207][ T29] audit: type=1400 audit(1720499159.953:336): avc: denied { open } for pid=6922 comm="syz.4.495" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 264.323249][ T6667] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.527848][ T25] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 264.587579][ T6667] veth0_vlan: entered promiscuous mode [ 264.653091][ T6667] veth1_vlan: entered promiscuous mode [ 264.743065][ T25] usb 3-1: config 0 has no interfaces? [ 264.758105][ T25] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 264.807988][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.846024][ T29] audit: type=1400 audit(1720499161.003:337): avc: denied { search } for pid=4516 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 264.893283][ T6667] veth0_macvtap: entered promiscuous mode [ 264.907622][ T25] usb 3-1: config 0 descriptor?? [ 264.918319][ T6938] netlink: 4 bytes leftover after parsing attributes in process `syz.1.499'. [ 265.028022][ T6667] veth1_macvtap: entered promiscuous mode [ 265.059270][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.070710][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.080731][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.091855][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.102780][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.115328][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.144718][ T25] usb 3-1: USB disconnect, device number 7 [ 265.175628][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.202609][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.265227][ T6667] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.354465][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.404415][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.446810][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.493806][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.541636][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.595034][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.614797][ T6667] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.635605][ T6667] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.648899][ T5141] vhci_hcd: vhci_device speed not set [ 265.663696][ T6667] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.703107][ T6667] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.717824][ T5137] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 265.736997][ T6667] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.754948][ T6667] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.770655][ T6667] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.928579][ T5137] usb 1-1: Using ep0 maxpacket: 32 [ 265.937238][ T5137] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 265.980811][ T5137] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.019062][ T5137] usb 1-1: config 0 descriptor?? [ 266.091305][ T5137] as10x_usb: device has been detected [ 266.120105][ T5137] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 266.213270][ T5137] usb 1-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 266.252532][ T3829] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.301825][ T3829] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.694086][ T5137] as10x_usb: error during firmware upload part1 [ 266.968020][ T5137] Registered device nBox DVB-T Dongle [ 267.117941][ T5137] usb 1-1: USB disconnect, device number 4 [ 267.479075][ T5137] Unregistered device nBox DVB-T Dongle [ 267.501045][ T5137] as10x_usb: device has been disconnected [ 267.578791][ T138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.628576][ T138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.001413][ T5137] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 268.142540][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.512'. [ 268.576210][ T1102] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.694253][ T6992] syz.4.510[6992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.694493][ T6992] syz.4.510[6992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.723533][ T1102] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.745525][ T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 268.900953][ T1102] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.960916][ T8] usb 2-1: config 0 has no interfaces? [ 268.970311][ T8] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 269.007701][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.033333][ T8] usb 2-1: config 0 descriptor?? [ 269.156089][ T1102] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.304099][ T9] usb 2-1: USB disconnect, device number 5 [ 269.800214][ T1102] bridge_slave_1: left allmulticast mode [ 269.827010][ T1102] bridge_slave_1: left promiscuous mode [ 269.863371][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.949947][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 269.960953][ T1102] bridge_slave_0: left allmulticast mode [ 269.961693][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 269.967288][ T1102] bridge_slave_0: left promiscuous mode [ 270.007907][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 270.025784][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 270.046740][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 270.055616][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 270.112638][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.343131][ T5088] Bluetooth: hci1: command tx timeout [ 273.076684][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 273.108512][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 273.136483][ T1102] bond0 (unregistering): Released all slaves [ 274.427773][ T5088] Bluetooth: hci1: command tx timeout [ 274.585314][ T1102] hsr_slave_0: left promiscuous mode [ 274.641235][ T1102] hsr_slave_1: left promiscuous mode [ 274.662535][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 274.692993][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 274.739730][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 274.747186][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 274.890222][ T1102] veth1_macvtap: left promiscuous mode [ 274.912840][ T1102] veth0_macvtap: left promiscuous mode [ 274.948083][ T1102] veth1_vlan: left promiscuous mode [ 274.963990][ T1102] veth0_vlan: left promiscuous mode [ 275.220683][ T29] audit: type=1400 audit(1720499171.403:338): avc: denied { bind } for pid=7083 comm="syz.2.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 275.417180][ T29] audit: type=1400 audit(1720499171.403:339): avc: denied { name_bind } for pid=7083 comm="syz.2.543" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 275.605391][ T29] audit: type=1400 audit(1720499171.403:340): avc: denied { node_bind } for pid=7083 comm="syz.2.543" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 275.763804][ T29] audit: type=1400 audit(1720499171.513:341): avc: denied { listen } for pid=7083 comm="syz.2.543" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 275.812955][ T29] audit: type=1400 audit(1720499171.523:342): avc: denied { accept } for pid=7083 comm="syz.2.543" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 275.954282][ T7093] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.546'. [ 276.002719][ T7093] netlink: zone id is out of range [ 276.014072][ T7093] netlink: zone id is out of range [ 276.022893][ T7093] netlink: zone id is out of range [ 276.030279][ T7093] netlink: zone id is out of range [ 276.035920][ T7093] netlink: zone id is out of range [ 276.042856][ T7093] netlink: zone id is out of range [ 276.054340][ T7093] netlink: zone id is out of range [ 276.062549][ T7093] netlink: zone id is out of range [ 276.071646][ T7093] netlink: zone id is out of range [ 276.077310][ T7093] netlink: zone id is out of range [ 276.517888][ T5088] Bluetooth: hci1: command tx timeout [ 276.667525][ T1102] team0 (unregistering): Port device team_slave_1 removed [ 276.792724][ T1102] team0 (unregistering): Port device team_slave_0 removed [ 277.541622][ T7078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.541'. [ 277.633256][ T7102] netlink: 64 bytes leftover after parsing attributes in process `syz.4.548'. [ 277.969571][ T7113] sctp: [Deprecated]: syz.0.551 (pid 7113) Use of struct sctp_assoc_value in delayed_ack socket option. [ 277.969571][ T7113] Use struct sctp_sack_info instead [ 278.699813][ T5088] Bluetooth: hci1: command tx timeout [ 279.018802][ T7005] chnl_net:caif_netlink_parms(): no params data found [ 279.752115][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.4.557'. [ 280.111523][ T7141] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.558'. [ 280.267530][ T7005] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.329174][ T7005] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.378222][ T7005] bridge_slave_0: entered allmulticast mode [ 280.435488][ T7005] bridge_slave_0: entered promiscuous mode [ 280.494620][ T7148] netlink: 20 bytes leftover after parsing attributes in process `syz.4.559'. [ 280.597970][ T7005] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.647917][ T7005] bridge0: port 2(bridge_slave_1) entered disabled state [ 280.655265][ T7005] bridge_slave_1: entered allmulticast mode [ 280.702916][ T7005] bridge_slave_1: entered promiscuous mode [ 281.001080][ T7005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 281.061026][ T7005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 281.302091][ T7170] sctp: [Deprecated]: syz.2.565 (pid 7170) Use of struct sctp_assoc_value in delayed_ack socket option. [ 281.302091][ T7170] Use struct sctp_sack_info instead [ 281.322405][ T7005] team0: Port device team_slave_0 added [ 281.369212][ T7005] team0: Port device team_slave_1 added [ 281.524625][ T7005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 281.552301][ T7005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 281.633739][ T7005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 281.768929][ T7005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 281.799201][ T7005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 281.865894][ T7005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 282.424206][ T7005] hsr_slave_0: entered promiscuous mode [ 282.443222][ T7005] hsr_slave_1: entered promiscuous mode [ 282.773987][ T5088] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 282.783645][ T5088] Bluetooth: hci2: Injecting HCI hardware error event [ 282.793976][ T5099] Bluetooth: hci2: hardware error 0x00 [ 283.027182][ T7005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 283.090564][ T7005] Cannot create hsr debugfs directory [ 283.379742][ T7196] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.573'. [ 283.458416][ T7196] net_ratelimit: 394 callbacks suppressed [ 283.458442][ T7196] netlink: zone id is out of range [ 283.517046][ T7196] netlink: zone id is out of range [ 283.579849][ T7196] netlink: zone id is out of range [ 283.585045][ T7196] netlink: zone id is out of range [ 283.636773][ T7196] netlink: zone id is out of range [ 283.686824][ T7196] netlink: zone id is out of range [ 283.751767][ T7196] netlink: zone id is out of range [ 283.803120][ T7196] netlink: zone id is out of range [ 283.836307][ T7196] netlink: zone id is out of range [ 283.877389][ T7196] netlink: zone id is out of range [ 285.294318][ T5099] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 286.180937][ T7005] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 286.234964][ T7005] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 286.397830][ T7005] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 286.471091][ T7257] binder: 7256:7257 ioctl c0306201 0 returned -14 [ 286.549771][ T7005] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 286.919477][ T7262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.590'. [ 287.376871][ T7005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 287.387151][ T7270] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.591'. [ 287.480745][ T7005] 8021q: adding VLAN 0 to HW filter on device team0 [ 287.571244][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.578578][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 287.733628][ T5137] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.740941][ T5137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 288.780906][ T7005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 288.804879][ T7304] binder: 7301:7304 ioctl c0306201 0 returned -14 [ 289.598723][ T7005] veth0_vlan: entered promiscuous mode [ 289.703306][ T7005] veth1_vlan: entered promiscuous mode [ 289.908507][ T7005] veth0_macvtap: entered promiscuous mode [ 289.964178][ T7005] veth1_macvtap: entered promiscuous mode [ 291.313819][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.355052][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.375339][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.404029][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.437362][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.467088][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.512441][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.552419][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.599224][ T7005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 291.657295][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.914514][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.267195][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.328436][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.367452][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.414734][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.455479][ T7005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 292.495195][ T7005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 292.511376][ T7005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 292.561834][ T7005] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.589192][ T7005] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.623110][ T7005] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.656632][ T7005] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.979643][ T7351] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.606'. [ 293.050687][ T7351] net_ratelimit: 394 callbacks suppressed [ 293.050710][ T7351] netlink: zone id is out of range [ 293.143514][ T7351] netlink: zone id is out of range [ 293.187382][ T7351] netlink: zone id is out of range [ 293.223554][ T7351] netlink: zone id is out of range [ 293.249118][ T7351] netlink: zone id is out of range [ 293.298968][ T7351] netlink: zone id is out of range [ 293.347993][ T7351] netlink: zone id is out of range [ 293.395369][ T7351] netlink: zone id is out of range [ 293.415468][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 293.426832][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 293.443110][ T7351] netlink: zone id is out of range [ 293.474692][ T7363] binder: 7362:7363 ioctl c0306201 0 returned -14 [ 293.753239][ T7351] netlink: zone id is out of range [ 294.191903][ T3829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 294.403832][ T3829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 294.412668][ T7371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.613'. [ 296.937784][ T5141] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 297.411463][ T5141] usb 1-1: config 0 has no interfaces? [ 297.417052][ T5141] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 297.445869][ T5141] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.487880][ T5141] usb 1-1: config 0 descriptor?? [ 297.755522][ T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.929562][ T5141] usb 1-1: USB disconnect, device number 6 [ 298.010958][ T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.152713][ T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.271922][ T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.567007][ T36] bridge_slave_1: left allmulticast mode [ 298.607699][ T36] bridge_slave_1: left promiscuous mode [ 298.613632][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.700473][ T36] bridge_slave_0: left allmulticast mode [ 298.737180][ T36] bridge_slave_0: left promiscuous mode [ 298.745261][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.463671][ T7435] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.626'. [ 300.888994][ T5088] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 300.906372][ T5088] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 300.918016][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 300.929787][ T5088] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 300.950062][ T5088] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 300.957732][ T5088] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 301.130371][ T7455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.628'. [ 302.664918][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 302.691211][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 302.704866][ T36] bond0 (unregistering): Released all slaves [ 302.754573][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.632'. [ 302.787896][ T7465] netlink: 19 bytes leftover after parsing attributes in process `syz.2.632'. [ 303.043265][ T7474] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 303.068286][ T5088] Bluetooth: hci1: command tx timeout [ 304.142319][ T7492] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.641'. [ 304.193452][ T7492] net_ratelimit: 192 callbacks suppressed [ 304.193495][ T7492] netlink: zone id is out of range [ 304.242323][ T7492] netlink: zone id is out of range [ 304.279123][ T7492] netlink: zone id is out of range [ 304.298727][ T7492] netlink: zone id is out of range [ 305.147798][ T5088] Bluetooth: hci1: command tx timeout [ 305.345321][ T7492] netlink: zone id is out of range [ 305.355623][ T7492] netlink: zone id is out of range [ 305.361003][ T7492] netlink: zone id is out of range [ 305.366137][ T7492] netlink: zone id is out of range [ 305.371437][ T7492] netlink: zone id is out of range [ 305.376572][ T7492] netlink: zone id is out of range [ 305.503708][ T36] hsr_slave_0: left promiscuous mode [ 305.607989][ T36] hsr_slave_1: left promiscuous mode [ 305.655922][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 305.693845][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 305.741601][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 305.792523][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 305.968919][ T36] veth1_macvtap: left promiscuous mode [ 305.994373][ T36] veth0_macvtap: left promiscuous mode [ 306.025943][ T36] veth1_vlan: left promiscuous mode [ 306.071339][ T36] veth0_vlan: left promiscuous mode [ 306.252893][ T7510] netlink: 100 bytes leftover after parsing attributes in process `syz.4.644'. [ 307.237936][ T5088] Bluetooth: hci1: command tx timeout [ 307.898260][ T36] team0 (unregistering): Port device team_slave_1 removed [ 307.961165][ T36] team0 (unregistering): Port device team_slave_0 removed [ 309.307943][ T5088] Bluetooth: hci1: command tx timeout [ 309.703048][ T7547] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.654'. [ 309.865367][ T7548] netlink: 100 bytes leftover after parsing attributes in process `syz.0.655'. [ 310.293298][ T7446] chnl_net:caif_netlink_parms(): no params data found [ 311.404259][ T7446] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.419298][ T7446] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.427537][ T7446] bridge_slave_0: entered allmulticast mode [ 311.469898][ T7446] bridge_slave_0: entered promiscuous mode [ 311.506048][ T7446] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.532501][ T7446] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.561949][ T7446] bridge_slave_1: entered allmulticast mode [ 311.612590][ T7446] bridge_slave_1: entered promiscuous mode [ 311.942728][ T7446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 312.008890][ T7446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 312.220566][ T7446] team0: Port device team_slave_0 added [ 312.251072][ T7446] team0: Port device team_slave_1 added [ 312.472683][ T7446] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 312.486035][ T7446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 312.522219][ T7446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 312.547232][ T7446] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 312.568149][ T7446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 312.615668][ T7446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 312.623738][ T7609] netlink: 100 bytes leftover after parsing attributes in process `syz.2.668'. [ 313.086123][ T7446] hsr_slave_0: entered promiscuous mode [ 313.125038][ T7446] hsr_slave_1: entered promiscuous mode [ 313.154872][ T7446] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 313.167026][ T7446] Cannot create hsr debugfs directory [ 313.289915][ T7622] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.671'. [ 316.371566][ T7664] netlink: 100 bytes leftover after parsing attributes in process `syz.4.681'. [ 316.963720][ T7446] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 317.020496][ T7446] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 317.100302][ T7446] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 317.186989][ T7446] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 317.556708][ T7691] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.688'. [ 317.599668][ T7691] net_ratelimit: 192 callbacks suppressed [ 317.599694][ T7691] netlink: zone id is out of range [ 317.670341][ T7691] netlink: zone id is out of range [ 317.693040][ T7691] netlink: zone id is out of range [ 317.718129][ T7691] netlink: zone id is out of range [ 317.758124][ T7691] netlink: zone id is out of range [ 317.769517][ T7691] netlink: zone id is out of range [ 317.774686][ T7691] netlink: zone id is out of range [ 317.929124][ T7691] netlink: zone id is out of range [ 317.934311][ T7691] netlink: zone id is out of range [ 317.947926][ T7446] 8021q: adding VLAN 0 to HW filter on device bond0 [ 317.995659][ T7691] netlink: zone id is out of range [ 318.043641][ T7446] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.082016][ T5140] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.089321][ T5140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.549621][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.556987][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.036330][ T7446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 320.375300][ T7733] Cannot find set identified by id 0 to match [ 320.509965][ T7446] veth0_vlan: entered promiscuous mode [ 320.595968][ T7446] veth1_vlan: entered promiscuous mode [ 320.999716][ T7446] veth0_macvtap: entered promiscuous mode [ 321.052711][ T7446] veth1_macvtap: entered promiscuous mode [ 321.217091][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 321.277929][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.297728][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 321.327871][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.371008][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 321.579613][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.110671][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 322.176956][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.421184][ T7446] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 322.569215][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 322.617331][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.656160][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 322.756553][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.764652][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.899776][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.997675][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.348561][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.477917][ T7446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.565245][ T7446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.652446][ T7446] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 323.745425][ T7446] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.867741][ T7446] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.876524][ T7446] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.886788][ T7446] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 324.427905][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 324.435804][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.493877][ T5099] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 324.514525][ T5099] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 324.527256][ T5099] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 324.539696][ T5099] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 324.554496][ T5099] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 324.568384][ T5099] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 324.854411][ T2472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 324.892307][ T2472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.527913][ T5141] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 325.728877][ T5141] usb 3-1: Using ep0 maxpacket: 16 [ 325.739399][ T5141] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 325.767759][ T5141] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 325.807949][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.844708][ T5141] usb 3-1: config 0 descriptor?? [ 326.082743][ T7807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 326.152694][ T7807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.372075][ T33] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.423158][ T7807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 326.439767][ T7807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.629732][ T5141] hid (null): report_id 2838798905 is invalid [ 326.655744][ T5141] hid (null): unknown global tag 0xc [ 326.668457][ T5099] Bluetooth: hci4: command tx timeout [ 326.806539][ T5141] hid (null): unknown global tag 0xa5 [ 326.817762][ T5141] hid (null): unknown global tag 0xd [ 326.836905][ T5141] hid-generic 0003:0158:0100.0006: unknown main item tag 0x1 [ 326.875368][ T5141] hid-generic 0003:0158:0100.0006: unexpected long global item [ 326.897948][ T5141] hid-generic 0003:0158:0100.0006: probe with driver hid-generic failed with error -22 [ 327.005640][ T33] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.049823][ T5141] usb 3-1: USB disconnect, device number 8 [ 328.319810][ T33] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.406903][ T7789] chnl_net:caif_netlink_parms(): no params data found [ 328.598534][ T33] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.639522][ T7835] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.718'. [ 328.678503][ T7835] net_ratelimit: 193 callbacks suppressed [ 328.678527][ T7835] netlink: zone id is out of range [ 328.747909][ T5099] Bluetooth: hci4: command tx timeout [ 328.753665][ T7835] netlink: zone id is out of range [ 328.789612][ T7835] netlink: zone id is out of range [ 328.794975][ T7835] netlink: zone id is out of range [ 328.827714][ T7835] netlink: zone id is out of range [ 328.870269][ T7835] netlink: zone id is out of range [ 329.100927][ T7835] netlink: zone id is out of range [ 329.117765][ T7835] netlink: zone id is out of range [ 329.123011][ T7835] netlink: zone id is out of range [ 329.128903][ T7835] netlink: zone id is out of range [ 330.118991][ T5088] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 330.132504][ T5088] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 330.143988][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 330.160474][ T5088] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 330.170030][ T5088] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 330.177537][ T5088] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 330.821115][ T7789] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.827893][ T5088] Bluetooth: hci4: command tx timeout [ 330.845864][ T7789] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.868302][ T7789] bridge_slave_0: entered allmulticast mode [ 330.880453][ T7789] bridge_slave_0: entered promiscuous mode [ 330.900170][ T7789] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.933184][ T7789] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.944897][ T7789] bridge_slave_1: entered allmulticast mode [ 330.963805][ T7789] bridge_slave_1: entered promiscuous mode [ 331.393794][ T7789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 331.404731][ T33] bridge_slave_1: left allmulticast mode [ 331.415062][ T33] bridge_slave_1: left promiscuous mode [ 331.424378][ T33] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.490957][ T33] bridge_slave_0: left allmulticast mode [ 331.496685][ T33] bridge_slave_0: left promiscuous mode [ 331.526898][ T33] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.274617][ T5088] Bluetooth: hci1: command tx timeout [ 332.483444][ T33] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 332.499975][ T33] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 332.515386][ T33] bond0 (unregistering): Released all slaves [ 332.562830][ T7789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 332.907850][ T5088] Bluetooth: hci4: command tx timeout [ 334.347937][ T5088] Bluetooth: hci1: command tx timeout [ 334.714797][ T7789] team0: Port device team_slave_0 added [ 334.786386][ T7789] team0: Port device team_slave_1 added [ 335.119700][ T7907] netlink: 'syz.2.735': attribute type 29 has an invalid length. [ 335.216974][ T7789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.231301][ T7789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.288277][ T7789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.312085][ T7907] netlink: 'syz.2.735': attribute type 29 has an invalid length. [ 335.411849][ T7789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.423646][ T7789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.460163][ T7789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 335.501293][ T7912] netlink: 'syz.2.735': attribute type 29 has an invalid length. [ 335.511080][ T7917] netlink: 'syz.2.735': attribute type 29 has an invalid length. [ 335.520873][ T7907] netlink: 'syz.2.735': attribute type 29 has an invalid length. [ 335.634744][ T33] hsr_slave_0: left promiscuous mode [ 335.652307][ T33] hsr_slave_1: left promiscuous mode [ 335.687092][ T33] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 335.706849][ T33] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 335.718928][ T33] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 335.726381][ T33] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 335.796277][ T33] veth1_macvtap: left promiscuous mode [ 335.820461][ T33] veth0_macvtap: left promiscuous mode [ 335.840278][ T33] veth1_vlan: left promiscuous mode [ 335.845729][ T33] veth0_vlan: left promiscuous mode [ 336.451109][ T5088] Bluetooth: hci1: command tx timeout [ 338.508404][ T5088] Bluetooth: hci1: command tx timeout [ 339.766535][ T29] audit: type=1400 audit(1720499235.943:343): avc: denied { create } for pid=7951 comm="syz.0.743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 339.867987][ T29] audit: type=1400 audit(1720499235.973:344): avc: denied { ioctl } for pid=7951 comm="syz.0.743" path="socket:[23345]" dev="sockfs" ino=23345 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 340.407790][ T1154] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 340.586301][ T33] team0 (unregistering): Port device team_slave_1 removed [ 340.600580][ T1154] usb 1-1: config index 0 descriptor too short (expected 65191, got 72) [ 340.610995][ T1154] usb 1-1: config index 1 descriptor too short (expected 65191, got 72) [ 340.622088][ T1154] usb 1-1: config index 2 descriptor too short (expected 65191, got 72) [ 340.639082][ T1154] usb 1-1: config index 3 descriptor too short (expected 65191, got 72) [ 340.662466][ T1154] usb 1-1: config index 4 descriptor too short (expected 65191, got 72) [ 340.675959][ T1154] usb 1-1: config index 5 descriptor too short (expected 65191, got 72) [ 340.676092][ T33] team0 (unregistering): Port device team_slave_0 removed [ 340.689538][ T1154] usb 1-1: config index 6 descriptor too short (expected 65191, got 72) [ 340.709481][ T1154] usb 1-1: config index 7 descriptor too short (expected 65191, got 72) [ 340.721338][ T1154] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 340.731110][ T1154] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.739555][ T1154] usb 1-1: Product: syz [ 340.743978][ T1154] usb 1-1: Manufacturer: syz [ 340.749670][ T1154] usb 1-1: SerialNumber: syz [ 340.811905][ T1154] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 340.927907][ T9] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 342.759414][ T9] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 347.328027][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 347.345357][ T5099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 347.355180][ T5099] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 347.381914][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 347.391686][ T5099] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 347.399466][ T5099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 347.429516][ C0] hrtimer: interrupt took 15145601 ns [ 349.470074][ T5099] Bluetooth: hci0: command tx timeout [ 350.761950][ T5088] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 350.773015][ T5088] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 350.782272][ T5088] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 350.791726][ T5088] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 350.801764][ T5088] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 350.810072][ T5088] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 351.548176][ T5088] Bluetooth: hci0: command tx timeout [ 352.775501][ T5099] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 352.785802][ T5099] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 352.795681][ T5099] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 352.809916][ T5099] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 352.828857][ T5099] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 352.840453][ T5099] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 352.907909][ T5099] Bluetooth: hci6: command tx timeout [ 353.627912][ T5099] Bluetooth: hci0: command tx timeout [ 354.908236][ T5099] Bluetooth: hci7: command tx timeout [ 354.994308][ T5099] Bluetooth: hci6: command tx timeout [ 355.707927][ T5099] Bluetooth: hci0: command tx timeout [ 356.987920][ T5099] Bluetooth: hci7: command tx timeout [ 357.067770][ T5099] Bluetooth: hci6: command tx timeout [ 359.067973][ T5099] Bluetooth: hci7: command tx timeout [ 359.147878][ T5099] Bluetooth: hci6: command tx timeout [ 361.753256][ T9] ath9k_htc: Failed to initialize the device [ 361.766935][ T5099] Bluetooth: hci7: command tx timeout [ 368.165343][ T7789] hsr_slave_0: entered promiscuous mode [ 368.383743][ T7789] hsr_slave_1: entered promiscuous mode [ 368.876319][ T7789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 368.908180][ T7789] Cannot create hsr debugfs directory [ 373.537534][ T7845] chnl_net:caif_netlink_parms(): no params data found [ 383.313280][ T5088] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 383.332290][ T5088] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 383.341003][ T5088] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 383.358986][ T5088] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 383.367183][ T5088] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 383.374928][ T5088] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 384.596427][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.602989][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.478114][ T5088] Bluetooth: hci3: command tx timeout [ 387.558073][ T5088] Bluetooth: hci3: command tx timeout [ 388.460791][ T5099] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 388.473761][ T5099] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 388.490125][ T5099] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 388.500984][ T5099] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 388.510113][ T5099] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 388.518622][ T5099] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 389.637923][ T5088] Bluetooth: hci3: command tx timeout [ 390.600367][ T5088] Bluetooth: hci5: command tx timeout [ 391.727688][ T5088] Bluetooth: hci3: command tx timeout [ 392.677929][ T5088] Bluetooth: hci5: command tx timeout [ 394.757821][ T5088] Bluetooth: hci5: command tx timeout [ 396.837913][ T5088] Bluetooth: hci5: command tx timeout [ 406.955175][ T8038] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 406.965840][ T8038] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 406.983638][ T8038] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 406.992754][ T8038] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 407.001785][ T8038] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 407.009407][ T8038] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 409.077971][ T5088] Bluetooth: hci8: command tx timeout [ 410.873615][ T8038] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 410.899909][ T8038] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 410.908300][ T8038] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 410.917083][ T8038] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 410.927026][ T8038] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 410.935934][ T8038] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 411.157827][ T8038] Bluetooth: hci8: command tx timeout [ 412.885887][ T5088] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 412.898283][ T5088] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 412.906489][ T5088] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 412.915966][ T5088] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 412.925362][ T5088] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 412.933455][ T5088] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 413.078019][ T5088] Bluetooth: hci9: command tx timeout [ 413.237791][ T5088] Bluetooth: hci8: command tx timeout [ 414.989631][ T5088] Bluetooth: hci10: command tx timeout [ 415.158000][ T5088] Bluetooth: hci9: command tx timeout [ 415.318052][ T5088] Bluetooth: hci8: command tx timeout [ 417.078032][ T5088] Bluetooth: hci10: command tx timeout [ 417.244264][ T5088] Bluetooth: hci9: command tx timeout [ 419.157970][ T5088] Bluetooth: hci10: command tx timeout [ 419.317942][ T5088] Bluetooth: hci9: command tx timeout [ 421.237779][ T5088] Bluetooth: hci10: command tx timeout [ 444.151302][ T8038] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 444.162449][ T8038] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 444.191783][ T8038] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 444.225541][ T8038] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 444.235582][ T8038] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 444.251631][ T8038] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 446.163346][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.169929][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.358155][ T5088] Bluetooth: hci11: command tx timeout [ 447.721964][ T5088] Bluetooth: hci4: command 0x0406 tx timeout [ 448.445573][ T8038] Bluetooth: hci11: command tx timeout [ 449.514882][ T5088] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 449.525414][ T5088] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 449.536478][ T5088] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 449.546414][ T5088] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 449.555246][ T5088] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 449.563697][ T5088] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 450.517739][ T8038] Bluetooth: hci11: command tx timeout [ 451.638112][ T5088] Bluetooth: hci12: command tx timeout [ 452.598046][ T5088] Bluetooth: hci11: command tx timeout [ 452.842630][ T5088] Bluetooth: hci1: command 0x0406 tx timeout [ 453.721491][ T5088] Bluetooth: hci12: command tx timeout [ 455.797871][ T8038] Bluetooth: hci12: command tx timeout [ 457.879765][ T8038] Bluetooth: hci12: command tx timeout [ 467.339054][ T5088] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 467.351934][ T5088] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 467.360952][ T5088] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 467.369838][ T5088] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 467.380884][ T5088] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 467.388898][ T5088] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 469.478036][ T5088] Bluetooth: hci13: command tx timeout [ 471.315935][ T8073] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 471.326489][ T8073] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 471.336976][ T8073] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 471.351126][ T8073] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 471.360582][ T8073] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 471.379009][ T8073] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 471.563678][ T8073] Bluetooth: hci13: command tx timeout [ 473.170793][ T8069] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 473.180780][ T8069] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 473.213903][ T8069] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 473.224425][ T8069] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 473.233264][ T8069] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 473.241216][ T8069] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 473.320904][ T8069] Bluetooth: hci0: command 0x0406 tx timeout [ 473.327147][ T8069] Bluetooth: hci6: command 0x0406 tx timeout [ 473.477862][ T8069] Bluetooth: hci14: command tx timeout [ 473.638134][ T5088] Bluetooth: hci13: command tx timeout [ 475.318152][ T8038] Bluetooth: hci15: command tx timeout [ 475.557815][ T8038] Bluetooth: hci14: command tx timeout [ 475.717957][ T8038] Bluetooth: hci13: command tx timeout [ 477.398067][ T8038] Bluetooth: hci15: command tx timeout [ 477.640658][ T8038] Bluetooth: hci14: command tx timeout [ 478.443916][ T8069] Bluetooth: hci7: command 0x0406 tx timeout [ 479.477698][ T8069] Bluetooth: hci15: command tx timeout [ 479.717872][ T8069] Bluetooth: hci14: command tx timeout [ 481.557688][ T5088] Bluetooth: hci15: command tx timeout [ 504.608763][ T8069] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 504.619197][ T8069] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 504.628972][ T8069] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 504.637975][ T8069] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 504.646911][ T8069] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 504.656739][ T8069] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 506.757903][ T8069] Bluetooth: hci16: command tx timeout [ 507.676655][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.684437][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.837855][ T8069] Bluetooth: hci16: command tx timeout [ 509.165576][ T8069] Bluetooth: hci3: command 0x0406 tx timeout [ 510.736292][ T8069] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 510.785182][ T8069] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 510.796046][ T8069] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 510.817708][ T8069] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 510.826113][ T8069] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 510.852792][ T8069] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 510.919630][ T5088] Bluetooth: hci16: command tx timeout [ 512.908087][ T5088] Bluetooth: hci17: command tx timeout [ 512.998541][ T5088] Bluetooth: hci16: command tx timeout [ 514.290924][ T5088] Bluetooth: hci5: command 0x0406 tx timeout [ 514.997908][ T8069] Bluetooth: hci17: command tx timeout [ 517.077971][ T8069] Bluetooth: hci17: command tx timeout [ 519.157815][ T8069] Bluetooth: hci17: command tx timeout [ 523.082392][ T30] INFO: task kworker/u8:2:33 blocked for more than 143 seconds. [ 523.117667][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 523.125363][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 523.187664][ T30] task:kworker/u8:2 state:D stack:23520 pid:33 tgid:33 ppid:2 flags:0x00004000 [ 523.237588][ T30] Workqueue: netns cleanup_net [ 523.242466][ T30] Call Trace: [ 523.245772][ T30] [ 523.328173][ T30] __schedule+0xf15/0x5d00 [ 523.332689][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 523.348019][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 523.353318][ T30] ? __pfx___schedule+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 523.388291][ T30] ? schedule+0x298/0x350 [ 523.392703][ T30] ? __pfx_lock_release+0x10/0x10 [ 523.437778][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 523.442556][ T30] ? __mutex_trylock_common+0x78/0x250 [ 523.467867][ T30] schedule+0xe7/0x350 [ 523.472020][ T30] schedule_preempt_disabled+0x13/0x30 [ 523.517713][ T30] __mutex_lock+0x5b8/0x9c0 [ 523.522309][ T30] ? __call_rcu_common.constprop.0+0x2e6/0x790 [ 523.636431][ T30] ? gate_exit_net+0x24/0x130 [ 523.674390][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 523.679869][ T30] ? destroy_inode+0x12c/0x1b0 [ 523.684701][ T30] ? __pfx_gate_exit_net+0x10/0x10 [ 523.727857][ T30] ? gate_exit_net+0x24/0x130 [ 523.732640][ T30] ? rtnl_lock+0x9/0x20 [ 523.736888][ T30] gate_exit_net+0x24/0x130 [ 523.777621][ T30] ? __pfx_nfnetlink_net_exit_batch+0x10/0x10 [ 523.783852][ T30] ? __pfx_gate_exit_net+0x10/0x10 [ 523.822122][ T30] ops_exit_list+0x128/0x180 [ 523.826829][ T30] cleanup_net+0x5b7/0xbf0 [ 523.837372][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 523.845458][ T30] process_one_work+0x9c5/0x1b40 [ 523.854668][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 523.860428][ T30] ? __pfx_process_one_work+0x10/0x10 [ 523.865851][ T30] ? assign_work+0x1a0/0x250 [ 523.881878][ T30] worker_thread+0x6c8/0xf30 [ 523.886546][ T30] ? __pfx_worker_thread+0x10/0x10 [ 523.892666][ T30] kthread+0x2c1/0x3a0 [ 523.896813][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 523.909556][ T30] ? __pfx_kthread+0x10/0x10 [ 523.914316][ T30] ret_from_fork+0x45/0x80 [ 523.919521][ T30] ? __pfx_kthread+0x10/0x10 [ 523.924184][ T30] ret_from_fork_asm+0x1a/0x30 [ 523.950406][ T30] [ 523.953530][ T30] INFO: task kworker/u8:5:138 blocked for more than 144 seconds. [ 523.983918][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 523.997938][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 524.006657][ T30] task:kworker/u8:5 state:D stack:24464 pid:138 tgid:138 ppid:2 flags:0x00004000 [ 524.023841][ T30] Workqueue: events_unbound fsnotify_connector_destroy_workfn [ 524.039953][ T30] Call Trace: [ 524.043277][ T30] [ 524.046236][ T30] __schedule+0xf15/0x5d00 [ 524.058274][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 524.063556][ T30] ? __pfx___schedule+0x10/0x10 [ 524.070371][ T30] ? schedule+0x298/0x350 [ 524.074767][ T30] ? __pfx_lock_release+0x10/0x10 [ 524.091344][ T30] ? __pfx_mark_lock+0x10/0x10 [ 524.096184][ T30] ? __pfx_mark_lock+0x10/0x10 [ 524.126000][ T30] schedule+0xe7/0x350 [ 524.134861][ T30] schedule_timeout+0x258/0x2a0 [ 524.152077][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 524.159857][ T30] ? mark_held_locks+0x9f/0xe0 [ 524.164694][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 524.179213][ T30] __wait_for_common+0x3de/0x5f0 [ 524.184313][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 524.197020][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 524.203362][ T30] ? lockdep_init_map_type+0x16d/0x7d0 [ 524.209300][ T30] __synchronize_srcu+0x1bd/0x2a0 [ 524.214387][ T30] ? __pfx___synchronize_srcu+0x10/0x10 [ 524.227383][ T30] ? __pfx_lock_release+0x10/0x10 [ 524.232914][ T30] ? __pfx_wakeme_after_rcu+0x10/0x10 [ 524.259174][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 524.265046][ T30] fsnotify_connector_destroy_workfn+0x4d/0xa0 [ 524.300076][ T30] process_one_work+0x9c5/0x1b40 [ 524.305105][ T30] ? __pfx_wg_packet_handshake_send_worker+0x10/0x10 [ 524.318791][ T30] ? __pfx_process_one_work+0x10/0x10 [ 524.324242][ T30] ? assign_work+0x1a0/0x250 [ 524.335695][ T30] worker_thread+0x6c8/0xf30 [ 524.340765][ T30] ? __kthread_parkme+0x148/0x220 [ 524.345857][ T30] ? __pfx_worker_thread+0x10/0x10 [ 524.359802][ T30] kthread+0x2c1/0x3a0 [ 524.363945][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 524.371650][ T30] ? __pfx_kthread+0x10/0x10 [ 524.376311][ T30] ret_from_fork+0x45/0x80 [ 524.384538][ T30] ? __pfx_kthread+0x10/0x10 [ 524.395283][ T30] ret_from_fork_asm+0x1a/0x30 [ 524.400605][ T30] [ 524.403689][ T30] INFO: task kworker/u8:7:1102 blocked for more than 144 seconds. [ 524.413656][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 524.441593][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 524.467242][ T30] task:kworker/u8:7 state:D stack:23200 pid:1102 tgid:1102 ppid:2 flags:0x00004000 [ 524.480562][ T30] Workqueue: events_unbound fsnotify_mark_destroy_workfn [ 524.495714][ T30] Call Trace: [ 524.501918][ T30] [ 524.504901][ T30] __schedule+0xf15/0x5d00 [ 524.510060][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 524.515332][ T30] ? hlock_class+0x4e/0x130 [ 524.527957][ T30] ? __pfx___schedule+0x10/0x10 [ 524.532872][ T30] ? schedule+0x298/0x350 [ 524.537244][ T30] ? __pfx_lock_release+0x10/0x10 [ 524.547558][ T30] ? __pfx_mark_lock+0x10/0x10 [ 524.552389][ T30] ? __pfx_mark_lock+0x10/0x10 [ 524.557208][ T30] schedule+0xe7/0x350 [ 524.569500][ T30] schedule_timeout+0x258/0x2a0 [ 524.574436][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 524.593290][ T30] ? mark_held_locks+0x9f/0xe0 [ 524.617769][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 524.623061][ T30] __wait_for_common+0x3de/0x5f0 [ 524.643446][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 524.652670][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 524.662458][ T30] ? lockdep_init_map_type+0x16d/0x7d0 [ 524.668570][ T30] __synchronize_srcu+0x1bd/0x2a0 [ 524.673672][ T30] ? __pfx___synchronize_srcu+0x10/0x10 [ 524.691095][ T30] ? synchronize_srcu+0x6f/0x250 [ 524.696117][ T30] ? __pfx_wakeme_after_rcu+0x10/0x10 [ 524.703483][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 524.717358][ T30] fsnotify_mark_destroy_workfn+0x113/0x360 [ 524.726425][ T30] ? __pfx_fsnotify_mark_destroy_workfn+0x10/0x10 [ 524.733491][ T30] process_one_work+0x9c5/0x1b40 [ 524.744188][ T30] ? __pfx_wg_packet_handshake_send_worker+0x10/0x10 [ 524.775892][ T30] ? __pfx_process_one_work+0x10/0x10 [ 524.781751][ T30] ? assign_work+0x1a0/0x250 [ 524.786560][ T30] worker_thread+0x6c8/0xf30 [ 524.800073][ T30] ? __kthread_parkme+0x148/0x220 [ 524.805164][ T30] ? __pfx_worker_thread+0x10/0x10 [ 524.820045][ T30] kthread+0x2c1/0x3a0 [ 524.824179][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 524.829964][ T30] ? __pfx_kthread+0x10/0x10 [ 524.834618][ T30] ret_from_fork+0x45/0x80 [ 524.847689][ T30] ? __pfx_kthread+0x10/0x10 [ 524.852339][ T30] ret_from_fork_asm+0x1a/0x30 [ 524.857240][ T30] [ 524.869465][ T30] INFO: task dhcpcd:4748 blocked for more than 145 seconds. [ 524.876801][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 524.896284][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 524.916241][ T30] task:dhcpcd state:D stack:23352 pid:4748 tgid:4748 ppid:4747 flags:0x00000002 [ 524.937405][ T30] Call Trace: [ 524.941069][ T30] [ 524.944044][ T30] __schedule+0xf15/0x5d00 [ 524.949173][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 524.954437][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 524.967480][ T30] ? find_held_lock+0x2d/0x110 [ 524.972750][ T30] ? __pfx___schedule+0x10/0x10 [ 524.979237][ T30] ? schedule+0x298/0x350 [ 524.983649][ T30] ? __pfx_lock_release+0x10/0x10 [ 524.995309][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 525.008548][ T30] ? __mutex_trylock_common+0x78/0x250 [ 525.014091][ T30] schedule+0xe7/0x350 [ 525.024825][ T30] schedule_preempt_disabled+0x13/0x30 [ 525.045383][ T30] __mutex_lock+0x5b8/0x9c0 [ 525.054243][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 525.067899][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 525.073008][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 525.090776][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 525.095797][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 525.107613][ T30] ? avc_has_perm+0x11b/0x1c0 [ 525.112361][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 525.128314][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 525.133409][ T30] ? __lock_acquire+0xc5d/0x3b30 [ 525.143566][ T30] netlink_rcv_skb+0x16b/0x440 [ 525.151278][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 525.156789][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 525.170613][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 525.175961][ T30] netlink_unicast+0x542/0x820 [ 525.193540][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 525.203027][ T30] netlink_sendmsg+0x8b8/0xd70 [ 525.226391][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 525.232185][ T30] ? __import_iovec+0x1fd/0x6e0 [ 525.237090][ T30] ____sys_sendmsg+0xab5/0xc90 [ 525.249699][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 525.255332][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 525.267815][ T30] ? lock_acquire+0x1b1/0x560 [ 525.272596][ T30] ___sys_sendmsg+0x135/0x1e0 [ 525.277352][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 525.285573][ T30] ? __fget_light+0x173/0x210 [ 525.297556][ T30] __sys_sendmsg+0x117/0x1f0 [ 525.302210][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 525.325684][ T30] do_syscall_64+0xcd/0x250 [ 525.330570][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.336519][ T30] RIP: 0033:0x7fe826f1aa4b [ 525.348924][ T30] RSP: 002b:00007ffeeaa9d798 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 525.357397][ T30] RAX: ffffffffffffffda RBX: 00007fe826e426c0 RCX: 00007fe826f1aa4b [ 525.385453][ T30] RDX: 0000000000000000 RSI: 00007ffeeaab1948 RDI: 0000000000000005 [ 525.396248][ T30] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007ffeeaab1948 [ 525.412694][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 525.421155][ T30] R13: 00007ffeeaab1948 R14: 0000000000000030 R15: 0000000000000001 [ 525.436802][ T30] [ 525.443819][ T30] INFO: task kworker/1:6:5141 blocked for more than 145 seconds. [ 525.457925][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 525.465607][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 525.476361][ T30] task:kworker/1:6 state:D stack:24048 pid:5141 tgid:5141 ppid:2 flags:0x00004000 [ 525.493391][ T30] Workqueue: events linkwatch_event [ 525.515935][ T30] Call Trace: [ 525.522059][ T30] [ 525.525037][ T30] __schedule+0xf15/0x5d00 [ 525.545225][ T30] ? __pfx_mark_lock+0x10/0x10 [ 525.553974][ T30] ? __pfx___schedule+0x10/0x10 [ 525.559255][ T30] ? schedule+0x298/0x350 [ 525.563639][ T30] ? __pfx_lock_release+0x10/0x10 [ 525.584718][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 525.591222][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 525.596487][ T30] schedule+0xe7/0x350 [ 525.607994][ T30] schedule_preempt_disabled+0x13/0x30 [ 525.615480][ T30] __mutex_lock+0x5b8/0x9c0 [ 525.620617][ T30] ? linkwatch_event+0x51/0xc0 [ 525.625453][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 525.638211][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 525.646451][ T30] ? __pfx_lock_release+0x10/0x10 [ 525.656031][ T30] ? linkwatch_event+0x51/0xc0 [ 525.661164][ T30] ? rtnl_lock+0x9/0x20 [ 525.665368][ T30] linkwatch_event+0x51/0xc0 [ 525.686794][ T30] ? __pfx_linkwatch_event+0x10/0x10 [ 525.697365][ T30] ? rcu_is_watching+0x12/0xc0 [ 525.702567][ T30] process_one_work+0x9c5/0x1b40 [ 525.708227][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 525.713318][ T30] ? __pfx_process_one_work+0x10/0x10 [ 525.727095][ T30] ? assign_work+0x1a0/0x250 [ 525.736060][ T30] worker_thread+0x6c8/0xf30 [ 525.746279][ T30] ? __kthread_parkme+0x148/0x220 [ 525.751711][ T30] ? __pfx_worker_thread+0x10/0x10 [ 525.756863][ T30] kthread+0x2c1/0x3a0 [ 525.768069][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 525.773327][ T30] ? __pfx_kthread+0x10/0x10 [ 525.780284][ T30] ret_from_fork+0x45/0x80 [ 525.784852][ T30] ? __pfx_kthread+0x10/0x10 [ 525.798822][ T30] ret_from_fork_asm+0x1a/0x30 [ 525.803674][ T30] [ 525.806822][ T30] INFO: task syz-executor:7789 blocked for more than 146 seconds. [ 525.835933][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 525.846903][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 525.855994][ T30] task:syz-executor state:D stack:24704 pid:7789 tgid:7789 ppid:1 flags:0x00004006 [ 525.868654][ T30] Call Trace: [ 525.871971][ T30] [ 525.874932][ T30] __schedule+0xf15/0x5d00 [ 525.896372][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 525.902123][ T30] ? __pfx_lockdep_lock+0x10/0x10 [ 525.907198][ T30] ? __pfx___schedule+0x10/0x10 [ 525.921540][ T30] ? schedule+0x298/0x350 [ 525.925936][ T30] ? __pfx_lock_release+0x10/0x10 [ 525.937076][ T30] ? mark_lock+0xb5/0xc60 [ 525.941829][ T30] ? __pfx_mark_lock+0x10/0x10 [ 525.946649][ T30] schedule+0xe7/0x350 [ 525.951436][ T30] schedule_timeout+0x258/0x2a0 [ 525.956349][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 525.993686][ T30] ? mark_held_locks+0x9f/0xe0 [ 526.011768][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 526.017041][ T30] __wait_for_common+0x3de/0x5f0 [ 526.035284][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 526.054038][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 526.065774][ T30] ? mark_held_locks+0x9f/0xe0 [ 526.071080][ T30] __flush_work+0x5bd/0xc60 [ 526.075631][ T30] ? __pfx___flush_work+0x10/0x10 [ 526.087016][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 526.095800][ T30] ? __pfx___might_resched+0x10/0x10 [ 526.104829][ T30] ? mark_held_locks+0x9f/0xe0 [ 526.112927][ T30] unregister_netdevice_many_notify+0x12c1/0x19f0 [ 526.120547][ T30] ? rcu_is_watching+0x12/0xc0 [ 526.126477][ T30] ? trace_contention_end+0xea/0x140 [ 526.155397][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 526.179320][ T30] ? nsim_destroy+0x6f/0x6a0 [ 526.184097][ T30] ? mntput_no_expire+0x158/0xaf0 [ 526.194655][ T30] unregister_netdevice_queue+0x307/0x3f0 [ 526.201080][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 526.207381][ T30] nsim_destroy+0x107/0x6a0 [ 526.221584][ T30] __nsim_dev_port_del+0x189/0x240 [ 526.230728][ T30] nsim_dev_reload_destroy+0x108/0x4d0 [ 526.236244][ T30] nsim_drv_remove+0x52/0x1d0 [ 526.248937][ T30] ? __pfx_nsim_bus_remove+0x10/0x10 [ 526.254298][ T30] device_remove+0xc8/0x170 [ 526.259440][ T30] device_release_driver_internal+0x44a/0x610 [ 526.265587][ T30] bus_remove_device+0x22f/0x420 [ 526.278322][ T30] device_del+0x396/0x9f0 [ 526.282739][ T30] ? __pfx_device_del+0x10/0x10 [ 526.308186][ T30] ? rcu_is_watching+0x12/0xc0 [ 526.313037][ T30] device_unregister+0x1d/0xc0 [ 526.327177][ T30] del_device_store+0x346/0x4b0 [ 526.337274][ T30] ? __pfx_del_device_store+0x10/0x10 [ 526.347670][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 526.352842][ T30] ? __pfx__copy_from_iter+0x10/0x10 [ 526.361272][ T30] ? __pfx_del_device_store+0x10/0x10 [ 526.366709][ T30] bus_attr_store+0x76/0xa0 [ 526.379504][ T30] ? __pfx_bus_attr_store+0x10/0x10 [ 526.384781][ T30] sysfs_kf_write+0x117/0x170 [ 526.390151][ T30] kernfs_fop_write_iter+0x343/0x500 [ 526.395497][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 526.401608][ T30] vfs_write+0x6b6/0x1140 [ 526.406012][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 526.420358][ T30] ? __pfx_vfs_write+0x10/0x10 [ 526.425224][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 526.435295][ T30] ? do_user_addr_fault+0x6d7/0xe50 [ 526.450191][ T30] ? __fget_light+0x173/0x210 [ 526.454970][ T30] ksys_write+0x12f/0x260 [ 526.479300][ T30] ? __pfx_ksys_write+0x10/0x10 [ 526.484256][ T30] do_syscall_64+0xcd/0x250 [ 526.504310][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.510785][ T30] RIP: 0033:0x7f299277475f [ 526.515252][ T30] RSP: 002b:00007ffc1f5d0550 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 526.534297][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f299277475f [ 526.555673][ T30] RDX: 0000000000000001 RSI: 00007ffc1f5d05a0 RDI: 0000000000000005 [ 526.574212][ T30] RBP: 00007f29927e45a0 R08: 0000000000000000 R09: 00007ffc1f5d03a7 [ 526.582836][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 526.599530][ T30] R13: 00007ffc1f5d05a0 R14: 00007f2993434620 R15: 0000000000000003 [ 526.611749][ T30] [ 526.614818][ T30] INFO: task syz-executor:7845 blocked for more than 146 seconds. [ 526.623385][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 526.655405][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 526.666022][ T30] task:syz-executor state:D stack:25216 pid:7845 tgid:7845 ppid:1 flags:0x00000004 [ 526.686667][ T30] Call Trace: [ 526.690461][ T30] [ 526.693441][ T30] __schedule+0xf15/0x5d00 [ 526.698889][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 526.704191][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 526.718089][ T30] ? find_held_lock+0x2d/0x110 [ 526.722939][ T30] ? __pfx___schedule+0x10/0x10 [ 526.728717][ T30] ? schedule+0x298/0x350 [ 526.733108][ T30] ? __pfx_lock_release+0x10/0x10 [ 526.747843][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 526.752604][ T30] ? __mutex_trylock_common+0x78/0x250 [ 526.760108][ T30] schedule+0xe7/0x350 [ 526.764254][ T30] schedule_preempt_disabled+0x13/0x30 [ 526.778158][ T30] __mutex_lock+0x5b8/0x9c0 [ 526.782748][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 526.807740][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 526.812855][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 526.835152][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 526.850486][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 526.856026][ T30] ? avc_has_perm+0x11b/0x1c0 [ 526.868086][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 526.873376][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 526.880676][ T30] ? __lock_acquire+0xc5d/0x3b30 [ 526.885713][ T30] netlink_rcv_skb+0x16b/0x440 [ 526.896710][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 526.905609][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 526.917634][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 526.923005][ T30] netlink_unicast+0x542/0x820 [ 526.938269][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 526.949103][ T30] netlink_sendmsg+0x8b8/0xd70 [ 526.953949][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 526.977132][ T30] __sys_sendto+0x47f/0x4e0 [ 526.982246][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 526.987423][ T30] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 527.017571][ T30] ? kasan_quarantine_put+0x10a/0x240 [ 527.023038][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 527.036290][ T30] ? __fput+0x6c5/0xbb0 [ 527.043726][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 527.053273][ T30] ? do_syscall_64+0x91/0x250 [ 527.063638][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 527.069480][ T30] do_syscall_64+0xcd/0x250 [ 527.074080][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.096812][ T30] RIP: 0033:0x7fad27f7796c [ 527.106056][ T30] RSP: 002b:00007ffc6f3d37e0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 527.117568][ T30] RAX: ffffffffffffffda RBX: 00007fad28c34620 RCX: 00007fad27f7796c [ 527.125598][ T30] RDX: 0000000000000028 RSI: 00007fad28c34670 RDI: 0000000000000003 [ 527.167192][ T30] RBP: 0000000000000000 R08: 00007ffc6f3d3834 R09: 000000000000000c [ 527.175753][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 527.184189][ T30] R13: 0000000000000000 R14: 00007fad28c34670 R15: 0000000000000000 [ 527.197576][ T30] [ 527.200732][ T30] INFO: task syz-executor:7966 blocked for more than 147 seconds. [ 527.213849][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 527.226930][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 527.236221][ T30] task:syz-executor state:D stack:25024 pid:7966 tgid:7966 ppid:1 flags:0x00000004 [ 527.256639][ T30] Call Trace: [ 527.262035][ T30] [ 527.265001][ T30] __schedule+0xf15/0x5d00 [ 527.274962][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.280785][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.286050][ T30] ? find_held_lock+0x2d/0x110 [ 527.306482][ T30] ? __pfx___schedule+0x10/0x10 [ 527.318532][ T30] ? schedule+0x298/0x350 [ 527.322964][ T30] ? __pfx_lock_release+0x10/0x10 [ 527.344283][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 527.349692][ T30] ? __mutex_trylock_common+0x78/0x250 [ 527.356186][ T30] schedule+0xe7/0x350 [ 527.369361][ T30] schedule_preempt_disabled+0x13/0x30 [ 527.374897][ T30] __mutex_lock+0x5b8/0x9c0 [ 527.384406][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 527.392427][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 527.401715][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 527.406897][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 527.420431][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 527.426062][ T30] ? avc_has_perm+0x11b/0x1c0 [ 527.431973][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.437258][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 527.469720][ T30] ? __lock_acquire+0xc5d/0x3b30 [ 527.474774][ T30] netlink_rcv_skb+0x16b/0x440 [ 527.497889][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 527.503426][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 527.519686][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 527.525065][ T30] netlink_unicast+0x542/0x820 [ 527.530728][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 527.536095][ T30] netlink_sendmsg+0x8b8/0xd70 [ 527.548789][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 527.554186][ T30] __sys_sendto+0x47f/0x4e0 [ 527.577604][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 527.582740][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 527.591672][ T30] ? do_syscall_64+0x91/0x250 [ 527.596447][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 527.613523][ T30] do_syscall_64+0xcd/0x250 [ 527.630237][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.636197][ T30] RIP: 0033:0x7f096397796c [ 527.653981][ T30] RSP: 002b:00007ffc6b801b90 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 527.670295][ T30] RAX: ffffffffffffffda RBX: 00007f0964634620 RCX: 00007f096397796c [ 527.680901][ T30] RDX: 000000000000003c RSI: 00007f0964634670 RDI: 0000000000000003 [ 527.694082][ T30] RBP: 0000000000000000 R08: 00007ffc6b801be4 R09: 000000000000000c [ 527.707564][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 527.715582][ T30] R13: 0000000000000000 R14: 00007f0964634670 R15: 0000000000000000 [ 527.733228][ T30] [ 527.736300][ T30] INFO: task syz-executor:7972 blocked for more than 148 seconds. [ 527.750954][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 527.759104][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 527.786850][ T30] task:syz-executor state:D stack:25664 pid:7972 tgid:7972 ppid:1 flags:0x00000004 [ 527.805614][ T30] Call Trace: [ 527.815329][ T30] [ 527.818886][ T30] __schedule+0xf15/0x5d00 [ 527.823357][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.834476][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.845436][ T30] ? find_held_lock+0x2d/0x110 [ 527.850645][ T30] ? __pfx___schedule+0x10/0x10 [ 527.855558][ T30] ? schedule+0x298/0x350 [ 527.860571][ T30] ? __pfx_lock_release+0x10/0x10 [ 527.866638][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 527.880518][ T30] ? __mutex_trylock_common+0x78/0x250 [ 527.886053][ T30] schedule+0xe7/0x350 [ 527.892120][ T30] schedule_preempt_disabled+0x13/0x30 [ 527.904223][ T30] __mutex_lock+0x5b8/0x9c0 [ 527.923194][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 527.933268][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 527.941230][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 527.946405][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 527.953370][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 527.968226][ T30] ? avc_has_perm+0x11b/0x1c0 [ 527.972975][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 527.987936][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 527.993026][ T30] ? __lock_acquire+0xc5d/0x3b30 [ 527.998626][ T30] netlink_rcv_skb+0x16b/0x440 [ 528.003553][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 528.024433][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 528.030196][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 528.035533][ T30] netlink_unicast+0x542/0x820 [ 528.052285][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 528.058187][ T30] netlink_sendmsg+0x8b8/0xd70 [ 528.063011][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 528.087672][ T30] __sys_sendto+0x47f/0x4e0 [ 528.092279][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 528.097376][ T30] ? __pfx_task_mm_cid_work+0x10/0x10 [ 528.127674][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 528.133142][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 528.138540][ T30] ? do_syscall_64+0x91/0x250 [ 528.143272][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 528.156287][ T30] do_syscall_64+0xcd/0x250 [ 528.161299][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.167258][ T30] RIP: 0033:0x7f33e197796c [ 528.173446][ T30] RSP: 002b:00007ffd6e1985a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 528.192144][ T30] RAX: ffffffffffffffda RBX: 00007f33e2634620 RCX: 00007f33e197796c [ 528.202737][ T30] RDX: 0000000000000038 RSI: 00007f33e2634670 RDI: 0000000000000003 [ 528.217579][ T30] RBP: 0000000000000000 R08: 00007ffd6e1985f4 R09: 000000000000000c [ 528.225605][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 528.241951][ T30] R13: 0000000000000000 R14: 00007f33e2634670 R15: 0000000000000000 [ 528.265756][ T30] [ 528.269011][ T30] INFO: task syz-executor:7977 blocked for more than 148 seconds. [ 528.297393][ T30] Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 528.313377][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 528.323860][ T30] task:syz-executor state:D stack:25664 pid:7977 tgid:7977 ppid:1 flags:0x00004004 [ 528.341937][ T30] Call Trace: [ 528.345261][ T30] [ 528.349991][ T30] __schedule+0xf15/0x5d00 [ 528.354462][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 528.362843][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 528.368617][ T30] ? find_held_lock+0x2d/0x110 [ 528.373445][ T30] ? __pfx___schedule+0x10/0x10 [ 528.387169][ T30] ? schedule+0x298/0x350 [ 528.393261][ T30] ? __pfx_lock_release+0x10/0x10 [ 528.398861][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 528.403692][ T30] ? __mutex_trylock_common+0x78/0x250 [ 528.435375][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 528.446880][ T30] schedule+0xe7/0x350 [ 528.451324][ T30] schedule_preempt_disabled+0x13/0x30 [ 528.456831][ T30] __mutex_lock+0x5b8/0x9c0 [ 528.467556][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 528.472730][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 528.493119][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 528.500802][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 528.505897][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 528.513392][ T30] ? avc_has_perm+0x11b/0x1c0 [ 528.525769][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 528.531382][ T30] ? __pfx_avc_has_perm+0x10/0x10 [ 528.536457][ T30] ? __lock_acquire+0xc5d/0x3b30 [ 528.543900][ T30] netlink_rcv_skb+0x16b/0x440 [ 528.549479][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 528.555008][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 528.582268][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 528.590886][ T30] netlink_unicast+0x542/0x820 [ 528.595726][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 528.608034][ T30] netlink_sendmsg+0x8b8/0xd70 [ 528.612873][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 528.620350][ T30] __sys_sendto+0x47f/0x4e0 [ 528.624950][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 528.637309][ T30] ? __pfx_task_mm_cid_work+0x10/0x10 [ 528.643143][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 528.650812][ T30] ? __pfx_mem_cgroup_handle_over_high+0x10/0x10 [ 528.657200][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 528.679199][ T30] ? do_syscall_64+0x91/0x250 [ 528.685744][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 528.695193][ T30] do_syscall_64+0xcd/0x250 [ 528.703630][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.709835][ T30] RIP: 0033:0x7f59f2d7796c [ 528.714284][ T30] RSP: 002b:00007ffc308bbc30 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 528.748345][ T30] RAX: ffffffffffffffda RBX: 00007f59f3a34620 RCX: 00007f59f2d7796c [ 528.756404][ T30] RDX: 0000000000000038 RSI: 00007f59f3a34670 RDI: 0000000000000003 [ 528.774180][ T30] RBP: 0000000000000000 R08: 00007ffc308bbc84 R09: 000000000000000c [ 528.790341][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 528.799990][ T30] R13: 0000000000000000 R14: 00007f59f3a34670 R15: 0000000000000000 [ 528.811533][ T30] [ 528.814596][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 528.831795][ T30] [ 528.831795][ T30] Showing all locks held in the system: [ 528.841465][ T30] 2 locks held by kworker/0:1/9: [ 528.846444][ T30] 1 lock held by khungtaskd/30: [ 528.858140][ T30] #0: ffffffff8dbb1620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 528.870230][ T30] 4 locks held by kworker/u8:2/33: [ 528.875386][ T30] #0: ffff8880162d3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 528.904258][ T30] #1: ffffc90000a97d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 528.939714][ T30] #2: ffffffff8f732e90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0 [ 528.949648][ T30] #3: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: gate_exit_net+0x24/0x130 [ 528.966767][ T30] 3 locks held by kworker/u8:3/36: [ 528.972498][ T30] #0: ffff888029e95148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 528.992612][ T30] #1: ffffc90000ac7d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 529.017944][ T30] #2: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 [ 529.033334][ T30] 2 locks held by kworker/u8:5/138: [ 529.039023][ T30] #0: ffff888015489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 529.071607][ T30] #1: ffffc90002defd80 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 529.105416][ T30] 2 locks held by kworker/u8:7/1102: [ 529.113110][ T30] #0: ffff888015489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 529.132834][ T30] #1: ffffc90004867d80 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 529.146237][ T30] 2 locks held by kworker/0:2/1154: [ 529.151874][ T30] 1 lock held by dhcpcd/4748: [ 529.156585][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.173886][ T30] 2 locks held by getty/4840: [ 529.179069][ T30] #0: ffff88802abdd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 529.192894][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 529.207886][ T30] 6 locks held by kworker/0:3/5137: [ 529.213126][ T30] 3 locks held by kworker/1:6/5141: [ 529.223101][ T30] #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 529.270268][ T29] audit: type=1400 audit(1720499425.433:345): avc: denied { write } for pid=4516 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 529.292032][ T30] #1: ffffc9000423fd80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 529.326143][ T30] #2: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 529.342038][ T29] audit: type=1400 audit(1720499425.433:346): avc: denied { remove_name } for pid=4516 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 529.365213][ T30] 8 locks held by syz-executor/7789: [ 529.370602][ T30] #0: ffff88801e54a420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 529.388975][ T30] #1: ffff88807ccb5088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 529.399387][ T29] audit: type=1400 audit(1720499425.433:347): avc: denied { add_name } for pid=4516 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 529.422859][ T30] #2: ffff88801fed2b48 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 529.438092][ T30] #3: ffffffff8ed831a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 529.476546][ T30] #4: ffff88802e2970e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 [ 529.507119][ T30] #5: ffff88802d781250 (&devlink->lock_key){+.+.}-{3:3}, at: nsim_drv_remove+0x4a/0x1d0 [ 529.523322][ T30] #6: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x6f/0x6a0 [ 529.534150][ T30] #7: ffffffff8da555d0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x531/0x19f0 [ 529.553392][ T30] 1 lock held by syz-executor/7845: [ 529.559158][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.575591][ T30] 5 locks held by syz.4.742/7954: [ 529.582225][ T30] 1 lock held by syz-executor/7966: [ 529.587465][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.600598][ T30] 1 lock held by syz-executor/7972: [ 529.606853][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.638587][ T8038] Bluetooth: hci8: command 0x0406 tx timeout [ 529.656436][ T30] 1 lock held by syz-executor/7977: [ 529.667624][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.677226][ T30] 1 lock held by syz-executor/8025: [ 529.689841][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.699897][ T30] 1 lock held by syz-executor/8030: [ 529.705130][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.725973][ T30] 1 lock held by syz-executor/8036: [ 529.731663][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.742927][ T30] 1 lock held by syz-executor/8043: [ 529.756467][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.766772][ T30] 1 lock held by syz-executor/8049: [ 529.787744][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.797265][ T30] 1 lock held by syz-executor/8052: [ 529.818865][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.837032][ T30] 1 lock held by syz-executor/8058: [ 529.842669][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.852584][ T30] 1 lock held by syz-executor/8063: [ 529.860695][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 529.877966][ T30] 6 locks held by kworker/u9:1/8069: [ 529.883294][ T30] #0: ffff88802276d148 ((wq_completion)hci8){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 529.900547][ T30] #1: ffffc900042d7d80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 529.927618][ T30] #2: ffff88807d728d88 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x170/0x410 [ 529.956066][ T30] #3: ffff88807d728078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x150/0xb50 [ 529.970258][ T30] #4: ffffffff8f9aa228 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x158/0x370 [ 529.987625][ T30] #5: ffffffff8dbbcdb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 [ 530.003420][ T30] 1 lock held by syz-executor/8070: [ 530.010297][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 530.027294][ T30] 1 lock held by syz-executor/8077: [ 530.042497][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 530.057576][ T30] 1 lock held by syz-executor/8081: [ 530.062820][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 530.093256][ T30] 1 lock held by syz-executor/8088: [ 530.100097][ T30] #0: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 530.127990][ T30] [ 530.130468][ T30] ============================================= [ 530.130468][ T30] [ 530.146155][ T30] NMI backtrace for cpu 1 [ 530.150529][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 530.160471][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 530.170555][ T30] Call Trace: [ 530.173856][ T30] [ 530.176810][ T30] dump_stack_lvl+0x116/0x1f0 [ 530.181525][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 530.186522][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 530.192543][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 530.198572][ T30] watchdog+0xf86/0x1240 [ 530.202844][ T30] ? __pfx_watchdog+0x10/0x10 [ 530.207634][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 530.212873][ T30] ? __kthread_parkme+0x148/0x220 [ 530.217946][ T30] ? __pfx_watchdog+0x10/0x10 [ 530.222656][ T30] kthread+0x2c1/0x3a0 [ 530.226761][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 530.232010][ T30] ? __pfx_kthread+0x10/0x10 [ 530.236643][ T30] ret_from_fork+0x45/0x80 [ 530.241107][ T30] ? __pfx_kthread+0x10/0x10 [ 530.245754][ T30] ret_from_fork_asm+0x1a/0x30 [ 530.250576][ T30] [ 530.254872][ T30] Sending NMI from CPU 1 to CPUs 0: [ 530.260481][ C0] NMI backtrace for cpu 0 [ 530.260508][ C0] CPU: 0 PID: 7954 Comm: syz.4.742 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 530.260535][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 530.260549][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x13/0x60 [ 530.260581][ C0] Code: 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 64 f4 75 7e 65 8b 05 65 f4 75 7e 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 35 8b 82 1c 16 00 00 [ 530.260605][ C0] RSP: 0018:ffffc90000006e68 EFLAGS: 00000002 [ 530.260623][ C0] RAX: 0000000080010101 RBX: ffffc90000006e98 RCX: ffffffff813cd06c [ 530.260640][ C0] RDX: ffff888021335a00 RSI: 0000000000000000 RDI: 0000000000000005 [ 530.260656][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 530.260670][ C0] R10: 0000000000000001 R11: 0000000000000004 R12: ffffc90000006e98 [ 530.260686][ C0] R13: ffffffff81798340 R14: ffffc90000006f58 R15: ffff888021335a00 [ 530.260702][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 530.260725][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 530.260742][ C0] CR2: 000000110c3ea530 CR3: 000000000d97a000 CR4: 00000000003506f0 [ 530.260757][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 530.260772][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 530.260787][ C0] Call Trace: [ 530.260795][ C0] [ 530.260803][ C0] ? show_regs+0x8c/0xa0 [ 530.260837][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 530.260884][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 530.260914][ C0] ? nmi_handle+0x1a9/0x5c0 [ 530.260947][ C0] ? __sanitizer_cov_trace_pc+0x13/0x60 [ 530.260970][ C0] ? default_do_nmi+0x6a/0x160 [ 530.260991][ C0] ? exc_nmi+0x170/0x1e0 [ 530.261010][ C0] ? end_repeat_nmi+0xf/0x53 [ 530.261031][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 530.261064][ C0] ? unwind_get_return_address+0x3c/0xe0 [ 530.261099][ C0] ? __sanitizer_cov_trace_pc+0x13/0x60 [ 530.261122][ C0] ? __sanitizer_cov_trace_pc+0x13/0x60 [ 530.261145][ C0] ? __sanitizer_cov_trace_pc+0x13/0x60 [ 530.261167][ C0] [ 530.261174][ C0] [ 530.261180][ C0] unwind_get_return_address+0x58/0xe0 [ 530.261215][ C0] arch_stack_walk+0xc1/0x170 [ 530.261239][ C0] ? free_unref_folios+0x991/0x1310 [ 530.261270][ C0] stack_trace_save+0x95/0xd0 [ 530.261300][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 530.261329][ C0] ? find_held_lock+0x2d/0x110 [ 530.261356][ C0] kasan_save_stack+0x33/0x60 [ 530.261406][ C0] ? kasan_save_stack+0x33/0x60 [ 530.261438][ C0] ? kasan_save_track+0x14/0x30 [ 530.261471][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 530.261502][ C0] ? dummy_urb_enqueue+0x8d/0x8a0 [ 530.261536][ C0] ? usb_hcd_submit_urb+0x2d1/0x2090 [ 530.261564][ C0] ? usb_submit_urb+0x87c/0x1730 [ 530.261595][ C0] ? ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 530.261625][ C0] ? __usb_hcd_giveback_urb+0x389/0x6e0 [ 530.261652][ C0] ? usb_hcd_giveback_urb+0x396/0x450 [ 530.261677][ C0] ? dummy_timer+0x17f6/0x3900 [ 530.261705][ C0] ? __hrtimer_run_queues+0x20c/0xcc0 [ 530.261732][ C0] ? hrtimer_interrupt+0x31b/0x800 [ 530.261759][ C0] ? __sysvec_apic_timer_interrupt+0x10f/0x450 [ 530.261797][ C0] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 530.261825][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 530.261881][ C0] ? ieee80211_beacon_get_finish+0x77/0x670 [ 530.261906][ C0] ? ieee80211_beacon_get_ap+0x79e/0x10f0 [ 530.261936][ C0] ? __ieee80211_beacon_get+0xf8a/0x16b0 [ 530.261966][ C0] ? ieee80211_beacon_get_tim+0xa7/0x280 [ 530.261996][ C0] ? mac80211_hwsim_beacon_tx+0x4ea/0xa00 [ 530.262030][ C0] ? __iterate_interfaces+0x2d2/0x580 [ 530.262055][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 530.262087][ C0] ? mac80211_hwsim_beacon+0x105/0x200 [ 530.262113][ C0] ? __hrtimer_run_queues+0x20c/0xcc0 [ 530.262141][ C0] ? hrtimer_run_softirq+0x17d/0x350 [ 530.262169][ C0] ? handle_softirqs+0x216/0x8f0 [ 530.262197][ C0] ? irq_exit_rcu+0xbb/0x120 [ 530.262225][ C0] ? sysvec_apic_timer_interrupt+0x95/0xb0 [ 530.262255][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 530.262297][ C0] ? __schedule+0xf1d/0x5d00 [ 530.262322][ C0] ? preempt_schedule_common+0x44/0xc0 [ 530.262349][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 530.262374][ C0] ? unwind_next_frame+0x1c90/0x23a0 [ 530.262421][ C0] ? arch_stack_walk+0x100/0x170 [ 530.262444][ C0] ? stack_trace_save+0x95/0xd0 [ 530.262473][ C0] ? save_stack+0x162/0x1f0 [ 530.262497][ C0] ? __reset_page_owner+0x8d/0x400 [ 530.262532][ C0] kasan_save_track+0x14/0x30 [ 530.262566][ C0] __kasan_kmalloc+0xaa/0xb0 [ 530.262599][ C0] dummy_urb_enqueue+0x8d/0x8a0 [ 530.262628][ C0] ? usb_hcd_map_urb_for_dma+0x39e/0x1190 [ 530.262657][ C0] usb_hcd_submit_urb+0x2d1/0x2090 [ 530.262687][ C0] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 530.262714][ C0] ? lock_acquire+0x1b1/0x560 [ 530.262751][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 530.262786][ C0] ? find_held_lock+0x2d/0x110 [ 530.262814][ C0] ? ath9k_hif_usb_reg_in_cb+0x487/0x690 [ 530.262845][ C0] usb_submit_urb+0x87c/0x1730 [ 530.262878][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 530.262904][ C0] ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 530.262936][ C0] __usb_hcd_giveback_urb+0x389/0x6e0 [ 530.262964][ C0] usb_hcd_giveback_urb+0x396/0x450 [ 530.262992][ C0] dummy_timer+0x17f6/0x3900 [ 530.263022][ C0] ? debug_object_deactivate+0x1f0/0x370 [ 530.263061][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 530.263099][ C0] ? __hrtimer_run_queues+0x5a7/0xcc0 [ 530.263126][ C0] ? __pfx_lock_release+0x10/0x10 [ 530.263162][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 530.263190][ C0] ? timerqueue_del+0x83/0x150 [ 530.263224][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 530.263251][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 530.263282][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 530.263310][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 530.263349][ C0] hrtimer_interrupt+0x31b/0x800 [ 530.263381][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 530.263419][ C0] sysvec_apic_timer_interrupt+0x43/0xb0 [ 530.263448][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 530.263486][ C0] RIP: 0010:ieee80211_beacon_get_finish+0x77/0x670 [ 530.263516][ C0] Code: 78 5e 8a 48 89 44 24 08 8b 84 24 00 01 00 00 89 44 24 18 48 8d 44 24 20 48 c1 e8 03 48 89 44 24 10 48 01 f0 c7 00 f1 f1 f1 f1 40 0c f3 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 b8 00 [ 530.263540][ C0] RSP: 0018:ffffc900000079c8 EFLAGS: 00000282 [ 530.263557][ C0] RAX: fffff52000000f3d RBX: ffff88806c5d8140 RCX: ffffc90000007c38 [ 530.263574][ C0] RDX: ffff888024e622d0 RSI: dffffc0000000000 RDI: ffff88802a1e0e20 [ 530.263609][ C0] RBP: ffff888024e62750 R08: ffff88801f317f00 R09: ffff88806c5d8140 [ 530.263627][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888024e622d0 [ 530.263644][ C0] R13: ffff88802a1e0e20 R14: ffff88801f317f00 R15: ffffc90000007c38 [ 530.263669][ C0] ? __pfx_ieee80211_beacon_get_finish+0x10/0x10 [ 530.263699][ C0] ? mark_held_locks+0x9f/0xe0 [ 530.263736][ C0] ? ieee80211_beacon_get_ap+0xa58/0x10f0 [ 530.263769][ C0] ieee80211_beacon_get_ap+0x79e/0x10f0 [ 530.263805][ C0] __ieee80211_beacon_get+0xf8a/0x16b0 [ 530.263839][ C0] ieee80211_beacon_get_tim+0xa7/0x280 [ 530.263872][ C0] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 530.263908][ C0] mac80211_hwsim_beacon_tx+0x4ea/0xa00 [ 530.263945][ C0] ? find_held_lock+0x2d/0x110 [ 530.263976][ C0] __iterate_interfaces+0x2d2/0x580 [ 530.264004][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 530.264040][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 530.264076][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 530.264103][ C0] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 530.264138][ C0] mac80211_hwsim_beacon+0x105/0x200 [ 530.264167][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 530.264200][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 530.264231][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 530.264274][ C0] hrtimer_run_softirq+0x17d/0x350 [ 530.264306][ C0] handle_softirqs+0x216/0x8f0 [ 530.264337][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 530.264369][ C0] irq_exit_rcu+0xbb/0x120 [ 530.264398][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 530.264430][ C0] [ 530.264438][ C0] [ 530.264446][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 530.264489][ C0] RIP: 0010:__schedule+0xf1d/0x5d00 [ 530.264523][ C0] Code: fa 48 c1 ea 03 80 3c 02 00 0f 85 2f 42 00 00 48 8b bd 10 ff ff ff 4d 89 6f 10 4c 89 ee e8 db e1 16 f6 48 89 c7 e8 83 e1 74 f6 <48> 8b 8d a0 fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 01 c1 48 c7 [ 530.264547][ C0] RSP: 0018:ffffc900033a7010 EFLAGS: 00000206 [ 530.264566][ C0] RAX: 000000000005d6c5 RBX: ffff888021335a00 RCX: 1ffffffff284f65d [ 530.264584][ C0] RDX: 0000000000000000 RSI: ffffffff8b2caf00 RDI: ffffffff8b8ff640 [ 530.264601][ C0] RBP: ffffc900033a71a0 R08: 0000000000000001 R09: fffffbfff284ca5e [ 530.264618][ C0] R10: ffffffff942652f7 R11: 0000000000000003 R12: ffff8880b923f6c8 [ 530.264636][ C0] R13: 0000000000000000 R14: ffff888021335cb0 R15: ffff8880b923ebc0 [ 530.264659][ C0] ? __pfx_mark_lock+0x10/0x10 [ 530.264697][ C0] ? mark_lock+0xb5/0xc60 [ 530.264749][ C0] ? __pfx___schedule+0x10/0x10 [ 530.264776][ C0] ? mark_held_locks+0x9f/0xe0 [ 530.264823][ C0] ? irqentry_exit+0x3b/0x90 [ 530.264850][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 530.264876][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 530.264899][ C0] preempt_schedule_common+0x44/0xc0 [ 530.264923][ C0] preempt_schedule_thunk+0x1a/0x30 [ 530.264947][ C0] ? unwind_next_frame+0x11ff/0x23a0 [ 530.264980][ C0] ? unwind_next_frame+0x1c8b/0x23a0 [ 530.265013][ C0] unwind_next_frame+0x1c90/0x23a0 [ 530.265047][ C0] ? save_stack+0x162/0x1f0 [ 530.265070][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 530.265101][ C0] arch_stack_walk+0x100/0x170 [ 530.265124][ C0] ? __reset_page_owner+0x8d/0x400 [ 530.265150][ C0] stack_trace_save+0x95/0xd0 [ 530.265179][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 530.265210][ C0] save_stack+0x162/0x1f0 [ 530.265233][ C0] ? __pfx_save_stack+0x10/0x10 [ 530.265256][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 530.265294][ C0] __reset_page_owner+0x8d/0x400 [ 530.265320][ C0] free_unref_folios+0x991/0x1310 [ 530.265350][ C0] folios_put_refs+0x487/0x6d0 [ 530.265385][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 530.265418][ C0] ? free_swap_cache.part.0+0x22/0x270 [ 530.265448][ C0] ? kasan_check_range+0x64/0x1a0 [ 530.265473][ C0] free_pages_and_swap_cache+0x36d/0x510 [ 530.265509][ C0] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 530.265551][ C0] ? __pfx___might_resched+0x10/0x10 [ 530.265578][ C0] __tlb_batch_free_encoded_pages+0xf9/0x290 [ 530.265615][ C0] tlb_finish_mmu+0x168/0x7b0 [ 530.265651][ C0] exit_mmap+0x3d1/0xb20 [ 530.265699][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 530.265737][ C0] __mmput+0x12a/0x4d0 [ 530.265764][ C0] mmput+0x62/0x70 [ 530.265789][ C0] do_exit+0x9b7/0x2ba0 [ 530.265822][ C0] ? get_signal+0x8f2/0x2710 [ 530.265850][ C0] ? __pfx_do_exit+0x10/0x10 [ 530.265882][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 530.265906][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 530.265932][ C0] do_group_exit+0xd3/0x2a0 [ 530.265967][ C0] get_signal+0x2616/0x2710 [ 530.265994][ C0] ? task_work_add+0x178/0x2a0 [ 530.266032][ C0] ? __pfx_get_signal+0x10/0x10 [ 530.266060][ C0] ? fput+0x13d/0x390 [ 530.266083][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 530.266112][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 530.266146][ C0] syscall_exit_to_user_mode+0x14a/0x2a0 [ 530.266177][ C0] do_syscall_64+0xda/0x250 [ 530.266210][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.266246][ C0] RIP: 0033:0x7f1932775bd9 [ 530.266264][ C0] Code: Unable to access opcode bytes at 0x7f1932775baf. [ 530.266274][ C0] RSP: 002b:00007f19335dd048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 530.266295][ C0] RAX: 0000000000000014 RBX: 00007f1932904110 RCX: 00007f1932775bd9 [ 530.266311][ C0] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 530.266326][ C0] RBP: 00007f19327e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 530.266341][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.266355][ C0] R13: 000000000000006e R14: 00007f1932904110 R15: 00007fffa3788ef8 [ 530.266375][ C0] [ 531.517919][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 531.524834][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0 [ 531.534857][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 531.544935][ T30] Call Trace: [ 531.548235][ T30] [ 531.551207][ T30] dump_stack_lvl+0x3d/0x1f0 [ 531.555841][ T30] panic+0x6f5/0x7a0 [ 531.559785][ T30] ? __pfx_panic+0x10/0x10 [ 531.564248][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 531.569666][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 531.575688][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 531.581101][ T30] ? watchdog+0xd3d/0x1240 [ 531.585546][ T30] ? watchdog+0xd30/0x1240 [ 531.590093][ T30] watchdog+0xd4e/0x1240 [ 531.594464][ T30] ? __pfx_watchdog+0x10/0x10 [ 531.599191][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 531.604444][ T30] ? __kthread_parkme+0x148/0x220 [ 531.609527][ T30] ? __pfx_watchdog+0x10/0x10 [ 531.614249][ T30] kthread+0x2c1/0x3a0 [ 531.618371][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 531.623635][ T30] ? __pfx_kthread+0x10/0x10 [ 531.628287][ T30] ret_from_fork+0x45/0x80 [ 531.632769][ T30] ? __pfx_kthread+0x10/0x10 [ 531.637409][ T30] ret_from_fork_asm+0x1a/0x30 [ 531.642223][ T30] [ 531.649748][ T30] Kernel Offset: disabled [ 531.654086][ T30] Rebooting in 86400 seconds..