last executing test programs: 53.551065983s ago: executing program 2 (id=2171): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3800}, [@RTA_DST={0x8, 0x1, @remote}]}, 0x24}}, 0x0) 51.510280733s ago: executing program 2 (id=2177): setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() socket$netlink(0x10, 0x3, 0x0) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x664, 0x0) setxattr$incfs_id(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = semget(0xffffffffffffffff, 0x0, 0x0) semctl$GETALL(0x0, 0x0, 0xd, 0x0) shmat(r3, &(0x7f0000714000/0x1000)=nil, 0x0) semop(r3, &(0x7f00000000c0)=[{0x3, 0x7}, {}], 0x2) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000140)={0x0, 0x40, 0x2, {0x1, @win={{}, 0x0, 0x9, 0x0, 0x0, 0x0}}}) 21.650645918s ago: executing program 0 (id=2272): ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7fffffff, 0xfffffffe}}, '\x00'}) prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x10000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = socket(0x2000000015, 0x80005, 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private2}, 0x16b34e5ed408bb52) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20080, 0x0) r4 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) ftruncate(r5, 0x2000009) sendfile(r4, r5, 0x0, 0x6) r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x20) r7 = open(&(0x7f0000000040)='.\x00', 0x0, 0x40) r8 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x19) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)) ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0xf) fcntl$notify(r7, 0x402, 0x5) vmsplice(r6, &(0x7f0000000900)=[{&(0x7f0000000840)="05", 0x1}], 0x1, 0x0) 21.545118274s ago: executing program 4 (id=2273): unshare(0x8020400) r0 = mq_open(&(0x7f0000001100)='*a%\xff\x00\xf1\fNC\x84\xe0\x99\x1e-\x9a\x0f\x1a\x90\xee\x10\xfeARsO\xae\xd6\x05K\xe2D\x8d\xa4H8\xcf:\a;\xd8\xc7\xc8\\C\xcf\xa7\xcb\xb4\xe4\x8dY\xe3\xa5K&\xe5\xc4\x84v\xfa\xe7\x11\xc4\x99\x10,\xe3M\x80\xd3\xc2\x1c\xb0\x84\xb83', 0x41, 0x0, 0x0) mq_timedreceive(r0, 0x0, 0x0, 0x0, 0x0) 21.031381289s ago: executing program 4 (id=2274): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x68, r1, 0x1, 0x0, 0x0, {{}, {}, {0x4c, 0x18, {0x0, @media='eth\x00'}}}}, 0x68}}, 0x0) 20.815193522s ago: executing program 4 (id=2275): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4038ae7a, &(0x7f0000000240)={[{0x2, 0x0, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xa}], 0x8}) 20.726489075s ago: executing program 0 (id=2276): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x6c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xfffffffffffffd07, 0x2, [@TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28}, @TCA_TBF_PBURST={0x8}]}}]}, 0x6c}}, 0x0) 20.604360339s ago: executing program 2 (id=2197): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_fc_track_inode\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020208d2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = openat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000300)='cpu.stat\x00', 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000020000000000000000008500000017000000850000002a0000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000085000000080000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000002380)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB="7a0af8ff75257078bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce72d75946c2b638d91dbef661962239c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e6fff4942eb613eff289026d5045ef76d7d864409eb2dc9518a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be3cdda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed544126fabe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a6a8ca9d4aa797a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f00000000008000000000000000000000000040000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000040)=r7, 0x4) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) close(r8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="1e0308003c5c980128876360864668f82ffdd569d2f630b5e033ff11edf1c5ffc733d2acb165fe588cd568cd1f31b87b68b00ad888f7"], 0xffdd) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700) r11 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r11, &(0x7f0000000140), 0x0}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_fc_track_inode\x00', r2}, 0x10) 20.53407678s ago: executing program 4 (id=2278): r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) read(r0, &(0x7f0000001480)=""/4096, 0x1000) 20.43076156s ago: executing program 0 (id=2279): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002900)=@newqdisc={0x70, 0x58, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0x0, 0x7}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x70}}, 0x0) 20.410459201s ago: executing program 4 (id=2280): syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x7) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="04022b03000000000000070703b165300e00ffffffffffff25cfda27f7b5636c7f0bc9cb3e4cd205e77791ff07fffbffffffff00fc0d699cf70000"], 0x2e) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x5, 0xc9, @any, 0x0, 0x5}}}, 0xe) syz_emit_vhci(0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r2, &(0x7f0000000900)={&(0x7f00000000c0)={0xa, 0x4e24, 0x80, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=[@dstopts_2292={{0x138, 0x29, 0x4, {0x16, 0x23, '\x00', [@padn={0x1, 0x1, [0x0]}, @generic={0x0, 0xca, "f7f7ddf36be4856a382e0cd37bd2c509f254d861a859125d872d67d45ffd3d7525bb1ab44505f35a5a04703254be75042c7366a290dd6286ca6b1873b9d3a96d670c777e9f636dade96bbb14c0d6c3db5b1b702c6eb577103eb2701703e6c005e1102db0ee1049a9450809e071a823041fa4d2e1bb8f648f59b1f1f4876c7b24c6d370cdf6c69c3166f65f487a792aee4ab90fec0309e2e0e4dc57be8d5c95957d345c6160a5edf0aa95f7a2bbc1541a1b3780203f7b7646b70b8b5badc84e059c0539ffffb1a69680c8"}, @generic={0x6, 0x34, "06c6af5742c0465e9ea88d05a0b4af3c7fdce4c9a4227b3abda77b3fe378f30321a35dd779c3a13d2ef82672317f8587d3cec459"}, @ra={0x5, 0x2, 0x2}, @hao={0xc9, 0x10, @empty}, @pad1]}}}, @rthdr_2292={{0x18, 0x29, 0x5, {0x0, 0x0, 0x2, 0x1}}}], 0x150}, 0x80) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace(0x10, 0x0) ptrace$ARCH_SHSTK_UNLOCK(0x6, 0x0, 0x2, 0x5004) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000340)={'hsr0\x00'}) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r6 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) mq_timedsend(r6, 0x0, 0x2000, 0x0, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xe, 0x10, r0, 0x0) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@any, "09ac4cf1c8580da8"}}}, 0x11) 20.022831557s ago: executing program 0 (id=2282): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000900)={0x2c, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 20.022409189s ago: executing program 1 (id=2283): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ff4ae0086d04dd08f4ff080203010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 18.144953389s ago: executing program 1 (id=2285): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010300000000000001004e0000000e0001006e657464657673696d0000000f0002"], 0x34}}, 0x0) 18.053478379s ago: executing program 1 (id=2286): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001140)=ANY=[@ANYBLOB="4c0000001000010800"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001800168014000180100006"], 0x4c}}, 0x0) 16.947048016s ago: executing program 0 (id=2289): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000002180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/10, 0xa}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10102, 0x0) 16.004838392s ago: executing program 0 (id=2291): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) getpriority(0x2, 0x0) link(0x0, &(0x7f0000000400)='./file0/../file0/file0\x00') r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x0, 0xa, 0x148, 0x180, 0x10, 0x290, 0x2a8, 0x2a8, 0x290, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x110, 0x180, 0x0, {0x200003ae, 0x7f00}, [@common=@unspec=@limit={{0x48}, {0x6, 0x80000000, 0x5}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378b6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0xc8, 0x110, 0x0, {}, [@common=@inet=@tcp={{0x30}}, @common=@unspec=@state={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x388) r2 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r3 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0xffffffffffffffff, r4) newfstatat(0xffffffffffffff9c, &(0x7f0000000a40)='./file0/../file0/file0\x00', &(0x7f0000000a80), 0x400) fsconfig$FSCONFIG_SET_STRING(r2, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r2, 0x0, 0x0) symlinkat(&(0x7f0000000200)='./file0\x00', r5, &(0x7f0000000240)='./file0\x00') renameat2(r5, &(0x7f0000000080)='./file0\x00', r5, &(0x7f00000000c0)='./file1\x00', 0x0) sendmsg$AUDIT_MAKE_EQUIV(r5, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x20, 0x3f7, 0x1, 0x70bd29, 0x25dfdbfb, {0x1, 0x7, '.', './file0'}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x48000}, 0x40) open_tree(r5, &(0x7f0000000440)='./file0\x00', 0x800) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f00000003c0)={0x1, 0x1, 0x4, 0x1b5, 0x2, 0x0, 0x8001, 0xcc, 0x0, 0x5, 0x80, 0x2, 0x9, 0x4}) getpid() 15.994100028s ago: executing program 4 (id=2293): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000280)=ANY=[@ANYBLOB="00000108000021"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) 15.902876081s ago: executing program 1 (id=2294): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f0000000400)={0xa, 0x4e21, 0x1000000080000, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="10000000000000002900000043"], 0x18}, 0x0) 15.866576748s ago: executing program 2 (id=2295): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r1, @ANYRES16=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a001000000000000000000008001f0000000000"], 0xd4}}, 0x8881) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_usb_connect$cdc_ecm(0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$can_bcm(0x1d, 0x2, 0x2) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB], 0xd) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00') read$FUSE(r3, &(0x7f0000000880)={0x2020}, 0x5df) read$FUSE(r3, &(0x7f0000012400)={0x2020}, 0x2020) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x9, 0x6ffd, 0x0, 0x8}}}}, 0x17) connect$can_bcm(r2, &(0x7f0000000000), 0x10) r4 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000500)={"a0453822", 0x0, 0x6, 0x2, 0x0, 0x0, "3377f877c734c4f928875ab8db00", "000100", "060010bc", '\x00', ["c38600008000080000e6fc00", "51f3541a910080ffffcb3a10", "1ae50f8a285d9543c522afe1"]}) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x2, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001800010000000000000000000a00000000000000000000000c001600080001000300000008000400", @ANYRES32=r6, @ANYBLOB="0600150007"], 0x38}}, 0x0) 15.782617836s ago: executing program 1 (id=2296): syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@mss={0x2, 0x4, 0xa005}]}}}}}}}, 0x0) 14.428995386s ago: executing program 1 (id=2297): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000080)={0x2, 0x3000, 0x3, 0x6, 0x7}) 8.831814666s ago: executing program 2 (id=2298): openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0], 0x0) 6.410747449s ago: executing program 3 (id=2299): io_setup(0x222, &(0x7f0000000180)=0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0) io_submit(r0, 0x2, &(0x7f0000001500)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1000, r1, &(0x7f0000000480)="55f3", 0x2}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0}]) 6.084441382s ago: executing program 3 (id=2300): syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000008060001080006040002aaaaaaaaa68322ec14bb"], 0x0) r0 = socket$packet(0x11, 0x3, 0x300) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000007c0)={0x0, 0x3, 0x6, @random="cea0300a1672"}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 3.652721138s ago: executing program 3 (id=2304): r0 = fsmount(0xffffffffffffffff, 0x0, 0x70) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x800000001, r2, 0x2, 0x0) ptrace$getenv(0x4201, r2, 0xd4, &(0x7f0000000180)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) r4 = socket$kcm(0x10, 0x2, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f95f24fc60040f030047000000053582c137153e370248018000f01700", 0x2c}], 0x1}, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000280)={0x2, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, 0xffffffffffffffff) r8 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r8, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810540010000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000001000010009080800418e00000804fcff", 0x58}], 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x152000, 0x0, 0x12, r7, 0x0) syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000740), 0x0, 0x2020, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) syz_pidfd_open(0x0, 0x0) 1.191816372s ago: executing program 2 (id=2305): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_fc_track_inode\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020208d2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = openat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000300)='cpu.stat\x00', 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000020000000000000000008500000017000000850000002a0000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000085000000080000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000002380)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB="7a0af8ff75257078bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce72d75946c2b638d91dbef661962239c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e6fff4942eb613eff289026d5045ef76d7d864409eb2dc9518a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be3cdda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed544126fabe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a6a8ca9d4aa797a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f00000000008000000000000000000000000040000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000040)=r7, 0x4) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) close(r8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="1e0308003c5c980128876360864668f82ffdd569d2f630b5e033ff11edf1c5ffc733d2acb165fe588cd568cd1f31b87b68b00ad888f7"], 0xffdd) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700) r11 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r11, &(0x7f0000000140), 0x0}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_fc_track_inode\x00', r2}, 0x10) 1.181987664s ago: executing program 3 (id=2306): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0x9725}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) r2 = dup(r0) write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000080)={0x28}, 0xfdef) 210.314452ms ago: executing program 3 (id=2307): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) pipe2(0x0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd609f50ef000801b81100fe00000000c300000000000000000000ffff0000000000ddff000008689dff"], 0x0) 0s ago: executing program 3 (id=2308): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="01000000000000006a0200000000000000000002"]) kernel console output (not intermixed with test programs): lave_0: entered promiscuous mode [ 1190.050373][T15687] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1702'. [ 1190.841523][T15447] hsr_slave_1: entered promiscuous mode [ 1190.887872][T15447] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1190.895588][T15447] Cannot create hsr debugfs directory [ 1191.138004][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1701'. [ 1192.167619][T15705] netlink: 'syz.0.1705': attribute type 3 has an invalid length. [ 1192.176423][T15705] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1705'. [ 1192.298053][T15702] netlink: 'syz.1.1704': attribute type 3 has an invalid length. [ 1192.307045][T15702] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1704'. [ 1195.283001][T15732] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1709'. [ 1195.478825][T15732] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR [ 1195.478933][T15732] block (null): Could not allocate knbd recv work queue. [ 1195.495401][T15732] nbd: failed to add new device [ 1196.053973][ T29] audit: type=1326 audit(1727475753.369:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1196.097881][ T29] audit: type=1326 audit(1727475753.369:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1196.139031][ T29] audit: type=1326 audit(1727475753.579:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.140762][ T29] audit: type=1326 audit(1727475753.579:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.355109][ T29] audit: type=1326 audit(1727475753.579:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.397214][ T29] audit: type=1326 audit(1727475753.579:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.445193][ T29] audit: type=1326 audit(1727475753.579:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.485110][ T29] audit: type=1326 audit(1727475753.579:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.535108][ T29] audit: type=1326 audit(1727475753.579:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.565221][ T29] audit: type=1326 audit(1727475753.579:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a63b7df39 code=0x7ffc0000 [ 1198.621988][T15751] syz.4.1710: attempt to access beyond end of device [ 1198.621988][T15751] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 1198.639211][T15754] Bluetooth: MGMT ver 1.23 [ 1198.645388][T15751] gfs2: error -5 reading superblock [ 1198.779692][T15741] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1711'. [ 1199.677573][T15778] fuse: Unknown parameter 'groupvðyê00000000000000000000' [ 1199.734371][T15780] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1718'. [ 1199.792921][T15780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1718'. [ 1200.046412][T15783] netlink: 'syz.1.1717': attribute type 3 has an invalid length. [ 1200.054374][T15783] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1717'. [ 1201.052075][T15810] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1721'. [ 1201.957726][T15810] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR [ 1201.957848][T15810] block (null): Could not allocate knbd recv work queue. [ 1201.974204][T15810] nbd: failed to add new device [ 1202.562987][T15824] bridge0: port 3(team0) entered blocking state [ 1202.594186][T15824] bridge0: port 3(team0) entered disabled state [ 1202.629755][T15824] team0: entered allmulticast mode [ 1202.906721][T15832] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1724'. [ 1202.916077][T15832] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1724'. [ 1203.429012][T15824] team_slave_0: entered allmulticast mode [ 1203.555294][T15824] team_slave_1: entered allmulticast mode [ 1203.604359][T15824] team0: entered promiscuous mode [ 1203.613575][T15824] team_slave_0: entered promiscuous mode [ 1203.649764][T15824] team_slave_1: entered promiscuous mode [ 1203.737113][T15824] bridge0: port 3(team0) entered blocking state [ 1203.743494][T15824] bridge0: port 3(team0) entered forwarding state [ 1204.018149][T15447] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1204.057054][T15447] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1204.083745][T15447] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1204.164700][T15447] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1204.517262][T15447] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1204.628808][T15447] 8021q: adding VLAN 0 to HW filter on device team0 [ 1204.713312][ T2580] bridge0: port 1(bridge_slave_0) entered blocking state [ 1204.720512][ T2580] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1204.750440][ T2580] bridge0: port 2(bridge_slave_1) entered blocking state [ 1204.757601][ T2580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1205.235374][ T5219] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 1205.432173][ T5219] usb 1-1: Using ep0 maxpacket: 8 [ 1205.471278][T15447] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1205.513468][T15447] veth0_vlan: entered promiscuous mode [ 1205.525358][T15447] veth1_vlan: entered promiscuous mode [ 1205.550564][T15447] veth0_macvtap: entered promiscuous mode [ 1205.561324][T15447] veth1_macvtap: entered promiscuous mode [ 1205.579157][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1205.589789][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.599851][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1205.610402][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.620380][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1205.631019][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.641067][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1205.651632][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.662970][T15447] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1205.672772][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1205.683353][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.693735][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1205.704697][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.714942][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1205.725499][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.735436][T15447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1205.745978][T15447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1205.757224][T15447] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1205.937317][T15447] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1206.232579][T15880] ./bus: Can't lookup blockdev [ 1206.391865][T15447] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1206.401299][T15447] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1206.611438][T15447] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1206.847159][ T5219] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d [ 1206.856696][ T5219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1206.864838][ T5219] usb 1-1: Product: syz [ 1206.869078][ T5219] usb 1-1: Manufacturer: syz [ 1206.873693][ T5219] usb 1-1: SerialNumber: syz [ 1206.880499][ T5219] usb 1-1: config 0 descriptor?? [ 1206.900258][ T5219] usb_ehset_test 1-1:0.0: probe with driver usb_ehset_test failed with error -32 [ 1207.616744][T15887] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1727'. [ 1207.777636][T15894] netlink: 'syz.4.1730': attribute type 3 has an invalid length. [ 1207.792877][T15894] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.1730'. [ 1208.206905][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1208.214848][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1208.256880][T14028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1208.274388][T14028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1208.491908][ T5268] usb 1-1: USB disconnect, device number 25 [ 1210.245989][T15931] sctp: [Deprecated]: syz.4.1735 (pid 15931) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1210.245989][T15931] Use struct sctp_sack_info instead [ 1211.527296][T15942] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1734'. [ 1212.753240][T15963] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1213.095534][T15965] smk_cipso_doi:695 remove rc = -2 [ 1213.265838][T15965] smk_cipso_doi:708 cipso add rc = -17 [ 1213.271671][T15959] vivid-000: kernel_thread() failed [ 1214.443700][T15971] netlink: 'syz.4.1740': attribute type 12 has an invalid length. [ 1214.503474][T15971] bond0: option primary_reselect: invalid value (255) [ 1215.994242][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1217.639428][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1217.778888][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1218.833604][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1218.841802][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1218.849945][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1219.886792][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1219.902295][T16014] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 1219.905583][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1220.585447][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1221.067246][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1221.232541][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1221.986228][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1222.075722][ T936] IPVS: starting estimator thread 0... [ 1222.107553][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1222.140946][T16032] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1751'. [ 1222.171661][T16044] IPVS: using max 21 ests per chain, 50400 per kthread [ 1222.185479][T16032] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1751'. [ 1222.230492][T16047] usb usb8: usbfs: process 16047 (syz.4.1750) did not claim interface 0 before use [ 1222.870225][T16054] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1223.181493][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1223.445863][T16064] netlink: 'syz.4.1755': attribute type 16 has an invalid length. [ 1223.453989][T16064] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.1755'. [ 1224.402997][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1224.909906][T16078] smk_cipso_doi:695 remove rc = -2 [ 1224.915190][T16078] smk_cipso_doi:708 cipso add rc = -17 [ 1225.065382][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1225.187488][T11892] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1225.216228][T11892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1225.225968][T11892] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1225.233930][T11892] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1225.255913][T11892] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1225.264638][T11892] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1225.516045][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1225.652755][T16087] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1760'. [ 1226.585377][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1227.387218][ T8086] Bluetooth: hci5: command tx timeout [ 1227.696906][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1228.481890][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1228.598169][T16082] chnl_net:caif_netlink_parms(): no params data found [ 1228.750126][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1228.945349][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1228.984405][T16082] bridge0: port 1(bridge_slave_0) entered blocking state [ 1229.027091][T16082] bridge0: port 1(bridge_slave_0) entered disabled state [ 1229.070403][T16082] bridge_slave_0: entered allmulticast mode [ 1229.137007][T16082] bridge_slave_0: entered promiscuous mode [ 1229.146068][T16082] bridge0: port 2(bridge_slave_1) entered blocking state [ 1229.156501][T16082] bridge0: port 2(bridge_slave_1) entered disabled state [ 1229.163708][T16082] bridge_slave_1: entered allmulticast mode [ 1229.170975][T16082] bridge_slave_1: entered promiscuous mode [ 1229.241472][T16082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1229.254028][T16082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1229.294331][T16082] team0: Port device team_slave_0 added [ 1229.303831][T16082] team0: Port device team_slave_1 added [ 1229.332831][T16082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1229.341745][T16082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1229.376661][T16082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1229.416900][T16082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1229.438929][T16082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1229.472319][ T8086] Bluetooth: hci5: command tx timeout [ 1229.484098][T16082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1229.585518][T16082] hsr_slave_0: entered promiscuous mode [ 1229.592337][T16082] hsr_slave_1: entered promiscuous mode [ 1229.634034][T16118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1766'. [ 1229.649356][T16082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1229.659478][T16082] Cannot create hsr debugfs directory [ 1229.785422][ T5268] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1231.551688][ T8086] Bluetooth: hci5: command tx timeout [ 1231.803024][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1231.811186][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1231.959101][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1231.998899][T16082] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1232.790391][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1232.799946][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1232.960562][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1233.668230][ T8086] Bluetooth: hci5: command tx timeout [ 1234.154042][ T5219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1234.162214][ T5219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1235.262812][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1235.305280][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1235.420254][T16082] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1235.481052][T16159] smk_cipso_doi:695 remove rc = -2 [ 1235.488271][T16159] smk_cipso_doi:708 cipso add rc = -17 [ 1235.602515][T11892] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1235.613671][T11892] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1235.626296][T11892] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1235.636301][T11892] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1235.644136][T11892] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1235.651888][T11892] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1235.718693][T16158] input: syz1 as /devices/virtual/input/input24 [ 1235.750465][T16082] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1237.705284][ T8086] Bluetooth: hci1: command tx timeout [ 1237.712677][ T9] net_ratelimit: 2 callbacks suppressed [ 1237.712691][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1237.752653][T16082] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1238.105627][T16178] can0: slcan on ptm0. [ 1238.717242][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.729220][ T1266] can0 selects TX queue 0, but real number of TX queues is 0 [ 1238.795727][T16175] can0 (unregistered): slcan off ptm0. [ 1238.939529][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1238.985242][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1239.151912][ T5496] team0: left allmulticast mode [ 1239.169502][ T5496] team_slave_0: left allmulticast mode [ 1239.288029][ T5496] team_slave_1: left allmulticast mode [ 1239.317114][ T5496] team0: left promiscuous mode [ 1239.343692][ T5496] team_slave_0: left promiscuous mode [ 1239.362826][ T5496] team_slave_1: left promiscuous mode [ 1239.390435][ T5496] bridge0: port 3(team0) entered disabled state [ 1239.456603][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1239.540138][ T5496] bridge_slave_1: left allmulticast mode [ 1239.566196][ T5496] bridge_slave_1: left promiscuous mode [ 1239.592315][ T5496] bridge0: port 2(bridge_slave_1) entered disabled state [ 1239.644341][ T5496] bridge_slave_0: left allmulticast mode [ 1239.685199][ T5496] bridge_slave_0: left promiscuous mode [ 1239.695640][ T5496] bridge0: port 1(bridge_slave_0) entered disabled state [ 1239.788475][ T8086] Bluetooth: hci1: command tx timeout [ 1240.030426][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1240.782695][ T5496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1240.803328][ T5496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1240.818704][ T5496] bond0 (unregistering): Released all slaves [ 1240.847453][T16161] chnl_net:caif_netlink_parms(): no params data found [ 1240.858865][T16190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1780'. [ 1240.997370][T16200] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1782'. [ 1241.070991][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1241.421979][ T8086] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 1241.463159][T16161] bridge0: port 1(bridge_slave_0) entered blocking state [ 1241.481638][T16161] bridge0: port 1(bridge_slave_0) entered disabled state [ 1241.493797][T16161] bridge_slave_0: entered allmulticast mode [ 1241.656011][T16161] bridge_slave_0: entered promiscuous mode [ 1241.678858][T16161] bridge0: port 2(bridge_slave_1) entered blocking state [ 1242.417057][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1242.425254][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1242.433765][ T8086] Bluetooth: hci1: command tx timeout [ 1242.442999][T16161] bridge0: port 2(bridge_slave_1) entered disabled state [ 1242.450734][T16161] bridge_slave_1: entered allmulticast mode [ 1242.520429][T16161] bridge_slave_1: entered promiscuous mode [ 1242.548013][T16082] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1242.570570][T16082] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1242.593737][T16082] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1242.839406][T16082] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1242.858189][ T5496] hsr_slave_0: left promiscuous mode [ 1243.817302][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1243.847726][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1244.236144][ T5496] hsr_slave_1: left promiscuous mode [ 1244.244050][ T5496] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1244.455403][ T5496] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1244.463416][ T5496] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1244.473373][ T5496] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1244.507770][ T5496] veth1_macvtap: left promiscuous mode [ 1244.513330][ T5496] veth0_macvtap: left promiscuous mode [ 1244.519883][ T8086] Bluetooth: hci1: command tx timeout [ 1244.535985][ T5496] veth1_vlan: left promiscuous mode [ 1244.541424][ T5496] veth0_vlan: left promiscuous mode [ 1244.910539][ T5297] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1245.340825][ T5496] team0 (unregistering): Port device team_slave_1 removed [ 1245.423174][ T5496] team0 (unregistering): Port device team_slave_0 removed [ 1245.973406][ T936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1246.193756][T16161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1246.213117][T16161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1246.282351][T16082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1246.309100][T16082] 8021q: adding VLAN 0 to HW filter on device team0 [ 1246.472832][T16161] team0: Port device team_slave_0 added [ 1246.520764][T16161] team0: Port device team_slave_1 added [ 1246.569230][ T7700] bridge0: port 1(bridge_slave_0) entered blocking state [ 1246.576351][ T7700] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1246.747558][ T2580] bridge0: port 2(bridge_slave_1) entered blocking state [ 1246.754713][ T2580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1246.887865][T16161] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1246.939574][T16161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1247.168361][ T5268] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1247.218337][T16161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1247.425544][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1247.503364][T16161] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1247.510536][T16161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1247.548802][T16161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1247.642139][T16161] hsr_slave_0: entered promiscuous mode [ 1247.653546][T16161] hsr_slave_1: entered promiscuous mode [ 1247.704321][ T5496] IPVS: stop unused estimator thread 0... [ 1248.280012][T16261] erofs: (device nbd0): erofs_read_superblock: cannot find valid erofs superblock [ 1248.630750][ T5268] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1248.750518][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1248.768927][T16161] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1249.035933][T16269] smk_cipso_doi:695 remove rc = -2 [ 1249.041178][T16269] smk_cipso_doi:708 cipso add rc = -17 [ 1249.195813][T16161] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1249.307671][T16082] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1249.705402][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 1249.705444][ T29] audit: type=1800 audit(1727475807.139:1215): pid=16274 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1792" name="/" dev="fuse" ino=1 res=0 errno=0 [ 1250.194015][T14855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1250.228419][T16161] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1250.482818][T16161] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1250.677251][T16281] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1793'. [ 1251.642779][ T5270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1251.650047][T16082] veth0_vlan: entered promiscuous mode [ 1251.661757][T14855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1251.676308][T16082] veth1_vlan: entered promiscuous mode [ 1253.414738][T14855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1253.679039][T16082] veth0_macvtap: entered promiscuous mode [ 1253.688299][T16082] veth1_macvtap: entered promiscuous mode [ 1253.722310][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.739140][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.751339][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.766609][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.779601][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.801351][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.832641][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.847135][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.868822][T16082] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1253.890221][T16161] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1253.899475][T16294] input: syz1 as /devices/virtual/input/input25 [ 1253.940948][T16161] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1253.971222][T16294] xt_TCPMSS: Only works on TCP SYN packets [ 1253.980819][T16161] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1254.107126][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.127381][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.138959][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.237146][T16298] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1796'. [ 1254.345395][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.357841][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.114169][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.129257][T16082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1255.140086][T16082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1255.151059][T16082] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1255.381645][T16161] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1255.410796][T16082] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.430338][T16082] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.473861][T16082] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.505231][T16082] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.747229][T16305] Failed to get privilege flags for destination (handle=0x0:0x0) [ 1255.824365][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1255.848995][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1256.728670][T16161] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1256.800561][T10125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1256.809120][T16310] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1800'. [ 1256.820627][T10125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1256.849976][T16161] 8021q: adding VLAN 0 to HW filter on device team0 [ 1256.890852][T10125] bridge0: port 1(bridge_slave_0) entered blocking state [ 1256.898012][T10125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1257.001127][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 1257.008270][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1257.059476][T16315] netlink: 'syz.3.1800': attribute type 1 has an invalid length. [ 1257.110226][T16315] netlink: 9352 bytes leftover after parsing attributes in process `syz.3.1800'. [ 1257.174633][T16315] netlink: 'syz.3.1800': attribute type 1 has an invalid length. [ 1257.263822][T16315] netlink: 'syz.3.1800': attribute type 2 has an invalid length. [ 1257.615360][ T29] audit: type=1326 audit(1727475815.039:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.296373][T16315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1800'. [ 1258.322760][ T29] audit: type=1326 audit(1727475815.039:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.536253][ T29] audit: type=1326 audit(1727475815.049:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.669202][ T29] audit: type=1326 audit(1727475815.049:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.691146][ T29] audit: type=1326 audit(1727475815.049:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.712869][ T29] audit: type=1326 audit(1727475815.049:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.734656][ T29] audit: type=1326 audit(1727475815.049:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.756589][ T29] audit: type=1326 audit(1727475815.049:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.778383][ T29] audit: type=1326 audit(1727475815.049:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.800329][ T29] audit: type=1326 audit(1727475815.049:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16318 comm="syz.2.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450f57df39 code=0x7ffc0000 [ 1258.928476][T16161] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1259.166666][T16310] syz.3.1800 (16310): drop_caches: 2 [ 1259.600757][T16161] veth0_vlan: entered promiscuous mode [ 1259.633489][T16161] veth1_vlan: entered promiscuous mode [ 1259.750847][T16161] veth0_macvtap: entered promiscuous mode [ 1259.787976][T16161] veth1_macvtap: entered promiscuous mode [ 1259.963364][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1259.983228][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1260.098981][T16351] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1806'. [ 1260.625289][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1260.975147][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.021280][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1261.085050][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.104352][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1261.122933][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.242557][T16359] smk_cipso_doi:695 remove rc = -2 [ 1261.247879][T16359] smk_cipso_doi:708 cipso add rc = -17 [ 1261.255346][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1261.268701][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.440434][T16161] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1261.494024][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1261.515288][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.555109][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1261.578596][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.606025][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1261.648823][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.684312][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1261.725466][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.774720][T16161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1261.802548][T16161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1261.846646][T16161] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1261.891204][T16161] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1261.943559][T16161] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1261.964361][T16161] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1261.984581][T16161] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1262.652226][ T5496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1262.677510][ T5496] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1262.701822][T16370] syz.3.1810: attempt to access beyond end of device [ 1262.701822][T16370] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 1262.721030][T16370] isofs_fill_super: bread failed, dev=nbd3, iso_blknum=16, block=32 [ 1262.802066][T13121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1262.810405][T13121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1265.840093][ T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1266.992999][T16391] xt_limit: Overflow, try lower: 6/2147483648 [ 1268.039400][ T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1269.043460][T11892] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1269.128830][T11892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1269.139590][T11892] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1269.157898][T11892] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1269.166868][T11892] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1269.174818][T11892] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1269.284370][ T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1269.446895][ T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1270.480511][ T52] bridge_slave_1: left allmulticast mode [ 1270.605958][ T52] bridge_slave_1: left promiscuous mode [ 1270.612637][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 1270.694634][ T52] bridge_slave_0: left allmulticast mode [ 1270.737610][ T52] bridge_slave_0: left promiscuous mode [ 1270.743376][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 1271.325186][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 1271.325231][ T29] audit: type=1326 audit(1727475828.789:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16424 comm="syz.0.1826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x0 [ 1271.364780][T11892] Bluetooth: hci3: command tx timeout [ 1272.372115][ T8086] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1272.495270][ T8086] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1272.732709][ T8086] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1272.748336][ T8086] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1272.759832][ T8086] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1272.771316][ T8086] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1273.387469][T11892] Bluetooth: hci3: command tx timeout [ 1273.866001][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1273.878515][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1273.891007][ T52] bond0 (unregistering): Released all slaves [ 1273.989725][T16455] sp0: Synchronizing with TNC [ 1274.946310][T11892] Bluetooth: hci5: command tx timeout [ 1275.500421][T11892] Bluetooth: hci3: command tx timeout [ 1276.184479][ T52] hsr_slave_0: left promiscuous mode [ 1276.195940][ T52] hsr_slave_1: left promiscuous mode [ 1276.254542][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1276.263345][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1276.279262][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1276.290943][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1276.560143][ T52] veth1_macvtap: left promiscuous mode [ 1276.589392][ T52] veth0_macvtap: left promiscuous mode [ 1276.595741][ T52] veth1_vlan: left promiscuous mode [ 1276.601101][ T52] veth0_vlan: left promiscuous mode [ 1276.615793][T16481] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1276.995438][T11892] Bluetooth: hci5: command tx timeout [ 1277.557644][T11892] Bluetooth: hci3: command tx timeout [ 1278.811785][ T52] team0 (unregistering): Port device team_slave_1 removed [ 1279.105496][T11892] Bluetooth: hci5: command tx timeout [ 1279.423600][ T52] team0 (unregistering): Port device team_slave_0 removed [ 1280.789082][T16529] fuse: Bad value for 'fd' [ 1281.083320][T16400] chnl_net:caif_netlink_parms(): no params data found [ 1281.145272][T11892] Bluetooth: hci5: command tx timeout [ 1282.205095][T16539] xt_limit: Overflow, try lower: 6/2147483648 [ 1282.555607][T16400] bridge0: port 1(bridge_slave_0) entered blocking state [ 1282.582676][T16400] bridge0: port 1(bridge_slave_0) entered disabled state [ 1282.628896][T16400] bridge_slave_0: entered allmulticast mode [ 1282.636404][T16400] bridge_slave_0: entered promiscuous mode [ 1282.690766][T16400] bridge0: port 2(bridge_slave_1) entered blocking state [ 1282.728080][T16400] bridge0: port 2(bridge_slave_1) entered disabled state [ 1282.765330][T16400] bridge_slave_1: entered allmulticast mode [ 1282.791466][T16400] bridge_slave_1: entered promiscuous mode [ 1282.841933][T16441] chnl_net:caif_netlink_parms(): no params data found [ 1282.915927][T16564] 9pnet_virtio: no channels available for device [ 1283.071775][T16573] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1849'. [ 1287.052958][T16400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1287.202635][T16400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1287.442528][ T52] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1287.477785][T16400] team0: Port device team_slave_0 added [ 1287.510501][T16400] team0: Port device team_slave_1 added [ 1287.560167][ T52] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1287.576657][T16441] bridge0: port 1(bridge_slave_0) entered blocking state [ 1287.586343][T16441] bridge0: port 1(bridge_slave_0) entered disabled state [ 1287.595481][T16441] bridge_slave_0: entered allmulticast mode [ 1287.607210][T16441] bridge_slave_0: entered promiscuous mode [ 1287.672175][ T52] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1287.688159][T16441] bridge0: port 2(bridge_slave_1) entered blocking state [ 1287.695893][T16441] bridge0: port 2(bridge_slave_1) entered disabled state [ 1287.703244][T16441] bridge_slave_1: entered allmulticast mode [ 1287.711892][T16441] bridge_slave_1: entered promiscuous mode [ 1287.774699][ T52] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1287.830499][T16400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1287.858067][T16400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1287.895180][T16400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1287.921562][T16441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1287.946948][T16441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1287.957837][T16400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1287.978710][T16400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1288.098444][T16400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1288.219061][T16441] team0: Port device team_slave_0 added [ 1288.269576][T16441] team0: Port device team_slave_1 added [ 1289.054756][T11892] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 1289.197039][T16441] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1289.222105][T16441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1289.299085][T16441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1289.395975][T16400] hsr_slave_0: entered promiscuous mode [ 1289.420008][T16400] hsr_slave_1: entered promiscuous mode [ 1289.461868][T16400] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1289.493283][T16400] Cannot create hsr debugfs directory [ 1289.570886][T16441] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1289.601602][T16441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1289.641359][T16441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1291.326213][T16628] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1857'. [ 1291.890756][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1291.923670][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1291.938490][ T52] bond0 (unregistering): Released all slaves [ 1292.226680][T16441] hsr_slave_0: entered promiscuous mode [ 1292.234757][T16441] hsr_slave_1: entered promiscuous mode [ 1292.247340][T16441] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1292.264013][T16441] Cannot create hsr debugfs directory [ 1292.843370][T16647] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1860'. [ 1296.344369][ T52] hsr_slave_0: left promiscuous mode [ 1296.356452][ T52] hsr_slave_1: left promiscuous mode [ 1296.769851][ T52] veth1_macvtap: left promiscuous mode [ 1296.776069][ T52] veth0_macvtap: left promiscuous mode [ 1296.781721][ T52] veth1_vlan: left promiscuous mode [ 1296.788465][ T52] veth0_vlan: left promiscuous mode [ 1297.448797][ T5219] libceph: connect (1)[c::]:6789 error -101 [ 1297.454888][ T5219] libceph: mon0 (1)[c::]:6789 connect error [ 1297.647833][T16703] ceph: No mds server is up or the cluster is laggy [ 1297.719482][ T25] libceph: connect (1)[c::]:6789 error -101 [ 1297.725912][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 1298.405460][T16714] cgroup: none used incorrectly [ 1298.739849][T16714] orangefs_mount: mount request failed with -4 [ 1299.479637][ T52] team0 (unregistering): Port device team_slave_1 removed [ 1299.622892][ T52] team0 (unregistering): Port device team_slave_0 removed [ 1299.691511][T16725] binder: 16724:16725 ioctl 400c620e 20000140 returned -22 [ 1299.947302][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.229733][ T52] lo (unregistering): left allmulticast mode [ 1301.291432][T16400] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1301.442871][T16400] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1301.462680][T16736] netlink: 'syz.0.1876': attribute type 4 has an invalid length. [ 1301.510979][T16400] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1301.538909][T16736] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1876'. [ 1301.607423][T16736] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1301.707822][T16400] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1301.955468][T16400] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1302.217910][T16400] 8021q: adding VLAN 0 to HW filter on device team0 [ 1302.322802][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1302.330105][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1302.812151][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1302.819386][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1303.160728][T16762] Bluetooth: MGMT ver 1.23 [ 1303.257575][T16767] netlink: zone id is out of range [ 1303.263197][T16767] netlink: zone id is out of range [ 1303.408140][T16441] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1303.447449][T16767] netlink: zone id is out of range [ 1303.452733][T16767] netlink: zone id is out of range [ 1303.567481][T16441] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1303.604671][T16767] netlink: zone id is out of range [ 1304.266255][T16441] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1304.370846][T16767] netlink: set zone limit has 4 unknown bytes [ 1304.376141][T16441] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1304.459328][T11892] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1304.560901][T16400] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1305.544588][T16796] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1305.587238][T11892] Bluetooth: Unknown BR/EDR signaling command 0x0c [ 1305.593869][T11892] Bluetooth: Wrong link type (-22) [ 1305.600495][T11892] Bluetooth: Unknown BR/EDR signaling command 0x0d [ 1305.609346][T11892] Bluetooth: Wrong link type (-22) [ 1305.614510][T11892] Bluetooth: Unknown BR/EDR signaling command 0x0d [ 1305.621152][T16778] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1880'. [ 1305.630337][T11892] Bluetooth: Wrong link type (-22) [ 1305.631625][T16796] input: syz0 as /devices/virtual/input/input26 [ 1305.635985][T11892] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 1305.649104][T11892] Bluetooth: Wrong link type (-22) [ 1305.658480][T11892] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 1305.665396][T11892] Bluetooth: Wrong link type (-22) [ 1305.672492][T11892] Bluetooth: hci1: link tx timeout [ 1305.678149][T11892] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 1305.807821][T16441] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1305.867100][ T8086] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 1305.876155][ T8086] Bluetooth: hci2: Injecting HCI hardware error event [ 1305.918134][ T8086] Bluetooth: hci2: hardware error 0x00 [ 1306.527159][T16400] veth0_vlan: entered promiscuous mode [ 1306.551523][T16441] 8021q: adding VLAN 0 to HW filter on device team0 [ 1306.622755][ T2580] bridge0: port 1(bridge_slave_0) entered blocking state [ 1306.629935][ T2580] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1306.713933][T16400] veth1_vlan: entered promiscuous mode [ 1306.766967][ T2580] bridge0: port 2(bridge_slave_1) entered blocking state [ 1306.774102][ T2580] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1306.870222][T16400] veth0_macvtap: entered promiscuous mode [ 1306.899113][T16400] veth1_macvtap: entered promiscuous mode [ 1307.265478][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1307.278022][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.305666][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1307.330528][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.343098][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1307.362855][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.373234][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1307.394722][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.418086][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1307.438127][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.487423][T16400] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1307.537549][ T5219] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 1307.541412][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1307.580408][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.593611][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1307.619464][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1307.637408][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1307.725268][ T5219] usb 1-1: Using ep0 maxpacket: 16 [ 1308.225094][T16817] Bluetooth: hci1: command 0x0406 tx timeout [ 1308.231602][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1308.242460][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1308.254220][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1308.264502][T16400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1308.275505][T16400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1308.287025][T16400] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1308.341932][ T5219] usb 1-1: New USB device found, idVendor=5752, idProduct=75b9, bcdDevice=ae.00 [ 1308.355136][ T5219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1308.371244][T16400] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.405138][ T5219] usb 1-1: Product: syz [ 1308.409389][ T5219] usb 1-1: Manufacturer: syz [ 1308.414008][ T5219] usb 1-1: SerialNumber: syz [ 1308.420042][T16400] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.437614][T16400] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.447439][ T5219] usb 1-1: config 0 descriptor?? [ 1308.463841][ T5219] usb-storage 1-1:0.0: USB Mass Storage device detected [ 1308.471725][T16400] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.665411][ T8086] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1309.483947][T16856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1309.684423][T16856] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1309.800389][T16866] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1892'. [ 1312.022835][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1312.174639][ T5496] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1312.201574][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1312.213367][ T5496] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1312.370833][T16441] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1312.382185][ T9] usb 1-1: USB disconnect, device number 26 [ 1312.419967][T16441] veth0_vlan: entered promiscuous mode [ 1312.433354][T16441] veth1_vlan: entered promiscuous mode [ 1312.454179][T16441] veth0_macvtap: entered promiscuous mode [ 1312.522025][T16441] veth1_macvtap: entered promiscuous mode [ 1312.554625][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.573036][ T8086] Bluetooth: hci1: unexpected event for opcode 0x0809 [ 1312.605465][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.625116][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.636422][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.647191][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.658196][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.685583][ T8086] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1 [ 1312.697726][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.735175][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.765095][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.795198][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.845370][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1312.885167][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1312.927043][T16441] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1312.998488][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.045410][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.084412][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.115241][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.155407][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.183010][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.217628][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.249258][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.275101][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.305131][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.355146][T16441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1313.377369][T16441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1313.434620][T16441] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1313.526462][T16909] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1816'. [ 1313.531001][T16916] ./bus: Can't lookup blockdev [ 1313.937810][T16441] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1314.047808][T16441] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1314.058934][T16441] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1314.205433][T16441] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1314.514656][T16926] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1897'. [ 1315.184870][T16418] block nbd64: NBD_DISCONNECT [ 1315.557258][T13121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1315.605858][T13121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1315.742610][ T1120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1315.750861][ T1120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1318.405142][ T5216] IPVS: starting estimator thread 0... [ 1318.489624][T16966] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1318.490327][T16965] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 1318.535861][T16960] IPVS: using max 33 ests per chain, 79200 per kthread [ 1318.594087][ T5270] libceph: connect (1)[c::]:6789 error -101 [ 1318.650302][ T5270] libceph: mon0 (1)[c::]:6789 connect error [ 1318.941680][T16983] Process accounting resumed [ 1319.056307][ T8845] libceph: connect (1)[c::]:6789 error -101 [ 1319.460043][T16837] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1319.468115][ T8845] libceph: mon0 (1)[c::]:6789 connect error [ 1319.556680][T16971] ceph: No mds server is up or the cluster is laggy [ 1319.659152][ T29] audit: type=1326 audit(1727475877.069:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16974 comm="syz.0.1905" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x0 [ 1319.765721][T16837] usb 3-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 1319.830908][T16837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1319.903077][T16837] usb 3-1: config 0 descriptor?? [ 1319.961626][T16837] usb 3-1: selecting invalid altsetting 1 [ 1320.140276][T16837] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 1320.162694][T16966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1320.284459][T17000] can0: slcan on ptm0. [ 1320.872400][T16390] udevd[16390]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1320.893649][ T29] audit: type=1800 audit(1727475877.669:1239): pid=16989 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1918" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 1321.970295][T16966] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1323.105633][ T5270] usb 3-1: USB disconnect, device number 13 [ 1323.117569][T16991] can0 (unregistered): slcan off ptm0. [ 1323.371317][T17034] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1913'. [ 1324.663524][T17044] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1324.966175][T17028] could not allocate digest TFM handle rmd256-generic [ 1325.223696][T17043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1915'. [ 1326.580134][T17083] syz.0.1919 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 1327.387216][ T29] audit: type=1326 audit(1727475884.889:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17075 comm="syz.0.1919" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x0 [ 1327.531992][T17097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1923'. [ 1329.042323][T17075] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1331.008463][T17123] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1331.427773][T17131] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1929'. [ 1332.025085][ C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1332.951875][T17143] trusted_key: encrypted_key: insufficient parameters specified [ 1337.324223][ T29] audit: type=1326 audit(1727475894.809:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17183 comm="syz.0.1939" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x0 [ 1339.896159][T17210] netlink: 'syz.4.1944': attribute type 14 has an invalid length. [ 1339.904874][T17210] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (204) [ 1341.895079][T17229] netlink: 'syz.4.1946': attribute type 3 has an invalid length. [ 1341.902997][T17229] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.1946'. [ 1344.608924][T11892] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1345.063583][T11892] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1345.075259][T11892] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1345.178536][T11892] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1345.189349][T11892] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1345.201361][T11892] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1345.987405][T17278] smk_cipso_doi:695 remove rc = -2 [ 1345.992584][T17278] smk_cipso_doi:708 cipso add rc = -17 [ 1346.526299][T17277] vivid-000: kernel_thread() failed [ 1346.811885][ T29] audit: type=1326 audit(1727475904.309:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17276 comm="syz.2.1955" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x0 [ 1347.203783][T17246] chnl_net:caif_netlink_parms(): no params data found [ 1347.502415][T17301] xt_limit: Overflow, try lower: 6/2147483648 [ 1347.546199][T11892] Bluetooth: hci4: command tx timeout [ 1347.663037][T17305] ALSA: seq fatal error: cannot create timer (-22) [ 1347.679658][T17305] ALSA: seq fatal error: cannot create timer (-22) [ 1347.834740][T17246] bridge0: port 1(bridge_slave_0) entered blocking state [ 1347.880820][T17246] bridge0: port 1(bridge_slave_0) entered disabled state [ 1347.931793][T17246] bridge_slave_0: entered allmulticast mode [ 1347.967829][T17246] bridge_slave_0: entered promiscuous mode [ 1348.009130][T17246] bridge0: port 2(bridge_slave_1) entered blocking state [ 1348.034447][T17246] bridge0: port 2(bridge_slave_1) entered disabled state [ 1348.070609][T17246] bridge_slave_1: entered allmulticast mode [ 1348.103174][T17246] bridge_slave_1: entered promiscuous mode [ 1349.665871][T11892] Bluetooth: hci4: command tx timeout [ 1349.980782][T17246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1350.101915][T17246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1350.298801][T17246] team0: Port device team_slave_0 added [ 1350.384086][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1351.125468][T17246] team0: Port device team_slave_1 added [ 1351.336959][T17246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1351.423721][T17339] SET target dimension over the limit! [ 1351.489531][T17246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1351.708203][T11892] Bluetooth: hci4: command tx timeout [ 1352.185655][T17246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1352.199174][T17246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1352.206456][T17246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1352.235297][T17246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1353.785325][T11892] Bluetooth: hci4: command tx timeout [ 1353.942817][T17342] netlink: 'syz.0.1967': attribute type 10 has an invalid length. [ 1353.952203][T17342] macvlan0: entered promiscuous mode [ 1353.959160][T17342] macvlan0: entered allmulticast mode [ 1354.768577][T17342] veth1_vlan: entered allmulticast mode [ 1354.778213][T17342] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1354.806134][T17346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1967'. [ 1354.815259][T17346] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1967'. [ 1354.848414][T17246] hsr_slave_0: entered promiscuous mode [ 1354.865772][T17246] hsr_slave_1: entered promiscuous mode [ 1354.882150][T17246] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1354.915322][T17246] Cannot create hsr debugfs directory [ 1355.408009][T13121] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1356.975780][T13121] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1357.780216][T17387] xt_limit: Overflow, try lower: 6/2147483648 [ 1357.887815][ T29] audit: type=1326 audit(1727475915.389:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1357.943265][T13121] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1357.973870][ T29] audit: type=1326 audit(1727475915.389:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1358.000294][ T29] audit: type=1326 audit(1727475915.409:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1358.155117][ T29] audit: type=1326 audit(1727475915.409:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1358.178140][ T29] audit: type=1326 audit(1727475915.409:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1358.870848][T11892] Bluetooth: hci1: command 0x0406 tx timeout [ 1358.991531][ T29] audit: type=1326 audit(1727475915.449:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1359.035446][ T29] audit: type=1326 audit(1727475915.449:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1359.065130][ T29] audit: type=1326 audit(1727475915.449:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1359.087494][ T29] audit: type=1326 audit(1727475915.459:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1359.110529][ T29] audit: type=1326 audit(1727475915.459:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17383 comm="syz.2.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdadf7df39 code=0x7ffc0000 [ 1359.136099][T13121] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1359.585975][T13121] bridge_slave_1: left allmulticast mode [ 1359.592497][T13121] bridge_slave_1: left promiscuous mode [ 1359.599084][T13121] bridge0: port 2(bridge_slave_1) entered disabled state [ 1359.623766][T13121] bridge_slave_0: left allmulticast mode [ 1359.633333][T13121] bridge_slave_0: left promiscuous mode [ 1359.649871][T13121] bridge0: port 1(bridge_slave_0) entered disabled state [ 1361.501557][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1364.873398][T17439] netlink: 376 bytes leftover after parsing attributes in process `syz.1.1987'. [ 1364.895168][T17439] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1987'. [ 1366.174640][T13121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1366.222262][T13121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1366.375304][T13121] bond0 (unregistering): Released all slaves [ 1366.596813][T17461] program syz.0.1993 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1368.017648][T17404] : renamed from bond0 [ 1368.098197][T17445] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1988'. [ 1368.603857][T17467] syz.2.1994 (17467): drop_caches: 2 [ 1368.753929][T17473] xt_limit: Overflow, try lower: 6/2147483648 [ 1369.227903][T17488] smk_cipso_doi:695 remove rc = -2 [ 1369.233137][T17488] smk_cipso_doi:708 cipso add rc = -17 [ 1369.736817][T17487] vivid-000: kernel_thread() failed [ 1373.217472][T13121] hsr_slave_0: left promiscuous mode [ 1373.240654][T13121] hsr_slave_1: left promiscuous mode [ 1373.286348][T13121] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1373.293847][T13121] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1373.333659][T17519] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1373.333659][T17519] The task syz.0.2000 (17519) triggered the difference, watch for misbehavior. [ 1373.400641][T13121] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1373.408891][T13121] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1373.526057][T17526] program syz.1.2001 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1373.618900][T17526] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2001'. [ 1373.620434][T13121] veth1_macvtap: left promiscuous mode [ 1373.698144][T17529] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2001'. [ 1373.708336][T17529] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 1373.721649][T13121] veth0_macvtap: left promiscuous mode [ 1373.756383][T13121] veth1_vlan: left promiscuous mode [ 1373.799204][T13121] veth0_vlan: left promiscuous mode [ 1376.007885][T17553] netlink: 'syz.0.2007': attribute type 16 has an invalid length. [ 1376.016137][T17553] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.2007'. [ 1376.730611][T13121] team0 (unregistering): Port device team_slave_1 removed [ 1376.881986][T13121] team0 (unregistering): Port device team_slave_0 removed [ 1377.503860][T17532] netlink: 'syz.2.2003': attribute type 10 has an invalid length. [ 1377.572445][T17532] : (slave netdevsim0): Enslaving as an active interface with an up link [ 1377.591214][T17534] netlink: 'syz.2.2003': attribute type 2 has an invalid length. [ 1378.366223][T17246] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1378.739491][T17246] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1378.901468][T17246] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1379.009935][T17246] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1379.249583][ T5216] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 1379.777017][T17579] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2016'. [ 1379.880734][ T5216] usb 2-1: Using ep0 maxpacket: 8 [ 1379.892144][ T5216] usb 2-1: New USB device found, idVendor=04dd, idProduct=8004, bcdDevice=71.e6 [ 1379.901911][ T5216] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1380.095946][ T5216] usb 2-1: config 0 descriptor?? [ 1380.104865][ T5216] usb 2-1: bad CDC descriptors [ 1380.120593][T17246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1380.166925][T17246] 8021q: adding VLAN 0 to HW filter on device team0 [ 1380.195943][T13121] bridge0: port 1(bridge_slave_0) entered blocking state [ 1380.203075][T13121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1380.216650][ T5496] bridge0: port 2(bridge_slave_1) entered blocking state [ 1380.223796][ T5496] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1380.319471][ T5297] usb 2-1: USB disconnect, device number 19 [ 1380.410444][T17246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1380.447577][T17246] veth0_vlan: entered promiscuous mode [ 1380.461000][T17246] veth1_vlan: entered promiscuous mode [ 1380.485235][ T5270] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 1380.485832][T17246] veth0_macvtap: entered promiscuous mode [ 1380.505449][T17246] veth1_macvtap: entered promiscuous mode [ 1380.519511][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.532653][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.543110][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.553847][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.563696][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.574225][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.584090][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.595959][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.606147][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.617438][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.627412][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1380.639191][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.647901][ T5270] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1380.650620][T17246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1380.670823][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.681497][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.681554][ T5270] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1380.692297][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.711607][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.713400][ T5270] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1380.721968][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.742048][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.752192][ T5270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1380.753916][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.763238][ T5270] usb 3-1: SerialNumber: syz [ 1380.771286][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.785985][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.797107][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.807130][T17246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1380.818296][T17246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1380.829699][T17246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1380.854045][T17246] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1380.876663][T17246] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1380.893692][T17246] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1380.913839][T17246] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1381.024487][ T5270] usb 3-1: invalid UAC_HEADER (v1) [ 1381.043444][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1381.058301][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1381.071299][ T5270] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1381.087951][ T5270] usb 3-1: USB disconnect, device number 14 [ 1381.107551][T16390] udevd[16390]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1381.111776][ T5496] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1381.139528][ T5496] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1381.325384][T17601] virtio-fs: tag <(null)> not found [ 1382.055181][ T5297] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 1382.235793][ T5297] usb 2-1: Using ep0 maxpacket: 8 [ 1382.246198][ T5297] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1382.260776][ T5297] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1382.272915][ T5297] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 1382.289437][ T5297] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 1382.310416][ T5297] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1382.331938][ T5297] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1382.354323][ T5297] hub 2-1:1.0: bad descriptor, ignoring hub [ 1382.372547][ T5297] hub 2-1:1.0: probe with driver hub failed with error -5 [ 1382.381617][ T5297] cdc_wdm 2-1:1.0: skipping garbage [ 1382.390571][ T5297] cdc_wdm 2-1:1.0: skipping garbage [ 1382.401258][ T5297] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 1382.407554][ T5297] cdc_wdm 2-1:1.0: Unknown control protocol [ 1382.465416][ T5270] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 1383.812390][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 1383.824299][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1383.842112][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 1383.853016][ T5270] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1383.863282][ T5270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1383.876667][ T5270] usb 4-1: config 0 descriptor?? [ 1383.946610][T17608] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 1384.290600][T17622] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2027'. [ 1384.339400][ T5270] usb 4-1: USB disconnect, device number 23 [ 1384.785303][T14854] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 1384.969905][ T5270] usb 2-1: USB disconnect, device number 20 [ 1385.018052][T14854] usb 3-1: Using ep0 maxpacket: 32 [ 1385.165928][ T5216] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 1385.179532][T14854] usb 3-1: config 148 has an invalid interface number: 223 but max is 0 [ 1385.239491][T14854] usb 3-1: config 148 has no interface number 0 [ 1385.295884][T14854] usb 3-1: config 148 interface 223 altsetting 1 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 1385.311202][T14854] usb 3-1: config 148 interface 223 has no altsetting 0 [ 1385.323880][T14854] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=27.b4 [ 1385.333125][T14854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1385.355100][T14854] usb 3-1: Product: syz [ 1385.359438][T14854] usb 3-1: Manufacturer: syz [ 1385.367984][T14854] usb 3-1: SerialNumber: syz [ 1385.447404][ T5216] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 1385.458474][ T5216] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1385.492789][ T5216] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1385.528276][ T5216] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1385.550818][ T5216] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1385.575049][ T5216] usb 4-1: Product: syz [ 1385.579372][ T5216] usb 4-1: Manufacturer: syz [ 1385.586958][ T5216] usb 4-1: SerialNumber: syz [ 1385.631035][ T5216] usb 4-1: config 0 descriptor?? [ 1385.639512][T14854] peak_usb 3-1:148.223 can0: unable to request usb[type=0 value=1] err=-71 [ 1385.650270][T17633] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1385.671883][T14854] peak_usb 3-1:148.223: unable to read PCAN-USB X6 firmware info (err -71) [ 1385.681710][ T5216] usb 4-1: ucan: probing device on interface #0 [ 1385.688179][ T5216] usb 4-1: ucan: invalid endpoint configuration [ 1385.695127][ T5216] usb 4-1: ucan: probe failed; try to update the device firmware [ 1385.756757][T14854] peak_usb 3-1:148.223: probe with driver peak_usb failed with error -71 [ 1385.775610][ T5270] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 1385.788794][T14854] usb 3-1: USB disconnect, device number 15 [ 1385.906196][ T5216] usb 4-1: USB disconnect, device number 24 [ 1385.945342][ T5270] usb 2-1: Using ep0 maxpacket: 16 [ 1386.123361][ T5270] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1386.133675][ T5270] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1386.154365][ T5270] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d [ 1386.163880][ T5270] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1386.172854][ T5270] usb 2-1: Product: syz [ 1386.177317][ T5270] usb 2-1: Manufacturer: syz [ 1386.181928][ T5270] usb 2-1: SerialNumber: syz [ 1386.196359][ T5270] usb 2-1: config 0 descriptor?? [ 1386.216373][ T5270] hub 2-1:0.0: bad descriptor, ignoring hub [ 1386.223072][ T5270] hub 2-1:0.0: probe with driver hub failed with error -5 [ 1386.285911][ T5270] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 1386.361350][T13121] usb 2-1: Failed to submit usb control message: -71 [ 1386.384930][T13121] usb 2-1: unable to send the bmi data to the device: -71 [ 1386.427571][T13121] usb 2-1: unable to get target info from device [ 1386.472846][T13121] usb 2-1: could not get target info (-71) [ 1386.485274][T13121] usb 2-1: could not probe fw (-71) [ 1386.537302][ T5270] usb 2-1: USB disconnect, device number 21 [ 1386.745146][ T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 1387.365220][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 1387.373988][ T25] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 1387.383461][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1387.437155][ T5270] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 1388.113532][ T25] usb 3-1: Product: syz [ 1388.118089][ T25] usb 3-1: Manufacturer: syz [ 1388.122708][ T25] usb 3-1: SerialNumber: syz [ 1388.129383][ T25] usb 3-1: config 0 descriptor?? [ 1388.136687][ T25] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 1388.285412][ T5270] usb 4-1: Using ep0 maxpacket: 32 [ 1388.314062][ T5270] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 1388.323516][ T5270] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1388.331750][ T5270] usb 4-1: Product: syz [ 1388.337232][ T5270] usb 4-1: Manufacturer: syz [ 1388.341831][ T5270] usb 4-1: SerialNumber: syz [ 1388.364550][ T5270] usb 4-1: config 0 descriptor?? [ 1388.375283][ T5270] CoreChips 4-1:0.0: probe with driver CoreChips failed with error -22 [ 1388.394778][ T25] usb 3-1: clie_3_5_startup: get config number failed: -71 [ 1388.402241][ T25] visor 3-1:0.0: probe with driver visor failed with error -71 [ 1388.430055][ T25] usb 3-1: USB disconnect, device number 16 [ 1388.598898][T14854] usb 4-1: USB disconnect, device number 25 [ 1388.898016][T17680] netlink: 'syz.4.2049': attribute type 1 has an invalid length. [ 1388.930393][T17680] netlink: 612 bytes leftover after parsing attributes in process `syz.4.2049'. [ 1390.572353][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 1390.572371][ T29] audit: type=1326 audit(1727475948.069:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17703 comm="syz.3.2057" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5a2b7df39 code=0x0 [ 1390.976695][T17717] netlink: 'syz.1.2063': attribute type 1 has an invalid length. [ 1390.984950][T17717] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2063'. [ 1390.996070][T17717] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2063'. [ 1391.387561][T17724] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2065'. [ 1393.452261][T16817] Bluetooth: hci3: command tx timeout [ 1395.303138][ T5270] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1395.411300][T17748] xt_limit: Overflow, try lower: 6/2147483648 [ 1395.555704][ T8086] Bluetooth: hci3: command 0x0406 tx timeout [ 1395.655152][T14854] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 1395.814723][T14854] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1395.835161][ T5270] usb 2-1: config 0 interface 0 altsetting 10 endpoint 0x6 has invalid wMaxPacketSize 0 [ 1395.839241][T14854] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1395.844917][ T5270] usb 2-1: config 0 interface 0 altsetting 10 endpoint 0xB has invalid wMaxPacketSize 0 [ 1395.865153][ T5270] usb 2-1: config 0 interface 0 altsetting 10 bulk endpoint 0xB has invalid maxpacket 0 [ 1395.874921][ T5270] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1395.884440][T14854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1395.924498][ T25] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 1395.935340][ T5270] usb 2-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=4c.b3 [ 1395.935748][T14854] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1395.944430][ T5270] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1395.944459][ T5270] usb 2-1: Product: syz [ 1395.965337][ T5270] usb 2-1: Manufacturer: syz [ 1395.969993][ T5270] usb 2-1: SerialNumber: syz [ 1395.983299][ T5270] usb 2-1: config 0 descriptor?? [ 1396.004650][ T5270] ir_toy 2-1:0.0: required endpoints not found [ 1396.078646][ T8086] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 1396.099345][T14854] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 1396.120386][T17631] udevd[17631]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1396.174602][ T25] usb 4-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01 [ 1396.183871][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1396.191851][T14854] usb 3-1: USB disconnect, device number 17 [ 1396.201363][ T25] usb 4-1: Product: syz [ 1396.219413][ T25] usb 4-1: Manufacturer: syz [ 1396.225763][ T25] usb 4-1: SerialNumber: syz [ 1396.247953][ T25] usb 4-1: config 0 descriptor?? [ 1396.271247][ T25] go7007 4-1:0.0: Sensoray 2250 found [ 1396.286784][ T25] go7007 4-1:0.0: probe with driver go7007 failed with error -12 [ 1396.299298][ T5270] usb 2-1: USB disconnect, device number 22 [ 1396.499199][ T5270] usb 4-1: USB disconnect, device number 26 [ 1396.811888][T17759] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2076'. [ 1397.195325][ T5270] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 1397.361837][ T5270] usb 2-1: Using ep0 maxpacket: 16 [ 1398.280869][ T5270] usb 2-1: config 0 has an invalid interface number: 127 but max is 1 [ 1398.303975][ T5270] usb 2-1: config 0 has no interface number 1 [ 1398.319769][ T5270] usb 2-1: New USB device found, idVendor=413c, idProduct=81d2, bcdDevice=25.e8 [ 1398.333749][ T5270] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1398.342230][ T5270] usb 2-1: Product: syz [ 1398.350829][ T5270] usb 2-1: Manufacturer: syz [ 1398.356162][ T5270] usb 2-1: SerialNumber: syz [ 1398.376724][ T5270] usb 2-1: config 0 descriptor?? [ 1398.804709][ T936] usb 2-1: USB disconnect, device number 23 [ 1399.353778][T11892] Bluetooth: hci5: command 0x0406 tx timeout [ 1400.387103][T17790] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2086'. [ 1400.413762][T17790] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2086'. [ 1400.618186][T17794] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2088'. [ 1400.844780][T17800] smk_cipso_doi:695 remove rc = -2 [ 1400.850074][T17800] smk_cipso_doi:708 cipso add rc = -17 [ 1401.575337][ T8845] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 1401.749412][ T8845] usb 4-1: New USB device found, idVendor=1934, idProduct=0706, bcdDevice=e2.9e [ 1401.758821][ T8845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1401.776588][ T8845] usb 4-1: Product: syz [ 1401.790631][ T8845] usb 4-1: Manufacturer: syz [ 1401.804156][ T8845] usb 4-1: SerialNumber: syz [ 1401.822534][ T8845] usb 4-1: config 0 descriptor?? [ 1401.833013][ T8845] f81232 4-1:0.0: f81232 converter detected [ 1401.851163][ T8845] usb 4-1: f81232 converter now attached to ttyUSB0 [ 1401.895959][ T25] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 1402.057496][ T25] usb 3-1: config 0 has an invalid interface number: 125 but max is 0 [ 1402.078566][ T25] usb 3-1: config 0 has no interface number 0 [ 1402.094671][T14854] usb 4-1: USB disconnect, device number 27 [ 1402.112684][T14854] f81232 ttyUSB0: f81232 converter now disconnected from ttyUSB0 [ 1402.124897][T14854] f81232 4-1:0.0: device disconnected [ 1402.141084][ T25] usb 3-1: New USB device found, idVendor=0403, idProduct=bcd9, bcdDevice=94.33 [ 1402.181735][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1402.216522][ T25] usb 3-1: config 0 descriptor?? [ 1402.239416][ T25] ftdi_sio 3-1:0.125: FTDI USB Serial Device converter detected [ 1402.266266][ T25] ftdi_sio ttyUSB0: unknown device type: 0x9433 [ 1402.459097][ T8845] usb 3-1: USB disconnect, device number 18 [ 1402.484132][ T8845] ftdi_sio 3-1:0.125: device disconnected [ 1402.759005][T17821] binder: 17820:17821 ioctl c0046209 9999999999999999 returned -22 [ 1402.885683][T14854] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 1402.954614][T17825] vhci_hcd: vhci_device speed not set [ 1403.065227][T14854] usb 2-1: Using ep0 maxpacket: 32 [ 1403.094342][T14854] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 1403.143654][T14854] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1403.179927][T14854] usb 2-1: Product: syz [ 1403.190064][T14854] usb 2-1: Manufacturer: syz [ 1403.201857][T14854] usb 2-1: SerialNumber: syz [ 1403.332713][T14854] usb 2-1: config 0 descriptor?? [ 1403.346178][T14854] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 1403.439589][T17840] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2103'. [ 1403.635456][T17844] smk_cipso_doi:695 remove rc = -2 [ 1403.640645][T17844] smk_cipso_doi:708 cipso add rc = -17 [ 1404.537962][T16418] block nbd64: NBD_DISCONNECT [ 1405.225595][T14854] gspca_stk1135: reg_w 0x2 err -71 [ 1405.231759][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.238126][T14854] gspca_stk1135: Sensor write failed [ 1405.243404][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.249841][T14854] gspca_stk1135: Sensor write failed [ 1405.255319][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.261668][T14854] gspca_stk1135: Sensor read failed [ 1405.266939][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.273808][T14854] gspca_stk1135: Sensor read failed [ 1405.441129][T14854] gspca_stk1135: Detected sensor type unknown (0x0) [ 1405.447962][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.454321][T14854] gspca_stk1135: Sensor read failed [ 1405.460053][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.466508][T14854] gspca_stk1135: Sensor read failed [ 1405.471739][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.479139][T14854] gspca_stk1135: Sensor write failed [ 1405.484468][T14854] gspca_stk1135: serial bus timeout: status=0x00 [ 1405.491754][T14854] gspca_stk1135: Sensor write failed [ 1405.497465][T14854] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71 [ 1405.511409][T14854] usb 2-1: USB disconnect, device number 24 [ 1405.785198][T17859] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2112'. [ 1406.973881][T17877] smk_cipso_doi:695 remove rc = -2 [ 1406.979612][T17877] smk_cipso_doi:708 cipso add rc = -17 [ 1408.950571][T17904] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2128'. [ 1411.042001][T17928] netlink: 'syz.2.2138': attribute type 9 has an invalid length. [ 1411.052201][T17928] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2138'. [ 1412.770066][T17952] smk_cipso_doi:695 remove rc = -2 [ 1412.775697][T17952] smk_cipso_doi:708 cipso add rc = -17 [ 1413.755898][T17960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2151'. [ 1415.580677][T17991] smk_cipso_doi:695 remove rc = -2 [ 1415.807396][T17991] smk_cipso_doi:708 cipso add rc = -17 [ 1416.704437][T18004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2167'. [ 1418.895228][T18026] vivid-000: kernel_thread() failed [ 1419.004505][T18028] xt_limit: Overflow, try lower: 6/2147483648 [ 1420.262759][T18041] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2176'. [ 1422.649262][T18058] macvlan2: entered promiscuous mode [ 1422.654618][T18058] macvlan2: entered allmulticast mode [ 1422.868283][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1424.310603][T18075] vivid-000: kernel_thread() failed [ 1427.147836][T18093] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2190'. [ 1428.765521][T18100] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2189'. [ 1428.774602][T18100] nbd: device at index 64 is going down [ 1429.022792][T18102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2195'. [ 1429.032254][T18102] nbd: device at index 64 is going down [ 1431.220574][T11892] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1431.252570][T11892] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1431.263349][T11892] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1431.279404][T11892] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1431.291969][T11892] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1431.302628][T11892] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1432.456473][T14028] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1432.562251][T18142] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2206'. [ 1433.399365][ T8086] Bluetooth: hci2: command tx timeout [ 1434.127918][T14028] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1434.199249][T18128] chnl_net:caif_netlink_parms(): no params data found [ 1434.408986][ T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 1434.554032][T14028] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1434.627465][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 1434.671895][T18157] xt_limit: Overflow, try lower: 6/2147483648 [ 1434.687615][T18128] bridge0: port 1(bridge_slave_0) entered blocking state [ 1434.714471][T18128] bridge0: port 1(bridge_slave_0) entered disabled state [ 1434.738469][T18128] bridge_slave_0: entered allmulticast mode [ 1434.756905][T18128] bridge_slave_0: entered promiscuous mode [ 1434.780659][ T9] usb 2-1: config 0 has an invalid interface number: 153 but max is 0 [ 1434.801941][ T9] usb 2-1: config 0 has no interface number 0 [ 1434.810599][ T9] usb 2-1: New USB device found, idVendor=1199, idProduct=0025, bcdDevice=1e.64 [ 1434.820111][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1434.834188][ T9] usb 2-1: Product: syz [ 1434.849239][T14028] : (slave netdevsim0): Releasing backup interface [ 1434.867751][ T9] usb 2-1: Manufacturer: syz [ 1434.877986][ T9] usb 2-1: SerialNumber: syz [ 1434.893147][ T9] usb 2-1: config 0 descriptor?? [ 1434.899335][T14028] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1434.903180][ T9] sierra 2-1:0.153: Sierra USB modem converter detected [ 1434.975659][T18128] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.982998][T18128] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.991866][T18128] bridge_slave_1: entered allmulticast mode [ 1434.999708][T18128] bridge_slave_1: entered promiscuous mode [ 1435.100307][T18128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1435.131663][ T9] usb 2-1: USB disconnect, device number 25 [ 1435.157878][ T9] sierra 2-1:0.153: device disconnected [ 1435.176660][T18128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1435.336694][T18128] team0: Port device team_slave_0 added [ 1435.367204][T18128] team0: Port device team_slave_1 added [ 1435.466383][ T8086] Bluetooth: hci2: command tx timeout [ 1435.508794][T18128] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1435.517034][T18128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1435.544345][T18128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1435.600946][T18128] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1435.612731][T18128] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1435.644397][T18128] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1435.660689][T14028] bridge_slave_1: left allmulticast mode [ 1435.666859][T14028] bridge_slave_1: left promiscuous mode [ 1435.672599][T14028] bridge0: port 2(bridge_slave_1) entered disabled state [ 1435.716786][T14028] bridge_slave_0: left allmulticast mode [ 1435.726418][T14028] bridge_slave_0: left promiscuous mode [ 1435.732257][T14028] bridge0: port 1(bridge_slave_0) entered disabled state [ 1436.120176][ T5270] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 1436.297245][ T5270] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1436.321540][ T5270] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1436.341325][ T5270] usb 2-1: New USB device found, idVendor=056a, idProduct=0325, bcdDevice= 0.00 [ 1436.353404][ T5270] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1436.379436][ T5270] usb 2-1: config 0 descriptor?? [ 1436.526042][T14028]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 1436.537521][T14028]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 1436.557350][T14028]  (unregistering): Released all slaves [ 1436.713225][T18128] hsr_slave_0: entered promiscuous mode [ 1436.728554][T18128] hsr_slave_1: entered promiscuous mode [ 1436.847758][T18128] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1436.865255][T18128] Cannot create hsr debugfs directory [ 1436.970042][ T5270] wacom 0003:056A:0325.000C: unbalanced collection at end of report description [ 1436.984593][ T5270] wacom 0003:056A:0325.000C: parse failed [ 1436.992615][ T5270] wacom 0003:056A:0325.000C: probe with driver wacom failed with error -22 [ 1437.096625][ T9] usb 2-1: USB disconnect, device number 26 [ 1437.546049][ T8086] Bluetooth: hci2: command tx timeout [ 1437.788566][T14028] hsr_slave_0: left promiscuous mode [ 1437.794743][T14028] hsr_slave_1: left promiscuous mode [ 1437.802450][T14028] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1437.810623][T14028] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1437.821184][T14028] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1437.830510][T14028] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1437.981692][T14028] veth1_macvtap: left promiscuous mode [ 1438.015218][T14028] veth0_macvtap: left promiscuous mode [ 1438.040066][T14028] veth1_vlan: left promiscuous mode [ 1438.065504][T14028] veth0_vlan: left promiscuous mode [ 1438.106301][T18237] xt_limit: Overflow, try lower: 6/2147483648 [ 1439.333162][ T29] audit: type=1326 audit(1727475996.819:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1439.418704][ T29] audit: type=1326 audit(1727475996.819:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1439.485704][ T29] audit: type=1326 audit(1727475996.879:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0fa917c8d0 code=0x7ffc0000 [ 1439.645794][ T29] audit: type=1326 audit(1727475996.879:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0fa917c8d0 code=0x7ffc0000 [ 1439.670784][ T8086] Bluetooth: hci2: command tx timeout [ 1439.799118][ T29] audit: type=1326 audit(1727475996.879:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1439.825972][ T29] audit: type=1326 audit(1727475996.879:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1439.962427][T18258] smk_cipso_doi:695 remove rc = -2 [ 1439.967925][T18258] smk_cipso_doi:708 cipso add rc = -17 [ 1440.527759][T18257] vivid-000: kernel_thread() failed [ 1440.589352][T18249] netlink: 'syz.4.2235': attribute type 3 has an invalid length. [ 1440.597448][T18249] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.2235'. [ 1440.705134][ T29] audit: type=1326 audit(1727475996.889:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1441.203157][ T29] audit: type=1326 audit(1727475996.889:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1441.242228][ T29] audit: type=1326 audit(1727475996.889:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18246 comm="syz.0.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fa917df39 code=0x7ffc0000 [ 1441.542304][T14028] team0 (unregistering): Port device team_slave_1 removed [ 1441.688719][T14028] team0 (unregistering): Port device team_slave_0 removed [ 1442.043342][T18272] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2241'. [ 1443.767374][T18298] smk_cipso_doi:695 remove rc = -2 [ 1443.772990][T18298] smk_cipso_doi:708 cipso add rc = -17 [ 1444.942758][T18314] netlink: 'syz.3.2251': attribute type 3 has an invalid length. [ 1444.951614][T18314] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2251'. [ 1445.598548][T18128] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1445.686870][T18128] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1445.749897][T18128] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1445.750574][T18321] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2256'. [ 1445.775533][T18128] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1445.873705][T18321] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2256'. [ 1446.050959][T18128] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1446.067021][T18128] 8021q: adding VLAN 0 to HW filter on device team0 [ 1446.083735][T10125] bridge0: port 1(bridge_slave_0) entered blocking state [ 1446.090909][T10125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1446.121878][T10125] bridge0: port 2(bridge_slave_1) entered blocking state [ 1446.129035][T10125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1446.186353][T18128] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1446.197129][T18128] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1446.395557][ T5270] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 1446.686873][ T5270] usb 4-1: Using ep0 maxpacket: 16 [ 1446.707285][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1446.721834][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1447.732047][ T5270] usb 4-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00 [ 1447.741690][ T5270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1447.752007][ T5270] usb 4-1: config 0 descriptor?? [ 1448.342542][T18128] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1448.512987][ T5270] aquacomputer_d5next 0003:0C70:F0B6.000D: hidraw0: USB HID v0.00 Device [HID 0c70:f0b6] on usb-dummy_hcd.3-1/input0 [ 1448.531153][T18128] veth0_vlan: entered promiscuous mode [ 1448.547153][T18128] veth1_vlan: entered promiscuous mode [ 1448.663417][ T5270] usb 4-1: USB disconnect, device number 28 [ 1449.243877][T18128] veth0_macvtap: entered promiscuous mode [ 1449.310554][T18128] veth1_macvtap: entered promiscuous mode [ 1449.330637][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.358408][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.394176][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.418876][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.439358][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.462980][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.485200][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.507587][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.531513][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.553768][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.584383][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1449.603915][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.671687][T18128] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1449.756294][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1449.812729][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.831987][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1449.865083][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.887780][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1449.912345][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1449.965898][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1450.005376][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1450.016438][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1450.058690][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1450.098663][T18128] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1450.135346][T18128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1450.190372][T18128] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1450.419599][T18128] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1450.430908][T18128] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1450.440604][T18128] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1450.474238][T18128] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1450.645937][ T2580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1450.653781][ T2580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1450.778391][T13121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1450.797456][T13121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1450.819144][T18418] xt_limit: Overflow, try lower: 6/2147483648 [ 1450.861063][T18421] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2276'. [ 1451.201242][T18435] netlink: 'syz.0.2279': attribute type 1 has an invalid length. [ 1451.219742][T18435] netlink: 'syz.0.2279': attribute type 2 has an invalid length. [ 1451.781391][ T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 1451.985603][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 1452.075931][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 1452.099605][ T9] usb 2-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 1452.107941][ T9] usb 2-1: Product: syz [ 1452.112202][ T9] usb 2-1: Manufacturer: syz [ 1452.116914][ T9] usb 2-1: SerialNumber: syz [ 1452.138036][ T9] usb 2-1: config 0 descriptor?? [ 1452.147105][ T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 1452.775380][ T9] gspca_zc3xx: reg_w_i err -71 [ 1452.780278][ T9] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 1452.809560][ T9] usb 2-1: USB disconnect, device number 27 [ 1452.985872][ T5297] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1453.148443][ T5297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1453.159502][ T5297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1453.169508][ T5297] usb 4-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00 [ 1453.178757][ T5297] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1453.192442][ T5297] usb 4-1: config 0 descriptor?? [ 1453.640117][ T5297] gembird 0003:11FF:3331.000E: hidraw0: USB HID v0.00 Device [HID 11ff:3331] on usb-dummy_hcd.3-1/input0 [ 1453.849524][ T5219] usb 4-1: USB disconnect, device number 29 [ 1455.431402][T18471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2286'. [ 1455.758200][T18485] xt_limit: Overflow, try lower: 6/2147483648 [ 1465.515478][T16837] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 1465.679414][T16837] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1465.699295][T16837] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1465.719685][T16837] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1465.734137][T16837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1465.752250][T16837] usb 3-1: SerialNumber: syz [ 1466.017697][T16837] usb 3-1: 0:2 : does not exist [ 1466.171064][T16837] usb 3-1: USB disconnect, device number 19 [ 1466.279503][T18500] udevd[18500]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1466.803994][T11892] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1466.822636][T11892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1466.832801][T11892] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1466.848809][T16817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1466.858839][T16817] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1466.866957][T16817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1466.911238][T16817] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1466.923375][T16817] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1466.935269][T16817] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1466.947035][T16817] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1466.954848][T16817] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1466.964018][T16817] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1467.682082][T18515] chnl_net:caif_netlink_parms(): no params data found [ 1468.912258][T11892] Bluetooth: hci3: command tx timeout [ 1469.065469][T11892] Bluetooth: hci6: command tx timeout [ 1470.525879][ T8086] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1470.536703][ T8086] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1470.544781][ T8086] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1470.554968][ T8086] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1470.563974][ T8086] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1470.575508][ T8086] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1470.995737][ T8086] Bluetooth: hci3: command tx timeout [ 1471.007458][T11892] Bluetooth: hci4: command 0x0406 tx timeout [ 1471.145177][T11892] Bluetooth: hci6: command tx timeout [ 1472.665239][T11892] Bluetooth: hci0: command tx timeout [ 1473.065277][T11892] Bluetooth: hci3: command tx timeout [ 1473.225184][T11892] Bluetooth: hci6: command tx timeout [ 1474.745104][T11892] Bluetooth: hci0: command tx timeout [ 1475.145461][T11892] Bluetooth: hci3: command tx timeout [ 1475.306483][T11892] Bluetooth: hci6: command tx timeout [ 1476.825411][T11892] Bluetooth: hci0: command tx timeout [ 1478.905176][T11892] Bluetooth: hci0: command tx timeout [ 1480.871945][ T8086] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1480.884590][ T8086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1480.893126][ T8086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1480.901572][ T8086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1480.925492][ T8086] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1480.938561][ T8086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1482.420952][T18556] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1482.433919][T18556] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1482.443179][T18556] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1482.457257][T18556] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1482.464840][T18556] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1482.472585][T18556] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1484.276208][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1514.025643][T18556] Bluetooth: hci7: command tx timeout [ 1514.032750][T18556] Bluetooth: hci1: command tx timeout [ 1516.105559][T18556] Bluetooth: hci1: command tx timeout [ 1516.111021][T18556] Bluetooth: hci7: command tx timeout [ 1518.185590][T11892] Bluetooth: hci1: command tx timeout [ 1518.192204][T18556] Bluetooth: hci7: command tx timeout [ 1520.265457][T18556] Bluetooth: hci7: command tx timeout [ 1520.270914][T18556] Bluetooth: hci1: command tx timeout [ 1527.084131][T11892] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1527.105210][T11892] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1527.117283][T11892] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1527.131322][T11892] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1527.139593][T11892] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1527.149033][T11892] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1527.263024][T11892] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1527.274823][T11892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1527.284398][T11892] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1527.294285][T11892] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1527.303825][T11892] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1527.311655][T11892] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1528.408310][T18556] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1528.420671][T18556] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1528.429974][T18556] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1528.441551][T18556] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1528.451070][T18556] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1528.459418][T18556] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1529.225171][T11892] Bluetooth: hci4: command tx timeout [ 1529.385453][T11892] Bluetooth: hci5: command tx timeout [ 1530.505349][T11892] Bluetooth: hci8: command tx timeout [ 1531.305395][T11892] Bluetooth: hci4: command tx timeout [ 1531.485143][T11892] Bluetooth: hci5: command tx timeout [ 1532.586346][T11892] Bluetooth: hci8: command tx timeout [ 1533.385394][T11892] Bluetooth: hci4: command tx timeout [ 1533.545229][T11892] Bluetooth: hci5: command tx timeout [ 1534.665172][T11892] Bluetooth: hci8: command tx timeout [ 1535.465669][T11892] Bluetooth: hci4: command tx timeout [ 1535.625278][T11892] Bluetooth: hci5: command tx timeout [ 1536.745277][T11892] Bluetooth: hci8: command tx timeout [ 1540.930008][T18556] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1540.941448][T18556] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1540.954662][T18556] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1540.967646][T18556] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1540.976914][T18556] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1540.984234][T18556] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1542.949849][T18556] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1542.959903][T18556] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1542.968594][T18556] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1542.978866][T18556] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1542.998269][T18556] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1543.008895][T18556] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1543.065603][T18556] Bluetooth: hci9: command tx timeout [ 1545.066463][T11892] Bluetooth: hci10: command tx timeout [ 1545.145193][T18556] Bluetooth: hci9: command tx timeout [ 1545.707849][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1547.149609][T18556] Bluetooth: hci10: command tx timeout [ 1547.225194][T18556] Bluetooth: hci9: command tx timeout [ 1549.225431][T18556] Bluetooth: hci10: command tx timeout [ 1549.305257][T18556] Bluetooth: hci9: command tx timeout [ 1551.305185][T18556] Bluetooth: hci10: command tx timeout [ 1558.025134][T11892] Bluetooth: hci2: command 0x0406 tx timeout [ 1586.028147][T18515] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR [ 1587.047008][T11892] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1587.075227][T11892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1587.087400][T11892] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1587.095625][T11892] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1587.117369][T11892] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1587.124701][T11892] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1587.556041][T18556] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1587.568607][T18556] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1587.579058][T18556] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1587.587234][T18556] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1587.594845][T18556] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1587.602622][T18556] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1588.465743][T11892] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1588.476504][T11892] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1588.488975][T11892] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1588.501492][T11892] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1588.510367][T11892] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 1588.517840][T11892] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1589.225770][T11892] Bluetooth: hci3: command tx timeout [ 1589.625251][T11892] Bluetooth: hci6: command tx timeout [ 1590.587710][T11892] Bluetooth: hci11: command tx timeout [ 1591.305676][T11892] Bluetooth: hci3: command tx timeout [ 1591.710685][T11892] Bluetooth: hci6: command tx timeout [ 1592.665469][T11892] Bluetooth: hci11: command tx timeout [ 1593.385340][T11892] Bluetooth: hci3: command tx timeout [ 1593.785485][T11892] Bluetooth: hci6: command tx timeout [ 1593.874192][T11892] Bluetooth: hci0: command 0x0406 tx timeout [ 1594.745550][T18556] Bluetooth: hci11: command tx timeout [ 1595.465230][T18556] Bluetooth: hci3: command tx timeout [ 1595.866258][T18556] Bluetooth: hci6: command tx timeout [ 1596.825177][T18556] Bluetooth: hci11: command tx timeout [ 1601.000087][T11892] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1601.010391][T11892] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1601.019317][T11892] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1601.030004][T11892] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1601.038024][T11892] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 1601.049455][T11892] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1603.011761][T18556] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1603.021719][T18556] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1603.031651][T18556] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1603.042757][T18556] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1603.051307][T18556] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 1603.059320][T18556] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1603.145440][T18556] Bluetooth: hci12: command tx timeout [ 1605.145408][T18556] Bluetooth: hci13: command tx timeout [ 1605.225521][T11892] Bluetooth: hci12: command tx timeout [ 1607.153661][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.225489][T18556] Bluetooth: hci13: command tx timeout [ 1607.305143][T18556] Bluetooth: hci12: command tx timeout [ 1609.305386][T18556] Bluetooth: hci13: command tx timeout [ 1609.389531][T18556] Bluetooth: hci12: command tx timeout [ 1611.385166][T18556] Bluetooth: hci13: command tx timeout [ 1632.108381][ T30] INFO: task syz.2.2305:18528 blocked for more than 143 seconds. [ 1632.130590][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1632.145036][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1632.153757][ T30] task:syz.2.2305 state:D stack:23512 pid:18528 tgid:18527 ppid:18128 flags:0x00000004 [ 1632.202821][ T30] Call Trace: [ 1632.215088][ T30] [ 1632.218080][ T30] __schedule+0x1843/0x4ae0 [ 1632.222631][ T30] ? __pfx___schedule+0x10/0x10 [ 1632.316194][ T30] ? __pfx_lock_release+0x10/0x10 [ 1632.321296][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1632.348855][ T30] ? schedule+0x90/0x320 [ 1632.353253][ T30] schedule+0x14b/0x320 [ 1632.371552][ T30] schedule_preempt_disabled+0x13/0x30 [ 1632.380100][ T30] __mutex_lock+0x6a7/0xd70 [ 1632.384837][ T30] ? __mutex_lock+0x52a/0xd70 [ 1632.395034][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 1632.400106][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1632.417242][ T30] ? __might_fault+0xc6/0x120 [ 1632.421971][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 1632.437007][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1632.442348][ T30] ? __fget_files+0x3f3/0x470 [ 1632.455042][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1632.460196][ T30] __se_sys_ioctl+0xf9/0x170 [ 1632.464811][ T30] do_syscall_64+0xf3/0x230 [ 1632.479883][ T30] ? clear_bhb_loop+0x35/0x90 [ 1632.484613][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1632.502232][ T30] RIP: 0033:0x7f85ec57df39 [ 1632.512312][ T30] RSP: 002b:00007f85ed2f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1632.531527][ T30] RAX: ffffffffffffffda RBX: 00007f85ec735f80 RCX: 00007f85ec57df39 [ 1632.544001][ T30] RDX: 00000000200000c0 RSI: 00000000400454ca RDI: 000000000000000d [ 1632.555036][ T30] RBP: 00007f85ec5f0216 R08: 0000000000000000 R09: 0000000000000000 [ 1632.563064][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1632.581382][ T30] R13: 0000000000000000 R14: 00007f85ec735f80 R15: 00007ffdf5443c38 [ 1632.604364][ T30] [ 1632.615478][ T30] INFO: task syz.2.2305:18530 blocked for more than 143 seconds. [ 1632.623236][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1632.635462][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1632.644168][ T30] task:syz.2.2305 state:D stack:27424 pid:18530 tgid:18527 ppid:18128 flags:0x00000004 [ 1632.665229][ T30] Call Trace: [ 1632.668552][ T30] [ 1632.671500][ T30] __schedule+0x1843/0x4ae0 [ 1632.685557][ T30] ? __pfx___schedule+0x10/0x10 [ 1632.690461][ T30] ? __pfx_lock_release+0x10/0x10 [ 1632.706888][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1632.712407][ T30] ? schedule+0x90/0x320 [ 1632.726758][ T30] schedule+0x14b/0x320 [ 1632.730963][ T30] schedule_preempt_disabled+0x13/0x30 [ 1632.744973][ T30] __mutex_lock+0x6a7/0xd70 [ 1632.750541][ T30] ? __mutex_lock+0x52a/0xd70 [ 1632.775099][ T30] ? tun_chr_close+0x3b/0x1b0 [ 1632.779843][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1632.784905][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 1632.804238][ T30] ? __pfx_lock_release+0x10/0x10 [ 1632.815599][ T30] tun_chr_close+0x3b/0x1b0 [ 1632.820151][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 1632.835658][ T30] __fput+0x23f/0x880 [ 1632.839703][ T30] __x64_sys_close+0x7f/0x110 [ 1632.844407][ T30] do_syscall_64+0xf3/0x230 [ 1632.860214][ T30] ? clear_bhb_loop+0x35/0x90 [ 1632.864954][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1632.875091][ T30] RIP: 0033:0x7f85ec57df39 [ 1632.879551][ T30] RSP: 002b:00007f85ed2d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 1632.899987][ T30] RAX: ffffffffffffffda RBX: 00007f85ec736058 RCX: 00007f85ec57df39 [ 1632.915401][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c [ 1632.925704][ T30] RBP: 00007f85ec5f0216 R08: 0000000000000000 R09: 0000000000000000 [ 1632.933723][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1632.953858][ T30] R13: 0000000000000001 R14: 00007f85ec736058 R15: 00007ffdf5443c38 [ 1632.972869][ T30] [ 1632.976322][ T30] INFO: task syz.2.2305:18532 blocked for more than 144 seconds. [ 1632.984066][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1633.004567][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1633.015787][ T30] task:syz.2.2305 state:D stack:27288 pid:18532 tgid:18527 ppid:18128 flags:0x00004004 [ 1633.037723][ T30] Call Trace: [ 1633.041042][ T30] [ 1633.044025][ T30] __schedule+0x1843/0x4ae0 [ 1633.055364][ T30] ? __pfx___schedule+0x10/0x10 [ 1633.060269][ T30] ? __pfx_lock_release+0x10/0x10 [ 1633.075719][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1633.081247][ T30] ? schedule+0x90/0x320 [ 1633.098036][ T30] schedule+0x14b/0x320 [ 1633.102252][ T30] schedule_preempt_disabled+0x13/0x30 [ 1633.119390][ T30] __mutex_lock+0x6a7/0xd70 [ 1633.123960][ T30] ? __mutex_lock+0x52a/0xd70 [ 1633.139807][ T30] ? dev_ioctl+0x706/0x1340 [ 1633.144366][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1633.156866][ T30] ? kfree+0x1a0/0x440 [ 1633.161000][ T30] ? dev_load+0x21/0x1f0 [ 1633.176615][ T30] dev_ioctl+0x706/0x1340 [ 1633.181001][ T30] sock_do_ioctl+0x240/0x460 [ 1633.197797][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1633.202985][ T30] ? __asan_memset+0x23/0x50 [ 1633.215075][ T30] ? smack_file_ioctl+0x29e/0x3a0 [ 1633.220157][ T30] sock_ioctl+0x626/0x8e0 [ 1633.224518][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 1633.239634][ T30] ? __fget_files+0x3f3/0x470 [ 1633.244375][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 1633.260787][ T30] __se_sys_ioctl+0xf9/0x170 [ 1633.265875][ T30] do_syscall_64+0xf3/0x230 [ 1633.270525][ T30] ? clear_bhb_loop+0x35/0x90 [ 1633.285540][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1633.291517][ T30] RIP: 0033:0x7f85ec57df39 [ 1633.307829][ T30] RSP: 002b:00007f85ed2b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1633.325419][ T30] RAX: ffffffffffffffda RBX: 00007f85ec736130 RCX: 00007f85ec57df39 [ 1633.333446][ T30] RDX: 0000000020002280 RSI: 0000000000008914 RDI: 000000000000000c [ 1633.353552][ T30] RBP: 00007f85ec5f0216 R08: 0000000000000000 R09: 0000000000000000 [ 1633.365401][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1633.373417][ T30] R13: 0000000000000000 R14: 00007f85ec736130 R15: 00007ffdf5443c38 [ 1633.392859][ T30] [ 1633.397656][ T30] INFO: task syz.2.2305:18534 blocked for more than 144 seconds. [ 1633.416220][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1633.423545][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1633.444149][ T30] task:syz.2.2305 state:D stack:27360 pid:18534 tgid:18527 ppid:18128 flags:0x00000004 [ 1633.457395][ T30] Call Trace: [ 1633.460711][ T30] [ 1633.463919][ T30] __schedule+0x1843/0x4ae0 [ 1633.480111][ T30] ? __pfx___schedule+0x10/0x10 [ 1633.492072][ T30] ? __pfx_lock_release+0x10/0x10 [ 1633.502201][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1633.514125][ T30] ? schedule+0x90/0x320 [ 1633.524101][ T30] schedule+0x14b/0x320 [ 1633.534149][ T30] schedule_preempt_disabled+0x13/0x30 [ 1633.545735][ T30] __mutex_lock+0x6a7/0xd70 [ 1633.550310][ T30] ? __mutex_lock+0x52a/0xd70 [ 1633.564973][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 1633.570472][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1633.587085][ T30] ? __might_fault+0xc6/0x120 [ 1633.591829][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 1633.605596][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1633.611028][ T30] ? __fget_files+0x3f3/0x470 [ 1633.625765][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1633.630946][ T30] __se_sys_ioctl+0xf9/0x170 [ 1633.655340][ T30] do_syscall_64+0xf3/0x230 [ 1633.659904][ T30] ? clear_bhb_loop+0x35/0x90 [ 1633.664621][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1633.681999][ T30] RIP: 0033:0x7f85ec57df39 [ 1633.691392][ T30] RSP: 002b:00007f85ed28f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1633.705165][ T30] RAX: ffffffffffffffda RBX: 00007f85ec736208 RCX: 00007f85ec57df39 [ 1633.713180][ T30] RDX: 0000000020000040 RSI: 00000000400454ca RDI: 000000000000000f [ 1633.733657][ T30] RBP: 00007f85ec5f0216 R08: 0000000000000000 R09: 0000000000000000 [ 1633.744767][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1633.761077][ T30] R13: 0000000000000000 R14: 00007f85ec736208 R15: 00007ffdf5443c38 [ 1633.772773][ T30] [ 1633.784246][ T30] INFO: task syz-executor:18529 blocked for more than 145 seconds. [ 1633.796972][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1633.804289][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1633.822895][ T30] task:syz-executor state:D stack:24128 pid:18529 tgid:18529 ppid:1 flags:0x00000004 [ 1633.838637][ T30] Call Trace: [ 1633.841967][ T30] [ 1633.844922][ T30] __schedule+0x1843/0x4ae0 [ 1633.861011][ T30] ? __pfx___schedule+0x10/0x10 [ 1633.871026][ T30] ? __pfx_lock_release+0x10/0x10 [ 1633.883288][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1633.893521][ T30] ? schedule+0x90/0x320 [ 1633.903597][ T30] schedule+0x14b/0x320 [ 1633.912806][ T30] schedule_preempt_disabled+0x13/0x30 [ 1633.923976][ T30] __mutex_lock+0x6a7/0xd70 [ 1633.935391][ T30] ? __mutex_lock+0x52a/0xd70 [ 1633.940122][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1633.959080][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1633.964182][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1633.981272][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1633.991009][ T30] ? __lock_acquire+0x1384/0x2050 [ 1634.002104][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1634.012353][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1634.022828][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1634.035103][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1634.040462][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1634.060065][ T30] netlink_unicast+0x7f6/0x990 [ 1634.064896][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1634.075106][ T30] ? __virt_addr_valid+0x183/0x530 [ 1634.080257][ T30] ? __check_object_size+0x48e/0x900 [ 1634.097640][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1634.102459][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1634.117806][ T30] ? __might_fault+0xaa/0x120 [ 1634.122543][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1634.135113][ T30] __sock_sendmsg+0x221/0x270 [ 1634.139841][ T30] __sys_sendto+0x39b/0x4f0 [ 1634.144375][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1634.160062][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1634.172423][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1634.184876][ T30] ? exc_page_fault+0x590/0x8c0 [ 1634.194428][ T30] __x64_sys_sendto+0xde/0x100 [ 1634.205035][ T30] do_syscall_64+0xf3/0x230 [ 1634.209578][ T30] ? clear_bhb_loop+0x35/0x90 [ 1634.214282][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1634.230325][ T30] RIP: 0033:0x7fa065b7fdcc [ 1634.236165][ T30] RSP: 002b:00007ffc31d74b90 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1634.244618][ T30] RAX: ffffffffffffffda RBX: 00007fa066864620 RCX: 00007fa065b7fdcc [ 1634.259014][ T30] RDX: 0000000000000028 RSI: 00007fa066864670 RDI: 0000000000000003 [ 1634.279427][ T30] RBP: 0000000000000000 R08: 00007ffc31d74be4 R09: 000000000000000c [ 1634.294374][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1634.305029][ T30] R13: 0000000000000000 R14: 00007fa066864670 R15: 0000000000000000 [ 1634.313053][ T30] [ 1634.328674][ T30] INFO: task syz-executor:18550 blocked for more than 145 seconds. [ 1634.353405][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1634.373620][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1634.385029][ T30] task:syz-executor state:D stack:24128 pid:18550 tgid:18550 ppid:1 flags:0x00000004 [ 1634.405415][ T30] Call Trace: [ 1634.408748][ T30] [ 1634.411713][ T30] __schedule+0x1843/0x4ae0 [ 1634.427502][ T30] ? __pfx___schedule+0x10/0x10 [ 1634.432418][ T30] ? __pfx_lock_release+0x10/0x10 [ 1634.445164][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1634.450693][ T30] ? schedule+0x90/0x320 [ 1634.454968][ T30] schedule+0x14b/0x320 [ 1634.469501][ T30] schedule_preempt_disabled+0x13/0x30 [ 1634.486098][ T30] __mutex_lock+0x6a7/0xd70 [ 1634.490730][ T30] ? __mutex_lock+0x52a/0xd70 [ 1634.505038][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1634.510198][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1634.525376][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1634.530366][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1634.546050][ T30] ? __lock_acquire+0x1384/0x2050 [ 1634.551136][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1634.568664][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1634.573486][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1634.585035][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1634.590388][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1634.605544][ T30] netlink_unicast+0x7f6/0x990 [ 1634.610373][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1634.626909][ T30] ? __virt_addr_valid+0x183/0x530 [ 1634.632078][ T30] ? __check_object_size+0x48e/0x900 [ 1634.647954][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1634.652789][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1634.672044][ T30] ? __might_fault+0xaa/0x120 [ 1634.685635][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1634.690970][ T30] __sock_sendmsg+0x221/0x270 [ 1634.706053][ T30] __sys_sendto+0x39b/0x4f0 [ 1634.710609][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1634.725176][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1634.731232][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1634.747133][ T30] ? exc_page_fault+0x590/0x8c0 [ 1634.752053][ T30] __x64_sys_sendto+0xde/0x100 [ 1634.770860][ T30] do_syscall_64+0xf3/0x230 [ 1634.780406][ T30] ? clear_bhb_loop+0x35/0x90 [ 1634.790924][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1634.802874][ T30] RIP: 0033:0x7f02a457fdcc [ 1634.813510][ T30] RSP: 002b:00007ffd26854930 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1634.830975][ T8086] Bluetooth: hci1: command 0x0406 tx timeout [ 1634.837427][T16817] Bluetooth: hci7: command 0x0406 tx timeout [ 1634.847149][ T30] RAX: ffffffffffffffda RBX: 00007f02a5264620 RCX: 00007f02a457fdcc [ 1634.866219][ T30] RDX: 0000000000000028 RSI: 00007f02a5264670 RDI: 0000000000000003 [ 1634.874245][ T30] RBP: 0000000000000000 R08: 00007ffd26854984 R09: 000000000000000c [ 1634.891744][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1634.912266][ T30] R13: 0000000000000000 R14: 00007f02a5264670 R15: 0000000000000000 [ 1634.924136][ T30] [ 1634.934458][ T30] INFO: task syz-executor:18555 blocked for more than 146 seconds. [ 1634.965271][ T30] Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1634.972590][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1634.991581][ T30] task:syz-executor state:D stack:24128 pid:18555 tgid:18555 ppid:1 flags:0x00000004 [ 1635.014952][ T30] Call Trace: [ 1635.018629][ T30] [ 1635.021591][ T30] __schedule+0x1843/0x4ae0 [ 1635.035122][ T30] ? __pfx___schedule+0x10/0x10 [ 1635.040025][ T30] ? __pfx_lock_release+0x10/0x10 [ 1635.054315][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 1635.063792][ T30] ? schedule+0x90/0x320 [ 1635.075139][ T30] schedule+0x14b/0x320 [ 1635.079890][ T30] schedule_preempt_disabled+0x13/0x30 [ 1635.095080][ T30] __mutex_lock+0x6a7/0xd70 [ 1635.099629][ T30] ? __mutex_lock+0x52a/0xd70 [ 1635.104333][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1635.121406][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1635.132427][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1635.142056][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 1635.155154][ T30] ? __lock_acquire+0x1384/0x2050 [ 1635.165405][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1635.174451][ T30] netlink_rcv_skb+0x1e3/0x430 [ 1635.185389][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1635.190895][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1635.207468][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 1635.212715][ T30] netlink_unicast+0x7f6/0x990 [ 1635.226959][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1635.232290][ T30] ? __virt_addr_valid+0x183/0x530 [ 1635.245187][ T30] ? __check_object_size+0x48e/0x900 [ 1635.250529][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 1635.265366][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1635.270702][ T30] ? __might_fault+0xaa/0x120 [ 1635.286147][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1635.291479][ T30] __sock_sendmsg+0x221/0x270 [ 1635.305087][ T30] __sys_sendto+0x39b/0x4f0 [ 1635.309646][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 1635.314717][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1635.332145][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1635.343538][ T30] ? exc_page_fault+0x590/0x8c0 [ 1635.355038][ T30] __x64_sys_sendto+0xde/0x100 [ 1635.359850][ T30] do_syscall_64+0xf3/0x230 [ 1635.375372][ T30] ? clear_bhb_loop+0x35/0x90 [ 1635.380754][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1635.395716][ T30] RIP: 0033:0x7fd21d97fdcc [ 1635.400176][ T30] RSP: 002b:00007ffc8f4e1640 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1635.419082][ T30] RAX: ffffffffffffffda RBX: 00007fd21e664620 RCX: 00007fd21d97fdcc [ 1635.434272][ T30] RDX: 0000000000000028 RSI: 00007fd21e664670 RDI: 0000000000000003 [ 1635.454728][ T30] RBP: 0000000000000000 R08: 00007ffc8f4e1694 R09: 000000000000000c [ 1635.464325][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1635.482404][ T30] R13: 0000000000000000 R14: 00007fd21e664670 R15: 0000000000000000 [ 1635.495133][ T30] [ 1635.503394][ T30] [ 1635.503394][ T30] Showing all locks held in the system: [ 1635.514469][ T30] 6 locks held by kworker/0:1/9: [ 1635.525269][ T30] 1 lock held by khungtaskd/30: [ 1635.530149][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1635.584760][ T30] 3 locks held by kworker/u8:5/1120: [ 1635.591514][ T30] #0: ffff88814b9b1148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1635.612763][ T30] #1: ffffc900048a7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1635.637787][ T30] #2: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 1635.654898][ T30] 2 locks held by getty/4969: [ 1635.663444][ T30] #0: ffff888032d820a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1635.681773][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 1635.696874][ T30] 3 locks held by kworker/1:2/5219: [ 1635.702109][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1635.733263][ T30] #1: ffffc9000395fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1635.755289][ T30] #2: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 1635.771054][ T30] 3 locks held by kworker/0:6/5297: [ 1635.783567][ T30] 4 locks held by kworker/u8:11/6355: [ 1635.792914][ T30] #0: ffff88801baeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1635.813564][ T30] #1: ffffc9000351fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1635.827183][ T30] #2: ffffffff8fcb2450 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1635.844860][ T30] #3: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0 [ 1635.859440][ T30] 3 locks held by kworker/u8:14/10125: [ 1635.864936][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1635.901131][ T30] #1: ffffc90004817d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1635.917136][ T30] #2: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1635.934178][ T30] 5 locks held by kworker/u9:2/11892: [ 1635.943508][ T30] #0: ffff888054549148 ((wq_completion)hci1#3){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1635.963887][ T30] #1: ffffc90002ddfd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1635.985066][ T30] #2: ffff888079308d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 1636.006785][ T30] #3: ffff888079308078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 1636.025217][ T30] #4: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 1636.046901][ T30] 3 locks held by kworker/0:0/14854: [ 1636.052233][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 1636.076153][ T30] #1: ffffc9000377fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 1636.095035][ T30] #2: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 1636.104739][ T30] 2 locks held by syz-executor/16161: [ 1636.123971][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.137941][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 1636.155092][ T30] 1 lock held by syz.3.2223/18201: [ 1636.160249][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.181624][ T30] 1 lock held by syz.0.2291/18484: [ 1636.193566][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x7b2/0x1000 [ 1636.214556][ T30] 1 lock held by syz.1.2297/18502: [ 1636.222272][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.241817][ T30] 1 lock held by syz-executor/18514: [ 1636.250940][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.265510][ T30] 1 lock held by syz-executor/18515: [ 1636.270847][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.291970][ T30] 1 lock held by syz.2.2305/18528: [ 1636.301726][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 1636.316347][ T30] 1 lock held by syz.2.2305/18530: [ 1636.321491][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 1636.340976][ T30] 1 lock held by syz.2.2305/18532: [ 1636.350169][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x706/0x1340 [ 1636.366056][ T30] 1 lock held by syz.2.2305/18534: [ 1636.371198][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 1636.392029][ T30] 1 lock held by syz-executor/18529: [ 1636.402034][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.416422][ T30] 1 lock held by syz-executor/18550: [ 1636.421766][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.442422][ T30] 1 lock held by syz-executor/18555: [ 1636.450377][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.469636][ T30] 1 lock held by syz-executor/18563: [ 1636.474956][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.496464][ T30] 1 lock held by syz-executor/18567: [ 1636.501791][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.523093][ T30] 1 lock held by syz-executor/18570: [ 1636.533527][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.549342][ T30] 1 lock held by syz-executor/18573: [ 1636.554677][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.575165][ T30] 1 lock held by syz-executor/18581: [ 1636.580503][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.606712][ T30] 1 lock held by syz-executor/18588: [ 1636.612540][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.637429][ T30] 1 lock held by syz-executor/18591: [ 1636.642774][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.663707][ T30] 1 lock held by syz-executor/18594: [ 1636.685175][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.699198][ T30] 1 lock held by syz-executor/18598: [ 1636.704517][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.723371][ T30] 1 lock held by syz-executor/18603: [ 1636.732445][ T30] #0: ffffffff8fcbef48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 1636.749371][ T30] [ 1636.751736][ T30] ============================================= [ 1636.751736][ T30] [ 1636.785120][ T30] NMI backtrace for cpu 1 [ 1636.789503][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1636.799679][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1636.809756][ T30] Call Trace: [ 1636.813053][ T30] [ 1636.816001][ T30] dump_stack_lvl+0x241/0x360 [ 1636.820706][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1636.825926][ T30] ? __pfx__printk+0x10/0x10 [ 1636.830551][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 1636.835518][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1636.841002][ T30] ? _printk+0xd5/0x120 [ 1636.845179][ T30] ? __pfx__printk+0x10/0x10 [ 1636.849790][ T30] ? __wake_up_klogd+0xcc/0x110 [ 1636.854667][ T30] ? __pfx__printk+0x10/0x10 [ 1636.859281][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 1636.864332][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1636.870333][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 1636.876334][ T30] watchdog+0xff4/0x1040 [ 1636.880597][ T30] ? watchdog+0x1ea/0x1040 [ 1636.885030][ T30] ? __pfx_watchdog+0x10/0x10 [ 1636.889727][ T30] kthread+0x2f0/0x390 [ 1636.893813][ T30] ? __pfx_watchdog+0x10/0x10 [ 1636.898509][ T30] ? __pfx_kthread+0x10/0x10 [ 1636.903115][ T30] ret_from_fork+0x4b/0x80 [ 1636.907556][ T30] ? __pfx_kthread+0x10/0x10 [ 1636.912162][ T30] ret_from_fork_asm+0x1a/0x30 [ 1636.916961][ T30] [ 1636.920985][ T30] Sending NMI from CPU 1 to CPUs 0: [ 1636.926573][ C0] NMI backtrace for cpu 0 [ 1636.926586][ C0] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1636.926606][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1636.926618][ C0] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 1636.926644][ C0] RIP: 0010:unwind_next_frame+0x1cb/0x22d0 [ 1636.926671][ C0] Code: 47 ef 0c 00 0f 45 d1 8d 42 ff 44 39 f0 0f 86 55 18 00 00 44 89 f0 48 8d 1c 85 ac 71 49 91 48 89 d8 48 c1 e8 03 42 0f b6 04 20 <84> c0 4c 89 e5 0f 85 97 1a 00 00 44 8b 23 44 89 f0 ff c0 48 8d 1c [ 1636.926685][ C0] RSP: 0018:ffffc90000007730 EFLAGS: 00000a02 [ 1636.926699][ C0] RAX: 0000000000000000 RBX: ffffffff914d5dc8 RCX: 00000000000b0001 [ 1636.926711][ C0] RDX: 00000000000b0001 RSI: ffffffff81fb07df RDI: 0000000000000001 [ 1636.926722][ C0] RBP: ffffc90000007835 R08: 0000000000000000 R09: ffffc900000078f0 [ 1636.926734][ C0] R10: ffffc90000007850 R11: ffffffff81806750 R12: dffffc0000000000 [ 1636.926747][ C0] R13: ffffc90000007800 R14: 000000000000fb07 R15: ffffffff81fb07de [ 1636.926760][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1636.926775][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1636.926787][ C0] CR2: 00007fb5a25ddf98 CR3: 000000000e734000 CR4: 00000000003526f0 [ 1636.926806][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1636.926816][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1636.926827][ C0] Call Trace: [ 1636.926833][ C0] [ 1636.926840][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1636.926861][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1636.926886][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1636.926904][ C0] ? nmi_handle+0x2a/0x5a0 [ 1636.926927][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1636.926948][ C0] ? nmi_handle+0x14f/0x5a0 [ 1636.926963][ C0] ? nmi_handle+0x2a/0x5a0 [ 1636.926979][ C0] ? unwind_next_frame+0x1cb/0x22d0 [ 1636.927002][ C0] ? default_do_nmi+0x63/0x160 [ 1636.927022][ C0] ? exc_nmi+0x123/0x1f0 [ 1636.927041][ C0] ? end_repeat_nmi+0xf/0x53 [ 1636.927064][ C0] ? kasan_save_track+0x3e/0x80 [ 1636.927086][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1636.927107][ C0] ? kasan_save_track+0x3f/0x80 [ 1636.927126][ C0] ? unwind_next_frame+0x1cb/0x22d0 [ 1636.927150][ C0] ? unwind_next_frame+0x1cb/0x22d0 [ 1636.927173][ C0] ? unwind_next_frame+0x1cb/0x22d0 [ 1636.927197][ C0] [ 1636.927203][ C0] [ 1636.927213][ C0] ? kasan_save_track+0x3f/0x80 [ 1636.927234][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1636.927253][ C0] arch_stack_walk+0x11c/0x150 [ 1636.927272][ C0] ? kasan_save_track+0x3f/0x80 [ 1636.927294][ C0] stack_trace_save+0x118/0x1d0 [ 1636.927312][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1636.927332][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1636.927356][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1636.927379][ C0] kasan_save_track+0x3f/0x80 [ 1636.927398][ C0] ? kasan_save_track+0x3f/0x80 [ 1636.927437][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 1636.927461][ C0] kasan_save_free_info+0x40/0x50 [ 1636.927478][ C0] __kasan_slab_free+0x59/0x70 [ 1636.927498][ C0] ? dst_destroy+0x2ac/0x460 [ 1636.927513][ C0] kmem_cache_free+0x1a2/0x420 [ 1636.927530][ C0] ? dst_destroy+0x2ac/0x460 [ 1636.927547][ C0] dst_destroy+0x2ac/0x460 [ 1636.927562][ C0] ? rcu_core+0xa37/0x17a0 [ 1636.927577][ C0] ? __pfx_dst_destroy_rcu+0x10/0x10 [ 1636.927592][ C0] rcu_core+0xaaa/0x17a0 [ 1636.927614][ C0] ? __pfx_rcu_core+0x10/0x10 [ 1636.927644][ C0] handle_softirqs+0x2c5/0x980 [ 1636.927667][ C0] ? do_softirq+0x11b/0x1e0 [ 1636.927688][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1636.927712][ C0] do_softirq+0x11b/0x1e0 [ 1636.927731][ C0] [ 1636.927737][ C0] [ 1636.927743][ C0] ? __pfx_do_softirq+0x10/0x10 [ 1636.927763][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 1636.927784][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1636.927812][ C0] ? rcu_is_watching+0x15/0xb0 [ 1636.927830][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 1636.927851][ C0] ? wg_packet_decrypt_worker+0x2a9/0xd80 [ 1636.927871][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1636.927893][ C0] ? wg_packet_decrypt_worker+0xcf/0xd80 [ 1636.927916][ C0] wg_packet_decrypt_worker+0x2a9/0xd80 [ 1636.927943][ C0] ? __pfx_validate_chain+0x10/0x10 [ 1636.927961][ C0] ? __pfx_wg_packet_decrypt_worker+0x10/0x10 [ 1636.927989][ C0] ? look_up_lock_class+0x77/0x170 [ 1636.928012][ C0] ? register_lock_class+0x102/0x980 [ 1636.928034][ C0] ? try_to_wake_up+0x5f4/0x1480 [ 1636.928057][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 1636.928076][ C0] ? __pfx_lock_release+0x10/0x10 [ 1636.928098][ C0] ? __pfx_register_lock_class+0x10/0x10 [ 1636.928122][ C0] ? mark_lock+0x9a/0x360 [ 1636.928139][ C0] ? __lock_acquire+0x1384/0x2050 [ 1636.928174][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1636.928196][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1636.928220][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1636.928247][ C0] ? process_scheduled_works+0x976/0x1850 [ 1636.928268][ C0] process_scheduled_works+0xa63/0x1850 [ 1636.928301][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1636.928326][ C0] ? assign_work+0x364/0x3d0 [ 1636.928348][ C0] worker_thread+0x870/0xd30 [ 1636.928373][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1636.928396][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1636.928419][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1636.928440][ C0] kthread+0x2f0/0x390 [ 1636.928455][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1636.928476][ C0] ? __pfx_kthread+0x10/0x10 [ 1636.928490][ C0] ret_from_fork+0x4b/0x80 [ 1636.928512][ C0] ? __pfx_kthread+0x10/0x10 [ 1636.928526][ C0] ret_from_fork_asm+0x1a/0x30 [ 1636.928554][ C0] [ 1637.553692][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1637.560595][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 1637.570777][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1637.580856][ T30] Call Trace: [ 1637.584148][ T30] [ 1637.587092][ T30] dump_stack_lvl+0x241/0x360 [ 1637.591793][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1637.597008][ T30] ? __pfx__printk+0x10/0x10 [ 1637.601622][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1637.607650][ T30] ? vscnprintf+0x5d/0x90 [ 1637.612001][ T30] panic+0x349/0x880 [ 1637.615923][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1637.622096][ T30] ? __pfx_panic+0x10/0x10 [ 1637.626533][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 1637.631925][ T30] ? __irq_work_queue_local+0x137/0x410 [ 1637.637498][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1637.642891][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1637.649061][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 1637.655238][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 1637.661415][ T30] watchdog+0x1033/0x1040 [ 1637.665774][ T30] ? watchdog+0x1ea/0x1040 [ 1637.670214][ T30] ? __pfx_watchdog+0x10/0x10 [ 1637.674905][ T30] kthread+0x2f0/0x390 [ 1637.678989][ T30] ? __pfx_watchdog+0x10/0x10 [ 1637.683683][ T30] ? __pfx_kthread+0x10/0x10 [ 1637.688287][ T30] ret_from_fork+0x4b/0x80 [ 1637.692722][ T30] ? __pfx_kthread+0x10/0x10 [ 1637.697335][ T30] ret_from_fork_asm+0x1a/0x30 [ 1637.702130][ T30] [ 1637.705406][ T30] Kernel Offset: disabled [ 1637.709726][ T30] Rebooting in 86400 seconds..