last executing test programs: 38.473116259s ago: executing program 4 (id=490): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f0000003800)={0x2020}, 0x2020) 37.998851868s ago: executing program 4 (id=492): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)=0xff) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000440)=0x91) 37.51113997s ago: executing program 4 (id=495): r0 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f00000002c0)={0x80000000, 0x0, &(0x7f0000002c40)=[{{}, {0x80000000}}]}) ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000300)={r1, &(0x7f00000001c0)=[{}, {0x80000000, 0x0}], &(0x7f0000000100)=[{{}, {0x80000000}}]}) ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000280)={r4, 0x0, &(0x7f0000000080)=[{{0x80000000, 0x0}}]}) ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f000000a300)={{r2, r6, 0x0, [0x40000020, 0x8]}, {r5, r3, 0x0, [0xc1b, 0xfffffff9]}, 0x1, [0x1, 0x8]}) 37.116538339s ago: executing program 4 (id=498): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="000a81000000ff"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000500)={0x1c, &(0x7f0000000280)=ANY=[@ANYBLOB="400821000000c468545f4745a0a639235d52eab5"], 0x0, 0x0}) 36.447638589s ago: executing program 1 (id=500): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xc5) sendto$inet6(r0, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40013043, 0x0) 36.011774136s ago: executing program 1 (id=502): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xfd01}, 0x8) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0xfffffffffffffd57, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe19}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 35.023117421s ago: executing program 1 (id=504): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x80, 0x19, 0x9, 0x7, 0x7, 0x3, 0x2, 0x8, 0xe0, 0x29, 0x81, 0xb5, 0xa, 0x81}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @remote}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000001c0)={r1, 0x6}, 0x8) 34.878154735s ago: executing program 4 (id=506): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x3) syz_emit_ethernet(0x83, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0) 34.708126607s ago: executing program 1 (id=508): r0 = syz_io_uring_setup(0x1779, &(0x7f0000000140)={0x0, 0x63e4, 0x10, 0x0, 0xbf5ffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xffffbffc, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x58, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3, 0x1, {0x1, r3}}) io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x0) 33.778899261s ago: executing program 4 (id=513): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x100402, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f00000006c0)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, 0x0) 33.238818941s ago: executing program 1 (id=514): mkdir(&(0x7f0000000440)='./file1\x00', 0x82) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000001c0)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.state\x00', 0x275a, 0x0) quotactl_fd$Q_GETINFO(r0, 0xffffffff80000500, 0x0, &(0x7f00000002c0)) 32.818991817s ago: executing program 2 (id=515): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$'], 0x24}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001180)={0x38, r1, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0) 32.699792331s ago: executing program 1 (id=516): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000024d564b"]) 32.38929556s ago: executing program 2 (id=517): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000380)="10031400a13bb100b300000000000000000000bfd7ab593493f93edc7c4b346644a21beb74ba509986397ed2191074e9b783b240", 0x34, 0x5b3f714efd9f760b, &(0x7f0000000340)={0x11, 0x0, r2, 0x1, 0x3, 0x6, @random="1ac6d6f2eae2"}, 0x14) 23.711150908s ago: executing program 2 (id=521): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f63, 0x0, 0x1fffffe, 0x1a}, &(0x7f0000000180)=0x0, &(0x7f0000000600)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x0, 0x0}) io_uring_enter(r1, 0x3516, 0xf400, 0x1000000000000, 0x0, 0x0) 23.41112191s ago: executing program 2 (id=523): r0 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={r0}) r1 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000340)={r1}) close(r2) 23.375506751s ago: executing program 0 (id=524): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, 0x0, 0x0, 0x12}) io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) 22.833346988s ago: executing program 2 (id=526): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x4000004, &(0x7f0000000140)={0x11, 0xf7, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) 22.713970587s ago: executing program 0 (id=527): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@updpolicy={0xc4, 0x19, 0x1, 0x70bd2a, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x2, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x1}, [@mark={0xc, 0x15, {0x35075b, 0x71}}]}, 0xc4}}, 0x2c000010) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x4008011}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, 0x0, 0x6e6bb5}}, 0xb8}}, 0x0) 22.15162692s ago: executing program 0 (id=529): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') writev(r0, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000, 0x0, 0x0, 0x40000}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r1, 0x0, 0xee01) 21.944656114s ago: executing program 3 (id=530): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000000040)}, 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') 21.703274298s ago: executing program 0 (id=531): ioprio_set$uid(0x3, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0) pread64(r0, 0x0, 0x0, 0xf27b) 21.536817988s ago: executing program 3 (id=532): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x20000) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r2, 0xc0105502, &(0x7f0000000000)={0x1, 0x1}) 21.250529715s ago: executing program 0 (id=533): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x80) fchdir(r1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) 21.097928171s ago: executing program 3 (id=534): r0 = memfd_create(&(0x7f0000000380)='\x103q}2\x9a\xce\xaf\x03\xdfyR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7R\x94\xaf\xbb\xdcM\x90k\xd6\x05\r\x84\x87\x1e?\x10\x95SWFO{\x1f\x1b!\xd5\x991D\x1c\b\x8c`\xeaSA\x90m\xb6&\xd0\xf1\xb3\xed:\x82\xbd\xe3i|BL\x1f\x9d\x00\x00\xc5\xb8$\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\r\xd6h\x80\x8fQ|\xf5d\x10\x10\xd7\t\x00\x00\x00\x00\x00\x00\x00<\xfeeS\xb2l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfaa\xd3\xf1\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7~x\xb8vo\xe6\x15@\xc9\"CY\x11\xb9u\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D4E^7%8\x94y\x90\xf0l\xa0\'L%\xd4\xda\xee\x81\x98\xcc\xfd\xa2\x89$\x9by\xf1\xbb\x01\xb7\xcd\xbf\x99\x1f\x90@b\x03\xb3\xe0CfU\x16{\xbey\xa1cs\x96U\x11\xdb*\xdf\xcdG\xc7z\x85\x8aE\xf7\xd5\x9dAj\xe3\xfb\xc4\xa0\x14\x87\x19\x17\xed\xd1\x185%Q%\x81\xfaK\x82\xec=\xa3\xb8~\xb6O\xbd\x19*\xdb\x1c\x10\xa4\x8dIl\xc1\xceG\xd0h\xa1\xab:dP\xb6\xa0BR\xbe\x03\xac\xd9\x87\x00@\x80\x94\xd88\xc9\x03\x97\x17r\x85#\x7f\x8cu\x8f\xcc\x7fF\xb5\xea\xa6\xc1\x9d\xac\x89\xc9\xa1tuJw\xee\x1a\xe73\xa8\xadS\xd1\x11#d\xc2\xcfdj\x9ec\x93\xd5K\x90*_3\x89\v\xab\x04ih\x12\x93\xc5m\x8f~{\xe5\x85\xa5g\x00\x00\x00\xe45Q\xab%\xa8[\xf3\x17\x94\xf8\xdfq\xff\xd2?\xafW\xde\x1bW]\x1f\aaV\xc5\xc82*\xc7\xc5\"C}L\x10e\xc6\x90\xc0\xf9z\xb6+/d\x86\xf2\xbe\xc9:u\t\\e\x05)\xe4\xd2\xc4\x1a\xc9\xac\xdb\x925\x02\x94@\xa2\xe1\xee\x16\xb4\x98\xff\x0f\xbb\xb2\x81\xcf\x13g6l\xcc\xc8\x02\v\xa2\xb2\xf6\xbf@d\xcecC\x9fVz\xf4\x14\xa5\x8b|\xe1\xc0\xfa3X\xf4\xd9L\xe6\x8f\x9dy\x0fX.\xc5EQ\xd1/\xa1\xd0\x03>\xf0\x90\x13B\xe2\x97\x8b!\xf7\"\xecX\x92\xab\xbc^\xb2\x80@\xcc+\xbbp\xdc|N\xd3[=G\xb2\xe1\x9c\xc5\x81y\x84\xef\xacQ\x01\xdd\xe7<\xb8\xf1Hn\x86\xa6\xe3\x18N\x19\"[-\xdb\xef\xc3\xe0\xa8}', 0x0) ftruncate(r0, 0x800799c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0xffffffff, @remote, 0x9}, 0x1c) sendfile(r1, r0, 0x0, 0xfeff) 20.791851111s ago: executing program 3 (id=535): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x4d, 0x0, "8ddbb51a3cfd954e41e8ccb2650fa60067fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71b43b828c7de258b6b9ca1fc52bcc83e2a016a00"}, 0xd8) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @empty, 0x4}, 0x1c) listen(r0, 0x81) syz_emit_ethernet(0x8d, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd600a8400005706fffe8000000000000000000000000000bbff0200000000000000000000000000014e214e22", @ANYRESHEX], 0x0) 20.542476107s ago: executing program 3 (id=536): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x55}, 0x9c) 19.766099818s ago: executing program 3 (id=537): r0 = socket$kcm(0x11, 0x2, 0x0) r1 = socket$kcm(0x11, 0x200000000000002, 0x300) socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8) sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000800)=@hci={0x1f, 0x0, 0x6}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000480)="d1", 0x1}], 0x1}, 0x4c081) 18.157480711s ago: executing program 32 (id=513): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x100402, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f00000006c0)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, 0x0) 15.118400832s ago: executing program 33 (id=516): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000024d564b"]) 15.118087684s ago: executing program 0 (id=540): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000280)={0x1, 0x0, [{0x84d, 0x0, 0x8}]}) 15.11769195s ago: executing program 2 (id=541): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(r0, 0x80047456, &(0x7f00000017c0)) 4.175070811s ago: executing program 34 (id=537): r0 = socket$kcm(0x11, 0x2, 0x0) r1 = socket$kcm(0x11, 0x200000000000002, 0x300) socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8) sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000800)=@hci={0x1f, 0x0, 0x6}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000480)="d1", 0x1}], 0x1}, 0x4c081) 117.604727ms ago: executing program 35 (id=540): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000280)={0x1, 0x0, [{0x84d, 0x0, 0x8}]}) 0s ago: executing program 36 (id=541): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(r0, 0x80047456, &(0x7f00000017c0)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.174' (ED25519) to the list of known hosts. [ 85.091334][ T5825] cgroup: Unknown subsys name 'net' [ 85.318865][ T5825] cgroup: Unknown subsys name 'cpuset' [ 85.354278][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.806934][ T1230] cfg80211: failed to load regulatory.db [ 87.316588][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.466809][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.468462][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.469312][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.470679][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.494385][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.709290][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.715300][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.716553][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.719153][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.720119][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.744655][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.747805][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.748702][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.756745][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.757586][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.801161][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.802816][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.805460][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.807334][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.816065][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.834897][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.836230][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.836956][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.838112][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.840388][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.575313][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 92.920349][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 92.952111][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 92.975483][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 93.478388][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 93.488559][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.488707][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.489504][ T5836] bridge_slave_0: entered allmulticast mode [ 93.493406][ T5836] bridge_slave_0: entered promiscuous mode [ 93.547278][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.547825][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.548023][ T5836] bridge_slave_1: entered allmulticast mode [ 93.551213][ T5836] bridge_slave_1: entered promiscuous mode [ 93.605008][ T5156] Bluetooth: hci0: command tx timeout [ 93.764226][ T5156] Bluetooth: hci1: command tx timeout [ 93.843794][ T5156] Bluetooth: hci3: command tx timeout [ 93.843998][ T5156] Bluetooth: hci2: command tx timeout [ 93.924571][ T5838] Bluetooth: hci4: command tx timeout [ 94.211903][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.297225][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.297433][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.297630][ T5841] bridge_slave_0: entered allmulticast mode [ 94.300926][ T5841] bridge_slave_0: entered promiscuous mode [ 94.421088][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.421349][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.421477][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.421598][ T5840] bridge_slave_0: entered allmulticast mode [ 94.423244][ T5840] bridge_slave_0: entered promiscuous mode [ 94.448922][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.449198][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.449365][ T5841] bridge_slave_1: entered allmulticast mode [ 94.452087][ T5841] bridge_slave_1: entered promiscuous mode [ 94.469083][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.469222][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.469397][ T5847] bridge_slave_0: entered allmulticast mode [ 94.472252][ T5847] bridge_slave_0: entered promiscuous mode [ 94.575925][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.576091][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.576288][ T5840] bridge_slave_1: entered allmulticast mode [ 94.579694][ T5840] bridge_slave_1: entered promiscuous mode [ 94.645092][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.645277][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.645465][ T5847] bridge_slave_1: entered allmulticast mode [ 94.648651][ T5847] bridge_slave_1: entered promiscuous mode [ 95.227388][ T5836] team0: Port device team_slave_0 added [ 95.322628][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.437703][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.437939][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.438139][ T5842] bridge_slave_0: entered allmulticast mode [ 95.440205][ T5842] bridge_slave_0: entered promiscuous mode [ 95.456792][ T5836] team0: Port device team_slave_1 added [ 95.466985][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.470164][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.486165][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.599374][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.683951][ T5838] Bluetooth: hci0: command tx timeout [ 95.701680][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.702043][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.702220][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.702337][ T5842] bridge_slave_1: entered allmulticast mode [ 95.715542][ T5842] bridge_slave_1: entered promiscuous mode [ 95.843887][ T5838] Bluetooth: hci1: command tx timeout [ 95.924228][ T5838] Bluetooth: hci2: command tx timeout [ 95.924263][ T5838] Bluetooth: hci3: command tx timeout [ 96.003777][ T5838] Bluetooth: hci4: command tx timeout [ 96.324266][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.324283][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.324305][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.439349][ T5841] team0: Port device team_slave_0 added [ 96.647147][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.647165][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.647192][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.650199][ T5840] team0: Port device team_slave_0 added [ 96.652359][ T5841] team0: Port device team_slave_1 added [ 96.655350][ T5847] team0: Port device team_slave_0 added [ 96.659417][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.675735][ T5840] team0: Port device team_slave_1 added [ 96.804147][ T5847] team0: Port device team_slave_1 added [ 96.806858][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.177175][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.177194][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.177221][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.426195][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.426213][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.426241][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.429194][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.429208][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.429234][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.586320][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.586338][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.586367][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.590976][ T5842] team0: Port device team_slave_0 added [ 97.707330][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.707349][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.707376][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.721466][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.721481][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.721504][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.735606][ T5842] team0: Port device team_slave_1 added [ 97.749477][ T5836] hsr_slave_0: entered promiscuous mode [ 97.755209][ T5836] hsr_slave_1: entered promiscuous mode [ 97.764661][ T5838] Bluetooth: hci0: command tx timeout [ 97.924049][ T5838] Bluetooth: hci1: command tx timeout [ 98.003835][ T5838] Bluetooth: hci2: command tx timeout [ 98.003872][ T5838] Bluetooth: hci3: command tx timeout [ 98.067810][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.067828][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.067856][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.084055][ T5838] Bluetooth: hci4: command tx timeout [ 98.378185][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.378199][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.378214][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.488365][ T5841] hsr_slave_0: entered promiscuous mode [ 98.489308][ T5841] hsr_slave_1: entered promiscuous mode [ 98.490111][ T5841] debugfs: 'hsr0' already exists in 'hsr' [ 98.490181][ T5841] Cannot create hsr debugfs directory [ 98.686427][ T5840] hsr_slave_0: entered promiscuous mode [ 98.691033][ T5840] hsr_slave_1: entered promiscuous mode [ 98.692131][ T5840] debugfs: 'hsr0' already exists in 'hsr' [ 98.692157][ T5840] Cannot create hsr debugfs directory [ 98.751228][ T5847] hsr_slave_0: entered promiscuous mode [ 98.752121][ T5847] hsr_slave_1: entered promiscuous mode [ 98.752687][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 98.752709][ T5847] Cannot create hsr debugfs directory [ 99.265441][ T5842] hsr_slave_0: entered promiscuous mode [ 99.266327][ T5842] hsr_slave_1: entered promiscuous mode [ 99.266892][ T5842] debugfs: 'hsr0' already exists in 'hsr' [ 99.266910][ T5842] Cannot create hsr debugfs directory [ 99.845063][ T5838] Bluetooth: hci0: command tx timeout [ 100.003812][ T5838] Bluetooth: hci1: command tx timeout [ 100.083948][ T5838] Bluetooth: hci3: command tx timeout [ 100.083982][ T5838] Bluetooth: hci2: command tx timeout [ 100.163867][ T5156] Bluetooth: hci4: command tx timeout [ 100.638208][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.670720][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 100.716858][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 100.778476][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 100.925643][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 100.962860][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 101.006649][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 101.060590][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 101.207410][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 101.259673][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 101.334199][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 101.399758][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 101.585267][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 101.641186][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 101.675607][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 101.731642][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 101.850792][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.925897][ T5842] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 101.999351][ T5842] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 102.053333][ T5842] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 102.080758][ T5842] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 102.146313][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.202459][ T1472] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.203054][ T1472] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.255164][ T1542] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.255408][ T1542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.296791][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.439528][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.511799][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.523739][ T1503] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.523907][ T1503] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.581374][ T1503] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.581491][ T1503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.659194][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.735999][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.775023][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.775192][ T1542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.839603][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.839841][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.977019][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.012795][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.046329][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.046580][ T1542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.105906][ T87] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.106687][ T87] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.211093][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.237742][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.275568][ T87] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.276152][ T87] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.350910][ T87] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.351224][ T87] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.714732][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.786246][ T5836] veth0_vlan: entered promiscuous mode [ 103.885312][ T5836] veth1_vlan: entered promiscuous mode [ 104.151110][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.185025][ T5836] veth0_macvtap: entered promiscuous mode [ 104.198749][ T5841] veth0_vlan: entered promiscuous mode [ 104.211495][ T5836] veth1_macvtap: entered promiscuous mode [ 104.274512][ T5841] veth1_vlan: entered promiscuous mode [ 104.320331][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.355433][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.391999][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.457528][ T2159] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.477247][ T2159] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.498692][ T2159] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.517989][ T5840] veth0_vlan: entered promiscuous mode [ 104.530673][ T2159] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.536374][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.592862][ T5841] veth0_macvtap: entered promiscuous mode [ 104.702517][ T5841] veth1_macvtap: entered promiscuous mode [ 104.706968][ T5840] veth1_vlan: entered promiscuous mode [ 104.954929][ T5847] veth0_vlan: entered promiscuous mode [ 105.002871][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.086224][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.126347][ T5847] veth1_vlan: entered promiscuous mode [ 105.142332][ T1503] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.142352][ T1503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.175653][ T67] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.195161][ T67] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.203067][ T67] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.222876][ T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.258788][ T5840] veth0_macvtap: entered promiscuous mode [ 105.338818][ T5840] veth1_macvtap: entered promiscuous mode [ 105.343897][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.343914][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.615265][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.664500][ T5847] veth0_macvtap: entered promiscuous mode [ 105.693632][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.700809][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.709606][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.719296][ T5842] veth0_vlan: entered promiscuous mode [ 105.721775][ T5847] veth1_macvtap: entered promiscuous mode [ 105.873086][ T67] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.907156][ T67] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.936176][ T67] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.948432][ T5842] veth1_vlan: entered promiscuous mode [ 105.958041][ T67] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.963071][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.963089][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.020398][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.093304][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.215792][ T5955] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6'. [ 106.342953][ T57] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.357247][ T57] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.388008][ T57] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.408085][ T57] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.640477][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.640500][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.652607][ T5842] veth0_macvtap: entered promiscuous mode [ 106.699689][ T5961] ======================================================= [ 106.699689][ T5961] WARNING: The mand mount option has been deprecated and [ 106.699689][ T5961] and is ignored by this kernel. Remove the mand [ 106.699689][ T5961] option from the mount to silence this warning. [ 106.699689][ T5961] ======================================================= [ 106.824994][ T5842] veth1_macvtap: entered promiscuous mode [ 106.969649][ T2159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.969670][ T2159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.117043][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.218262][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.221842][ T1503] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.221862][ T1503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.298299][ T67] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.351809][ T67] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.385380][ T67] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.406467][ T57] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.440113][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.440136][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.809681][ T5974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'. [ 108.109837][ T5980] Illegal XDP return value 32768 on prog (id 3) dev N/A, expect packet loss! [ 108.164265][ T5981] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 108.451962][ T1472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.451985][ T1472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.651359][ T5986] tap0: tun_chr_ioctl cmd 2147767520 [ 108.821598][ T1472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.821619][ T1472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.843973][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 109.083751][ T10] usb 3-1: Using ep0 maxpacket: 8 [ 109.092962][ T10] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 109.092987][ T10] usb 3-1: config 0 has no interface number 0 [ 109.093041][ T10] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 109.093088][ T10] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 109.093111][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.135755][ T10] usb 3-1: config 0 descriptor?? [ 109.414384][ T5821] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 109.516290][ T10] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 109.574006][ T5821] usb 1-1: Using ep0 maxpacket: 32 [ 109.584281][ T5821] usb 1-1: config 0 has an invalid interface number: 47 but max is 0 [ 109.584308][ T5821] usb 1-1: config 0 has no interface number 0 [ 109.584361][ T5821] usb 1-1: config 0 interface 47 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 109.584384][ T5821] usb 1-1: config 0 interface 47 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 109.591071][ T5821] usb 1-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=7b.76 [ 109.591096][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.591113][ T5821] usb 1-1: Product: syz [ 109.591126][ T5821] usb 1-1: Manufacturer: syz [ 109.591138][ T5821] usb 1-1: SerialNumber: syz [ 109.667637][ T5821] usb 1-1: config 0 descriptor?? [ 109.669765][ T10] usb 3-1: USB disconnect, device number 2 [ 109.677063][ T5989] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 109.677264][ T5989] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 110.151966][ T5989] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 110.152111][ T5989] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 110.378302][ T5821] asix 1-1:0.47 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 110.379802][ T5821] asix 1-1:0.47: probe with driver asix failed with error -71 [ 110.463873][ T5821] usb 1-1: USB disconnect, device number 2 [ 110.588739][ T37] audit: type=1326 audit(1758070216.115:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.588799][ T37] audit: type=1326 audit(1758070216.115:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.590880][ T37] audit: type=1326 audit(1758070216.125:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.592653][ T37] audit: type=1326 audit(1758070216.125:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613752][ T37] audit: type=1326 audit(1758070216.125:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613809][ T37] audit: type=1326 audit(1758070216.125:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613850][ T37] audit: type=1326 audit(1758070216.125:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613888][ T37] audit: type=1326 audit(1758070216.125:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613925][ T37] audit: type=1326 audit(1758070216.125:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 110.613961][ T37] audit: type=1326 audit(1758070216.125:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.3.22" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e41e1eba9 code=0x7ffc0000 [ 111.114221][ T5844] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 111.224606][ T2159] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 111.224956][ T2159] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 111.244036][ T5994] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 112.614748][ T5156] Bluetooth: hci2: Unable to find connection for big 0x00 [ 112.628950][ T6035] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.637064][ T6035] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.820421][ T6041] mmap: syz.1.39 (6041) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 113.785433][ T6062] netlink: 24 bytes leftover after parsing attributes in process `syz.0.49'. [ 113.825924][ T5945] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 113.980544][ T5945] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 113.980576][ T5945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.034026][ T5945] usb 5-1: config 0 descriptor?? [ 114.068663][ T5945] cp210x 5-1:0.0: cp210x converter detected [ 114.274086][ T6070] sg_write: process 20 (syz.3.53) changed security contexts after opening file descriptor, this is not allowed. [ 114.433999][ T5821] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 114.499659][ T5945] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 114.540948][ T5945] usb 5-1: cp210x converter now attached to ttyUSB0 [ 114.603849][ T5821] usb 1-1: Using ep0 maxpacket: 16 [ 114.606705][ T5821] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 114.606728][ T5821] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 114.616250][ T5821] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 114.616276][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.616293][ T5821] usb 1-1: Product: syz [ 114.616358][ T5821] usb 1-1: Manufacturer: syz [ 114.616388][ T5821] usb 1-1: SerialNumber: syz [ 114.782571][ T5902] usb 5-1: USB disconnect, device number 2 [ 114.909259][ T5902] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 114.912075][ T5821] usb 1-1: 0:2 : does not exist [ 114.947527][ T5821] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 115.102551][ T6079] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 115.319166][ T5821] usb 1-1: USB disconnect, device number 3 [ 115.474251][ T5902] cp210x 5-1:0.0: device disconnected [ 115.808914][ T5997] udevd[5997]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 117.022903][ T6116] netlink: 4 bytes leftover after parsing attributes in process `syz.4.70'. [ 117.213857][ T5923] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 117.363830][ T5923] usb 1-1: Using ep0 maxpacket: 8 [ 117.367618][ T5923] usb 1-1: unable to get BOS descriptor or descriptor too short [ 117.370215][ T5923] usb 1-1: config 4 interface 0 has no altsetting 0 [ 117.416775][ T5923] usb 1-1: string descriptor 0 read error: -22 [ 117.416973][ T5923] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 117.416997][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.483412][ T5923] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 117.513401][ T5923] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 117.526052][ T5923] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 117.526143][ T5923] usb 1-1: media controller created [ 117.572511][ T5923] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 118.870972][ T5923] usb 1-1: USB disconnect, device number 4 [ 119.816865][ T6162] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 120.931687][ T6193] process 'syz.1.107' launched '/dev/fd/4' with NULL argv: empty string added [ 121.683975][ T5902] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 121.712078][ T6201] program syz.1.111 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 121.836798][ T5902] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 121.836827][ T5902] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 121.838537][ T5902] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 121.838565][ T5902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 121.838585][ T5902] usb 1-1: SerialNumber: syz [ 122.158116][ T5902] usb 1-1: 0:2 : does not exist [ 122.210151][ T6210] netlink: 'syz.2.112': attribute type 2 has an invalid length. [ 122.237285][ T5902] usb 1-1: USB disconnect, device number 5 [ 122.622615][ T5997] udevd[5997]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 123.082359][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'. [ 123.082388][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'. [ 124.351904][ T6255] syz.1.135 (6255) used greatest stack depth: 17144 bytes left [ 124.673211][ T5992] udevd[5992]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 125.068405][ T6276] program syz.1.145 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.664228][ T6347] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 128.664228][ T6347] The task syz.4.173 (6347) triggered the difference, watch for misbehavior. [ 129.651590][ T6364] warning: `syz.2.181' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 129.754348][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 129.902315][ T6366] sctp: [Deprecated]: syz.2.182 (pid 6366) Use of struct sctp_assoc_value in delayed_ack socket option. [ 129.902315][ T6366] Use struct sctp_sack_info instead [ 129.940934][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 129.996788][ T9] usb 2-1: config 0 has no interfaces? [ 130.011394][ T9] usb 2-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5 [ 130.011425][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.011445][ T9] usb 2-1: Product: syz [ 130.011460][ T9] usb 2-1: Manufacturer: syz [ 130.011474][ T9] usb 2-1: SerialNumber: syz [ 130.064101][ T9] usb 2-1: config 0 descriptor?? [ 130.428668][ T9] usb 2-1: USB disconnect, device number 2 [ 130.542184][ T6376] Zero length message leads to an empty skb [ 131.556742][ T5923] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 131.556787][ T5923] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 131.556812][ T5923] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 131.598648][ T5923] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 131.925058][ T6407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.201'. [ 131.977334][ T6405] fido_id[6405]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 132.902030][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.902146][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.825514][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 134.984025][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 135.002227][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.002299][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 135.002328][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 135.002350][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 135.002373][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 135.004223][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 135.004260][ T9] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 135.004280][ T9] usb 3-1: Manufacturer: syz [ 135.107248][ T9] usb 3-1: config 0 descriptor?? [ 135.351586][ T6472] loop6: detected capacity change from 0 to 524287999 [ 135.484788][ T9] rc_core: IR keymap rc-hauppauge not found [ 135.484811][ T9] Registered IR keymap rc-empty [ 135.485354][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.517458][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.555904][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 135.597527][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7 [ 135.630589][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.654372][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.674075][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.694072][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.723985][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.743872][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.775371][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.804003][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.823926][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.864855][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 135.933150][ T9] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 135.933186][ T9] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 135.968593][ T9] usb 3-1: USB disconnect, device number 3 [ 136.308308][ T31] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 136.465438][ T31] usb 5-1: Using ep0 maxpacket: 8 [ 136.483604][ T31] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 136.484312][ T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.484337][ T31] usb 5-1: Product: syz [ 136.484352][ T31] usb 5-1: Manufacturer: syz [ 136.484366][ T31] usb 5-1: SerialNumber: syz [ 136.550009][ T31] usb 5-1: config 0 descriptor?? [ 136.600655][ T6490] mkiss: ax0: crc mode is auto. [ 136.860134][ T31] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 137.491858][ T31] gspca_sunplus: reg_w_riv err -71 [ 137.491970][ T31] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 137.505812][ T31] usb 5-1: USB disconnect, device number 3 [ 138.416330][ T5916] hid-generic 0005:15C2:8002.0002: collection stack underflow [ 138.416362][ T5916] hid-generic 0005:15C2:8002.0002: item 0 0 0 12 parsing failed [ 138.417253][ T5916] hid-generic 0005:15C2:8002.0002: probe with driver hid-generic failed with error -22 [ 138.933876][ T5902] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 139.095467][ T5902] usb 5-1: Using ep0 maxpacket: 8 [ 139.126532][ T5902] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 139.126565][ T5902] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.126586][ T5902] usb 5-1: Product: syz [ 139.126600][ T5902] usb 5-1: Manufacturer: syz [ 139.126614][ T5902] usb 5-1: SerialNumber: syz [ 139.177061][ T5902] usb 5-1: config 0 descriptor?? [ 139.191383][ T5902] gspca_main: se401-2.14.0 probing 047d:5003 [ 139.611696][ T5902] gspca_se401: ExtraFeatures: 255 [ 139.611717][ T5902] gspca_se401: Frame size: 2314x0 bayer [ 139.813420][ T5902] input: se401 as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8 [ 139.927670][ T5902] usb 5-1: USB disconnect, device number 4 [ 141.847990][ T6605] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.287'. [ 143.603920][ T5923] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 143.766295][ T5923] usb 2-1: Using ep0 maxpacket: 32 [ 143.769069][ T5923] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.769098][ T5923] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.777812][ T5923] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 143.777838][ T5923] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 143.777864][ T5923] usb 2-1: Product: syz [ 143.777877][ T5923] usb 2-1: Manufacturer: syz [ 143.859675][ T5923] hub 2-1:4.0: USB hub found [ 144.025088][ T5923] hub 2-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 144.344365][ T5902] usb 2-1: USB disconnect, device number 3 [ 144.818563][ T5902] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 144.971675][ T5902] usb 1-1: Using ep0 maxpacket: 8 [ 144.984031][ T5902] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 144.984066][ T5902] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 144.984091][ T5902] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 144.984115][ T5902] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 144.984160][ T5902] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 144.984183][ T5902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.280153][ T5902] usb 1-1: GET_CAPABILITIES returned 0 [ 145.280210][ T5902] usbtmc 1-1:16.0: can't read capabilities [ 145.493817][ T5902] usb 1-1: USB disconnect, device number 6 [ 146.143767][ T5923] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 146.293762][ T5923] usb 5-1: Using ep0 maxpacket: 8 [ 146.302675][ T5923] usb 5-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 146.302707][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.302727][ T5923] usb 5-1: Product: syz [ 146.302742][ T5923] usb 5-1: Manufacturer: syz [ 146.302756][ T5923] usb 5-1: SerialNumber: syz [ 146.336992][ T5923] usb 5-1: config 0 descriptor?? [ 146.392165][ T5923] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 147.414590][ T5923] gspca_sonixj: reg_w1 err -71 [ 147.454229][ T5923] sonixj 5-1:0.0: probe with driver sonixj failed with error -71 [ 147.475279][ T5923] usb 5-1: USB disconnect, device number 5 [ 147.793520][ T6702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.329'. [ 147.804843][ T6702] chnl_net:caif_netlink_parms(): no params data found [ 148.903802][ T5923] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 149.091031][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.091068][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.091090][ T5923] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 149.091135][ T5923] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 149.091159][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.162863][ T5923] usb 1-1: config 0 descriptor?? [ 149.711669][ T5923] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 149.784239][ T5916] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 149.947199][ T5916] usb 2-1: config index 0 descriptor too short (expected 3133, got 61) [ 149.947228][ T5916] usb 2-1: config 0 has an invalid interface number: 156 but max is 1 [ 149.947248][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 149.947266][ T5916] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 149.947287][ T5916] usb 2-1: config 0 has no interface number 0 [ 149.947336][ T5916] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 149.947359][ T5916] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 149.947385][ T5916] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 149.947407][ T5916] usb 2-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 149.947453][ T5916] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 149.947476][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.972886][ T5916] usb 2-1: config 0 descriptor?? [ 150.012801][ T5916] gspca_main: spca561-2.14.0 probing abcd:cdee [ 150.044341][ T5945] usb 1-1: USB disconnect, device number 7 [ 150.166109][ T6743] fido_id[6743]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 150.215261][ T5916] spca561 2-1:0.156: probe with driver spca561 failed with error -22 [ 150.217202][ T5916] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 150.217262][ T5916] usb 2-1: MIDIStreaming interface descriptor not found [ 150.627704][ T5916] usb 2-1: USB disconnect, device number 4 [ 151.433827][ T5916] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 151.600421][ T5916] usb 2-1: config 0 has no interfaces? [ 151.605972][ T5916] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 151.605999][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 151.606016][ T5916] usb 2-1: Product: syz [ 151.606029][ T5916] usb 2-1: Manufacturer: syz [ 151.637380][ T5916] usb 2-1: config 0 descriptor?? [ 151.732689][ T6779] netlink: 64 bytes leftover after parsing attributes in process `syz.3.359'. [ 151.895787][ T1230] usb 2-1: USB disconnect, device number 5 [ 152.183837][ T5923] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 152.339213][ T5923] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 152.339251][ T5923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 152.339277][ T5923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 152.339299][ T5923] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 152.339344][ T5923] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 152.339367][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.376451][ T5923] usb 4-1: config 0 descriptor?? [ 152.836405][ T6800] syz.1.368 uses obsolete (PF_INET,SOCK_PACKET) [ 152.852661][ T5923] plantronics 0003:047F:FFFF.0004: ignoring exceeding usage max [ 153.013892][ T5923] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 154.716041][ T6823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.377'. [ 155.079652][ T5923] usb 4-1: USB disconnect, device number 2 [ 155.099879][ T6829] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 160.213820][ T5916] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 160.371631][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.371667][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 160.371690][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 160.371735][ T5916] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 160.371760][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.383081][ T5916] usb 3-1: config 0 descriptor?? [ 160.918916][ T5916] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 161.045483][ T1230] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 161.213736][ T1230] usb 2-1: Using ep0 maxpacket: 32 [ 161.216244][ T1230] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.216295][ T1230] usb 2-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 161.216319][ T1230] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.266334][ T1230] usb 2-1: config 0 descriptor?? [ 161.385920][ T6946] netlink: 12 bytes leftover after parsing attributes in process `syz.0.428'. [ 161.715496][ T1230] hid-picolcd 0003:04D8:C002.0006: unknown main item tag 0x0 [ 161.715534][ T1230] hid-picolcd 0003:04D8:C002.0006: unknown main item tag 0x0 [ 161.715559][ T1230] hid-picolcd 0003:04D8:C002.0006: unknown main item tag 0x0 [ 161.715583][ T1230] hid-picolcd 0003:04D8:C002.0006: unknown main item tag 0x0 [ 161.715608][ T1230] hid-picolcd 0003:04D8:C002.0006: unknown main item tag 0x0 [ 161.826447][ T1230] hid-picolcd 0003:04D8:C002.0006: No report with id 0x11 found [ 161.919579][ T5916] usb 2-1: USB disconnect, device number 6 [ 162.373963][ T1230] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 162.524214][ T1230] usb 1-1: Using ep0 maxpacket: 16 [ 162.527104][ T1230] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 162.527171][ T1230] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 162.527199][ T1230] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 162.527221][ T1230] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 162.527244][ T1230] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 162.529030][ T1230] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 162.529056][ T1230] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 162.529077][ T1230] usb 1-1: Manufacturer: syz [ 162.651097][ T1230] usb 1-1: config 0 descriptor?? [ 162.965711][ T5902] usb 3-1: USB disconnect, device number 4 [ 163.110248][ T6971] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 163.113767][ T1230] rc_core: IR keymap rc-hauppauge not found [ 163.113786][ T1230] Registered IR keymap rc-empty [ 163.113965][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.139262][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.162793][ T1230] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 163.193181][ T1230] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input9 [ 163.218380][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.244479][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.274622][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.299534][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.313879][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.334006][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.353932][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.386407][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.413845][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.436105][ T1230] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 163.492646][ T1230] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 163.492673][ T1230] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 163.521937][ T1230] usb 1-1: USB disconnect, device number 8 [ 164.117619][ T5923] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 164.273729][ T5923] usb 3-1: Using ep0 maxpacket: 32 [ 164.276895][ T5923] usb 3-1: config 0 interface 0 has no altsetting 0 [ 164.280461][ T5923] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 164.280489][ T5923] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.280517][ T5923] usb 3-1: Product: syz [ 164.280531][ T5923] usb 3-1: Manufacturer: syz [ 164.280545][ T5923] usb 3-1: SerialNumber: syz [ 164.301337][ T5923] usb 3-1: config 0 descriptor?? [ 164.336861][ T6964] tipc: Started in network mode [ 164.336891][ T6964] tipc: Node identity ff, cluster identity 4711 [ 164.337073][ T6964] tipc: Enabling of bearer rejected, failed to enable media [ 164.793509][ T5923] gs_usb 3-1:0.0: Configuring for 1 interfaces [ 164.901997][ T6990] 9pnet: p9_errstr2errno: server reported unknown error @0x0000000000000003 [ 165.317077][ T7002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.449'. [ 165.416127][ T5821] usb 3-1: USB disconnect, device number 5 [ 165.582454][ T7006] netlink: 20 bytes leftover after parsing attributes in process `syz.4.451'. [ 165.672298][ T7009] netlink: 20 bytes leftover after parsing attributes in process `syz.4.451'. [ 167.334344][ T7047] netlink: 36 bytes leftover after parsing attributes in process `syz.2.468'. [ 167.334712][ T7047] netlink: 36 bytes leftover after parsing attributes in process `syz.2.468'. [ 168.732168][ T7071] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 169.421698][ T7087] capability: warning: `syz.1.486' uses deprecated v2 capabilities in a way that may be insecure [ 169.733942][ T5923] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 169.886223][ T5923] usb 2-1: Using ep0 maxpacket: 8 [ 169.902078][ T5923] usb 2-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 169.902106][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.902124][ T5923] usb 2-1: Product: syz [ 169.902136][ T5923] usb 2-1: Manufacturer: syz [ 169.902149][ T5923] usb 2-1: SerialNumber: syz [ 169.937051][ T5923] usb 2-1: config 0 descriptor?? [ 169.959343][ T5923] radio-usb-si4713 2-1:0.0: Si4713 development board discovered: (10C4:8244) [ 170.615341][ T5923] radio-usb-si4713 2-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 170.616070][ T5923] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 170.638547][ T5923] usb 2-1: USB disconnect, device number 7 [ 171.693824][ T5821] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 171.846095][ T5821] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 171.846116][ T5821] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.852397][ T5821] usb 5-1: config 0 descriptor?? [ 171.877224][ T5821] cp210x 5-1:0.0: cp210x converter detected [ 172.053690][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 172.339952][ T5821] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 172.625883][ T5821] usb 5-1: cp210x converter now attached to ttyUSB0 [ 172.780740][ T5821] usb 5-1: USB disconnect, device number 6 [ 172.854814][ T5821] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 172.984383][ T5821] cp210x 5-1:0.0: device disconnected [ 173.635055][ T7135] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 178.566498][ T7162] netlink: 'syz.0.518': attribute type 1 has an invalid length. [ 178.566523][ T7162] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.518'. [ 179.473634][ C1] sched: DL replenish lagged too much [ 183.260721][ T7171] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 183.372957][ T5821] IPVS: starting estimator thread 0... [ 183.465596][ T7175] IPVS: using max 5 ests per chain, 12000 per kthread [ 185.948500][ T7190] netlink: 104 bytes leftover after parsing attributes in process `syz.0.527'. [ 186.429460][ T37] kauditd_printk_skb: 334 callbacks suppressed [ 186.429482][ T37] audit: type=1400 audit(1758070291.945:346): lsm=SMACK fn=smack_inode_setattr action=denied subject="w" object="_" requested=w pid=7193 comm="syz.0.529" name="93" dev="tmpfs" ino=484 [ 187.097112][ T7200] usb usb8: usbfs: process 7200 (syz.3.532) did not claim interface 0 before use [ 188.205011][ T7209] sctp: [Deprecated]: syz.3.536 (pid 7209) Use of int in max_burst socket option deprecated. [ 188.205011][ T7209] Use struct sctp_assoc_value instead [ 191.383578][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 191.402988][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 191.412114][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 191.430409][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 191.431370][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 193.524249][ T5838] Bluetooth: hci5: command tx timeout [ 193.741026][ T5156] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 193.752251][ T5156] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 193.753556][ T5156] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 193.771455][ T5156] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 193.791479][ T5156] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 194.340921][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.341010][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.603942][ T5156] Bluetooth: hci5: command tx timeout [ 195.843925][ T5156] Bluetooth: hci6: command tx timeout [ 197.693805][ T5156] Bluetooth: hci5: command tx timeout [ 197.923997][ T5156] Bluetooth: hci6: command tx timeout [ 199.763882][ T5156] Bluetooth: hci5: command tx timeout [ 200.004003][ T5156] Bluetooth: hci6: command tx timeout [ 202.083860][ T5156] Bluetooth: hci6: command tx timeout [ 206.032238][ T5838] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 206.055176][ T5838] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 206.058293][ T5838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 206.060469][ T5838] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 206.061395][ T5838] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 208.163871][ T5156] Bluetooth: hci7: command tx timeout [ 209.414797][ T5838] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 209.433049][ T5838] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 209.447199][ T5838] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 209.473426][ T5838] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 209.482758][ T5838] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 209.630939][ T5156] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 209.651543][ T5156] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 209.652805][ T5156] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 209.673415][ T5156] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 209.683329][ T5156] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 210.243726][ T5838] Bluetooth: hci7: command tx timeout [ 211.525636][ T5838] Bluetooth: hci8: command tx timeout [ 211.763958][ T5838] Bluetooth: hci9: command tx timeout [ 212.323857][ T5838] Bluetooth: hci7: command tx timeout [ 213.603766][ T5838] Bluetooth: hci8: command tx timeout [ 213.844140][ T5838] Bluetooth: hci9: command tx timeout [ 214.403812][ T5838] Bluetooth: hci7: command tx timeout [ 215.683969][ T7249] Bluetooth: hci8: command tx timeout [ 215.739165][ T7220] chnl_net:caif_netlink_parms(): no params data found [ 215.924018][ T7249] Bluetooth: hci9: command tx timeout [ 216.895630][ T7249] Bluetooth: hci2: command 0x0406 tx timeout [ 216.895677][ T7249] Bluetooth: hci3: command 0x0406 tx timeout [ 216.895814][ T7249] Bluetooth: hci0: command 0x0406 tx timeout [ 216.895919][ T7249] Bluetooth: hci1: command 0x0406 tx timeout [ 217.763889][ T7248] Bluetooth: hci8: command tx timeout [ 218.004289][ T7248] Bluetooth: hci9: command tx timeout [ 251.403529][ T5838] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 251.431908][ T5838] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 251.433300][ T5838] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 251.454225][ T5838] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 251.455939][ T5838] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 253.272705][ T59] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 253.290628][ T59] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 253.314111][ T59] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 253.315569][ T59] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 253.316516][ T59] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 253.524056][ T59] Bluetooth: hci10: command tx timeout [ 255.446211][ T59] Bluetooth: hci11: command tx timeout [ 255.603794][ T59] Bluetooth: hci10: command tx timeout [ 255.776838][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.776928][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.527346][ T59] Bluetooth: hci11: command tx timeout [ 257.684096][ T59] Bluetooth: hci10: command tx timeout [ 259.604501][ T59] Bluetooth: hci11: command tx timeout [ 259.766548][ T59] Bluetooth: hci10: command tx timeout [ 260.843290][ T7242] chnl_net:caif_netlink_parms(): no params data found [ 260.896244][ T7236] chnl_net:caif_netlink_parms(): no params data found [ 261.683920][ T59] Bluetooth: hci11: command tx timeout [ 266.722699][ T5838] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 266.743848][ T5838] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 266.745128][ T5838] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 266.753141][ T5838] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 266.783148][ T5838] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 270.824992][ T5846] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 270.848972][ T5846] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 270.850413][ T5846] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 270.852387][ T5846] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 270.853420][ T5846] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 273.026772][ T5156] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 273.052430][ T5156] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 273.067326][ T5156] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 273.068732][ T5156] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 273.070045][ T5156] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 278.038215][ T5838] Bluetooth: hci12: command tx timeout [ 280.084054][ T5838] Bluetooth: hci14: command tx timeout [ 280.084507][ T5838] Bluetooth: hci12: command tx timeout [ 280.084616][ T5838] Bluetooth: hci13: command tx timeout [ 282.163859][ T59] Bluetooth: hci13: command tx timeout [ 282.163896][ T59] Bluetooth: hci12: command tx timeout [ 282.163919][ T59] Bluetooth: hci14: command tx timeout [ 284.245572][ T59] Bluetooth: hci14: command tx timeout [ 284.245610][ T59] Bluetooth: hci12: command tx timeout [ 284.245632][ T59] Bluetooth: hci13: command tx timeout [ 286.333815][ T5838] Bluetooth: hci13: command tx timeout [ 286.333853][ T5838] Bluetooth: hci14: command tx timeout [ 299.744435][ T7246] chnl_net:caif_netlink_parms(): no params data found [ 311.922954][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 311.942985][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 311.957971][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 311.959488][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 311.982560][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 314.381282][ T5156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 314.400402][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 314.401827][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 314.434292][ T5156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 314.454021][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 317.234544][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.234635][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.287180][ T5156] Bluetooth: hci6: command 0x0406 tx timeout [ 327.156558][ T7248] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 327.185903][ T7248] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 327.187291][ T7248] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 327.188791][ T7248] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 327.193009][ T7248] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 330.656962][ T38] INFO: task kworker/u8:10:1503 blocked for more than 143 seconds. [ 330.656986][ T38] Not tainted syzkaller #0 [ 330.656997][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 330.657006][ T38] task:kworker/u8:10 state:D stack:19528 pid:1503 tgid:1503 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 330.657065][ T38] Workqueue: events_unbound bpf_map_free_deferred [ 330.657094][ T38] Call Trace: [ 330.657101][ T38] [ 330.657116][ T38] __schedule+0x16f3/0x4c20 [ 330.657158][ T38] ? sched_clock+0x3f/0x60 [ 330.657183][ T38] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 330.657231][ T38] ? __pfx___schedule+0x10/0x10 [ 330.657289][ T38] rt_mutex_schedule+0x77/0xf0 [ 330.657311][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 330.657353][ T38] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 330.657383][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 330.657412][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 330.657439][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 330.657461][ T38] ? __lock_acquire+0xab9/0xd20 [ 330.657502][ T38] ? rcu_barrier+0x4c/0x570 [ 330.657527][ T38] ? __lock_acquire+0xab9/0xd20 [ 330.657564][ T38] ? rcu_barrier+0x4c/0x570 [ 330.657582][ T38] mutex_lock_nested+0x16a/0x1d0 [ 330.657606][ T38] ? synchronize_rcu+0x11a/0x310 [ 330.657632][ T38] rcu_barrier+0x4c/0x570 [ 330.657666][ T38] dev_map_free+0x11f/0x6a0 [ 330.657708][ T38] bpf_map_free_deferred+0x110/0x140 [ 330.657731][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 330.657760][ T38] process_scheduled_works+0xade/0x17b0 [ 330.657821][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 330.657887][ T38] worker_thread+0x8a0/0xda0 [ 330.657946][ T38] kthread+0x70e/0x8a0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 330.657981][ T38] ? __pfx_worker_thread+0x10/0x10 [ 330.658007][ T38] ? __pfx_kthread+0x10/0x10 [ 330.658044][ T38] ? __pfx_kthread+0x10/0x10 [ 330.658077][ T38] ret_from_fork+0x439/0x7d0 [ 330.658108][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 330.658143][ T38] ? __switch_to_asm+0x39/0[ 330.658143][ T38] ? __switch_to_asm+0x39/0x70 [ 330.658163][ T38] ? __switch_to_asm+0x33/0x70 [ 330.658180][ T38] ? __pfx_kthread+0x10/0x10 [ 330.658213][ T38] ret_from_fork_asm+0x1a/0x30 [ 330.658261][ T38] [ 330.658330][ T38] INFO: task syz.4.513:7149 blocked for more than 143 seconds. [ 330.658344][ T38] Not tainted syzkaller #0 [ 330.658354][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 330.658363][ T38] task:syz.4.513 state:D stack:25128 pid:7149 tgid:7149 ppid:5842 task_flags:0x400040 flags:0x00004006 [ 330.658424][ T38] Call Trace: [ 330.658431][ T38] [ 330.658444][ T38] __schedule+0x16f3/0x4c20 [ 330.658501][ T38] ? __lock_acquire+0xab9/0xd20 [ 330.658529][ T38] ? __pfx___schedule+0x10/0x10 [ 330.658578][ T38] ? schedule+0x91/0x360 [ 330.658611][ T38] schedule+0x165/0x360 [ 330.658643][ T38] schedule_timeout+0x9a/0x270 [ 330.658671][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 330.658712][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 330.658741][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 330.658769][ T38] ? wait_for_completion+0x267/0x5d0 [ 330.658802][ T38] wait_for_completion+0x2bf/0x5d0 [ 330.658848][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 330.658880][ T38] ? __raw_spin_lock_init+0x45/0x100 [ 330.658916][ T38] rcu_barrier+0x463/0x570 [ 330.658950][ T38] kvm_mmu_uninit_vm+0x53/0x90 [ 330.658972][ T38] kvm_arch_destroy_vm+0x23d/0x280 [ 330.659001][ T38] kvm_put_kvm+0xf8e/0x1670 [ 330.659037][ T38] ? __pfx_kvm_vm_release+0x10/0x10 [ 330.659065][ T38] kvm_vm_release+0x46/0x50 [ 330.659090][ T38] __fput+0x45b/0xa80 [ 330.659126][ T38] task_work_run+0x1d4/0x260 [ 330.659152][ T38] ? __pfx_task_work_run+0x10/0x10 [ 330.659181][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 330.659213][ T38] exit_to_user_mode_loop+0xec/0x110 [ 330.659249][ T38] do_syscall_64+0x2bd/0x3b0 [ 330.659268][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 330.659296][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.659317][ T38] ? clear_bhb_loop+0x60/0xb0 [ 330.659344][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.659364][ T38] RIP: 0033:0x7fc461e5eba9 [ 330.659382][ T38] RSP: 002b:00007ffe5540f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 330.659403][ T38] RAX: 0000000000000000 RBX: 00007fc4620a7da0 RCX: 00007fc461e5eba9 [ 330.659417][ T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 330.659430][ T38] RBP: 00007fc4620a7da0 R08: 00000000000068a4 R09: 000000055540f47f [ 330.659444][ T38] R10: 00000000005f69f4 R11: 0000000000000246 R12: 000000000002acc2 [ 330.659457][ T38] R13: 00007fc4620a6090 R14: ffffffffffffffff R15: 00007ffe5540f2a0 [ 330.659494][ T38] [ 330.659504][ T38] INFO: task syz.1.516:7164 blocked for more than 143 seconds. [ 330.659517][ T38] Not tainted syzkaller #0 [ 330.659527][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 330.659537][ T38] task:syz.1.516 state:D stack:25128 pid:7164 tgid:7164 ppid:5840 task_flags:0x400040 flags:0x00004006 [ 330.659596][ T38] Call Trace: [ 330.659603][ T38] [ 330.659616][ T38] __schedule+0x16f3/0x4c20 [ 330.659677][ T38] ? __pfx___schedule+0x10/0x10 [ 330.659728][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 330.659762][ T38] rt_mutex_schedule+0x77/0xf0 [ 330.659782][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 330.659807][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 330.659854][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 330.659882][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 330.659909][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 330.659948][ T38] ? rcu_barrier+0x4c/0x570 [ 330.659976][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 330.660006][ T38] ? rcu_barrier+0x4c/0x570 [ 330.660024][ T38] mutex_lock_nested+0x16a/0x1d0 [ 330.660048][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 330.660079][ T38] rcu_barrier+0x4c/0x570 [ 330.660113][ T38] kvm_mmu_uninit_vm+0x53/0x90 [ 330.660135][ T38] kvm_arch_destroy_vm+0x23d/0x280 [ 330.660164][ T38] kvm_put_kvm+0xf8e/0x1670 [ 330.660199][ T38] ? __pfx_kvm_vm_release+0x10/0x10 [ 330.660234][ T38] kvm_vm_release+0x46/0x50 [ 330.660260][ T38] __fput+0x45b/0xa80 [ 330.660295][ T38] task_work_run+0x1d4/0x260 [ 330.660320][ T38] ? __pfx_task_work_run+0x10/0x10 [ 330.660348][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 330.660381][ T38] exit_to_user_mode_loop+0xec/0x110 [ 330.660409][ T38] do_syscall_64+0x2bd/0x3b0 [ 330.660427][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 330.660456][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.660477][ T38] ? clear_bhb_loop+0x60/0xb0 [ 330.660503][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.660523][ T38] RIP: 0033:0x7f90807beba9 [ 330.660540][ T38] RSP: 002b:00007fff633f6e78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 330.660560][ T38] RAX: 0000000000000000 RBX: 000000000002c97f RCX: 00007f90807beba9 [ 330.660574][ T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 330.660586][ T38] RBP: 00007f9080a07da0 R08: 0000000000000001 R09: 00000005633f716f [ 330.660600][ T38] R10: 0000001b30820000 R11: 0000000000000246 R12: 00007f9080a05fac [ 330.660614][ T38] R13: 00007f9080a05fa0 R14: ffffffffffffffff R15: 00007fff633f6f90 [ 330.660650][ T38] [ 330.660679][ T38] [ 330.660679][ T38] Showing all locks held in the system: [ 330.660689][ T38] 3 locks held by kworker/u8:0/12: [ 330.660701][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.660756][ T38] #1: ffffc90000117bc0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.660809][ T38] #2: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.660856][ T38] 3 locks held by kworker/u8:1/13: [ 330.660868][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.660920][ T38] #1: ffffc90000127bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.660971][ T38] #2: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 330.661019][ T38] 8 locks held by ktimers/1/29: [ 330.661031][ T38] 1 lock held by khungtaskd/38: [ 330.661042][ T38] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 330.661092][ T38] 4 locks held by kworker/u9:0/59: [ 330.661104][ T38] #0: ffff88805a703138 ((wq_completion)hci5#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.661161][ T38] #1: ffffc9000125fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.661213][ T38] #2: ffff8880539f40a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1220 [ 330.661277][ T38] #3: ffffffff8ee3b0d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 330.661331][ T38] 1 lock held by kworker/1:1H/63: [ 330.661351][ T38] 3 locks held by kworker/u8:10/1503: [ 330.661362][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.661415][ T38] #1: ffffc90004da7bc0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.661466][ T38] #2: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.661513][ T38] 2 locks held by kworker/u8:12/1542: [ 330.661525][ T38] 3 locks held by kworker/u8:14/2159: [ 330.661537][ T38] #0: ffff888030c06938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.661588][ T38] #1: ffffc9000607fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.661641][ T38] #2: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 330.661705][ T38] 2 locks held by getty/5596: [ 330.661716][ T38] #0: ffff88823bf5e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 330.661774][ T38] #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 330.661826][ T38] 4 locks held by kworker/u9:2/5838: [ 330.661837][ T38] #0: ffff88803cd6d938 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.661893][ T38] #1: ffffc90004d07bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.661945][ T38] #2: ffff88806c4900a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1220 [ 330.661998][ T38] #3: ffffffff8ee3b0d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 330.662051][ T38] 6 locks held by kworker/u9:3/5846: [ 330.662062][ T38] #0: ffff888023f15938 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.662113][ T38] #1: ffffc90004db7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.662165][ T38] #2: ffff8880378d4e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 330.662214][ T38] #3: ffff8880378d40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 330.662276][ T38] #4: ffffffff8ee3b0d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 330.662332][ T38] #5: ffff888061c10358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 330.662400][ T38] 1 lock held by syz.4.513/7149: [ 330.662411][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.662458][ T38] 1 lock held by syz.1.516/7164: [ 330.662469][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.662525][ T38] 1 lock held by syz.3.537/7211: [ 330.662535][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 330.662590][ T38] 1 lock held by syz-executor/7220: [ 330.662601][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 330.662656][ T38] 1 lock held by syz.2.541/7227: [ 330.662667][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.662715][ T38] 1 lock held by syz.0.540/7228: [ 330.662726][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.662773][ T38] 2 locks held by syz-executor/7233: [ 330.662784][ T38] #0: ffffffff8ecc6700 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0 [ 330.662837][ T38] #1: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 330.662884][ T38] 3 locks held by syz-executor/7236: [ 330.662895][ T38] #0: ffff888065f14e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 330.662947][ T38] #1: ffff888065f140a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 330.663001][ T38] #2: ffffffff8ee3b0d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 330.663048][ T38] 1 lock held by syz-executor/7242: [ 330.663060][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 330.663115][ T38] 2 locks held by syz-executor/7246: [ 330.663126][ T38] #0: ffff888062514e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510 [ 330.663176][ T38] #1: ffff8880625140a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 330.663240][ T38] 4 locks held by kworker/u9:4/7248: [ 330.663252][ T38] #0: ffff88803cba0138 ((wq_completion)hci8#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 330.663308][ T38] #1: ffffc90029847bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 330.663359][ T38] #2: ffff88803a7d40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 330.663410][ T38] #3: ffffffff8ee3b0d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 330.663462][ T38] 2 locks held by syz-executor/7263: [ 330.663473][ T38] #0: ffffffff8f1d7e58 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 330.663535][ T38] #1: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 330.810164][ T38] 2 locks held by syz-executor/7267: [ 330.810178][ T38] #0: ffffffff8f1d78d8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 330.810250][ T38] #1: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 330.810306][ T38] 1 lock held by syz-executor/7289: [ 330.810319][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 330.810372][ T38] 1 lock held by syz-executor/7295: [ 330.810384][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 330.810436][ T38] 1 lock held by syz-executor/7299: [ 330.810447][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 330.810501][ T38] 1 lock held by syz-executor/7310: [ 330.810512][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 330.810563][ T38] 1 lock held by syz-executor/7315: [ 330.810574][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 330.810623][ T38] 1 lock held by dhcpcd/7318: [ 330.810634][ T38] #0: ffff88803bfbb878 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 330.810690][ T38] 1 lock held by dhcpcd/7319: [ 330.810701][ T38] #0: ffff88803bfbb1b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 330.810755][ T38] 1 lock held by dhcpcd/7320: [ 330.810766][ T38] #0: ffff88803bfbe7b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 330.810820][ T38] 1 lock held by dhcpcd/7321: [ 330.810831][ T38] #0: ffff88803d87b878 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 330.810886][ T38] 1 lock held by dhcpcd/7322: [ 330.810896][ T38] #0: ffff88803d87d378 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 330.810951][ T38] 1 lock held by syz-executor/7326: [ 330.810962][ T38] #0: ffffffff8ecd35f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 330.811009][ T38] 1 lock held by syz-executor/7328: [ 330.811022][ T38] [ 330.811027][ T38] ============================================= [ 330.811027][ T38] [ 330.811037][ T38] NMI backtrace for cpu 0 [ 330.811052][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 330.811075][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 330.811086][ T38] Call Trace: [ 330.811094][ T38] [ 330.811103][ T38] dump_stack_lvl+0x189/0x250 [ 330.811137][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 330.811166][ T38] ? __pfx__printk+0x10/0x10 [ 330.811203][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 330.811241][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 330.811270][ T38] ? __pfx__printk+0x10/0x10 [ 330.811298][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 330.811326][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 330.811355][ T38] watchdog+0xf93/0xfe0 [ 330.811387][ T38] ? watchdog+0x1de/0xfe0 [ 330.811419][ T38] kthread+0x70e/0x8a0 [ 330.811454][ T38] ? __pfx_watchdog+0x10/0x10 [ 330.811479][ T38] ? __pfx_kthread+0x10/0x10 [ 330.811514][ T38] ? __pfx_kthread+0x10/0x10 [ 330.811545][ T38] ret_from_fork+0x439/0x7d0 [ 330.811575][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 330.811608][ T38] ? __switch_to_asm+0x39/0x70 [ 330.811626][ T38] ? __switch_to_asm+0x33/0x70 [ 330.811644][ T38] ? __pfx_kthread+0x10/0x10 [ 330.811674][ T38] ret_from_fork_asm+0x1a/0x30 [ 330.811712][ T38] [ 330.811720][ T38] Sending NMI from CPU 0 to CPUs 1: [ 330.811747][ C1] NMI backtrace for cpu 1 [ 330.811762][ C1] CPU: 1 UID: 0 PID: 1186 Comm: irq/34-virtio1- Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 330.811781][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 330.811789][ C1] RIP: 0010:__lock_acquire+0x457/0xd20 [ 330.811813][ C1] Code: 8d 4c 24 ff 83 f9 ff bd ff ff ff ff 0f 4c e9 ff c5 45 8d 7c 24 01 49 ff cc 44 89 f9 83 c1 fe 78 44 44 89 e3 81 e3 ff ff ff 7f <83> f9 31 73 1d 48 8d 0c 9b 8b 8c cf 40 0b 00 00 31 c1 41 ff cf 49 [ 330.811826][ C1] RSP: 0018:ffffc90004e364e8 EFLAGS: 00000006 [ 330.811841][ C1] RAX: 000000000002000b RBX: 0000000000000005 RCX: 0000000000000005 [ 330.811852][ C1] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff888026f65940 [ 330.811862][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8172c165 [ 330.811872][ C1] R10: ffffc90004e36738 R11: ffffffff81aaf310 R12: 0000000000000005 [ 330.811882][ C1] R13: 0000000000000001 R14: ffff888026f66550 R15: 0000000000000007 [ 330.811893][ C1] FS: 0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000 [ 330.811906][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 330.811917][ C1] CR2: 00007f46edb8ed00 CR3: 000000006a98a000 CR4: 00000000003526f0 [ 330.811934][ C1] Call Trace: [ 330.811941][ C1] [ 330.811950][ C1] ? unwind_next_frame+0xa5/0x2390 [ 330.811978][ C1] lock_acquire+0x120/0x360 [ 330.811997][ C1] ? unwind_next_frame+0xa5/0x2390 [ 330.812020][ C1] ? unwind_next_frame+0x19ae/0x2390 [ 330.812040][ C1] ? stack_trace_save+0x9c/0xe0 [ 330.812057][ C1] ? unwind_next_frame+0xa5/0x2390 [ 330.812077][ C1] unwind_next_frame+0xc2/0x2390 [ 330.812096][ C1] ? unwind_next_frame+0xa5/0x2390 [ 330.812115][ C1] ? arch_stack_walk+0xe4/0x150 [ 330.812139][ C1] ? __unwind_start+0x5b9/0x760 [ 330.812161][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 330.812178][ C1] arch_stack_walk+0x11c/0x150 [ 330.812200][ C1] ? stack_trace_save+0x9c/0xe0 [ 330.812218][ C1] stack_trace_save+0x9c/0xe0 [ 330.812234][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 330.812249][ C1] ? do_raw_spin_lock+0x121/0x290 [ 330.812271][ C1] kasan_save_track+0x3e/0x80 [ 330.812307][ C1] ? fill_pool+0x100/0x570 [ 330.812328][ C1] __kasan_slab_alloc+0x6c/0x80 [ 330.812346][ C1] ? fill_pool+0x100/0x570 [ 330.812364][ C1] kmem_cache_alloc_noprof+0x143/0x310 [ 330.812387][ C1] fill_pool+0x100/0x570 [ 330.812407][ C1] ? debug_objects_fill_pool+0xdf/0x120 [ 330.812427][ C1] ? __pfx_fill_pool+0x10/0x10 [ 330.812448][ C1] ? debug_objects_fill_pool+0xdf/0x120 [ 330.812466][ C1] ? debug_objects_fill_pool+0xdf/0x120 [ 330.812487][ C1] debug_objects_fill_pool+0x107/0x120 [ 330.812506][ C1] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 330.812530][ C1] debug_object_activate+0x6c/0x3a0 [ 330.812552][ C1] ? __pfx_dst_destroy_rcu+0x10/0x10 [ 330.812568][ C1] call_rcu+0xaa/0x9c0 [ 330.812586][ C1] ? rcuref_put+0x1b7/0x210 [ 330.812601][ C1] ? __pfx_call_rcu+0x10/0x10 [ 330.812616][ C1] ? percpu_counter_add_batch+0xea/0x1e0 [ 330.812638][ C1] ? dst_release+0x126/0x1b0 [ 330.812655][ C1] skb_release_head_state+0x71/0x250 [ 330.812679][ C1] consume_skb+0x60/0xf0 [ 330.812700][ C1] nft_synproxy_eval_v4+0x376/0x560 [ 330.812720][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 330.812738][ C1] ? nf_ip_checksum+0x13c/0x510 [ 330.812756][ C1] nft_synproxy_do_eval+0x345/0x570 [ 330.812775][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 330.812791][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 330.812815][ C1] nft_do_chain+0x409/0x1920 [ 330.812837][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 330.812866][ C1] nft_do_chain_inet+0x25d/0x340 [ 330.812883][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 330.812898][ C1] ? __lock_acquire+0xab9/0xd20 [ 330.812921][ C1] ? NF_HOOK+0x9a/0x3a0 [ 330.812941][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 330.812958][ C1] nf_hook_slow+0xc5/0x220 [ 330.812986][ C1] NF_HOOK+0x206/0x3a0 [ 330.813006][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 330.813027][ C1] ? NF_HOOK+0x9a/0x3a0 [ 330.813045][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 330.813063][ C1] ? ip_rcv_finish_core+0xda3/0x1c00 [ 330.813085][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 330.813106][ C1] ? skb_dst+0x4f/0xd0 [ 330.813125][ C1] ? ip_local_deliver+0x12a/0x1b0 [ 330.813147][ C1] NF_HOOK+0x309/0x3a0 [ 330.813166][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 330.813186][ C1] ? NF_HOOK+0x9a/0x3a0 [ 330.813205][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 330.813225][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 330.813249][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 330.813267][ C1] __netif_receive_skb+0x143/0x380 [ 330.813285][ C1] ? rt_spin_unlock+0x65/0x80 [ 330.813305][ C1] ? process_backlog+0x27b/0x900 [ 330.813324][ C1] process_backlog+0x31e/0x900 [ 330.813348][ C1] __napi_poll+0xb3/0x540 [ 330.813368][ C1] net_rx_action+0x707/0xe00 [ 330.813394][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 330.813419][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 330.813439][ C1] handle_softirqs+0x22f/0x710 [ 330.813461][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 330.813483][ C1] __local_bh_enable_ip+0x179/0x270 [ 330.813502][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 330.813520][ C1] ? virtqueue_disable_cb+0x122/0x370 [ 330.813549][ C1] ? skb_xmit_done+0x109/0x280 [ 330.813574][ C1] ? irq_finalize_oneshot+0x54/0x3d0 [ 330.813596][ C1] ? __pfx_skb_xmit_done+0x10/0x10 [ 330.813616][ C1] ? vring_interrupt+0x221/0x380 [ 330.813636][ C1] ? __pfx_vring_interrupt+0x10/0x10 [ 330.813658][ C1] irq_forced_thread_fn+0xe9/0x120 [ 330.813678][ C1] ? irq_forced_thread_fn+0x2b/0x120 [ 330.813699][ C1] irq_thread+0x427/0x690 [ 330.813718][ C1] ? irq_thread+0x17b/0x690 [ 330.813740][ C1] ? __pfx_irq_forced_thread_fn+0x10/0x10 [ 330.813761][ C1] ? __pfx_irq_thread+0x10/0x10 [ 330.813781][ C1] ? __kthread_parkme+0x7b/0x200 [ 330.813800][ C1] ? __pfx_irq_thread_dtor+0x10/0x10 [ 330.813819][ C1] ? __kthread_parkme+0x1a1/0x200 [ 330.813841][ C1] kthread+0x70e/0x8a0 [ 330.813864][ C1] ? __pfx_irq_thread+0x10/0x10 [ 330.813883][ C1] ? __pfx_kthread+0x10/0x10 [ 330.813906][ C1] ? __pfx_kthread+0x10/0x10 [ 330.813928][ C1] ret_from_fork+0x439/0x7d0 [ 330.813947][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 330.813975][ C1] ? __switch_to_asm+0x39/0x70 [ 330.813990][ C1] ? __switch_to_asm+0x33/0x70 [ 330.814003][ C1] ? __pfx_kthread+0x10/0x10 [ 330.814025][ C1] ret_from_fork_asm+0x1a/0x30 [ 330.814046][ C1] [ 330.924951][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 330.924974][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 330.924997][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 330.925009][ T38] Call Trace: [ 330.925018][ T38] [ 330.925026][ T38] dump_stack_lvl+0x99/0x250 [ 330.925063][ T38] ? __asan_memcpy+0x40/0x70 [ 330.925085][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 330.925114][ T38] ? __pfx__printk+0x10/0x10 [ 330.925151][ T38] vpanic+0x281/0x750 [ 330.925184][ T38] ? __pfx_vpanic+0x10/0x10 [ 330.925210][ T38] ? irqentry_exit+0x74/0x90 [ 330.925248][ T38] ? preempt_schedule+0xae/0xc0 [ 330.925278][ T38] ? preempt_schedule_common+0x83/0xd0 [ 330.925314][ T38] panic+0xb9/0xc0 [ 330.925342][ T38] ? __pfx_panic+0x10/0x10 [ 330.925373][ T38] ? preempt_schedule_thunk+0x16/0x30 [ 330.925404][ T38] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 330.925433][ T38] watchdog+0xfd2/0xfe0 [ 330.925466][ T38] ? watchdog+0x1de/0xfe0 [ 330.925499][ T38] kthread+0x70e/0x8a0 [ 330.925533][ T38] ? __pfx_watchdog+0x10/0x10 [ 330.925558][ T38] ? __pfx_kthread+0x10/0x10 [ 330.925593][ T38] ? __pfx_kthread+0x10/0x10 [ 330.925624][ T38] ret_from_fork+0x439/0x7d0 [ 330.925654][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 330.925686][ T38] ? __switch_to_asm+0x39/0x70 [ 330.925705][ T38] ? __switch_to_asm+0x33/0x70 [ 330.925723][ T38] ? __pfx_kthread+0x10/0x10 [ 330.925754][ T38] ret_from_fork_asm+0x1a/0x30 [ 330.925790][ T38] [ 330.926040][ T38] Kernel Offset: disabled