last executing test programs: 4m33.971116799s ago: executing program 0 (id=202): r0 = socket$kcm(0x2c, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x11b, 0x2, &(0x7f0000000040)=r1, 0x4) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000780)="5c00000014006b030231a6080c000af32c0cae934c46a7539602000f00e5aa000017d34460bc24ea000007000000000000002756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1000000e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 4m32.41106964s ago: executing program 0 (id=205): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000140)={0x0, 0x2, "9a96944a5e6a8e8b9a61fd102c2bf04c688d7ddf41d61d869cda17d692990b6d05c7b559aeaf3180ba4095a5786bfd130e6118a2cd9b95d40448502d3b4cf5e9569c00998dcdb4e976f6368ea17bc56c463b9a909c8da23befb494e91c96066d8ff0cfbee66853696640d1d9c40e076276d68a1d5c3ab1941417d0b07c649e54ea9d78e5f06b072de9912b7e548c35e3f20180b3d71cc783252131b984e559126f72fc35137bc368571509b819bdf8645581bac4233ed104e2381e0760e479a9f0821e3acfa31d8ef625fcdabb9515e71a88fcaee1c18e39cca29ae42c227d2013ccc7627dd55ed98410ae506ac910fbd68688f797f9206542e6683f4374d9b1"}) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x80) ioprio_set$pid(0x2, 0x0, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000440)='./bus\x00') r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) sendfile(r4, r4, &(0x7f0000000080), 0x7f03) 4m28.67768447s ago: executing program 4 (id=210): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0xfffffffffffffffe, r1, {0x7, 0x29, 0x0, 0x440, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x80}}, 0x50) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 4m28.228999404s ago: executing program 0 (id=212): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94) ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, 0x0) r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x81, &(0x7f0000000240)={0x3, 0x11, 0x5, 0x5360, 0x7}, 0x10, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$vim2m(&(0x7f0000000000), 0x33c, 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) 4m27.547033804s ago: executing program 4 (id=213): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 4m19.089759759s ago: executing program 0 (id=219): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x348cf000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) close(0xffffffffffffffff) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000001300)='ns/net\x00') r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)=ANY=[@ANYBLOB="5400000012000100000000000000000002"], 0x54}}, 0x20004010) 4m17.201034597s ago: executing program 0 (id=222): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) r0 = getpgid(0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) syz_pidfd_open(r0, 0x0) setns(0xffffffffffffffff, 0x66020000) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) umount2(&(0x7f0000000040)='.\x00', 0x2) 4m14.316804054s ago: executing program 2 (id=226): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) r2 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@remote, @in=@empty, 0x4e24, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x53, 0xfff, 0x0, 0x0, 0x1e2, 0x0, 0x100000004}, {0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x22}, 0x0, 0x3c}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}}, 0xe8) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0) r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000080)={0x4, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x100, @remote}}}, 0x108) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4) syz_open_procfs(0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) 4m12.657263156s ago: executing program 4 (id=227): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000100), 0x6) 4m12.656519398s ago: executing program 0 (id=228): socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) shutdown(r4, 0x1) 4m12.487754341s ago: executing program 2 (id=230): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e) syz_emit_ethernet(0x65, &(0x7f0000000500)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x2f, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x2f, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e705694eebf24751233e5c0440a054e3c56a3b887c344a6dd5d69"}}}}}}}, 0x0) 4m11.151786006s ago: executing program 4 (id=232): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) socket$vsock_stream(0x28, 0x1, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0x5}, {}, {0xa, 0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) 4m10.829170949s ago: executing program 2 (id=234): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, 0x0, 0x0) 4m8.882658316s ago: executing program 2 (id=236): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000780)="5c00000014006b030231a6080c000af32c0cae934c46a7539602000f00e5aa000017d34460bc24ea000007000000000000002756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1000000e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 4m8.825961395s ago: executing program 4 (id=237): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 4m7.69794948s ago: executing program 2 (id=239): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) getpgid(0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setns(r0, 0x66020000) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) umount2(&(0x7f0000000040)='.\x00', 0x2) 4m6.156158465s ago: executing program 4 (id=241): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) request_key(0x0, 0x0, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1002, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000002, 0x4, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4m5.757115516s ago: executing program 2 (id=242): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000100), 0x6) 3m51.866249667s ago: executing program 32 (id=228): socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) shutdown(r4, 0x1) 3m46.387695796s ago: executing program 33 (id=242): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000100), 0x6) 3m46.217202532s ago: executing program 34 (id=241): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) request_key(0x0, 0x0, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1002, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000002, 0x4, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m19.159939409s ago: executing program 3 (id=342): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000007b00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000001701000002"], 0x18, 0x8c0}], 0x1, 0x40885) 1m15.690206116s ago: executing program 3 (id=344): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}}, 0x0) write$nci(r0, &(0x7f00000060c0)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x0, 0x3, 0x5, 0x81, @a_listen={0x7, 0x1, 0x2, 0x80, 0x7, 0x7f, 0x6, "", 0x4, 0xb, 0x3, 0x1, 0x59, "01b63feb476e3602cf85570cadc275ed0a43722ae3994985a138bf7beee3e916be13571b5ba0b908166030cac762295ab86873c0e5d5b8b96e4a4053d1f96df24dfd41ebc00ae5c3479f46a2609ef75837a12ddaae124d4493"}}, 0x68) 1m14.137483024s ago: executing program 3 (id=345): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x2263, 0x41) connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10) sendto(r0, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865", 0x48, 0x48044, 0x0, 0x0) sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x52, 0x0, 0x0) 1m13.062967507s ago: executing program 3 (id=347): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)}}], 0x1, 0x40) sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0) 1m12.071657493s ago: executing program 3 (id=349): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000680)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x58) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}, 0x1, 0x0, 0x0, 0x48054}, 0xa001) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x1}, 0x50) io_uring_setup(0x17a7, &(0x7f0000000180)={0x0, 0x684b, 0x8, 0x2, 0x2f3}) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r5, 0x6611) 1m10.472363215s ago: executing program 3 (id=351): socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x18) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r2, 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) 54.038932909s ago: executing program 35 (id=351): socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x18) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r2, 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) 23.906823027s ago: executing program 1 (id=368): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r1, 0x0, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x401, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x19, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x7e}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf8}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94) 19.20543843s ago: executing program 1 (id=369): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {0x0}], 0x3, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) 8.532314984s ago: executing program 1 (id=370): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x19, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x7e}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf8}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94) 6.651960392s ago: executing program 1 (id=371): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f0000000080), 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2}) r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f00000001c0)=[@request_death], 0x0, 0x0, 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x9, 0x1, 0x6c}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) 4.708018231s ago: executing program 1 (id=372): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x7}, 0x94) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r0, 0x0, 0x0, 0x40000000, 0x0) 0s ago: executing program 1 (id=373): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x2000000, {0x0, 0x0, 0x0, r1, {}, {}, {0xfff3}}}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.106' (ED25519) to the list of known hosts. [ 80.872263][ T5794] cgroup: Unknown subsys name 'net' [ 81.123410][ T5794] cgroup: Unknown subsys name 'cpuset' [ 81.177727][ T5794] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.061296][ T5794] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.843731][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.845884][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.853536][ T5817] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.863871][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.865936][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.868994][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.871848][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.872774][ T5817] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.873857][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.877547][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.882029][ T5823] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.907035][ T61] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.917151][ T61] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.932462][ T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.934319][ T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.938178][ T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.938985][ T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.954931][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.956661][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.959842][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.970104][ T5823] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.970600][ T5823] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.971915][ T5823] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.972706][ T5823] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.975799][ T5823] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 86.879303][ T10] cfg80211: failed to load regulatory.db [ 86.921772][ T5809] chnl_net:caif_netlink_parms(): no params data found [ 86.979736][ T5806] chnl_net:caif_netlink_parms(): no params data found [ 87.043262][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 87.272239][ T5804] chnl_net:caif_netlink_parms(): no params data found [ 87.284048][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 87.793909][ T5809] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.795042][ T5809] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.795395][ T5809] bridge_slave_0: entered allmulticast mode [ 87.798742][ T5809] bridge_slave_0: entered promiscuous mode [ 87.989202][ T5125] Bluetooth: hci1: command tx timeout [ 87.989208][ T5820] Bluetooth: hci3: command tx timeout [ 88.010576][ T5809] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.010703][ T5809] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.012375][ T5809] bridge_slave_1: entered allmulticast mode [ 88.013874][ T5809] bridge_slave_1: entered promiscuous mode [ 88.016051][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.016121][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.016241][ T5806] bridge_slave_0: entered allmulticast mode [ 88.019947][ T5806] bridge_slave_0: entered promiscuous mode [ 88.067095][ T5125] Bluetooth: hci4: command tx timeout [ 88.067102][ T5820] Bluetooth: hci2: command tx timeout [ 88.146994][ T5820] Bluetooth: hci0: command tx timeout [ 88.218017][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.218122][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.218239][ T5806] bridge_slave_1: entered allmulticast mode [ 88.219788][ T5806] bridge_slave_1: entered promiscuous mode [ 88.265599][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.265677][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.265816][ T5805] bridge_slave_0: entered allmulticast mode [ 88.267769][ T5805] bridge_slave_0: entered promiscuous mode [ 88.568003][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.568150][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.568265][ T5805] bridge_slave_1: entered allmulticast mode [ 88.569738][ T5805] bridge_slave_1: entered promiscuous mode [ 88.573920][ T5809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.842128][ T5809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.845562][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.845833][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.846021][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.846184][ T5804] bridge_slave_0: entered allmulticast mode [ 88.887501][ T5804] bridge_slave_0: entered promiscuous mode [ 88.888934][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.889055][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.889221][ T5819] bridge_slave_0: entered allmulticast mode [ 88.890962][ T5819] bridge_slave_0: entered promiscuous mode [ 89.100102][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.100330][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.100451][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.100561][ T5804] bridge_slave_1: entered allmulticast mode [ 89.102040][ T5804] bridge_slave_1: entered promiscuous mode [ 89.103983][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.104082][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.104185][ T5819] bridge_slave_1: entered allmulticast mode [ 89.105640][ T5819] bridge_slave_1: entered promiscuous mode [ 89.281547][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.559894][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.561587][ T5809] team0: Port device team_slave_0 added [ 89.829895][ T5809] team0: Port device team_slave_1 added [ 89.831745][ T5806] team0: Port device team_slave_0 added [ 89.835036][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.840279][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.969634][ T5806] team0: Port device team_slave_1 added [ 89.971928][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.974030][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.975541][ T5805] team0: Port device team_slave_0 added [ 90.067245][ T5125] Bluetooth: hci1: command tx timeout [ 90.067374][ T5820] Bluetooth: hci3: command tx timeout [ 90.147241][ T5125] Bluetooth: hci2: command tx timeout [ 90.147336][ T5820] Bluetooth: hci4: command tx timeout [ 90.227028][ T5820] Bluetooth: hci0: command tx timeout [ 90.319509][ T5805] team0: Port device team_slave_1 added [ 90.320729][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.320739][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.320753][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.808979][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.808992][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.809006][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.810728][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.810742][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.810763][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.827875][ T5804] team0: Port device team_slave_0 added [ 90.830468][ T5819] team0: Port device team_slave_0 added [ 90.988469][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.988485][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.988507][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.001015][ T5804] team0: Port device team_slave_1 added [ 91.003525][ T5819] team0: Port device team_slave_1 added [ 91.004926][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.004938][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.004960][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.198436][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.198448][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.198462][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.440474][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.440490][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.440508][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.530223][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.530239][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.530261][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.678359][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.678371][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.678384][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.679949][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.679959][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.679973][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.687870][ T5809] hsr_slave_0: entered promiscuous mode [ 91.690610][ T5809] hsr_slave_1: entered promiscuous mode [ 91.926365][ T5806] hsr_slave_0: entered promiscuous mode [ 91.927939][ T5806] hsr_slave_1: entered promiscuous mode [ 91.928906][ T5806] debugfs: 'hsr0' already exists in 'hsr' [ 91.929063][ T5806] Cannot create hsr debugfs directory [ 92.009097][ T5805] hsr_slave_0: entered promiscuous mode [ 92.009975][ T5805] hsr_slave_1: entered promiscuous mode [ 92.010590][ T5805] debugfs: 'hsr0' already exists in 'hsr' [ 92.010611][ T5805] Cannot create hsr debugfs directory [ 92.148131][ T5125] Bluetooth: hci1: command tx timeout [ 92.148208][ T5820] Bluetooth: hci3: command tx timeout [ 92.227229][ T5125] Bluetooth: hci2: command tx timeout [ 92.227506][ T5820] Bluetooth: hci4: command tx timeout [ 92.307223][ T5820] Bluetooth: hci0: command tx timeout [ 92.543272][ T5819] hsr_slave_0: entered promiscuous mode [ 92.544106][ T5819] hsr_slave_1: entered promiscuous mode [ 92.544651][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 92.544670][ T5819] Cannot create hsr debugfs directory [ 92.560689][ T5804] hsr_slave_0: entered promiscuous mode [ 92.561539][ T5804] hsr_slave_1: entered promiscuous mode [ 92.562084][ T5804] debugfs: 'hsr0' already exists in 'hsr' [ 92.562104][ T5804] Cannot create hsr debugfs directory [ 93.895068][ T5809] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.923530][ T5809] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.953694][ T5809] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.004175][ T5809] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.093616][ T5806] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 94.144337][ T5806] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 94.164856][ T5806] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 94.218152][ T5806] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 94.228167][ T5125] Bluetooth: hci1: command tx timeout [ 94.228212][ T5820] Bluetooth: hci3: command tx timeout [ 94.308233][ T5125] Bluetooth: hci2: command tx timeout [ 94.308278][ T5820] Bluetooth: hci4: command tx timeout [ 94.329863][ T5819] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.361554][ T5819] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.387342][ T5820] Bluetooth: hci0: command tx timeout [ 94.409710][ T5819] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.470823][ T5819] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.610196][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.669043][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.708605][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.766652][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.900407][ T5804] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 94.944990][ T5804] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 94.975262][ T5804] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.013929][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.019012][ T5804] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.135889][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.155827][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.195793][ T150] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.196710][ T150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.242619][ T986] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.242779][ T986] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.291968][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.321489][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.343437][ T150] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.343645][ T150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.381452][ T150] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.381994][ T150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.431918][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.461814][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.484909][ T86] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.486018][ T86] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.535727][ T86] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.535912][ T86] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.609580][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.660187][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.665953][ T1405] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.678186][ T1405] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.745057][ T86] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.745156][ T86] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.859415][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.902479][ T1211] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.902710][ T1211] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.960840][ T1364] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.960992][ T1364] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.109631][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.321056][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.432845][ T5809] veth0_vlan: entered promiscuous mode [ 96.440279][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.506456][ T5809] veth1_vlan: entered promiscuous mode [ 96.625834][ T5819] veth0_vlan: entered promiscuous mode [ 96.639237][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.688178][ T5819] veth1_vlan: entered promiscuous mode [ 96.740258][ T5809] veth0_macvtap: entered promiscuous mode [ 96.758297][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.776176][ T5809] veth1_macvtap: entered promiscuous mode [ 96.883169][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.915970][ T5805] veth0_vlan: entered promiscuous mode [ 96.924321][ T5819] veth0_macvtap: entered promiscuous mode [ 96.936287][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.969961][ T5819] veth1_macvtap: entered promiscuous mode [ 96.987547][ T5805] veth1_vlan: entered promiscuous mode [ 96.990428][ T1364] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.996305][ T1364] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.007721][ T1364] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.037751][ T1364] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.046331][ T5804] veth0_vlan: entered promiscuous mode [ 97.073612][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.182696][ T5804] veth1_vlan: entered promiscuous mode [ 97.185732][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.296597][ T1211] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.316353][ T1211] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.341621][ T1211] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.358849][ T1211] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.386533][ T5805] veth0_macvtap: entered promiscuous mode [ 97.446275][ T1364] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.446300][ T1364] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.448947][ T5805] veth1_macvtap: entered promiscuous mode [ 97.479964][ T5806] veth0_vlan: entered promiscuous mode [ 97.635097][ T5806] veth1_vlan: entered promiscuous mode [ 97.644733][ T1172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.644752][ T1172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.651545][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.653539][ T5804] veth0_macvtap: entered promiscuous mode [ 97.739885][ T5804] veth1_macvtap: entered promiscuous mode [ 97.745255][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.775230][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.775249][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.796101][ T1168] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.803216][ T1168] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.808791][ T1168] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.811965][ T1168] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.881176][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.899459][ T5806] veth0_macvtap: entered promiscuous mode [ 97.994840][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.012791][ T5806] veth1_macvtap: entered promiscuous mode [ 98.015450][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.015462][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.217005][ T1172] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.261350][ T1172] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.263039][ T1172] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.286089][ T1172] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.320502][ T1364] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.320521][ T1364] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.362804][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.745621][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.035917][ T1416] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.054902][ T1416] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.056645][ T1172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.056664][ T1172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.101032][ T1405] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.104578][ T1405] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.333133][ T1172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.333152][ T1172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.617910][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.617928][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.638389][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 99.663722][ T5939] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1'. [ 99.755628][ T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.755648][ T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.828425][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 99.897626][ T9] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 99.897653][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.897670][ T9] usb 2-1: Product: syz [ 99.897682][ T9] usb 2-1: Manufacturer: syz [ 99.897693][ T9] usb 2-1: SerialNumber: syz [ 99.951436][ T9] usb 2-1: config 0 descriptor?? [ 99.998972][ T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.998991][ T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.995868][ T5954] warning: `syz.0.12' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 101.433005][ T9] peak_usb 2-1:0.0 can0: unable to request usb[type=0 value=1] err=-71 [ 101.433034][ T9] peak_usb 2-1:0.0: unable to read PCAN-USB Pro firmware info (err -71) [ 101.787153][ T5962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 101.965021][ T9] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -71 [ 102.182456][ T9] usb 2-1: USB disconnect, device number 2 [ 103.047869][ T5980] netlink: 44 bytes leftover after parsing attributes in process `syz.3.18'. [ 103.625626][ T6001] overlayfs: failed to resolve './file0': -2 [ 105.024748][ T5991] can: request_module (can-proto-0) failed. [ 105.346925][ T5125] Bluetooth: hci4: command 0x0405 tx timeout [ 105.820957][ T6020] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 106.116882][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 106.117577][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.281747][ T6042] overlayfs: failed to resolve './file0': -2 [ 107.387784][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.596877][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.836880][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 108.576867][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 108.843529][ T6053] tmpfs: Bad value for 'mpol' [ 108.868944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 109.036916][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 110.576142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 110.576356][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 112.175653][ T6080] bond0: entered promiscuous mode [ 112.175669][ T6080] bond_slave_0: entered promiscuous mode [ 112.175806][ T6080] bond_slave_1: entered promiscuous mode [ 112.177879][ T6080] batadv0: entered promiscuous mode [ 112.217521][ T6079] netlink: 'syz.2.45': attribute type 10 has an invalid length. [ 112.264642][ T6079] syz_tun: entered promiscuous mode [ 112.311258][ T6079] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 114.178764][ T5808] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 114.318483][ T6106] fuse: Unknown parameter 'use00000000000000000000' [ 114.525354][ T5808] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 114.525381][ T5808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.525399][ T5808] usb 3-1: Product: syz [ 114.525411][ T5808] usb 3-1: Manufacturer: syz [ 114.525424][ T5808] usb 3-1: SerialNumber: syz [ 115.313368][ T5808] usb 3-1: config 0 descriptor?? [ 115.640046][ T5808] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 115.967437][ T5985] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 116.116968][ T5985] usb 4-1: Using ep0 maxpacket: 8 [ 116.131679][ T5985] usb 4-1: config 0 has no interfaces? [ 116.131716][ T5985] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 116.131736][ T5985] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.622642][ T5985] usb 4-1: config 0 descriptor?? [ 117.251244][ T5808] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 117.284031][ T5808] usb 3-1: USB disconnect, device number 2 [ 117.297495][ T6105] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 117.355203][ T9] usb 4-1: USB disconnect, device number 2 [ 117.446956][ T6105] usb 2-1: Using ep0 maxpacket: 16 [ 117.449760][ T6105] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 117.449789][ T6105] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 117.452834][ T6105] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 117.452859][ T6105] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.452876][ T6105] usb 2-1: Product: syz [ 117.452889][ T6105] usb 2-1: Manufacturer: syz [ 117.452901][ T6105] usb 2-1: SerialNumber: syz [ 117.670583][ T6105] usb 2-1: config 0 descriptor?? [ 117.685087][ T6105] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 117.685108][ T6105] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 118.774049][ T6105] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 118.847402][ T6105] em28xx 2-1:0.0: Config register raw data: 0x41 [ 119.088470][ T6105] usb 2-1: USB disconnect, device number 3 [ 119.090876][ T6105] em28xx 2-1:0.0: Disconnecting em28xx [ 119.152034][ T6105] em28xx 2-1:0.0: Freeing device [ 120.327512][ T6147] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.334136][ T6147] netlink: 'syz.2.66': attribute type 12 has an invalid length. [ 120.334156][ T6147] netlink: 'syz.2.66': attribute type 29 has an invalid length. [ 120.334168][ T6147] netlink: 148 bytes leftover after parsing attributes in process `syz.2.66'. [ 121.688212][ T6152] fuse: Unknown parameter 'use00000000000000000000' [ 122.644343][ T6170] overlayfs: missing 'workdir' [ 123.322045][ T5808] IPVS: starting estimator thread 0... [ 123.371513][ T5985] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 123.418819][ T6178] IPVS: using max 7 ests per chain, 16800 per kthread [ 123.532442][ T5985] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 123.532469][ T5985] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.532487][ T5985] usb 1-1: Product: syz [ 123.532500][ T5985] usb 1-1: Manufacturer: syz [ 123.532513][ T5985] usb 1-1: SerialNumber: syz [ 123.593787][ T5985] usb 1-1: config 0 descriptor?? [ 123.826801][ T5985] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 124.786568][ T6189] netlink: 76 bytes leftover after parsing attributes in process `syz.3.77'. [ 125.340206][ T5985] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 125.357709][ T5985] usb 1-1: USB disconnect, device number 2 [ 128.392813][ T6230] sg_write: data in/out 49276/1 bytes for SCSI command 0x6-- guessing data in; [ 128.392813][ T6230] program syz.2.86 not setting count and/or reply_len properly [ 129.301334][ T6238] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 133.428962][ T6270] overlayfs: failed to resolve './file1': -2 [ 134.452943][ T6272] fuse: Bad value for 'fd' [ 134.902685][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.902787][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.549345][ T6281] syz.3.105: vmalloc error: size 10485760, failed to allocated page array size 20480, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 137.549690][ T6281] CPU: 0 UID: 0 PID: 6281 Comm: syz.3.105 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 137.549713][ T6281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 137.549731][ T6281] Call Trace: [ 137.549740][ T6281] [ 137.549749][ T6281] dump_stack_lvl+0x189/0x250 [ 137.549786][ T6281] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.549809][ T6281] ? __pfx__printk+0x10/0x10 [ 137.549836][ T6281] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 137.549859][ T6281] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 137.549884][ T6281] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 137.549909][ T6281] warn_alloc+0x22e/0x3b0 [ 137.549938][ T6281] ? __pfx_warn_alloc+0x10/0x10 [ 137.549967][ T6281] ? __get_vm_area_node+0x2bc/0x350 [ 137.549993][ T6281] ? hash_ipportip_create+0x354/0xf90 [ 137.550021][ T6281] __vmalloc_node_range_noprof+0x690/0x12d0 [ 137.550048][ T6281] ? __alloc_frozen_pages_noprof+0x9f/0x370 [ 137.550097][ T6281] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 137.550128][ T6281] ? rcu_is_watching+0x15/0xb0 [ 137.550155][ T6281] __kvmalloc_node_noprof+0x4a3/0x920 [ 137.550175][ T6281] ? hash_ipportip_create+0x354/0xf90 [ 137.550195][ T6281] ? __kmalloc_cache_noprof+0x1ef/0x6c0 [ 137.550218][ T6281] ? hash_ipportip_create+0x354/0xf90 [ 137.550249][ T6281] hash_ipportip_create+0x354/0xf90 [ 137.550281][ T6281] ? __nla_parse+0x40/0x60 [ 137.550307][ T6281] ? __pfx_hash_ipportip_create+0x10/0x10 [ 137.550332][ T6281] ip_set_create+0xa9c/0x1940 [ 137.550355][ T6281] ? __lock_acquire+0x6b6/0x2cf0 [ 137.550376][ T6281] ? ip_set_create+0x4a7/0x1940 [ 137.550421][ T6281] ? __pfx_ip_set_create+0x10/0x10 [ 137.550487][ T6281] nfnetlink_rcv_msg+0xb69/0x1150 [ 137.550508][ T6281] ? nfnetlink_rcv_msg+0x212/0x1150 [ 137.550549][ T6281] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 137.550566][ T6281] ? kasan_save_track+0x4f/0x80 [ 137.550635][ T6281] ? __local_bh_enable+0x27b/0x410 [ 137.550663][ T6281] netlink_rcv_skb+0x208/0x470 [ 137.550686][ T6281] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 137.550708][ T6281] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 137.550742][ T6281] ? bpf_lsm_capable+0x9/0x20 [ 137.550762][ T6281] ? security_capable+0x7e/0x2e0 [ 137.550790][ T6281] nfnetlink_rcv+0x282/0x2590 [ 137.550816][ T6281] ? __dev_queue_xmit+0x1ccf/0x3b50 [ 137.550851][ T6281] ? __dev_queue_xmit+0x247/0x3b50 [ 137.550889][ T6281] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 137.550908][ T6281] ? __pfx___dev_queue_xmit+0x10/0x10 [ 137.550948][ T6281] ? ref_tracker_free+0x61e/0x7c0 [ 137.550972][ T6281] ? __asan_memcpy+0x40/0x70 [ 137.550994][ T6281] ? __pfx_ref_tracker_free+0x10/0x10 [ 137.551016][ T6281] ? __skb_clone+0x63/0x7a0 [ 137.551043][ T6281] ? __skb_clone+0x483/0x7a0 [ 137.551074][ T6281] ? skb_clone+0x246/0x3a0 [ 137.551100][ T6281] ? __netlink_deliver_tap+0x807/0x850 [ 137.551121][ T6281] ? netlink_deliver_tap+0x2e/0x1b0 [ 137.551148][ T6281] ? netlink_deliver_tap+0x2e/0x1b0 [ 137.551179][ T6281] netlink_unicast+0x846/0xa10 [ 137.551208][ T6281] ? __pfx_netlink_unicast+0x10/0x10 [ 137.551230][ T6281] ? netlink_sendmsg+0x642/0xb30 [ 137.551249][ T6281] ? skb_put+0x11b/0x210 [ 137.551274][ T6281] netlink_sendmsg+0x805/0xb30 [ 137.551306][ T6281] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.551337][ T6281] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 137.551354][ T6281] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.551377][ T6281] __sock_sendmsg+0x21c/0x270 [ 137.551412][ T6281] ____sys_sendmsg+0x508/0x810 [ 137.551441][ T6281] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.551474][ T6281] ? import_iovec+0x74/0xa0 [ 137.551497][ T6281] ___sys_sendmsg+0x21f/0x2a0 [ 137.551523][ T6281] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.551554][ T6281] ? futex_wake+0x4b5/0x560 [ 137.551609][ T6281] ? __fget_files+0x2a/0x420 [ 137.551628][ T6281] ? __fget_files+0x3a6/0x420 [ 137.551660][ T6281] __x64_sys_sendmsg+0x1a1/0x260 [ 137.551686][ T6281] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 137.551728][ T6281] ? do_syscall_64+0xbe/0xf80 [ 137.551754][ T6281] do_syscall_64+0xfa/0xf80 [ 137.551775][ T6281] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.551794][ T6281] ? clear_bhb_loop+0x60/0xb0 [ 137.551817][ T6281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.551835][ T6281] RIP: 0033:0x7efc529ef749 [ 137.551862][ T6281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.551878][ T6281] RSP: 002b:00007efc50c2d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.551897][ T6281] RAX: ffffffffffffffda RBX: 00007efc52c46090 RCX: 00007efc529ef749 [ 137.551911][ T6281] RDX: 0000000000008000 RSI: 0000200000000100 RDI: 0000000000000009 [ 137.551924][ T6281] RBP: 00007efc52a73f91 R08: 0000000000000000 R09: 0000000000000000 [ 137.551935][ T6281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.551946][ T6281] R13: 00007efc52c46128 R14: 00007efc52c46090 R15: 00007ffdfcd884b8 [ 137.551980][ T6281] [ 137.551992][ T6281] Mem-Info: [ 137.552004][ T6281] active_anon:2255 inactive_anon:9707 isolated_anon:0 [ 137.552004][ T6281] active_file:5235 inactive_file:37871 isolated_file:0 [ 137.552004][ T6281] unevictable:768 dirty:227 writeback:0 [ 137.552004][ T6281] slab_reclaimable:11399 slab_unreclaimable:101544 [ 137.552004][ T6281] mapped:34372 shmem:7095 pagetables:1236 [ 137.552004][ T6281] sec_pagetables:0 bounce:0 [ 137.552004][ T6281] kernel_misc_reclaimable:0 [ 137.552004][ T6281] free:1330116 free_pcp:5324 free_cma:0 [ 137.552055][ T6281] Node 0 active_anon:9020kB inactive_anon:38828kB active_file:20740kB inactive_file:151484kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137488kB dirty:908kB writeback:0kB shmem:26844kB kernel_stack:13304kB pagetables:4768kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 137.552099][ T6281] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:176kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 137.552139][ T6281] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 137.552214][ T6281] lowmem_reserve[]: 0 2515 2516 2516 2516 [ 137.552248][ T6281] Node 0 DMA32 free:1404648kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:9020kB inactive_anon:38828kB active_file:20740kB inactive_file:151484kB unevictable:1536kB writepending:908kB zspages:0kB present:3129332kB managed:2575652kB mlocked:0kB bounce:0kB free_pcp:21264kB local_pcp:14124kB free_cma:0kB [ 137.552305][ T6281] lowmem_reserve[]: 0 0 1 1 1 [ 137.552336][ T6281] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 137.552389][ T6281] lowmem_reserve[]: 0 0 0 0 0 [ 137.552426][ T6281] Node 1 Normal free:3900456kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 137.552483][ T6281] lowmem_reserve[]: 0 0 0 0 0 [ 137.552519][ T6281] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 137.552883][ T6281] Node 0 DMA32: 1351*4kB (UME) 1187*8kB (UME) 662*16kB (UM) 55*32kB (UME) 22*64kB (UME) 21*128kB (UME) 4*256kB (UM) 8*512kB (ME) 6*1024kB (UM) 3*2048kB (UME) 331*4096kB (M) = 1404532kB [ 137.553035][ T6281] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 137.553129][ T6281] Node 1 Normal: 206*4kB (U) 48*8kB (UME) 29*16kB (UME) 184*32kB (UME) 82*64kB (UME) 25*128kB (UME) 16*256kB (UME) 9*512kB (UME) 3*1024kB (UME) 1*2048kB (U) 945*4096kB (M) = 3900552kB [ 137.553281][ T6281] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 137.553297][ T6281] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 137.553313][ T6281] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 137.553327][ T6281] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 137.553343][ T6281] 50197 total pagecache pages [ 137.553354][ T6281] 0 pages in swap cache [ 137.553360][ T6281] Free swap = 124996kB [ 137.553367][ T6281] Total swap = 124996kB [ 137.553375][ T6281] 2097051 pages RAM [ 137.553381][ T6281] 0 pages HighMem/MovableOnly [ 137.553388][ T6281] 421112 pages reserved [ 137.553394][ T6281] 0 pages cma reserved [ 139.806968][ T6203] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 139.972482][ T6203] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.972512][ T6203] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.972548][ T6203] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 139.972568][ T6203] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.043385][ T6203] usb 3-1: config 0 descriptor?? [ 140.743824][ T6203] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0 [ 140.743873][ T6203] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0 [ 140.743900][ T6203] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0 [ 140.875041][ T6334] Bluetooth: MGMT ver 1.23 [ 141.319550][ T6203] cm6533_jd 0003:0D8C:0022.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 141.419803][ T43] usb 3-1: USB disconnect, device number 3 [ 141.583497][ T6335] fido_id[6335]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 143.903932][ T6356] fuse: Bad value for 'fd' [ 144.417029][ T43] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 144.763689][ T6347] ALSA: mixer_oss: invalid OSS volume '' [ 144.914331][ T6371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.137'. [ 145.115689][ T43] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 145.115723][ T43] usb 3-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 145.115740][ T43] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 145.115790][ T43] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 145.115814][ T43] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024 [ 145.120513][ T43] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 145.120540][ T43] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 145.120556][ T43] usb 3-1: Product: syz [ 145.120568][ T43] usb 3-1: Manufacturer: syz [ 145.162932][ T43] cdc_wdm 3-1:1.0: skipping garbage [ 145.162951][ T43] cdc_wdm 3-1:1.0: skipping garbage [ 145.206502][ T43] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 145.206536][ T43] cdc_wdm 3-1:1.0: Unknown control protocol [ 145.267045][ T6371] bridge_slave_1: left allmulticast mode [ 145.267072][ T6371] bridge_slave_1: left promiscuous mode [ 145.326975][ T6371] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.579412][ T6371] bridge_slave_0: left allmulticast mode [ 146.579444][ T6371] bridge_slave_0: left promiscuous mode [ 146.579704][ T6371] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.263864][ T6390] netlink: 'syz.4.143': attribute type 1 has an invalid length. [ 147.417192][ T6390] 8021q: adding VLAN 0 to HW filter on device bond1 [ 148.594974][ T980] usb 3-1: USB disconnect, device number 4 [ 148.655778][ T6391] bond1: (slave ip6erspan0): making interface the new active one [ 148.709406][ T6391] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 148.841865][ T6400] fuse: Bad value for 'fd' [ 150.148271][ T5878] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 150.551727][ T5878] usb 5-1: Using ep0 maxpacket: 8 [ 150.798084][ T5878] usb 5-1: config 0 has no interfaces? [ 150.798119][ T5878] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 150.798140][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.875772][ T5878] usb 5-1: config 0 descriptor?? [ 153.527660][ T9] usb 5-1: USB disconnect, device number 2 [ 153.987162][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 154.161471][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.161503][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.161540][ T10] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 154.161560][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.210869][ T10] usb 1-1: config 0 descriptor?? [ 154.386082][ T5878] IPVS: starting estimator thread 0... [ 154.456586][ T10] usbhid 1-1:0.0: can't add hid device: -71 [ 154.456718][ T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 154.483032][ T6442] IPVS: using max 10 ests per chain, 24000 per kthread [ 154.493239][ T6440] netlink: 'syz.2.161': attribute type 1 has an invalid length. [ 154.530905][ T10] usb 1-1: USB disconnect, device number 3 [ 156.128906][ T6454] netlink: 'syz.4.159': attribute type 4 has an invalid length. [ 156.635086][ T6440] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 157.054097][ T6480] fuse: Unknown parameter '0x0000000000000003' [ 162.517757][ T6519] fuse: Unknown parameter '0xffffffffffffffff' [ 162.538350][ T6519] overlayfs: failed to clone upperpath [ 167.558558][ T6538] overlayfs: failed to clone upperpath [ 173.857745][ T6570] fuse: Unknown parameter '0x0000000000000003' [ 176.117719][ T6587] syz.1.203 (6587) used greatest stack depth: 17312 bytes left [ 178.331944][ T6599] overlayfs: failed to resolve './file1': -2 [ 180.021460][ T6606] netlink: 20 bytes leftover after parsing attributes in process `syz.2.209'. [ 180.048513][ T6607] fuse: Unknown parameter '0x0000000000000003' [ 181.232904][ T6612] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 192.575501][ T6655] fuse: Unknown parameter '0xffffffffffffffff' [ 192.905240][ T6655] overlayfs: failed to clone upperpath [ 197.618828][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.232'. [ 197.670146][ T6678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.232'. [ 198.804033][ T6675] team_slave_0: entered promiscuous mode [ 198.804116][ T6675] team_slave_1: entered promiscuous mode [ 198.804548][ T6675] macvtap1: entered promiscuous mode [ 198.804563][ T6675] team0: entered promiscuous mode [ 198.805229][ T6675] macvtap1: entered allmulticast mode [ 198.805243][ T6675] team0: entered allmulticast mode [ 198.805254][ T6675] team_slave_0: entered allmulticast mode [ 198.805270][ T6675] team_slave_1: entered allmulticast mode [ 198.808695][ T6675] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 198.810198][ T6681] lo speed is unknown, defaulting to 1000 [ 198.810419][ T6681] lo speed is unknown, defaulting to 1000 [ 198.814806][ T6681] lo speed is unknown, defaulting to 1000 [ 198.823852][ T6681] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 198.836761][ T6681] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 198.879550][ T6681] lo speed is unknown, defaulting to 1000 [ 198.883353][ T6681] lo speed is unknown, defaulting to 1000 [ 198.886590][ T6681] lo speed is unknown, defaulting to 1000 [ 198.889651][ T6681] lo speed is unknown, defaulting to 1000 [ 198.892581][ T6681] lo speed is unknown, defaulting to 1000 [ 199.057372][ T6678] macvtap1: left promiscuous mode [ 199.057392][ T6678] team0: left promiscuous mode [ 199.058180][ T6678] macvtap1: left allmulticast mode [ 199.058192][ T6678] team0: left allmulticast mode [ 199.058203][ T6678] team_slave_0: left allmulticast mode [ 199.058218][ T6678] team_slave_1: left allmulticast mode [ 199.524165][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.524236][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 210.733242][ T5804] bond0: (slave syz_tun): Releasing backup interface [ 211.886012][ T5820] Bluetooth: hci3: command 0x0406 tx timeout [ 211.886050][ T5820] Bluetooth: hci4: command 0x0405 tx timeout [ 211.886097][ T5125] Bluetooth: hci1: command 0x0406 tx timeout [ 219.272665][ T6720] netlink: 4 bytes leftover after parsing attributes in process `syz.3.247'. [ 219.359455][ T6721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.247'. [ 219.400137][ T6720] team_slave_0: entered promiscuous mode [ 219.400195][ T6720] team_slave_1: entered promiscuous mode [ 219.400462][ T6720] macvtap1: entered promiscuous mode [ 219.400475][ T6720] team0: entered promiscuous mode [ 219.401159][ T6720] macvtap1: entered allmulticast mode [ 219.401172][ T6720] team0: entered allmulticast mode [ 219.401182][ T6720] team_slave_0: entered allmulticast mode [ 219.401198][ T6720] team_slave_1: entered allmulticast mode [ 220.028763][ T6720] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 220.160520][ T6721] macvtap1: left promiscuous mode [ 220.160610][ T6721] team0: left promiscuous mode [ 220.161284][ T6721] macvtap1: left allmulticast mode [ 220.161299][ T6721] team0: left allmulticast mode [ 220.161310][ T6721] team_slave_0: left allmulticast mode [ 220.161326][ T6721] team_slave_1: left allmulticast mode [ 225.859263][ T5823] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 225.940088][ T5823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 226.386099][ T5823] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 226.389004][ T5823] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 226.389929][ T5823] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 228.101860][ T6732] lo speed is unknown, defaulting to 1000 [ 228.522760][ T5823] Bluetooth: hci0: command tx timeout [ 230.468262][ T5812] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 230.472388][ T5812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 230.632811][ T5812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 230.715309][ T5821] Bluetooth: hci0: command tx timeout [ 230.734193][ T5812] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 230.735169][ T5812] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 232.819069][ T6756] siw: device registration error -23 [ 232.904381][ T5823] Bluetooth: hci2: command tx timeout [ 232.924764][ T5812] Bluetooth: hci0: command tx timeout [ 234.949459][ T5812] Bluetooth: hci0: command tx timeout [ 234.949491][ T5812] Bluetooth: hci2: command tx timeout [ 237.028566][ T5823] Bluetooth: hci2: command tx timeout [ 237.250788][ T5812] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 237.253557][ T5812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 237.259426][ T5812] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 237.277213][ T5812] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 237.282646][ T5812] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 238.070222][ T6746] lo speed is unknown, defaulting to 1000 [ 239.107039][ T5812] Bluetooth: hci2: command tx timeout [ 239.347147][ T5812] Bluetooth: hci5: command tx timeout [ 240.074590][ T6510] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.625610][ T5812] Bluetooth: hci5: command tx timeout [ 243.926763][ T5812] Bluetooth: hci5: command tx timeout [ 244.127020][ T6761] lo speed is unknown, defaulting to 1000 [ 244.213190][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.183269][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.542054][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.592301][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.987102][ T5812] Bluetooth: hci5: command tx timeout [ 247.082412][ C0] vkms_vblank_simulate: vblank timer overrun [ 249.733515][ T6732] chnl_net:caif_netlink_parms(): no params data found [ 258.357896][ T6746] chnl_net:caif_netlink_parms(): no params data found [ 260.970374][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.970454][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 273.896334][ T6732] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.447154][ T6732] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.447407][ T6732] bridge_slave_0: entered allmulticast mode [ 274.483195][ T6732] bridge_slave_0: entered promiscuous mode [ 275.797761][ T6732] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.797897][ T6732] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.798134][ T6732] bridge_slave_1: entered allmulticast mode [ 275.800979][ T6732] bridge_slave_1: entered promiscuous mode [ 289.258202][ T5823] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 289.261092][ T5823] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 289.266752][ T5823] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 289.281661][ T5823] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 289.282598][ T5823] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 290.064009][ T6881] lo speed is unknown, defaulting to 1000 [ 291.667089][ T5823] Bluetooth: hci6: command tx timeout [ 292.841253][ T5812] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 293.746944][ T5821] Bluetooth: hci6: command tx timeout [ 293.779894][ T5812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 293.781103][ T5812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 294.290048][ T5812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 294.293172][ T5812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 295.641809][ T5812] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 295.655766][ T5812] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 295.666035][ T5812] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 295.692704][ T5812] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 295.693624][ T5812] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 295.945926][ T5812] Bluetooth: hci6: command tx timeout [ 296.516990][ T5812] Bluetooth: hci0: command tx timeout [ 297.747635][ T5812] Bluetooth: hci7: command tx timeout [ 297.987023][ T5812] Bluetooth: hci6: command tx timeout [ 298.558016][ T5812] Bluetooth: hci0: command tx timeout [ 299.828942][ T5812] Bluetooth: hci7: command tx timeout [ 300.730266][ T5812] Bluetooth: hci0: command tx timeout [ 301.909524][ T5812] Bluetooth: hci7: command tx timeout [ 302.821128][ T5812] Bluetooth: hci0: command tx timeout [ 304.067254][ T5812] Bluetooth: hci7: command tx timeout [ 308.428990][ T6892] lo speed is unknown, defaulting to 1000 [ 309.331650][ T6894] lo speed is unknown, defaulting to 1000 [ 314.842206][ T6008] IPVS: starting estimator thread 0... [ 315.107493][ T6962] IPVS: using max 7 ests per chain, 16800 per kthread [ 317.067526][ T6881] chnl_net:caif_netlink_parms(): no params data found [ 322.428117][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.428188][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.058370][ T6892] chnl_net:caif_netlink_parms(): no params data found [ 325.281560][ T5897] IPVS: starting estimator thread 0... [ 325.367297][ T7000] IPVS: using max 7 ests per chain, 16800 per kthread [ 336.064235][ T37] audit: type=1326 audit(1764828383.457:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.064289][ T37] audit: type=1326 audit(1764828383.617:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.064330][ T37] audit: type=1326 audit(1764828383.617:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.064369][ T37] audit: type=1326 audit(1764828383.617:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.064407][ T37] audit: type=1326 audit(1764828383.617:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.064446][ T37] audit: type=1326 audit(1764828383.617:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.236964][ T37] audit: type=1326 audit(1764828383.797:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.256970][ T37] audit: type=1326 audit(1764828383.817:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.257023][ T37] audit: type=1326 audit(1764828383.817:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 336.257128][ T37] audit: type=1326 audit(1764828383.817:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7014 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb848cdf749 code=0x7ffc0000 [ 338.701297][ T6881] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.723456][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.723729][ T6881] bridge_slave_0: entered allmulticast mode [ 338.767152][ T6881] bridge_slave_0: entered promiscuous mode [ 342.748899][ T6894] chnl_net:caif_netlink_parms(): no params data found [ 344.755775][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.328'. [ 348.564818][ T5823] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 348.603826][ T5823] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 348.616426][ T5823] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 348.625747][ T5823] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 348.640123][ T5823] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 349.835493][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 349.870721][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 349.872696][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 349.873967][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 349.895725][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 350.905547][ T5823] Bluetooth: hci1: command tx timeout [ 352.366929][ T5823] Bluetooth: hci2: command tx timeout [ 352.954337][ T5823] Bluetooth: hci1: command tx timeout [ 353.079418][ T5812] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 353.118108][ T5812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 353.120703][ T5812] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 353.122037][ T5812] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 353.122904][ T5812] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 354.387146][ T5812] Bluetooth: hci2: command tx timeout [ 355.027061][ T5812] Bluetooth: hci1: command tx timeout [ 355.346996][ T5812] Bluetooth: hci5: command tx timeout [ 355.883202][ T37] kauditd_printk_skb: 47 callbacks suppressed [ 355.883219][ T37] audit: type=1326 audit(1764828403.437:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.883264][ T37] audit: type=1326 audit(1764828403.447:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.883304][ T37] audit: type=1326 audit(1764828403.447:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.883343][ T37] audit: type=1326 audit(1764828403.447:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.883840][ T37] audit: type=1326 audit(1764828403.447:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.904772][ T37] audit: type=1326 audit(1764828403.447:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.907277][ T37] audit: type=1326 audit(1764828403.477:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.914987][ T37] audit: type=1326 audit(1764828403.477:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 355.915306][ T37] audit: type=1326 audit(1764828403.477:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 356.136113][ T37] audit: type=1326 audit(1764828403.507:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7055 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc529ef749 code=0x7ffc0000 [ 356.467044][ T5812] Bluetooth: hci2: command tx timeout [ 357.106988][ T5812] Bluetooth: hci1: command tx timeout [ 357.544630][ T5812] Bluetooth: hci5: command tx timeout [ 358.547033][ T5812] Bluetooth: hci2: command tx timeout [ 359.586972][ T5812] Bluetooth: hci5: command tx timeout [ 361.697180][ T5812] Bluetooth: hci5: command tx timeout [ 367.336055][ T7074] fuse: Bad value for 'fd' [ 367.767229][ T7040] lo speed is unknown, defaulting to 1000 [ 369.122958][ T7044] lo speed is unknown, defaulting to 1000 [ 370.458579][ T7049] lo speed is unknown, defaulting to 1000 [ 375.699664][ T7098] fuse: Bad value for 'fd' [ 383.849769][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.849917][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 391.985636][ T7040] chnl_net:caif_netlink_parms(): no params data found [ 394.457905][ T7140] fuse: Bad value for 'fd' [ 394.552878][ T7049] chnl_net:caif_netlink_parms(): no params data found [ 399.246317][ T7044] chnl_net:caif_netlink_parms(): no params data found [ 399.257468][ T7147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.359'. [ 403.578866][ T5823] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 403.604832][ T5823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 403.606528][ T5823] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 403.627018][ T5823] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 403.627781][ T5823] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 405.858976][ T5823] Bluetooth: hci0: command tx timeout [ 408.185815][ T5823] Bluetooth: hci0: command tx timeout [ 409.453488][ T7049] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR [ 409.563547][ T5812] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 409.587078][ T5812] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 409.600013][ T5812] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 409.601251][ T5812] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 409.602113][ T5812] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 410.237570][ T5812] Bluetooth: hci0: command tx timeout [ 411.667035][ T5812] Bluetooth: hci4: command tx timeout [ 412.326984][ T5812] Bluetooth: hci0: command tx timeout [ 413.221954][ T7174] siw: device registration error -23 [ 413.953818][ T5812] Bluetooth: hci4: command tx timeout [ 415.987672][ T5812] Bluetooth: hci4: command tx timeout [ 417.657903][ T7177] fuse: Bad value for 'fd' [ 417.728337][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 417.742484][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 417.759524][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 417.760866][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 417.761737][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 418.066961][ T5812] Bluetooth: hci4: command tx timeout [ 418.589747][ T5823] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 418.594326][ T5823] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 418.607674][ T5823] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 418.987162][ T5823] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 419.091377][ T7187] siw: device registration error -23 [ 419.941138][ T5814] Bluetooth: hci2: command tx timeout [ 419.941995][ T5125] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 421.560059][ T7189] netlink: 4 bytes leftover after parsing attributes in process `syz.1.366'. [ 421.987466][ T5812] Bluetooth: hci2: command tx timeout [ 421.991208][ T5125] Bluetooth: hci7: command 0x0406 tx timeout [ 423.118721][ T7176] lo speed is unknown, defaulting to 1000 [ 423.184113][ T7191] overlayfs: failed to resolve './file1/file0': -2 [ 423.987224][ T5823] Bluetooth: hci6: command tx timeout [ 424.067064][ T5823] Bluetooth: hci2: command tx timeout [ 426.067065][ T5823] Bluetooth: hci6: command tx timeout [ 426.147638][ T5823] Bluetooth: hci2: command tx timeout [ 428.147205][ T5823] Bluetooth: hci6: command tx timeout [ 428.782907][ T7166] lo speed is unknown, defaulting to 1000 [ 428.795667][ T7198] siw: device registration error -23 [ 430.227000][ T5823] Bluetooth: hci6: command tx timeout [ 440.798669][ T7156] lo speed is unknown, defaulting to 1000 [ 440.886497][ T7183] lo speed is unknown, defaulting to 1000 [ 441.227995][ T7208] siw: device registration error -23 [ 445.467920][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.467990][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.460142][ T7228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.373'. [ 449.107781][ T38] INFO: task syz-executor:6732 blocked for more than 143 seconds. [ 449.107804][ T38] Not tainted syzkaller #0 [ 449.107813][ T38] Blocked by coredump. [ 449.107818][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 449.107827][ T38] task:syz-executor state:D stack:18984 pid:6732 tgid:6732 ppid:1 task_flags:0x40054c flags:0x00080003 [ 449.107887][ T38] Call Trace: [ 449.107894][ T38] [ 449.107910][ T38] __schedule+0x1480/0x50a0 [ 449.107958][ T38] ? finish_task_switch+0x23d/0x940 [ 449.107986][ T38] ? __lock_acquire+0x6b6/0x2cf0 [ 449.108009][ T38] ? __pfx___schedule+0x10/0x10 [ 449.108045][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 449.108070][ T38] rt_mutex_schedule+0x77/0xf0 [ 449.108094][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 449.108119][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 449.108155][ T38] rt_mutex_slowlock+0x2a8/0x6b0 [ 449.108182][ T38] ? rt_mutex_slowlock+0x1c9/0x6b0 [ 449.108206][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 449.108243][ T38] ? rcu_barrier+0x4c/0x570 [ 449.108276][ T38] ? rcu_barrier+0x4c/0x570 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 449.108291][ T38] mutex_lock_nested+0x16a/0x1d0 [ 449.108313][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 449.108347][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.108369][ T38] rcu_barrier+0x4c/0x570 [ 449.108391][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.108412][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.108433][ T38] netdev_run_todo+0x327/0xea0 [ 449.108461][ T38] ? __pfx_netif_state_change+0x10/0x10 [ 449.108480][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 449.108501][ T38] ? lockdep_hardirqs_on+0x98/0x140 [ 449.108532][ T38] ? netdev_state_change+0x1ca/0x220 [ 449.108553][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.108574][ T38] tun_chr_close+0x13f/0x1c0 [ 449.108597][ T38] __fput+0x45b/0xa80 [ 449.108631][ T38] task_work_run+0x1d4/0x260 [ 449.108657][ T38] ? __pfx_task_work_run+0x10/0x10 [ 449.108679][ T38] ? do_exit+0x6c0/0x2310 [ 449.108701][ T38] ? do_exit+0x6c0/0x2310 [ 449.108728][ T38] do_exit+0x6c5/0x2310 [ 449.108750][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 449.108782][ T38] ? __pfx_do_exit+0x10/0x10 [ 449.108800][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 449.108816][ T38] ? rt_spin_lock+0x1c1/0x3e0 [ 449.108855][ T38] do_group_exit+0x21c/0x2d0 [ 449.108877][ T38] ? rt_spin_unlock+0x161/0x200 [ 449.108897][ T38] get_signal+0x125d/0x1310 [ 449.108941][ T38] arch_do_signal_or_restart+0x9a/0x7a0 [ 449.108970][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 449.109010][ T38] ? exit_to_user_mode_loop+0x55/0x4f0 [ 449.109037][ T38] exit_to_user_mode_loop+0x87/0x4f0 [ 449.109057][ T38] ? rcu_is_watching+0x15/0xb0 [ 449.109086][ T38] do_syscall_64+0x2e3/0xf80 [ 449.109107][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.109124][ T38] ? clear_bhb_loop+0x60/0xb0 [ 449.109146][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.109169][ T38] RIP: 0033:0x7f1e8bcd15dc [ 449.109185][ T38] RSP: 002b:00007fff6b85eab0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 449.109203][ T38] RAX: 0000000000000068 RBX: 00007f1e8ca54620 RCX: 00007f1e8bcd15dc [ 449.109216][ T38] RDX: 0000000000000068 RSI: 00007f1e8ca54670 RDI: 0000000000000003 [ 449.109227][ T38] RBP: 0000000000000000 R08: 00007fff6b85eb04 R09: 000000000000000c [ 449.109238][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 449.109249][ T38] R13: 0000000000000000 R14: 00007f1e8ca54670 R15: 0000000000000000 [ 449.109281][ T38] [ 449.109289][ T38] INFO: task syz-executor:6746 blocked for more than 143 seconds. [ 449.109301][ T38] Not tainted syzkaller #0 [ 449.109309][ T38] Blocked by coredump. [ 449.109315][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 449.109323][ T38] task:syz-executor state:D stack:17056 pid:6746 tgid:6746 ppid:1 task_flags:0x40054c flags:0x00080003 [ 449.109365][ T38] Call Trace: [ 449.109371][ T38] [ 449.109383][ T38] __schedule+0x1480/0x50a0 [ 449.109431][ T38] ? __lock_acquire+0x6b6/0x2cf0 [ 449.109453][ T38] ? __pfx___schedule+0x10/0x10 [ 449.109489][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 449.109512][ T38] rt_mutex_schedule+0x77/0xf0 [ 449.109535][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 449.109559][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 449.109601][ T38] rt_mutex_slowlock+0x2a8/0x6b0 [ 449.109628][ T38] ? rt_mutex_slowlock+0x1c9/0x6b0 [ 449.109652][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 449.109690][ T38] ? rcu_barrier+0x4c/0x570 [ 449.109722][ T38] ? rcu_barrier+0x4c/0x570 [ 449.109737][ T38] mutex_lock_nested+0x16a/0x1d0 [ 449.109759][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 449.109784][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.109805][ T38] rcu_barrier+0x4c/0x570 [ 449.109827][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.109848][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.109869][ T38] netdev_run_todo+0x327/0xea0 [ 449.109895][ T38] ? __pfx_netif_state_change+0x10/0x10 [ 449.109913][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 449.109935][ T38] ? lockdep_hardirqs_on+0x98/0x140 [ 449.109965][ T38] ? netdev_state_change+0x1ca/0x220 [ 449.109985][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.110015][ T38] tun_chr_close+0x13f/0x1c0 [ 449.110037][ T38] __fput+0x45b/0xa80 [ 449.110071][ T38] task_work_run+0x1d4/0x260 [ 449.110097][ T38] ? __pfx_task_work_run+0x10/0x10 [ 449.110119][ T38] ? do_exit+0x6c0/0x2310 [ 449.110140][ T38] ? do_exit+0x6c0/0x2310 [ 449.110167][ T38] do_exit+0x6c5/0x2310 [ 449.110187][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 449.110220][ T38] ? __pfx_do_exit+0x10/0x10 [ 449.110238][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 449.110254][ T38] ? rt_spin_lock+0x1c1/0x3e0 [ 449.110293][ T38] do_group_exit+0x21c/0x2d0 [ 449.110315][ T38] ? rt_spin_unlock+0x161/0x200 [ 449.110339][ T38] get_signal+0x125d/0x1310 [ 449.110380][ T38] arch_do_signal_or_restart+0x9a/0x7a0 [ 449.110408][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 449.110449][ T38] ? exit_to_user_mode_loop+0x55/0x4f0 [ 449.110474][ T38] exit_to_user_mode_loop+0x87/0x4f0 [ 449.110495][ T38] ? rcu_is_watching+0x15/0xb0 [ 449.110523][ T38] do_syscall_64+0x2e3/0xf80 [ 449.110544][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.110561][ T38] ? clear_bhb_loop+0x60/0xb0 [ 449.110582][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.110599][ T38] RIP: 0033:0x7fec35a615dc [ 449.110614][ T38] RSP: 002b:00007ffee862d730 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 449.110632][ T38] RAX: 000000000000006c RBX: 00007fec367e4620 RCX: 00007fec35a615dc [ 449.110644][ T38] RDX: 000000000000006c RSI: 00007fec367e4670 RDI: 0000000000000003 [ 449.110655][ T38] RBP: 0000000000000000 R08: 00007ffee862d784 R09: 000000000000000c [ 449.110666][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 449.110677][ T38] R13: 0000000000000000 R14: 00007fec367e4670 R15: 0000000000000000 [ 449.110710][ T38] [ 449.110718][ T38] INFO: task syz-executor:6761 blocked for more than 143 seconds. [ 449.110730][ T38] Not tainted syzkaller #0 [ 449.110738][ T38] Blocked by coredump. [ 449.110744][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 449.110751][ T38] task:syz-executor state:D stack:21080 pid:6761 tgid:6761 ppid:1 task_flags:0x40054c flags:0x00080003 [ 449.110790][ T38] Call Trace: [ 449.110795][ T38] [ 449.110807][ T38] __schedule+0x1480/0x50a0 [ 449.110854][ T38] ? __lock_acquire+0x6b6/0x2cf0 [ 449.110876][ T38] ? __pfx___schedule+0x10/0x10 [ 449.110912][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 449.110934][ T38] rt_mutex_schedule+0x77/0xf0 [ 449.110959][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 449.110982][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 449.111026][ T38] rt_mutex_slowlock+0x2a8/0x6b0 [ 449.111052][ T38] ? rt_mutex_slowlock+0x1c9/0x6b0 [ 449.111077][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 449.111114][ T38] ? rcu_barrier+0x4c/0x570 [ 449.111147][ T38] ? rcu_barrier+0x4c/0x570 [ 449.111162][ T38] mutex_lock_nested+0x16a/0x1d0 [ 449.111183][ T38] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 449.111208][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.111229][ T38] rcu_barrier+0x4c/0x570 [ 449.111252][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.111273][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.111294][ T38] netdev_run_todo+0x327/0xea0 [ 449.111320][ T38] ? __pfx_netif_state_change+0x10/0x10 [ 449.111346][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 449.111368][ T38] ? lockdep_hardirqs_on+0x98/0x140 [ 449.111398][ T38] ? netdev_state_change+0x1ca/0x220 [ 449.111419][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 449.111440][ T38] tun_chr_close+0x13f/0x1c0 [ 449.111462][ T38] __fput+0x45b/0xa80 [ 449.111495][ T38] task_work_run+0x1d4/0x260 [ 449.111521][ T38] ? __pfx_task_work_run+0x10/0x10 [ 449.111543][ T38] ? do_exit+0x6c0/0x2310 [ 449.111564][ T38] ? do_exit+0x6c0/0x2310 [ 449.111590][ T38] do_exit+0x6c5/0x2310 [ 449.111611][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 449.111644][ T38] ? __pfx_do_exit+0x10/0x10 [ 449.111662][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 449.111678][ T38] ? rt_spin_lock+0x1c1/0x3e0 [ 449.111717][ T38] do_group_exit+0x21c/0x2d0 [ 449.111739][ T38] ? rt_spin_unlock+0x161/0x200 [ 449.111759][ T38] get_signal+0x125d/0x1310 [ 449.111802][ T38] arch_do_signal_or_restart+0x9a/0x7a0 [ 449.111829][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 449.111870][ T38] ? exit_to_user_mode_loop+0x55/0x4f0 [ 449.111895][ T38] exit_to_user_mode_loop+0x87/0x4f0 [ 449.111915][ T38] ? rcu_is_watching+0x15/0xb0 [ 449.111944][ T38] do_syscall_64+0x2e3/0xf80 [ 449.111964][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.111982][ T38] ? clear_bhb_loop+0x60/0xb0 [ 449.112012][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.112029][ T38] RIP: 0033:0x7f217bcb15dc [ 449.112043][ T38] RSP: 002b:00007ffdcb4bf640 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 449.112060][ T38] RAX: 000000000000003c RBX: 00007f217ca34620 RCX: 00007f217bcb15dc [ 449.112073][ T38] RDX: 000000000000003c RSI: 00007f217ca34670 RDI: 0000000000000003 [ 449.112084][ T38] RBP: 0000000000000000 R08: 00007ffdcb4bf694 R09: 000000000000000c [ 449.112095][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 449.112105][ T38] R13: 0000000000000000 R14: 00007f217ca34670 R15: 0000000000000000 [ 449.112138][ T38] [ 449.112183][ T38] [ 449.112183][ T38] Showing all locks held in the system: [ 449.112192][ T38] 2 locks held by kworker/u8:1/13: [ 449.112203][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112248][ T38] #1: ffffc90000127b80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112291][ T38] 4 locks held by rcuc/1/28: [ 449.112301][ T38] 1 lock held by khungtaskd/38: [ 449.112311][ T38] #0: ffffffff8d5aec20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 449.112365][ T38] 2 locks held by kworker/u8:2/44: [ 449.112374][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112415][ T38] #1: ffffc90000b57b80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112458][ T38] 2 locks held by kworker/u8:5/86: [ 449.112467][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112508][ T38] #1: ffffc9000155fb80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112552][ T38] 2 locks held by kworker/u8:6/150: [ 449.112561][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112601][ T38] #1: ffffc90003ba7b80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112645][ T38] 2 locks held by kworker/u8:7/986: [ 449.112655][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112695][ T38] #1: ffffc9000469fb80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112739][ T38] 2 locks held by kworker/u8:10/1211: [ 449.112749][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112789][ T38] #1: ffffc90004e5fb80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112831][ T38] 5 locks held by kworker/u8:13/1405: [ 449.112842][ T38] 2 locks held by kworker/u8:14/1416: [ 449.112851][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112892][ T38] #1: ffffc9000538fb80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.112933][ T38] 2 locks held by kworker/u8:16/1462: [ 449.112943][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.112984][ T38] #1: ffffc9000553fb80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.113025][ T38] 3 locks held by kworker/u8:17/1492: [ 449.113035][ T38] #0: ffff88802fd35138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.113075][ T38] #1: ffffc900055dfb80 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.113117][ T38] #2: ffffffff8e888cb8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x119/0x15a0 [ 449.113174][ T38] 2 locks held by getty/5568: [ 449.113184][ T38] #0: ffff88823bf428a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 449.113227][ T38] #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400 [ 449.113275][ T38] 1 lock held by syz-executor/5819: [ 449.113284][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.113340][ T38] 5 locks held by kworker/0:11/6203: [ 449.113351][ T38] 6 locks held by kworker/u8:21/6510: [ 449.113361][ T38] #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.113402][ T38] #1: ffffc9000744fb80 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.113442][ T38] #2: ffffffff8e87bca0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7b0 [ 449.113483][ T38] #3: ffff88805bf7a0d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x10a/0x3d0 [ 449.113527][ T38] #4: ffff88805bf7c300 (&devlink->lock_key#4){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x11c/0x3d0 [ 449.113574][ T38] #5: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.113613][ T38] 2 locks held by kworker/u8:22/6550: [ 449.113623][ T38] #0: ffff888146685938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 449.113664][ T38] #1: ffffc9000ca57b80 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 449.586905][ T38] 1 lock held by syz.4.241/6705: [ 449.586921][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.586970][ T38] 1 lock held by syz-executor/6732: [ 449.586980][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587018][ T38] 1 lock held by syz-executor/6746: [ 449.587027][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587067][ T38] 2 locks held by kworker/u8:23/6759: [ 449.587076][ T38] 1 lock held by syz-executor/6761: [ 449.587085][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587125][ T38] 1 lock held by syz-executor/6881: [ 449.587133][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587171][ T38] 1 lock held by syz-executor/6892: [ 449.587180][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587220][ T38] 2 locks held by syz-executor/6894: [ 449.587229][ T38] #0: ffffffff8e016440 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 449.587276][ T38] #1: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587315][ T38] 5 locks held by kworker/u8:25/6999: [ 449.587325][ T38] 4 locks held by kworker/u8:27/7015: [ 449.587335][ T38] 1 lock held by syz-executor/7040: [ 449.587344][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587383][ T38] 1 lock held by syz-executor/7044: [ 449.587392][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587430][ T38] 5 locks held by kworker/u8:28/7047: [ 449.587440][ T38] 1 lock held by syz-executor/7049: [ 449.587449][ T38] #0: ffffffff8d5b4630 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 449.587489][ T38] 2 locks held by syz-executor/7156: [ 449.587499][ T38] #0: ffffffff8edaf6d0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 449.587543][ T38] #1: ffffffff8e888cb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 449.587592][ T38] 6 locks held by syz-executor/7166: [ 449.587601][ T38] 2 locks held by syz-executor/7176: [ 449.587610][ T38] #0: ffffffff8ed96900 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 449.587651][ T38] #1: ffffffff8e888cb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 449.587687][ T38] 1 lock held by syz-executor/7183: [ 449.587695][ T38] #0: ffffffff8e888cb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70 [ 449.587733][ T38] 1 lock held by syz.1.373/7228: [ 449.587741][ T38] #0: ffffffff8e888cb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dellink+0x3ce/0x720 [ 449.587782][ T38] [ 449.587786][ T38] ============================================= [ 449.587786][ T38] [ 449.587811][ T38] NMI backtrace for cpu 1 [ 449.587829][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 449.587846][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 449.587856][ T38] Call Trace: [ 449.587862][ T38] [ 449.587870][ T38] dump_stack_lvl+0x189/0x250 [ 449.587893][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 449.587911][ T38] ? __pfx__printk+0x10/0x10 [ 449.587949][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 449.587977][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 449.588003][ T38] ? __pfx__printk+0x10/0x10 [ 449.588031][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 449.588051][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 449.588078][ T38] watchdog+0xf3c/0xf80 [ 449.588100][ T38] ? watchdog+0x1e2/0xf80 [ 449.588123][ T38] kthread+0x711/0x8a0 [ 449.588148][ T38] ? __pfx_watchdog+0x10/0x10 [ 449.588163][ T38] ? __pfx_kthread+0x10/0x10 [ 449.588181][ T38] ? rt_spin_unlock+0x150/0x200 [ 449.588203][ T38] ? rt_spin_unlock+0x161/0x200 [ 449.588217][ T38] ? __pfx_kthread+0x10/0x10 [ 449.588239][ T38] ret_from_fork+0x599/0xb30 [ 449.588260][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 449.588289][ T38] ? __switch_to_asm+0x39/0x70 [ 449.588308][ T38] ? __switch_to_asm+0x33/0x70 [ 449.588325][ T38] ? __pfx_kthread+0x10/0x10 [ 449.588348][ T38] ret_from_fork_asm+0x1a/0x30 [ 449.588387][ T38] [ 449.588394][ T38] Sending NMI from CPU 1 to CPUs 0: [ 449.588420][ C0] NMI backtrace for cpu 0 [ 449.588433][ C0] CPU: 0 UID: 0 PID: 5983 Comm: kworker/0:8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 449.588452][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 449.588463][ C0] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 449.588489][ C0] RIP: 0010:do_raw_spin_lock+0x125/0x290 [ 449.588509][ C0] Code: 00 00 c7 44 24 40 00 00 00 00 48 89 df be 04 00 00 00 e8 1e 03 84 00 48 8d 7c 24 40 be 04 00 00 00 e8 0f 03 84 00 8b 44 24 40 01 00 00 00 f0 0f b1 0b 0f 85 dd 00 00 00 65 8b 1d 09 8a 0c 10 [ 449.588524][ C0] RSP: 0018:ffffc9000547f780 EFLAGS: 00000097 [ 449.588538][ C0] RAX: 0000000000000000 RBX: ffffffff8dfe0500 RCX: ffffffff819d6611 [ 449.588550][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc9000547f7c0 [ 449.588561][ C0] RBP: ffffc9000547f830 R08: 0000000000000003 R09: 0000000000000004 [ 449.588572][ C0] R10: dffffc0000000000 R11: fffff52000a8fef8 R12: ffffffff8dfe0510 [ 449.588584][ C0] R13: ffffffff8dfe0508 R14: 1ffffffff1bfc0a2 R15: 1ffffffff1bfc0a1 [ 449.588597][ C0] FS: 0000000000000000(0000) GS:ffff888126d81000(0000) knlGS:0000000000000000 [ 449.588611][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 449.588623][ C0] CR2: 00007f866b757d60 CR3: 000000003b950000 CR4: 00000000003526f0 [ 449.588638][ C0] Call Trace: [ 449.588645][ C0] [ 449.588654][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 449.588671][ C0] ? __lock_acquire+0x6b6/0x2cf0 [ 449.588698][ C0] _raw_spin_lock_irqsave+0xb3/0xf0 [ 449.588717][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 449.588737][ C0] ? rt_spin_lock+0x1c1/0x3e0 [ 449.588764][ C0] rt_mutex_slowunlock+0xb0/0x8a0 [ 449.588780][ C0] ? rt_spin_lock+0x1c1/0x3e0 [ 449.588805][ C0] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 449.588822][ C0] ? rt_spin_unlock+0x150/0x200 [ 449.588839][ C0] ? rt_spin_unlock+0x161/0x200 [ 449.588855][ C0] wg_ratelimiter_gc_entries+0x3a8/0x480 [ 449.588879][ C0] ? process_scheduled_works+0x9ef/0x1770 [ 449.588898][ C0] process_scheduled_works+0xad1/0x1770 [ 449.588933][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 449.588961][ C0] worker_thread+0x8a0/0xda0 [ 449.588981][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 449.589006][ C0] ? __kthread_parkme+0x7b/0x200 [ 449.589030][ C0] kthread+0x711/0x8a0 [ 449.589053][ C0] ? __pfx_worker_thread+0x10/0x10 [ 449.589070][ C0] ? __pfx_kthread+0x10/0x10 [ 449.589089][ C0] ? rt_spin_unlock+0x150/0x200 [ 449.589106][ C0] ? rt_spin_unlock+0x161/0x200 [ 449.589120][ C0] ? __pfx_kthread+0x10/0x10 [ 449.589141][ C0] ret_from_fork+0x599/0xb30 [ 449.589159][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 449.589182][ C0] ? __switch_to_asm+0x39/0x70 [ 449.589201][ C0] ? __switch_to_asm+0x33/0x70 [ 449.589221][ C0] ? __pfx_kthread+0x10/0x10 [ 449.589242][ C0] ret_from_fork_asm+0x1a/0x30 [ 449.589274][ C0]