last executing test programs: 1.128376304s ago: executing program 4 (id=5): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b00011100000009040000019569", @ANYRES32], 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)}, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/bpf', 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000040)='io.stat\x00', 0x275a, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800c0001006d6163766c616e001800028004000580ae442be9ec0f27fe30f5acf9cfef54d568e76d01db82bfef6965e45bebab74f55027d960580f75c8515cde379a77b3b1f749cbdbd06724850afbc10b84da03a43c86285b12e9d661b278a3aea1e05d4d2e3b24a51c79b5b283612c606f06b22da5c3497833f165c5dc34edfb778c3e56f2e6b3f666a3497107fd4a7113e1"], 0x38}}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x70, 0x0, 0x0, 0xfffffffd, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_VLAN_ID={0x6}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0xfffa}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'veth0_vlan\x00'}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e20}]}, 0x70}}, 0x0) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000600", 0x33fe0}], 0x1}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r6, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000000050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000080001400000000014000300766c616e3000"/167], 0xd0}}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x0, 0xa005}, @sack_perm]}}}}}}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.06557256s ago: executing program 3 (id=4): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) sched_setscheduler(0x0, 0x1, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x16, &(0x7f00000001c0)={0x16, 0x6, 0x5}, 0x0) 994.073336ms ago: executing program 0 (id=1): socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) sched_setaffinity(0x0, 0x8, &(0x7f0000000440)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000040)="8f8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@assoc={0x18, 0x117, 0x4, 0x6}], 0x18}, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) recvmmsg(r2, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)=""/4, 0x4}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000002140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r4, 0x6, 0x6, &(0x7f0000000180)=0x1, 0x4) socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4) syz_emit_ethernet(0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400700) ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000040)={{0x0, 0x1, 0x2fd7}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff7, &(0x7f0000001e00)=""/4087, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$SNDRV_TIMER_IOCTL_INFO(r5, 0x80e85411, 0x0) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f0000221000/0x2000)=nil, &(0x7f00000fb000/0x3000)=nil, 0x2000}) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="2e00000025008188040f80ec59acbc0911a1f8480200001f56451747c3d9cd52aadcf124dea29e4e242c0f374d5d", 0x2e}, {&(0x7f0000000200)="49289d18b5583345f0c86963421eea2d58149561c348700712ed196e17ef21487b2a6a40b55e0a6178b8e3b78b341fae8f3ccb966696f648a4033ce35f05f7a55a400d7380f07a275294b79fb0a28eb2c05ffd1afdbb2c71f7424a5eb098e047ef9cc3c2f4d189f79d65559cbb0547a955c812f4d8541f6df430a0abbb356351d170ccb167b8f0033234af8e64fed7571f58d03c03a22ee4509513fa46846e530da8c0d4097e39484d106f110ce296adf446d101868fc45f457dd80f719ce4472fcd0974ade8c533", 0xc8}], 0x2}, 0x0) 937.663775ms ago: executing program 1 (id=2): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x7ffffcff}, {0x0, 0x4}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xc}) 811.065435ms ago: executing program 2 (id=3): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x84, &(0x7f0000000740)={0x0, @in={{0x2, 0x0, @private}}}, &(0x7f0000000640)=0x100) syz_usb_control_io(r0, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000780)=ANY=[@ANYBLOB="040000000000000003cc3776691230ec0a86c391ea70597f33a180c14c529b34742fb0f8e697a10e73e1241277c8648fadba9388"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa3ffffff8000000703000002feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d900500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffffb9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000d00)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x28, 0x10001, 0xc000, 0x8000, 0x1c, 0x1, 0x4}}, 0x50) r4 = socket$inet6(0xa, 0x6, 0x2) ioctl$sock_SIOCGIFCONF(r4, 0x8912, &(0x7f0000000140)=@req={0x28, &(0x7f0000000100)={'pim6reg1\x00', @ifru_data=&(0x7f00000000c0)="63319a7f5232d12b71265b93aa46b931e15b1ac3e4d5bfd7f67af5c6868ecd25"}}) 597.518189ms ago: executing program 1 (id=6): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) sched_setscheduler(0x0, 0x1, 0x0) r1 = syz_pidfd_open(0xffffffffffffffff, 0x0) pidfd_send_signal(r1, 0x16, &(0x7f00000001c0)={0x16, 0x6, 0x5}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=@allocspi={0x130, 0x16, 0x1, 0x0, 0x0, {{{@in6=@mcast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private0, 0x0, 0x33}, @in=@multicast2}, 0x0, 0x6}, [@user_kmaddress={0x2c, 0x13, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@remote}}, @offload={0xc}]}, 0x130}}, 0x0) 0s ago: executing program 0 (id=7): socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) sched_setaffinity(0x0, 0x8, &(0x7f0000000440)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000040)="8f8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@assoc={0x18, 0x117, 0x4, 0x6}], 0x18}, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) recvmmsg(r2, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)=""/4, 0x4}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000002140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$packet(0x11, 0x3, 0x300) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4) syz_emit_ethernet(0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400700) ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000040)={{0x0, 0x1, 0x2fd7}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff7, &(0x7f0000001e00)=""/4087, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$SNDRV_TIMER_IOCTL_INFO(r5, 0x80e85411, 0x0) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f0000221000/0x2000)=nil, &(0x7f00000fb000/0x3000)=nil, 0x2000}) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="2e00000025008188040f80ec59acbc0911a1f8480200001f56451747c3d9cd52aadcf124dea29e4e242c0f374d5d", 0x2e}, {&(0x7f0000000200)="49289d18b5583345f0c86963421eea2d58149561c348700712ed196e17ef21487b2a6a40b55e0a6178b8e3b78b341fae8f3ccb966696f648a4033ce35f05f7a55a400d7380f07a275294b79fb0a28eb2c05ffd1afdbb2c71f7424a5eb098e047ef9cc3c2f4d189f79d65559cbb0547a955c812f4d8541f6df430a0abbb356351d170ccb167b8f0033234af8e64fed7571f58d03c03a22ee4509513fa46846e530da8c0d4097e39484d106f110ce296adf446d101868fc45f457dd80f719ce4472fcd0974ade8c533", 0xc8}], 0x2}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.224' (ED25519) to the list of known hosts. [ 58.580639][ T5214] cgroup: Unknown subsys name 'net' [ 58.708517][ T5214] cgroup: Unknown subsys name 'cpuset' [ 58.716855][ T5214] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 60.278200][ T5214] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.442110][ T5231] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.450034][ T5231] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.457996][ T5232] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.460274][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.466110][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.473570][ T5231] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.481251][ T5232] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.493783][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.502633][ T5232] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.504912][ T5231] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.510715][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 62.532682][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.536419][ T5240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 62.541614][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.553846][ T5231] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.555207][ T5240] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.561755][ T5231] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 62.575806][ T5231] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.583175][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 62.583812][ T5240] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 62.597726][ T5239] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.606475][ T5239] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.607307][ T5232] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 62.614258][ T5240] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 62.628223][ T5239] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.628334][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 62.635830][ T5239] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 62.651531][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.685011][ T5239] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 62.692578][ T5239] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 63.051625][ T5243] chnl_net:caif_netlink_parms(): no params data found [ 63.163566][ T5245] chnl_net:caif_netlink_parms(): no params data found [ 63.188721][ T5247] chnl_net:caif_netlink_parms(): no params data found [ 63.222201][ T5246] chnl_net:caif_netlink_parms(): no params data found [ 63.249004][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.256292][ T5243] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.263610][ T5243] bridge_slave_0: entered allmulticast mode [ 63.271444][ T5243] bridge_slave_0: entered promiscuous mode [ 63.281815][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.289552][ T5243] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.296803][ T5243] bridge_slave_1: entered allmulticast mode [ 63.303573][ T5243] bridge_slave_1: entered promiscuous mode [ 63.352442][ T5242] chnl_net:caif_netlink_parms(): no params data found [ 63.386840][ T5243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.428203][ T5243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.502809][ T5247] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.510440][ T5247] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.518394][ T5247] bridge_slave_0: entered allmulticast mode [ 63.525091][ T5247] bridge_slave_0: entered promiscuous mode [ 63.535356][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.542485][ T5245] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.549698][ T5245] bridge_slave_0: entered allmulticast mode [ 63.556664][ T5245] bridge_slave_0: entered promiscuous mode [ 63.564018][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.571188][ T5245] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.578741][ T5245] bridge_slave_1: entered allmulticast mode [ 63.585648][ T5245] bridge_slave_1: entered promiscuous mode [ 63.594523][ T5243] team0: Port device team_slave_0 added [ 63.607054][ T5247] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.614320][ T5247] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.621753][ T5247] bridge_slave_1: entered allmulticast mode [ 63.629099][ T5247] bridge_slave_1: entered promiscuous mode [ 63.662984][ T5243] team0: Port device team_slave_1 added [ 63.725440][ T5245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.734685][ T5242] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.742340][ T5242] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.749965][ T5242] bridge_slave_0: entered allmulticast mode [ 63.757149][ T5242] bridge_slave_0: entered promiscuous mode [ 63.778733][ T5247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.791317][ T5247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.802124][ T5245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.821678][ T5242] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.829049][ T5242] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.836275][ T5242] bridge_slave_1: entered allmulticast mode [ 63.842909][ T5242] bridge_slave_1: entered promiscuous mode [ 63.857890][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.865145][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.891202][ T5243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.905276][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.912225][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.938388][ T5243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.949678][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.957037][ T5246] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.964202][ T5246] bridge_slave_0: entered allmulticast mode [ 63.971217][ T5246] bridge_slave_0: entered promiscuous mode [ 63.979728][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.987045][ T5246] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.994179][ T5246] bridge_slave_1: entered allmulticast mode [ 64.001005][ T5246] bridge_slave_1: entered promiscuous mode [ 64.041890][ T5242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.072697][ T5247] team0: Port device team_slave_0 added [ 64.080684][ T5247] team0: Port device team_slave_1 added [ 64.089081][ T5245] team0: Port device team_slave_0 added [ 64.098089][ T5245] team0: Port device team_slave_1 added [ 64.107408][ T5242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.180807][ T5242] team0: Port device team_slave_0 added [ 64.190011][ T5246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.199791][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.207640][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.234059][ T5247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.247055][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.254026][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.280048][ T5247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.302450][ T5243] hsr_slave_0: entered promiscuous mode [ 64.309082][ T5243] hsr_slave_1: entered promiscuous mode [ 64.317388][ T5242] team0: Port device team_slave_1 added [ 64.326019][ T5246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.339002][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.346176][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.372203][ T5245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.419540][ T5246] team0: Port device team_slave_0 added [ 64.426229][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.433216][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.459482][ T5245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.483237][ T5242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.490327][ T5242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.517131][ T5242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.540149][ T5246] team0: Port device team_slave_1 added [ 64.561073][ T5242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.568212][ T5242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.594255][ T5242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.615817][ T5239] Bluetooth: hci0: command tx timeout [ 64.652213][ T5247] hsr_slave_0: entered promiscuous mode [ 64.658786][ T5247] hsr_slave_1: entered promiscuous mode [ 64.665180][ T5247] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.672938][ T5247] Cannot create hsr debugfs directory [ 64.680258][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.687456][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.713759][ T5239] Bluetooth: hci3: command tx timeout [ 64.719380][ T5246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.720729][ T5239] Bluetooth: hci2: command tx timeout [ 64.729938][ T5237] Bluetooth: hci1: command tx timeout [ 64.732201][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.748132][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.774107][ T5246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.790921][ T5239] Bluetooth: hci4: command tx timeout [ 64.802787][ T5245] hsr_slave_0: entered promiscuous mode [ 64.810015][ T5245] hsr_slave_1: entered promiscuous mode [ 64.816312][ T5245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.823914][ T5245] Cannot create hsr debugfs directory [ 64.928905][ T5242] hsr_slave_0: entered promiscuous mode [ 64.935955][ T5242] hsr_slave_1: entered promiscuous mode [ 64.942040][ T5242] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.949990][ T5242] Cannot create hsr debugfs directory [ 64.958283][ T5246] hsr_slave_0: entered promiscuous mode [ 64.964477][ T5246] hsr_slave_1: entered promiscuous mode [ 64.970955][ T5246] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.979250][ T5246] Cannot create hsr debugfs directory [ 65.243544][ T5243] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 65.255721][ T5243] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 65.291280][ T5243] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 65.306722][ T5243] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.324775][ T5247] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 65.343185][ T5247] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 65.354487][ T5247] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 65.368234][ T5247] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 65.435346][ T5245] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 65.466641][ T5245] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 65.486184][ T5245] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 65.498964][ T5245] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 65.550325][ T5246] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.560211][ T5246] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.578388][ T5246] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.605337][ T5246] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.646648][ T5242] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.673474][ T5242] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.694464][ T5242] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.710698][ T5243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.721541][ T5242] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.753160][ T5247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.793834][ T5247] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.809805][ T5243] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.833598][ T1052] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.840876][ T1052] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.852917][ T1052] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.860045][ T1052] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.870283][ T1052] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.877386][ T1052] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.898256][ T5245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.928884][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.936034][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.973351][ T5245] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.009671][ T5246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.022339][ T80] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.029467][ T80] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.040352][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.047468][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.094086][ T5247] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.163660][ T5246] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.220270][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.227958][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.239358][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.246469][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.273479][ T5247] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.293618][ T5242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.330731][ T5245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.357322][ T5242] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.379241][ T5243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.390212][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.397343][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.429906][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.437077][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.492107][ T5247] veth0_vlan: entered promiscuous mode [ 66.503322][ T5246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.520439][ T5243] veth0_vlan: entered promiscuous mode [ 66.551923][ T5245] veth0_vlan: entered promiscuous mode [ 66.570802][ T5247] veth1_vlan: entered promiscuous mode [ 66.603306][ T5245] veth1_vlan: entered promiscuous mode [ 66.622097][ T5243] veth1_vlan: entered promiscuous mode [ 66.642410][ T5242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.670014][ T5247] veth0_macvtap: entered promiscuous mode [ 66.686402][ T5246] veth0_vlan: entered promiscuous mode [ 66.695679][ T5239] Bluetooth: hci0: command tx timeout [ 66.712364][ T5242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.728789][ T5246] veth1_vlan: entered promiscuous mode [ 66.741247][ T5247] veth1_macvtap: entered promiscuous mode [ 66.761863][ T5245] veth0_macvtap: entered promiscuous mode [ 66.775218][ T5237] Bluetooth: hci3: command tx timeout [ 66.775241][ T5228] Bluetooth: hci1: command tx timeout [ 66.786658][ T5239] Bluetooth: hci2: command tx timeout [ 66.788465][ T5245] veth1_macvtap: entered promiscuous mode [ 66.826849][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.845606][ T5243] veth0_macvtap: entered promiscuous mode [ 66.855182][ T5239] Bluetooth: hci4: command tx timeout [ 66.868345][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.879152][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.890333][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.899733][ T5243] veth1_macvtap: entered promiscuous mode [ 66.911786][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.924745][ T5242] veth0_vlan: entered promiscuous mode [ 66.943938][ T5242] veth1_vlan: entered promiscuous mode [ 66.954440][ T5246] veth0_macvtap: entered promiscuous mode [ 66.963574][ T5247] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.973003][ T5247] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.982092][ T5247] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.991505][ T5247] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.005222][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.016701][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.028041][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.038491][ T5245] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.048001][ T5245] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.056911][ T5245] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.065739][ T5245] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.083412][ T5246] veth1_macvtap: entered promiscuous mode [ 67.133300][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.144181][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.154525][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.165339][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.178407][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.193418][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.204752][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.216143][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.226701][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.237560][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.259402][ T5242] veth0_macvtap: entered promiscuous mode [ 67.267133][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.279250][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.289570][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.300312][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.310583][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.321123][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.332582][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.347050][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.357785][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.368174][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.378850][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.388729][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.399370][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.410351][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.422966][ T5243] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.433413][ T5243] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.443365][ T5243] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.452321][ T5243] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.487645][ T5242] veth1_macvtap: entered promiscuous mode [ 67.500725][ T5246] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.509613][ T5246] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.518612][ T5246] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.527737][ T5246] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.559292][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.570619][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.581349][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.593034][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.603068][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.613814][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.623834][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.634322][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.645358][ T5242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.671151][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.683821][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.694149][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.707805][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.717764][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.728477][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.738365][ T5242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.749018][ T5242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.759981][ T5242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.773070][ T5242] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.781990][ T5242] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.790927][ T5242] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.799982][ T5242] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.840405][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.849689][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.901018][ T2558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.918454][ T2558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.953696][ T745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.962370][ T745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.993840][ T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.005622][ T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.059379][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.084288][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.095322][ T2558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.112929][ T2558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.130434][ T5247] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 68.146657][ T745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.154512][ T745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.207313][ T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.213855][ T1052] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.216998][ T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.223323][ T1052] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.371363][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.419624][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.645211][ T5283] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 68.775430][ T5239] Bluetooth: hci0: command tx timeout [ 68.810206][ T5283] usb 5-1: config 17 has an invalid descriptor of length 255, skipping remainder of the config [ 68.821113][ T5283] usb 5-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 68.834455][ T5283] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 68.843704][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.863574][ T5239] Bluetooth: hci2: command tx timeout [ 68.869146][ T5239] Bluetooth: hci3: command tx timeout [ 68.874614][ T5239] Bluetooth: hci1: command tx timeout [ 68.945208][ T5278] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 68.956461][ T5237] Bluetooth: hci4: command tx timeout [ 68.969116][ T5298] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1'. [ 69.136821][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 69.146795][ T5278] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 69.156842][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 69.168709][ T5278] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 69.184530][ T5278] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 69.216317][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.246898][ T5285] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.5'. [ 69.266431][ T29] audit: type=1326 audit(1727336710.415:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 69.291166][ T5278] usb 3-1: config 0 descriptor?? [ 69.331151][ T5285] openvswitch: netlink: Tunnel attr 0 has unexpected len 2 expected 8 [ 69.453718][ T29] audit: type=1326 audit(1727336710.415:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 69.486684][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.573884][ T5278] hdpvr 3-1:0.0: unexpected answer of status request, len 0 [ 69.610672][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 69.646829][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 69.650905][ T5283] usb 5-1: string descriptor 0 read error: -71 [ 69.663567][ T5283] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 69.687439][ T5278] hdpvr 3-1:0.0: device init failed [ 69.692740][ T5278] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12 [ 69.751428][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.765275][ T5283] usb 5-1: USB disconnect, device number 2 [ 69.822804][ T29] audit: type=1326 audit(1727336710.415:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 70.620919][ T0] NOHZ tick-stop error: local softirq work is pending, handler #20a!!! [ 70.800268][ T0] NOHZ tick-stop error: local softirq work is pending, handler #188!!! [ 71.414866][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 71.423308][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 71.432558][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 71.515477][ T5237] Bluetooth: hci0: command tx timeout [ 71.526907][ T5237] Bluetooth: hci1: command tx timeout [ 71.532303][ T5237] Bluetooth: hci3: command tx timeout [ 71.543668][ T5237] Bluetooth: hci2: command tx timeout [ 71.554610][ T5237] Bluetooth: hci4: command tx timeout [ 71.566829][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.573363][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.650334][ T29] audit: type=1326 audit(1727336710.505:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb159d74ee7 code=0x7ffc0000 [ 71.673047][ T29] audit: type=1326 audit(1727336710.505:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb159d198a9 code=0x7ffc0000 [ 71.696774][ T29] audit: type=1326 audit(1727336710.505:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 71.718571][ C1] vkms_vblank_simulate: vblank timer overrun [ 73.575361][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 77.374980][ T29] audit: type=1326 audit(1727336710.525:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb159d74ee7 code=0x7ffc0000 [ 79.054844][ C0] sched: DL replenish lagged too much [ 79.615050][ T29] audit: type=1326 audit(1727336710.525:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb159d198a9 code=0x7ffc0000 [ 79.696594][ T51] usb 3-1: USB disconnect, device number 2 [ 79.882696][ T29] audit: type=1326 audit(1727336710.525:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 80.084934][ T29] audit: type=1326 audit(1727336710.525:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb159d74ee7 code=0x7ffc0000 [ 80.251944][ T29] audit: type=1326 audit(1727336710.525:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb159d198a9 code=0x7ffc0000 [ 80.484961][ T29] audit: type=1326 audit(1727336710.525:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 80.734482][ T29] audit: type=1326 audit(1727336710.525:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb159d74ee7 code=0x7ffc0000 [ 80.936165][ T29] audit: type=1326 audit(1727336710.525:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb159d198a9 code=0x7ffc0000 [ 81.195309][ T29] audit: type=1326 audit(1727336710.525:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb159d7df39 code=0x7ffc0000 [ 81.425009][ T29] audit: type=1326 audit(1727336710.525:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb159d74ee7 code=0x7ffc0000 [ 81.571454][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.618617][ T5228] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.625997][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.633667][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.642357][ T5228] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.650869][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.661506][ T5228] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.671596][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 81.679231][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.686430][ T5228] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.707253][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 81.715120][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.765841][ T939] cfg80211: failed to load regulatory.db [ 82.747222][ T5228] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.756179][ T5228] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.764110][ T5228] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.772349][ T5228] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.785331][ T5228] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 82.796126][ T5239] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.803768][ T5239] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 82.818946][ T5239] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 82.836024][ T5239] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 82.874391][ T5239] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 82.886666][ T5237] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 82.896148][ T5237] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.919209][ T5237] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 82.946736][ T5237] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 82.957598][ T5237] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 82.968763][ T5237] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 82.976516][ T5237] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 82.984425][ T5237] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.735001][ T5228] Bluetooth: hci1: command tx timeout [ 83.815009][ T5228] Bluetooth: hci5: command tx timeout [ 85.015070][ T5238] Bluetooth: hci7: command tx timeout [ 85.022380][ T5228] Bluetooth: hci2: command tx timeout [ 85.096191][ T5228] Bluetooth: hci6: command tx timeout [ 85.815106][ T5228] Bluetooth: hci1: command tx timeout [ 85.894989][ T5228] Bluetooth: hci5: command tx timeout [ 87.095038][ T5238] Bluetooth: hci7: command tx timeout [ 87.101682][ T5228] Bluetooth: hci2: command tx timeout [ 87.174953][ T5228] Bluetooth: hci6: command tx timeout [ 87.895128][ T5228] Bluetooth: hci1: command tx timeout [ 87.975069][ T5228] Bluetooth: hci5: command tx timeout [ 89.180562][ T5228] Bluetooth: hci2: command tx timeout [ 89.186141][ T5238] Bluetooth: hci7: command tx timeout [ 89.254914][ T5228] Bluetooth: hci6: command tx timeout [ 89.986530][ T5228] Bluetooth: hci1: command tx timeout [ 90.054941][ T5228] Bluetooth: hci5: command tx timeout [ 91.256802][ T5228] Bluetooth: hci2: command tx timeout [ 91.262348][ T5228] Bluetooth: hci7: command tx timeout [ 91.334944][ T5228] Bluetooth: hci6: command tx timeout [ 132.857498][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.863872][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.781777][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 143.821853][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 143.834822][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 143.843670][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 143.857072][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 143.864408][ T5238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 144.017394][ T5228] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 144.026459][ T5228] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 144.034050][ T5228] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 144.045018][ T5228] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 144.052626][ T5228] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 144.060268][ T5228] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 144.258699][ T5238] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 144.267311][ T5238] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 144.276135][ T5238] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 144.284534][ T5238] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 144.292654][ T5238] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 144.305381][ T5238] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 144.656502][ T5238] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 144.675122][ T5238] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 144.685224][ T5238] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 144.693248][ T5238] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 144.701887][ T5238] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 144.709844][ T5238] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 144.947582][ T5238] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 144.956639][ T5238] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 144.964785][ T5238] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 144.978847][ T5238] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 144.992240][ T5238] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 144.999875][ T5238] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 145.895119][ T5228] Bluetooth: hci0: command tx timeout [ 146.214972][ T5228] Bluetooth: hci3: command tx timeout [ 146.385015][ T5228] Bluetooth: hci8: command tx timeout [ 146.775051][ T5228] Bluetooth: hci9: command tx timeout [ 147.020357][ T5228] Bluetooth: hci10: command tx timeout [ 147.975140][ T5228] Bluetooth: hci0: command tx timeout [ 148.294914][ T5228] Bluetooth: hci3: command tx timeout [ 148.454893][ T5228] Bluetooth: hci8: command tx timeout [ 148.855161][ T5228] Bluetooth: hci9: command tx timeout [ 149.094900][ T5228] Bluetooth: hci10: command tx timeout [ 150.054920][ T5228] Bluetooth: hci0: command tx timeout [ 150.374991][ T5228] Bluetooth: hci3: command tx timeout [ 150.534966][ T5228] Bluetooth: hci8: command tx timeout [ 150.935070][ T5228] Bluetooth: hci9: command tx timeout [ 151.175003][ T5228] Bluetooth: hci10: command tx timeout [ 152.134892][ T5228] Bluetooth: hci0: command tx timeout [ 152.455025][ T5228] Bluetooth: hci3: command tx timeout [ 152.614977][ T5228] Bluetooth: hci8: command tx timeout [ 153.014918][ T5228] Bluetooth: hci9: command tx timeout [ 153.255002][ T5228] Bluetooth: hci10: command tx timeout [ 186.141517][ T5228] Bluetooth: hci4: command 0x0406 tx timeout [ 194.296540][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.302884][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.340669][ T5236] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 205.349618][ T5236] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 205.364956][ T5236] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 205.373174][ T5236] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 205.380990][ T5236] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 205.388782][ T5236] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 205.777194][ T5232] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 205.785960][ T5232] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 205.794204][ T5232] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 205.803171][ T5232] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 205.811134][ T5232] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 205.818764][ T5232] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 205.873959][ T5241] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 205.882895][ T5241] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 205.892577][ T5241] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 205.901446][ T5241] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 205.915291][ T5241] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 205.922702][ T5241] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 205.961663][ T4620] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 205.971029][ T4620] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 205.978995][ T4620] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 205.987193][ T4620] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 206.004927][ T4620] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 206.013325][ T4620] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 206.226409][ T5372] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 206.235235][ T5372] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 206.242998][ T5372] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 206.251826][ T5372] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 206.259991][ T5372] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 206.267730][ T5372] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 206.623299][ T4620] Bluetooth: hci1: command 0x0406 tx timeout [ 206.629608][ T4620] Bluetooth: hci5: command 0x0406 tx timeout [ 206.636203][ T4620] Bluetooth: hci7: command 0x0406 tx timeout [ 206.642370][ T4620] Bluetooth: hci2: command 0x0406 tx timeout [ 206.648801][ T4620] Bluetooth: hci6: command 0x0406 tx timeout [ 242.936779][ T30] INFO: task syz-executor:5242 blocked for more than 143 seconds. [ 242.956043][ T30] Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 242.963362][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 243.007289][ T30] task:syz-executor state:D stack:20992 pid:5242 tgid:5242 ppid:1 flags:0x00004006 [ 243.064818][ T30] Call Trace: [ 243.068147][ T30] [ 243.071106][ T30] __schedule+0x1895/0x4b30 [ 243.165027][ T30] ? __pfx___schedule+0x10/0x10 [ 243.169949][ T30] ? __pfx_lock_release+0x10/0x10 [ 243.243182][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 243.271422][ T30] ? schedule+0x90/0x320 [ 243.304816][ T30] schedule+0x14b/0x320 [ 243.309017][ T30] schedule_preempt_disabled+0x13/0x30 [ 243.314504][ T30] __mutex_lock+0x6a7/0xd70 [ 243.370137][ T30] ? __mutex_lock+0x52a/0xd70 [ 243.392144][ T30] ? netdev_run_todo+0x7b2/0x1000 [ 243.415216][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 243.420283][ T30] ? __init_swait_queue_head+0xae/0x150 [ 243.474974][ T30] ? msleep+0xc6/0xe0 [ 243.479010][ T30] netdev_run_todo+0x7b2/0x1000 [ 243.483909][ T30] ? __pfx_netdev_run_todo+0x10/0x10 [ 243.550947][ T30] ? netdev_state_change+0xa8/0x1a0 [ 243.563043][ T30] ? __pfx_netdev_state_change+0x10/0x10 [ 243.594803][ T30] ? tun_chr_close+0x105/0x1b0 [ 243.599618][ T30] ? tun_chr_close+0x105/0x1b0 [ 243.604419][ T30] tun_chr_close+0x137/0x1b0 [ 243.641202][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 243.664852][ T30] __fput+0x23f/0x880 [ 243.668912][ T30] task_work_run+0x24f/0x310 [ 243.700511][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 243.724918][ T30] ? __pfx_task_work_run+0x10/0x10 [ 243.730076][ T30] ? do_exit+0xa2a/0x28e0 [ 243.734428][ T30] ? kmem_cache_free+0x1a2/0x420 [ 243.774921][ T30] ? do_exit+0xa2a/0x28e0 [ 243.779305][ T30] do_exit+0xa2f/0x28e0 [ 243.783491][ T30] ? __pfx_do_exit+0x10/0x10 [ 243.824778][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 243.830200][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.895085][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.901499][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 243.930346][ T30] do_group_exit+0x207/0x2c0 [ 243.935060][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 243.940287][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 243.963229][ T30] get_signal+0x176f/0x1810 [ 243.974733][ T30] ? __pfx_get_signal+0x10/0x10 [ 243.983867][ T30] ? __pfx_vfs_read+0x10/0x10 [ 244.004819][ T30] arch_do_signal_or_restart+0x96/0x860 [ 244.010424][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 244.032194][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 244.049972][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 244.062929][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 244.080955][ T30] do_syscall_64+0x100/0x230 [ 244.094776][ T30] ? clear_bhb_loop+0x35/0x90 [ 244.099520][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.120415][ T30] RIP: 0033:0x7fc9ab77c97c [ 244.133657][ T30] RSP: 002b:00007fc9aba5fd90 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 244.149793][ T30] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007fc9ab77c97c [ 244.160328][ T30] RDX: 0000000000000028 RSI: 00007fc9aba5fe40 RDI: 00000000000000f9 [ 244.173613][ T30] RBP: 00007fc9aba5fdec R08: 0000000000000000 R09: 0079746972756365 [ 244.184121][ T30] R10: 00007fc9ab9077e0 R11: 0000000000000246 R12: 0000000000000031 [ 244.197895][ T30] R13: 0000000000011997 R14: 0000000000010c37 R15: 00007fc9aba5fe40 [ 244.209448][ T30] [ 244.212695][ T30] INFO: task kworker/1:6:5283 blocked for more than 144 seconds. [ 244.233750][ T30] Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 244.241309][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 244.257236][ T30] task:kworker/1:6 state:D stack:22800 pid:5283 tgid:5283 ppid:2 flags:0x00004000 [ 244.271414][ T30] Workqueue: events_power_efficient crda_timeout_work [ 244.281703][ T30] Call Trace: [ 244.287959][ T30] [ 244.290928][ T30] __schedule+0x1895/0x4b30 [ 244.299820][ T30] ? __pfx___schedule+0x10/0x10 [ 244.306246][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 244.312275][ T30] ? __pfx_lock_release+0x10/0x10 [ 244.322741][ T30] ? kick_pool+0x1bd/0x620 [ 244.327453][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 244.332689][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 244.343691][ T30] ? schedule+0x90/0x320 [ 244.348226][ T30] schedule+0x14b/0x320 [ 244.352421][ T30] schedule_preempt_disabled+0x13/0x30 [ 244.364641][ T30] __mutex_lock+0x6a7/0xd70 [ 244.380111][ T30] ? __mutex_lock+0x52a/0xd70 [ 244.385117][ T30] ? crda_timeout_work+0x15/0x50 [ 244.390574][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 244.401209][ T30] ? process_scheduled_works+0x976/0x1850 [ 244.408513][ T30] crda_timeout_work+0x15/0x50 [ 244.413326][ T30] process_scheduled_works+0xa63/0x1850 [ 244.424233][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 244.430510][ T30] ? assign_work+0x364/0x3d0 [ 244.440471][ T30] worker_thread+0x870/0xd30 [ 244.445767][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 244.451709][ T30] ? __kthread_parkme+0x169/0x1d0 [ 244.464345][ T30] ? __pfx_worker_thread+0x10/0x10 [ 244.469784][ T30] kthread+0x2f0/0x390 [ 244.480643][ T30] ? __pfx_worker_thread+0x10/0x10 [ 244.486162][ T30] ? __pfx_kthread+0x10/0x10 [ 244.490790][ T30] ret_from_fork+0x4b/0x80 [ 244.501413][ T30] ? __pfx_kthread+0x10/0x10 [ 244.506382][ T30] ret_from_fork_asm+0x1a/0x30 [ 244.511201][ T30] [ 244.514442][ T30] [ 244.514442][ T30] Showing all locks held in the system: [ 244.529176][ T30] 3 locks held by kworker/u8:0/11: [ 244.534314][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.556165][ T30] #1: ffffc90000107d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.574250][ T30] #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 244.584586][ T30] 1 lock held by khungtaskd/30: [ 244.593952][ T30] #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 244.605587][ T30] 5 locks held by kworker/u9:0/54: [ 244.610722][ T30] #0: ffff888056224948 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.629166][ T30] #1: ffffc90000bf7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.645116][ T30] #2: ffff888028a08d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 244.659523][ T30] #3: ffff888028a08078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 244.672784][ T30] #4: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300 [ 244.693903][ T30] 3 locks held by kworker/u8:7/2539: [ 244.702688][ T30] #0: ffff88814b8ef148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.720964][ T30] #1: ffffc90008fb7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.740248][ T30] #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 244.750121][ T30] 5 locks held by kworker/u8:8/2558: [ 244.760913][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.774291][ T30] #1: ffffc90009247d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.791972][ T30] #2: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 244.801691][ T30] #3: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0 [ 244.817097][ T30] #4: ffff888063465428 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_netns_pre_exit+0xba/0x1e0 [ 244.831110][ T30] 2 locks held by getty/4984: [ 244.839004][ T30] #0: ffff88803216a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 244.851053][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 244.865053][ T30] 5 locks held by kworker/u9:2/5228: [ 244.870365][ T30] #0: ffff888068d8f148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.890137][ T30] #1: ffffc90003bf7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.904446][ T30] #2: ffff88807db40d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 244.919159][ T30] #3: ffff88807db40078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 244.931735][ T30] #4: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300 [ 244.947490][ T30] 4 locks held by kworker/u9:4/5232: [ 244.952803][ T30] #0: ffff88809af81148 ((wq_completion)hci12#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 244.966434][ T30] #1: ffffc90003c37d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 244.984598][ T30] #2: ffff88809af68078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x97/0xaf0 [ 244.998568][ T30] #3: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x4c3/0xaf0 [ 245.013490][ T30] 4 locks held by kworker/u9:5/5236: [ 245.021290][ T30] #0: ffff88806bfc0148 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.037266][ T30] #1: ffffc90003c97d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.052849][ T30] #2: ffff88809a878078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x97/0xaf0 [ 245.065291][ T30] #3: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x4c3/0xaf0 [ 245.080342][ T30] 5 locks held by kworker/u9:6/5237: [ 245.092800][ T30] #0: ffff8880643a0148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.108252][ T30] #1: ffffc90003ca7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.123058][ T30] #2: ffff88807b084d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 245.137568][ T30] #3: ffff88807b084078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 245.151446][ T30] #4: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300 [ 245.164580][ T30] 5 locks held by kworker/u9:7/5238: [ 245.172366][ T30] #0: ffff888056785148 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.190181][ T30] #1: ffffc90003cd7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.205274][ T30] #2: ffff8880203e0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 245.220073][ T30] #3: ffff8880203e0078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 245.231617][ T30] #4: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300 [ 245.245653][ T30] 5 locks held by kworker/u9:8/5239: [ 245.250961][ T30] #0: ffff88802d43a148 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.276788][ T30] #1: ffffc90003ce7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.296501][ T30] #2: ffff888027004d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 245.312191][ T30] #3: ffff888027004078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 245.324431][ T30] #4: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300 [ 245.337929][ T30] 4 locks held by kworker/u9:9/5240: [ 245.343260][ T30] #0: ffff88809ab0d948 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.359444][ T30] #1: ffffc90003d07d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.375042][ T30] #2: ffff88809ab04078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x97/0xaf0 [ 245.389638][ T30] #3: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x4c3/0xaf0 [ 245.403135][ T30] 4 locks held by kworker/u9:10/5241: [ 245.414346][ T30] #0: ffff88809af86948 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.431333][ T30] #1: ffffc90003d17d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.443659][ T30] #2: ffff88809af6c078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x97/0xaf0 [ 245.460314][ T30] #3: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x4c3/0xaf0 [ 245.471674][ T30] 1 lock held by syz-executor/5242: [ 245.482318][ T30] #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x7b2/0x1000 [ 245.492106][ T30] 3 locks held by kworker/1:4/5278: [ 245.504772][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.525114][ T30] #1: ffffc90003f67d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.541643][ T30] #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 245.551609][ T30] 3 locks held by kworker/0:3/5279: [ 245.563283][ T30] 3 locks held by kworker/0:5/5282: [ 245.568818][ T30] 3 locks held by kworker/1:6/5283: [ 245.574045][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 245.594793][ T30] #1: ffffc90003fb7d00 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 245.612985][ T30] #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: crda_timeout_work+0x15/0x50 [ 245.624049][ T30] 4 locks held by syz.4.5/5285: [ 245.634643][ T30] #0: ffff888029420d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 245.644713][ T30] #1: ffff888029420078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 245.654724][ T30] #2: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 245.673196][ T30] #3: ffffffff8e93d478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 245.689469][ T30] 7 locks held by kworker/0:6/5305: [ 245.694693][ T30] 2 locks held by syz-executor/5324: [ 245.702363][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.718333][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 245.730709][ T30] 2 locks held by syz-executor/5325: [ 245.741211][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.753096][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 245.767302][ T30] 2 locks held by syz-executor/5329: [ 245.772610][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.784441][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0 [ 245.797183][ T30] 2 locks held by syz-executor/5330: [ 245.803934][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.818171][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 245.835222][ T30] 2 locks held by syz-executor/5331: [ 245.840551][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.857289][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 245.871152][ T30] 2 locks held by syz-executor/5347: [ 245.877854][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.890249][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 245.906274][ T30] 2 locks held by syz-executor/5349: [ 245.911589][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.927982][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 245.942828][ T30] 2 locks held by syz-executor/5351: [ 245.951777][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 245.964929][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 245.980520][ T30] 2 locks held by syz-executor/5353: [ 245.986187][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.001223][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.014346][ T30] 2 locks held by syz-executor/5355: [ 246.025505][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.040193][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.052115][ T30] 2 locks held by syz-executor/5363: [ 246.070556][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.081561][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.096434][ T30] 2 locks held by syz-executor/5368: [ 246.101746][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.119023][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.131596][ T30] 2 locks held by syz-executor/5369: [ 246.141019][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.153051][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.169026][ T30] 2 locks held by syz-executor/5371: [ 246.174338][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.186400][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.199948][ T30] 4 locks held by kworker/u9:11/5372: [ 246.207607][ T30] #0: ffff88805afa0148 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 246.224785][ T30] #1: ffffc90002f8fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 246.242126][ T30] #2: ffff8880270d4078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x97/0xaf0 [ 246.252468][ T30] #3: ffffffff8fe3e0a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x4c3/0xaf0 [ 246.270046][ T30] 2 locks held by syz-executor/5373: [ 246.277069][ T30] #0: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 246.290844][ T30] #1: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 246.310560][ T30] 1 lock held by dhcpcd/5375: [ 246.321579][ T30] #0: ffff8880a1412258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.334500][ T30] 1 lock held by dhcpcd/5376: [ 246.343842][ T30] #0: ffff8880a1416258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.354966][ T30] 1 lock held by dhcpcd/5377: [ 246.359679][ T30] #0: ffff88804e90c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.374859][ T30] 1 lock held by dhcpcd/5378: [ 246.379569][ T30] #0: ffff88809b7f6258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.397009][ T30] 1 lock held by dhcpcd/5379: [ 246.401717][ T30] #0: ffff88809b7f0258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.418561][ T30] 1 lock held by dhcpcd/5380: [ 246.423263][ T30] #0: ffff88804c376258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 246.437188][ T30] [ 246.439539][ T30] ============================================= [ 246.439539][ T30] [ 246.452754][ T30] NMI backtrace for cpu 1 [ 246.457117][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 246.467295][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 246.477383][ T30] Call Trace: [ 246.480676][ T30] [ 246.483645][ T30] dump_stack_lvl+0x241/0x360 [ 246.488372][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 246.493599][ T30] ? __pfx__printk+0x10/0x10 [ 246.498242][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 246.503228][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 246.508720][ T30] ? _printk+0xd5/0x120 [ 246.512897][ T30] ? __pfx__printk+0x10/0x10 [ 246.517511][ T30] ? __wake_up_klogd+0xcc/0x110 [ 246.522387][ T30] ? __pfx__printk+0x10/0x10 [ 246.526998][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 246.532050][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 246.538062][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 246.544080][ T30] watchdog+0xff4/0x1040 [ 246.548365][ T30] ? watchdog+0x1ea/0x1040 [ 246.552817][ T30] ? __pfx_watchdog+0x10/0x10 [ 246.557521][ T30] kthread+0x2f0/0x390 [ 246.561629][ T30] ? __pfx_watchdog+0x10/0x10 [ 246.566334][ T30] ? __pfx_kthread+0x10/0x10 [ 246.570952][ T30] ret_from_fork+0x4b/0x80 [ 246.575400][ T30] ? __pfx_kthread+0x10/0x10 [ 246.580016][ T30] ret_from_fork_asm+0x1a/0x30 [ 246.584829][ T30] [ 246.588604][ T30] Sending NMI from CPU 1 to CPUs 0: [ 246.593874][ C0] NMI backtrace for cpu 0 [ 246.593887][ C0] CPU: 0 UID: 0 PID: 5305 Comm: kworker/0:6 Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 246.593905][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 246.593915][ C0] Workqueue: events nsim_dev_trap_report_work [ 246.593936][ C0] RIP: 0010:kasan_check_range+0x4f/0x290 [ 246.593957][ C0] Code: 89 fd 48 c1 ed 2f 81 fd fe ff 01 00 0f 86 43 02 00 00 48 89 fb 48 c1 eb 03 49 ba 00 00 00 00 00 fc ff df 4e 8d 1c 13 49 ff c8 <4d> 89 c1 49 c1 e9 03 49 be 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c [ 246.593974][ C0] RSP: 0018:ffffc90000006ec8 EFLAGS: 00000082 [ 246.593987][ C0] RAX: 0000000000000001 RBX: 1ffffffff284d114 RCX: ffffffff8170892a [ 246.593999][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff942688a0 [ 246.594009][ C0] RBP: 000000000001ffff R08: ffffffff942688a7 R09: 1ffffffff284d0fb [ 246.594021][ C0] R10: dffffc0000000000 R11: fffffbfff284d114 R12: ffff888025e84728 [ 246.594032][ C0] R13: dffffc0000000000 R14: 0000000000000004 R15: ffff888025e84708 [ 246.594044][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 246.594057][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.594068][ C0] CR2: 000055a4f827ea58 CR3: 000000000e734000 CR4: 00000000003506f0 [ 246.594081][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 246.594090][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 246.594100][ C0] Call Trace: [ 246.594106][ C0] [ 246.594112][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 246.594135][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 246.594159][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 246.594187][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 246.594208][ C0] ? nmi_handle+0x14f/0x5a0 [ 246.594223][ C0] ? nmi_handle+0x2a/0x5a0 [ 246.594238][ C0] ? kasan_check_range+0x4f/0x290 [ 246.594255][ C0] ? default_do_nmi+0x63/0x160 [ 246.594278][ C0] ? exc_nmi+0x123/0x1f0 [ 246.594300][ C0] ? end_repeat_nmi+0xf/0x53 [ 246.594322][ C0] ? mark_lock+0x9a/0x360 [ 246.594336][ C0] ? kasan_check_range+0x4f/0x290 [ 246.594353][ C0] ? kasan_check_range+0x4f/0x290 [ 246.594371][ C0] ? kasan_check_range+0x4f/0x290 [ 246.594388][ C0] [ 246.594393][ C0] [ 246.594400][ C0] mark_lock+0x9a/0x360 [ 246.594415][ C0] lockdep_hardirqs_on_prepare+0x282/0x780 [ 246.594439][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 246.594463][ C0] ? rcu_is_watching+0x15/0xb0 [ 246.594481][ C0] trace_hardirqs_on+0x28/0x40 [ 246.594499][ C0] call_rcu+0x731/0xa70 [ 246.594518][ C0] ? __pfx_call_rcu+0x10/0x10 [ 246.594533][ C0] ? rcuref_put+0x1e3/0x240 [ 246.594552][ C0] ? __pfx_rcuref_put+0x10/0x10 [ 246.594574][ C0] skb_release_head_state+0x73/0x250 [ 246.594596][ C0] consume_skb+0x60/0xf0 [ 246.594616][ C0] nft_synproxy_eval_v4+0x3d2/0x610 [ 246.594636][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 246.594654][ C0] ? validate_chain+0x11e/0x5920 [ 246.594671][ C0] ? nf_ip_checksum+0x13a/0x500 [ 246.594691][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 246.594711][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 246.594735][ C0] ? __pfx_validate_chain+0x10/0x10 [ 246.594758][ C0] nft_do_chain+0x4ad/0x1da0 [ 246.594805][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 246.594825][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 246.594868][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 246.594904][ C0] nft_do_chain_inet+0x418/0x6b0 [ 246.594927][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 246.594947][ C0] ? ipt_do_table+0x312/0x1860 [ 246.594974][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 246.594994][ C0] nf_hook_slow+0xc3/0x220 [ 246.595012][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 246.595039][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 246.595065][ C0] NF_HOOK+0x29e/0x450 [ 246.595091][ C0] ? NF_HOOK+0x9a/0x450 [ 246.595114][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 246.595140][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 246.595169][ C0] ? ip_rcv_finish+0x406/0x560 [ 246.595194][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 246.595220][ C0] NF_HOOK+0x3a4/0x450 [ 246.595244][ C0] ? __lock_acquire+0x1384/0x2050 [ 246.595271][ C0] ? NF_HOOK+0x9a/0x450 [ 246.595292][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 246.595312][ C0] ? ip_rcv_core+0x801/0xd10 [ 246.595334][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 246.595376][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 246.595399][ C0] __netif_receive_skb+0x2bf/0x650 [ 246.595425][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 246.595449][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 246.595473][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 246.595497][ C0] ? __pfx_lock_release+0x10/0x10 [ 246.595521][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 246.595543][ C0] process_backlog+0x662/0x15b0 [ 246.595561][ C0] ? process_backlog+0x33b/0x15b0 [ 246.595580][ C0] ? __pfx_process_backlog+0x10/0x10 [ 246.595596][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 246.595622][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 246.595647][ C0] __napi_poll+0xcb/0x490 [ 246.595673][ C0] net_rx_action+0x89b/0x1240 [ 246.595697][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 246.595714][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 246.595749][ C0] handle_softirqs+0x2c5/0x980 [ 246.595772][ C0] ? do_softirq+0x11b/0x1e0 [ 246.595794][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 246.595819][ C0] do_softirq+0x11b/0x1e0 [ 246.595838][ C0] [ 246.595844][ C0] [ 246.595855][ C0] ? __pfx_do_softirq+0x10/0x10 [ 246.595876][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 246.595901][ C0] ? rcu_is_watching+0x15/0xb0 [ 246.595919][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 246.595951][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 246.595968][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 246.595988][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 246.596008][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 246.596026][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 246.596047][ C0] ? process_scheduled_works+0x976/0x1850 [ 246.596069][ C0] process_scheduled_works+0xa63/0x1850 [ 246.596099][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 246.596123][ C0] ? assign_work+0x364/0x3d0 [ 246.596144][ C0] worker_thread+0x870/0xd30 [ 246.596167][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 246.596186][ C0] ? __kthread_parkme+0x169/0x1d0 [ 246.596209][ C0] ? __pfx_worker_thread+0x10/0x10 [ 246.596230][ C0] kthread+0x2f0/0x390 [ 246.596243][ C0] ? __pfx_worker_thread+0x10/0x10 [ 246.596264][ C0] ? __pfx_kthread+0x10/0x10 [ 246.596278][ C0] ret_from_fork+0x4b/0x80 [ 246.596300][ C0] ? __pfx_kthread+0x10/0x10 [ 246.596314][ C0] ret_from_fork_asm+0x1a/0x30 [ 246.596341][ C0] [ 247.303734][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 247.310620][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 247.320792][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 247.330860][ T30] Call Trace: [ 247.334152][ T30] [ 247.337099][ T30] dump_stack_lvl+0x241/0x360 [ 247.341808][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 247.347034][ T30] ? __pfx__printk+0x10/0x10 [ 247.351645][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 247.357656][ T30] ? vscnprintf+0x5d/0x90 [ 247.362011][ T30] panic+0x349/0x880 [ 247.365940][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 247.372140][ T30] ? __pfx_panic+0x10/0x10 [ 247.376573][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 247.381964][ T30] ? __irq_work_queue_local+0x137/0x410 [ 247.387531][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 247.392940][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 247.399118][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 247.405300][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 247.411482][ T30] watchdog+0x1033/0x1040 [ 247.415839][ T30] ? watchdog+0x1ea/0x1040 [ 247.420285][ T30] ? __pfx_watchdog+0x10/0x10 [ 247.424983][ T30] kthread+0x2f0/0x390 [ 247.429076][ T30] ? __pfx_watchdog+0x10/0x10 [ 247.433771][ T30] ? __pfx_kthread+0x10/0x10 [ 247.438383][ T30] ret_from_fork+0x4b/0x80 [ 247.442826][ T30] ? __pfx_kthread+0x10/0x10 [ 247.447435][ T30] ret_from_fork_asm+0x1a/0x30 [ 247.452242][ T30] [ 247.455579][ T30] Kernel Offset: disabled [ 247.459909][ T30] Rebooting in 86400 seconds..