last executing test programs: 2m27.128336103s ago: executing program 1 (id=670): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0, @local, 0x0, 0x0, 0x4, 0x200, 0xfff, 0x4400200, r1}) 2m26.922538713s ago: executing program 1 (id=672): unshare(0x22020600) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0) fchown(r0, 0xee01, 0x0) 2m26.656748078s ago: executing program 1 (id=673): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0x1, &(0x7f00000001c0)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x401c2, 0x80) ftruncate(r0, 0x8800000) 2m26.444343254s ago: executing program 1 (id=674): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x17ef, 0x60ee, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x20, 0x4, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x3, 0x4, 0xfd}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000200)={0x0, 0x24, 0x8, {0x8, 0x8, "926bf9af007e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 2m24.087608119s ago: executing program 1 (id=692): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10) mknod(&(0x7f0000000000)='./file0\x00', 0x8, 0x184) 2m23.864275745s ago: executing program 1 (id=695): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) getsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000001cc0)=""/4096, &(0x7f00000000c0)=0x1000) 2m8.698753069s ago: executing program 32 (id=695): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) getsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000001cc0)=""/4096, &(0x7f00000000c0)=0x1000) 1m26.688173776s ago: executing program 2 (id=1013): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x378, 0x3) 1m26.181703139s ago: executing program 2 (id=1017): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x62, 0x5, 0x1360, 0x1178, 0x1280, 0xffffffff, 0x1280, 0x1280, 0x1470, 0x1470, 0xffffffff, 0x1470, 0x1470, 0x5, 0x0, {[{{@ip={@multicast2, @multicast1, 0x0, 0x0, 'veth0_to_bond\x00', 'wg1\x00', {0xff}}, 0x0, 0x10a0, 0x10d0, 0x0, {0x22e}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.net/syz0\x00', 0x9, {0x100000004}}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff}, {0xffffffffffffffff, 0x1, 0x4}, 0xfffffffa, 0x3}}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x3dc, {0x0, @rand_addr=0x64010102, @remote, @port=0x4e21, @gre_key}}}}, {{@ip={@broadcast, @rand_addr=0x64010100, 0x0, 0x0, 'veth1_to_team\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @private=0x1, @multicast2, @gre_key, @icmp_id}}}}, {{@ip={@remote, @dev, 0xff000000, 0x0, 'pimreg1\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x13c0) 1m25.903967525s ago: executing program 2 (id=1020): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x611, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6}}}, @m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xa0}}, 0x0) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e0001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 1m25.370755175s ago: executing program 2 (id=1022): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x2000) mmap$dsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xd, 0x11, r0, 0x0) 1m24.71262016s ago: executing program 2 (id=1024): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r1, 0x0, 0x801, 0xe) 1m24.498134726s ago: executing program 2 (id=1025): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x89f1, &(0x7f0000000100)={0xfffffffc, 0x0, 0x0, 0x7ff, 0x0, "5dee0000005940000000000f00"}) 1m18.382744526s ago: executing program 0 (id=1051): r0 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x100000000000, 0x0, 0xffffffffffffffff}) fcntl$lock(r0, 0x24, &(0x7f0000000380)={0x2, 0x0, 0x8000}) 1m18.309869792s ago: executing program 0 (id=1052): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c) setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000040)=0xb2b9, 0x4) 1m18.208253093s ago: executing program 0 (id=1053): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x6) r1 = dup(r0) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x2c, 0x0, 0x0, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40c0}, 0x800) 1m18.120237056s ago: executing program 0 (id=1054): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) 1m18.057316012s ago: executing program 0 (id=1055): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14, &(0x7f0000000080)={0x0}, 0x7, 0x0, 0x0, 0x2004a014}, 0x600c010) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) 1m17.975120408s ago: executing program 0 (id=1056): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101240, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e42000c371303ed6a33f2ff8689b3f60e"]) ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0) 1m11.306868568s ago: executing program 5 (id=1076): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1) removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00') 1m10.876364594s ago: executing program 5 (id=1079): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0) 1m10.583089771s ago: executing program 5 (id=1081): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x4c, r1, 0x607, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0xfffffffd}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x555f}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8801}, 0x80) 1m10.27126142s ago: executing program 5 (id=1083): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x54, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x62da}, {0x6, 0x11, 0xe98}, {0x8, 0x15, 0x6}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040088) 1m9.96563542s ago: executing program 5 (id=1085): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x30, r1, 0x239, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xc}]}]}, 0x30}}, 0x0) 1m9.676505231s ago: executing program 5 (id=1087): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'netpci0\x00', 0x2}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="310000de"]) 1m9.293958538s ago: executing program 33 (id=1025): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x89f1, &(0x7f0000000100)={0xfffffffc, 0x0, 0x0, 0x7ff, 0x0, "5dee0000005940000000000f00"}) 1m6.153024832s ago: executing program 3 (id=1109): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0x4, 0x0, &(0x7f0000000080)) 1m5.097340626s ago: executing program 3 (id=1114): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x8, 0x1, 0xd8, 0x3f, 0x6, "3eccd25569e20900"}) 1m4.882308453s ago: executing program 3 (id=1116): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x541b, 0x0) 1m3.843679258s ago: executing program 3 (id=1121): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10) sendmsg$tipc(r0, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8800}, 0x0) 1m3.52894524s ago: executing program 3 (id=1123): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000001200)=ANY=[@ANYRES16], 0x0, 0x5, 0x0, 0x0, 0x0, 0x26}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x1b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6002, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000002000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 1m3.244649126s ago: executing program 3 (id=1124): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe2083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4020aeb2, &(0x7f0000000040)={0x77, 0xc, 0x12c, 0xfffffffffffffff9, 0x2}) 1m2.550663775s ago: executing program 34 (id=1056): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101240, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e42000c371303ed6a33f2ff8689b3f60e"]) ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0) 54.495453462s ago: executing program 35 (id=1087): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'netpci0\x00', 0x2}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="310000de"]) 48.033793176s ago: executing program 36 (id=1124): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe2083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4020aeb2, &(0x7f0000000040)={0x77, 0xc, 0x12c, 0xfffffffffffffff9, 0x2}) 38.454009136s ago: executing program 6 (id=1186): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x34, r1, 0x7, 0x2, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008041}, 0x0) 38.34312043s ago: executing program 4 (id=1187): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000010000ff850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) fchmod(0xffffffffffffffff, 0x134) 38.128570999s ago: executing program 6 (id=1188): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000000)="3b000000010006", 0x7) 37.763150773s ago: executing program 4 (id=1189): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014002000ff00000000000000000000000000000108000b"], 0x38}}, 0x0) 37.666126688s ago: executing program 6 (id=1190): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0) io_setup(0x3, &(0x7f00000003c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 37.207090826s ago: executing program 4 (id=1191): openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bpq0, 0x5, [@bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @null, @default]}) 37.05255214s ago: executing program 6 (id=1192): setresuid(0x0, 0xee01, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000380)={'tunl0\x00', &(0x7f00000002c0)=@ethtool_cmd={0x2e, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfc, 0x0, 0xfc, 0x9, 0x0, 0x401, 0xfffe, 0x0, 0x0, 0x40000045}}) 36.653197377s ago: executing program 4 (id=1194): syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000001400)={0x14, &(0x7f0000000100)={0x20, 0xe, 0x2, {0x2, 0xd}}, 0x0}, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x8902, &(0x7f0000000100)) 36.511467909s ago: executing program 6 (id=1195): r0 = socket$kcm(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000c40)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xc0}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90324fc60100c114002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 35.987444311s ago: executing program 6 (id=1198): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff) 35.574701729s ago: executing program 4 (id=1200): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x2) 35.234915743s ago: executing program 4 (id=1201): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="f4994f8b", 0x4}], 0x1) 32.196921604s ago: executing program 8 (id=1205): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000440), r0) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x4, 0x19, {0x0, 0x0, 0x1}}}}, 0x30}}, 0x0) 31.852069347s ago: executing program 8 (id=1207): pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) splice(r0, 0x0, r1, 0x0, 0x28, 0xf) 31.503813212s ago: executing program 8 (id=1208): unshare(0x22020400) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) 31.135788401s ago: executing program 8 (id=1211): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4044894) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="64000000190a010400000000000000000200000044000740d3a094ccfc36929da203df447ba6c9c1946569aff2ce4aafd39b142d3cfcffba99971a58fbff9929767d8380263a91a9526c3a4f25aa22299135092377d6452b0900010073797a30"], 0x64}, 0x1, 0x0, 0x0, 0x20008840}, 0x8004) 30.824539985s ago: executing program 8 (id=1212): r0 = socket$inet6(0xa, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1, 0x4, &(0x7f00000010c0)=ANY=[@ANYBLOB="8500000008000000350000008400000085000000070000009500000000000000fed023d1d405000000c7d4012507000000c71adb05d72768b8242dd90d17e4c52505750482b009546a5f3f00573f31b53fd3e52bd87184446d165ae2939bbca322a415a98c885faad395f3e4e0635559362ed862ce7c69ad133037af3a000000000000000000000058c122dff93c54caec3751652d11fd4f66711918d3604b92666d60c88b658fe57bb5d365c5b89625385f230ba21f570635837c7bc74be573bfd68aaaf06d842085f84b96c4709e2c9449f0818f6fc5657572fb3e5bb8ff6f643e52f4964c62a70a011ede8b504c8a30381b8eff01d7615e1789bb4b3b7ef3668a98a785a80aa2d1ab149b9316091fb3025f0716799d8280acb3880a882f28dd3111e02c3b0b2818bf5bb902cc9c1666f5fdd2e43901ca4796f04db25c3df35cdfc17c54936202b45b7a09816aa76e8b9bbe24022007aae367025040e8b2255ced48a4b2db3f280dc6fd2f5374548c499ae74631f3be04e28d601369f9488fb074eb35540df5e053376ea29125d6bb916496b04b8e359c1edef91677414729967cffa736d7789c14e918b77518ee8e5d5aff9148be69267fff35"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/148, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x8b63bfea1a14a3c7}, 0x16) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x630, 0x0, 0x8, 0x7f02ae, 0x0, 0x200, 0x560, 0x2e8, 0x2e8, 0x560, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x410, 0x440, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r1}}, @common=@rt={{0x138}, {0x6, [0x8, 0x400], 0x6, 0x10, 0x2, [@mcast2, @mcast1, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, @dev={0xfe, 0x80, '\x00', 0x16}, @rand_addr=' \x01\x00', @mcast2, @ipv4={'\x00', '\xff\xff', @empty}, @private2, @ipv4={'\x00', '\xff\xff', @multicast1}, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0={0xfc, 0x0, '\x00', 0x1}, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}], 0x10}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x1, 0x6}, {0x4, 0x4, 0x7}, 0x0, 0xd}}}, {{@ipv6={@rand_addr=' \x01\x00', @dev={0xfe, 0x80, '\x00', 0x38}, [0xffffff00, 0xffffff00, 0xffffffff, 0xff], [0xff000000, 0xffffffff, 0xff], 'batadv_slave_0\x00', 'nicvf0\x00', {}, {0xff}, 0x3c, 0x4, 0x5, 0x3e}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@mh={{0x28}, {"3e7f"}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x690) 30.46792017s ago: executing program 8 (id=1214): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) 20.943050463s ago: executing program 37 (id=1198): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff) 19.931948949s ago: executing program 38 (id=1201): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="f4994f8b", 0x4}], 0x1) 19.788954222s ago: executing program 9 (id=1268): ppoll(&(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x0) 18.739741529s ago: executing program 9 (id=1270): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000002060500000000000000000007000000140007800800114000000000080012400000ffff050001"], 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x20004000) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f000117000000000000000001"], 0x114}], 0x1}, 0x0) 18.297655156s ago: executing program 9 (id=1273): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x400000}) 17.812974565s ago: executing program 9 (id=1275): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) request_key(0x0, 0x0, 0x0, 0x0) 17.511432072s ago: executing program 9 (id=1277): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8604, 0x7}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x1, 0xfe}}, 0x1c}}, 0x0) 17.173284264s ago: executing program 9 (id=1279): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r1, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES64=r0], 0x68}}, 0x0) 16.393144996s ago: executing program 7 (id=1281): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404) ioctl$SNDCTL_TMR_TEMPO(r0, 0xc0045405, &(0x7f0000000140)=0x9b) 16.260899029s ago: executing program 7 (id=1282): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000008280), r0) sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f00000084c0)={0x0, 0x0, &(0x7f0000008480)={&(0x7f00000082c0)={0x44, r1, 0x1, 0x70bd26, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffe51, 0xb, 0x8001}, {0x6, 0x11, 0x40}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000084}, 0x40080) 15.988708911s ago: executing program 7 (id=1283): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 15.861784063s ago: executing program 7 (id=1284): r0 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0) ioctl$I2C_PEC(r0, 0x708, 0x6) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000040)={0x1, 0x9, 0x1, &(0x7f0000000100)={0x17, "fd5a44032b7e1b00200112fa31820000000002000800"}}) 15.734154582s ago: executing program 7 (id=1285): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) nanosleep(&(0x7f00000000c0), 0x0) 15.550290451s ago: executing program 7 (id=1286): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000440)=0x5) ioctl$TCSETA(r0, 0x8925, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "4feda26323b172e0"}) 15.007917549s ago: executing program 39 (id=1214): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) 1.985300381s ago: executing program 40 (id=1279): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r1, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES64=r0], 0x68}}, 0x0) 0s ago: executing program 41 (id=1286): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000440)=0x5) ioctl$TCSETA(r0, 0x8925, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "4feda26323b172e0"}) kernel console output (not intermixed with test programs): 121.371137][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.401747][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.434966][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.465375][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.495914][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.530686][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.560520][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.590374][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.597092][ T7545] netlink: 'syz.3.731': attribute type 1 has an invalid length. [ 121.623453][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.654253][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.667588][ T7546] mkiss: ax0: crc mode is auto. [ 121.683218][ T7542] fido_id[7542]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 121.686504][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.704358][ T7545] netlink: 'syz.3.731': attribute type 2 has an invalid length. [ 121.731277][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.763783][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.775583][ T7545] netlink: 1172 bytes leftover after parsing attributes in process `syz.3.731'. [ 121.792510][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.822924][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.853689][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.885786][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.899828][ T30] audit: type=1326 audit(2000000030.210:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7547 comm="syz.0.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e2838e929 code=0x7ffc0000 [ 121.915387][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.954585][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 121.966308][ T7550] SELinux: security_context_str_to_sid (5] S9q#) failed with errno=-22 [ 121.984317][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.015336][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.047052][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.078847][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.105776][ T30] audit: type=1326 audit(2000000030.210:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7547 comm="syz.0.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e2838e929 code=0x7ffc0000 [ 122.109489][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.161946][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.192877][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.223594][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.254391][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.284860][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.315368][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.347164][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.377753][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.407413][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.441668][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.473234][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.504605][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.538535][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.569557][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.600060][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.630648][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.660112][ T7560] netlink: 16 bytes leftover after parsing attributes in process `syz.3.738'. [ 122.661101][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.702587][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.734221][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.765218][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.795825][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.830598][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.864157][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.894554][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.925306][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.957312][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 122.987682][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.017217][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.050650][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.080913][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.111526][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.127324][ T5938] usb 4-1: new low-speed USB device number 7 using dummy_hcd [ 123.141804][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.171750][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.202147][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.232974][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.264295][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.295174][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.299639][ T5938] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 123.328031][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.338268][ T5938] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 123.358522][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.365196][ T5938] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 123.388728][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.406337][ T5938] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 123.418153][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.448171][ T5938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 123.448970][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.491279][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.491398][ T5938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 123.525078][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.557375][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.571230][ T5938] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 123.585568][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.618475][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.631131][ T5938] usb 4-1: string descriptor 0 read error: -22 [ 123.647848][ T5938] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 123.648651][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.685564][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.688540][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.728459][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.752554][ T5938] usb 4-1: config 0 descriptor?? [ 123.758948][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.780096][ T5938] hub 4-1:0.0: bad descriptor, ignoring hub [ 123.788942][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.803139][ T5938] hub 4-1:0.0: probe with driver hub failed with error -5 [ 123.819035][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.850310][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.858345][ T5938] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7 [ 123.880458][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.910885][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.941532][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 123.977273][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.006968][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.038688][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.072875][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.108970][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.142765][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.176463][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.190133][ T2147] usb 4-1: USB disconnect, device number 7 [ 124.207676][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.238243][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.275251][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.306204][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.338526][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.371816][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.403409][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.434902][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.469087][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.505757][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.537240][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.567569][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.601487][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.634934][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.667197][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.699571][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.730354][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.760619][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.791981][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.822703][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.854072][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.886218][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.917175][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.947380][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 124.978390][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.009514][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.039971][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.073560][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.105346][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.136544][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.167124][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.198738][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.229283][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.259588][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.293105][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.323850][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.355612][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.388238][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.419842][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.450373][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.481109][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.516756][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.548869][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.579925][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.612203][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.644418][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.675959][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.712327][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.743060][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.778731][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.811417][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.845359][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.876445][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.907841][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.942145][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 125.973438][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.003978][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.034880][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.065425][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.098772][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.129825][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.161438][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.192535][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.223854][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.257486][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.288284][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.319859][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.353837][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.384848][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.416288][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.450099][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.480605][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.513803][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.547375][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.579781][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.610714][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.642000][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.672840][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.706141][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.737335][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.768059][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.801163][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.832599][ C0] radio-si470x 3-1:0.0: non-zero urb status (-71) [ 126.867975][ T5910] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -22 [ 127.859292][ T7575] netlink: 'syz.3.745': attribute type 1 has an invalid length. [ 127.861968][ T5910] usb 3-1: USB disconnect, device number 7 [ 127.907149][ T7575] netlink: 232 bytes leftover after parsing attributes in process `syz.3.745'. [ 127.907171][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.745'. [ 129.431217][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 129.431233][ T30] audit: type=1400 audit(2000000037.740:402): avc: denied { execute } for pid=7600 comm="syz.3.757" path="/dev/video2" dev="devtmpfs" ino=932 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 129.720304][ T7603] netlink: 8 bytes leftover after parsing attributes in process `syz.3.758'. [ 129.763024][ T7603] netlink: 12 bytes leftover after parsing attributes in process `syz.3.758'. [ 129.798534][ T7603] netlink: 'syz.3.758': attribute type 13 has an invalid length. [ 131.753334][ T30] audit: type=1400 audit(2000000040.060:403): avc: denied { write } for pid=7623 comm="syz.4.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 131.942934][ T5832] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 131.955267][ T5832] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 131.967041][ T5832] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 131.977626][ T5832] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 131.985421][ T5832] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 132.014289][ T30] audit: type=1400 audit(2000000040.320:404): avc: denied { mounton } for pid=7626 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 132.267216][ T30] audit: type=1400 audit(2000000040.580:405): avc: denied { read } for pid=7630 comm="syz.4.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 132.420426][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.428434][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.655404][ T7626] chnl_net:caif_netlink_parms(): no params data found [ 132.857386][ T7643] netlink: 'syz.4.774': attribute type 3 has an invalid length. [ 132.931075][ T7626] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.954072][ T7626] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.975425][ T7626] bridge_slave_0: entered allmulticast mode [ 133.003727][ T7626] bridge_slave_0: entered promiscuous mode [ 133.025231][ T7626] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.051590][ T7626] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.062171][ T7626] bridge_slave_1: entered allmulticast mode [ 133.071309][ T7626] bridge_slave_1: entered promiscuous mode [ 133.168333][ T7626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.183335][ T7626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.279459][ T7626] team0: Port device team_slave_0 added [ 133.291853][ T7626] team0: Port device team_slave_1 added [ 133.375395][ T7626] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.385611][ T7626] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.415262][ T7626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.492907][ T7626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.499994][ T7626] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.529635][ T7626] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.636622][ T7626] hsr_slave_0: entered promiscuous mode [ 133.643185][ T7626] hsr_slave_1: entered promiscuous mode [ 133.654438][ T7626] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 133.673224][ T7626] Cannot create hsr debugfs directory [ 133.984325][ T7626] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 134.008194][ T7626] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 134.030219][ T7626] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 134.050419][ T7626] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 134.070704][ T5832] Bluetooth: hci5: command tx timeout [ 134.184038][ T7626] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.241528][ T7626] 8021q: adding VLAN 0 to HW filter on device team0 [ 134.258306][ T3006] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.265504][ T3006] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.294504][ T3006] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.301685][ T3006] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.480834][ T30] audit: type=1400 audit(2000000042.790:406): avc: denied { sys_module } for pid=7626 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 134.703439][ T7658] capability: warning: `syz.2.777' uses deprecated v2 capabilities in a way that may be insecure [ 134.867510][ T7626] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.090058][ T7665] sp0: Synchronizing with TNC [ 135.392556][ T7626] veth0_vlan: entered promiscuous mode [ 135.411236][ T7626] veth1_vlan: entered promiscuous mode [ 135.462414][ T7626] veth0_macvtap: entered promiscuous mode [ 135.477989][ T7626] veth1_macvtap: entered promiscuous mode [ 135.501046][ T7626] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.524879][ T7626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.549754][ T7626] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.559789][ T7626] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.572573][ T7626] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.583672][ T7626] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.721028][ T3570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.745127][ T3570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.789387][ T196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.801333][ T196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.853158][ T30] audit: type=1400 audit(2000000044.160:407): avc: denied { mount } for pid=7626 comm="syz-executor" name="/" dev="gadgetfs" ino=6046 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 135.982198][ T7671] netlink: 'syz.5.766': attribute type 1 has an invalid length. [ 136.146043][ T5832] Bluetooth: hci5: command tx timeout [ 136.685684][ T48] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 136.847221][ T48] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 136.860265][ T48] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 136.886264][ T48] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 136.901400][ T48] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 136.915410][ T48] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 136.927957][ T48] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.944772][ T48] usb 6-1: config 0 descriptor?? [ 136.972117][ T48] gspca_main: spca561-2.14.0 probing abcd:cdee [ 137.248458][ T48] spca561 6-1:0.0: probe with driver spca561 failed with error -22 [ 137.261405][ T48] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 137.271719][ T48] usb 6-1: MIDIStreaming interface descriptor not found [ 137.392483][ T48] usb 6-1: USB disconnect, device number 2 [ 138.226212][ T5832] Bluetooth: hci5: command tx timeout [ 138.929743][ T7697] netlink: 256 bytes leftover after parsing attributes in process `syz.5.791'. [ 140.289110][ T30] audit: type=1400 audit(2000000048.600:408): avc: denied { ioctl } for pid=7708 comm="syz.5.796" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=14889 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 140.328233][ T5832] Bluetooth: hci5: command tx timeout [ 140.411879][ T30] audit: type=1400 audit(2000000048.720:409): avc: denied { accept } for pid=7710 comm="syz.5.797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 140.705050][ T7717] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 141.600418][ T196] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.951383][ T5832] Bluetooth: hci0: Malformed Event: 0x2f [ 142.559459][ T30] audit: type=1326 audit(2000000050.870:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7746 comm="syz.4.812" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4d5f38e929 code=0x0 [ 143.643512][ T5939] IPVS: starting estimator thread 0... [ 143.745735][ T7755] IPVS: using max 45 ests per chain, 108000 per kthread [ 146.885684][ T5938] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 147.045630][ T5938] usb 3-1: Using ep0 maxpacket: 32 [ 147.054062][ T5938] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 147.069552][ T5938] usb 3-1: config 0 has no interface number 0 [ 147.082103][ T5938] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 147.094119][ T5938] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.109176][ T5938] usb 3-1: Product: syz [ 147.114284][ T5938] usb 3-1: Manufacturer: syz [ 147.119963][ T5938] usb 3-1: SerialNumber: syz [ 147.130162][ T5938] usb 3-1: config 0 descriptor?? [ 147.145121][ T5938] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 147.158347][ T5938] usb 3-1: selecting invalid altsetting 1 [ 147.164203][ T5938] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 147.189483][ T5938] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 147.202566][ T5938] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 147.215239][ T5938] usb 3-1: media controller created [ 147.261137][ T5938] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 147.351404][ T30] audit: type=1400 audit(2000000055.660:411): avc: denied { append } for pid=7772 comm="syz.2.823" name="i2c-1" dev="devtmpfs" ino=2956 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 147.374098][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.390338][ T5938] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 148.402108][ T5938] zl10353_read_register: readreg error (reg=127, ret==-110) [ 148.452275][ T7773] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 148.555250][ T5938] usb 3-1: USB disconnect, device number 8 [ 149.948171][ T7788] gretap0: vlans aren't supported yet for dev_uc|mc_add() [ 151.136561][ T2147] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 151.323032][ T2147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.372236][ T196] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.383758][ T2147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 151.402487][ T2147] usb 3-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00 [ 151.508566][ T2147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.583482][ T2147] usb 3-1: config 0 descriptor?? [ 152.062607][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.4.841'. [ 152.129043][ T2147] hid_mf 0003:0079:1846.0013: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.2-1/input0 [ 152.218840][ T2147] hid_mf 0003:0079:1846.0013: Invalid report, this should never happen! [ 152.315671][ T2147] hid_mf 0003:0079:1846.0013: Force feedback init failed. [ 152.423550][ T2147] usb 3-1: USB disconnect, device number 9 [ 152.498176][ T30] audit: type=1400 audit(2000000060.800:412): avc: denied { ioctl } for pid=7819 comm="syz.5.845" path="socket:[15302]" dev="sockfs" ino=15302 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 152.556101][ T7816] fido_id[7816]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 152.677644][ T5938] usb 1-1: new low-speed USB device number 8 using dummy_hcd [ 152.699038][ T30] audit: type=1400 audit(2000000060.950:413): avc: denied { create } for pid=7821 comm="syz.3.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 152.899746][ T5938] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 152.957394][ T5938] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 153.049771][ T5938] usb 1-1: config 0 interface 0 has no altsetting 0 [ 153.105072][ T5938] usb 1-1: New USB device found, idVendor=04b3, idProduct=3100, bcdDevice= 0.00 [ 153.159867][ T5938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.250177][ T5938] usb 1-1: config 0 descriptor?? [ 153.305792][ T7818] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 153.660330][ T7840] netlink: zone id is out of range [ 153.756403][ T7840] netlink: zone id is out of range [ 153.797719][ T7840] netlink: zone id is out of range [ 153.860707][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 153.868289][ T7840] netlink: zone id is out of range [ 153.894233][ T7840] netlink: zone id is out of range [ 153.927012][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 153.945653][ T7840] netlink: zone id is out of range [ 153.979403][ T7840] netlink: zone id is out of range [ 154.005698][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.012684][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.049593][ T7840] netlink: zone id is out of range [ 154.072679][ T30] audit: type=1400 audit(2000000062.370:414): avc: denied { setopt } for pid=7846 comm="syz.5.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 154.139739][ T7840] netlink: zone id is out of range [ 154.149143][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.186424][ T7840] netlink: zone id is out of range [ 154.205600][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.274507][ T30] audit: type=1400 audit(2000000062.380:415): avc: denied { nlmsg_read } for pid=7846 comm="syz.5.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 154.295201][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.348923][ T5938] lenovo 0003:04B3:3100.0014: unknown main item tag 0x0 [ 154.432152][ T5938] lenovo 0003:04B3:3100.0014: hidraw0: USB HID v0.00 Device [HID 04b3:3100] on usb-dummy_hcd.0-1/input0 [ 154.541082][ T5938] usb 1-1: USB disconnect, device number 8 [ 154.805696][ T2147] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 154.944131][ T7856] fido_id[7856]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 155.026135][ T2147] usb 6-1: Using ep0 maxpacket: 8 [ 155.072113][ T2147] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 155.135282][ T2147] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 155.202229][ T2147] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 155.290288][ T2147] usb 6-1: Product: syz [ 155.337019][ T2147] usb 6-1: Manufacturer: syz [ 155.373700][ T2147] usb 6-1: SerialNumber: syz [ 155.652505][ T2147] usb 6-1: Handspring Visor / Palm OS: No valid connect info available [ 155.723832][ T2147] usb 6-1: Handspring Visor / Palm OS: port 255, is for unknown use [ 155.773664][ T2147] usb 6-1: Handspring Visor / Palm OS: port 255, is for unknown use [ 155.833709][ T2147] usb 6-1: Handspring Visor / Palm OS: Number of ports: 2 [ 155.895273][ T2147] usb 6-1: palm_os_3_probe - error -71 getting bytes available request [ 155.963883][ T2147] visor 6-1:1.0: Handspring Visor / Palm OS converter detected [ 156.049027][ T2147] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 156.123762][ T2147] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 156.220506][ T2147] usb 6-1: USB disconnect, device number 3 [ 156.270043][ T2147] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 156.402565][ T2147] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 156.462540][ T2147] visor 6-1:1.0: device disconnected [ 156.921270][ T5202] udevd[5202]: worker [6036] terminated by signal 33 (Unknown signal 33) [ 156.935794][ T5939] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 156.976172][ T5202] udevd[5202]: worker [6036] failed while handling '/devices/virtual/block/loop0' [ 157.086119][ T7894] netlink: 'syz.4.881': attribute type 1 has an invalid length. [ 157.129559][ T5939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 157.200570][ T5939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 157.274598][ T5939] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 157.351930][ T5939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.421921][ T5939] usb 4-1: config 0 descriptor?? [ 157.902389][ T5939] savu 0003:1E7D:2D5A.0015: unknown main item tag 0x0 [ 157.960484][ T5939] savu 0003:1E7D:2D5A.0015: unknown main item tag 0x0 [ 158.019536][ T5939] savu 0003:1E7D:2D5A.0015: unknown main item tag 0x0 [ 158.075139][ T7912] xfrm0: entered allmulticast mode [ 158.080377][ T30] audit: type=1400 audit(2000000066.380:416): avc: denied { ioctl } for pid=7911 comm="syz.5.889" path="socket:[15605]" dev="sockfs" ino=15605 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 158.110318][ T5939] savu 0003:1E7D:2D5A.0015: unknown main item tag 0x0 [ 158.176314][ T5939] savu 0003:1E7D:2D5A.0015: unknown main item tag 0x0 [ 158.195235][ T5939] savu 0003:1E7D:2D5A.0015: unbalanced collection at end of report description [ 158.251339][ T5939] savu 0003:1E7D:2D5A.0015: parse failed [ 158.289976][ T7916] netlink: 'syz.0.891': attribute type 4 has an invalid length. [ 158.307160][ T5939] savu 0003:1E7D:2D5A.0015: probe with driver savu failed with error -22 [ 158.475383][ T5939] usb 4-1: USB disconnect, device number 8 [ 158.544996][ T30] audit: type=1400 audit(2000000066.850:417): avc: denied { read } for pid=7919 comm="syz.2.893" path="socket:[15635]" dev="sockfs" ino=15635 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 158.588947][ T7918] bridge1: entered promiscuous mode [ 158.630292][ T7918] bridge1: entered allmulticast mode [ 158.712065][ T7918] team0: Port device bridge1 added [ 159.235884][ T196] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.248266][ T30] audit: type=1400 audit(2000000068.550:418): avc: denied { create } for pid=7957 comm="syz.4.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 160.418397][ T30] audit: type=1400 audit(2000000068.590:419): avc: denied { setopt } for pid=7957 comm="syz.4.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 160.585525][ T30] audit: type=1400 audit(2000000068.590:420): avc: denied { write } for pid=7957 comm="syz.4.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 160.796141][ T30] audit: type=1400 audit(2000000068.950:421): avc: denied { bind } for pid=7965 comm="syz.4.916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 161.095773][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.105062][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 161.114548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 161.123469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.313133][ T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!! [ 161.423963][ T0] NOHZ tick-stop error: local softirq work is pending, handler #24a!!! [ 161.455840][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 161.474716][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.479286][ T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!! [ 161.498367][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.626050][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.631253][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 161.744489][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 161.797060][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.804757][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.855783][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 161.933169][ T30] audit: type=1400 audit(2000000070.240:422): avc: denied { create } for pid=7986 comm="syz.4.925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 161.980835][ T7989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.924'. [ 161.994111][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.048262][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.113165][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.164414][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.223844][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.508978][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.550043][ T30] audit: type=1400 audit(2000000070.860:423): avc: denied { setopt } for pid=7994 comm="syz.5.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 162.604397][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.623052][ T5938] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 162.682384][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.861236][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.869396][ T30] audit: type=1400 audit(2000000070.890:424): avc: denied { getopt } for pid=7994 comm="syz.5.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 162.907112][ T5938] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 162.963240][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 162.981490][ T5938] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 163.359223][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 163.401939][ T5938] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 163.479066][ T7980] netlink: 'syz.2.922': attribute type 3 has an invalid length. [ 163.605369][ T5938] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 164.224498][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.780342][ T5938] usb 5-1: Product: syz [ 164.784554][ T5938] usb 5-1: Manufacturer: syz [ 165.125791][ T5938] usb 5-1: SerialNumber: syz [ 165.236849][ T5938] hub 5-1:1.0: bad descriptor, ignoring hub [ 165.298395][ T196] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.325479][ T5938] hub 5-1:1.0: probe with driver hub failed with error -5 [ 165.464379][ T5938] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 165.630774][ T5938] usb 5-1: USB disconnect, device number 10 [ 165.689118][ T5938] usblp0: removed [ 165.747543][ T30] audit: type=1400 audit(2000000074.060:425): avc: denied { ioctl } for pid=8024 comm="syz.3.940" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x70c9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 165.925662][ T5939] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 166.057967][ T8032] net_ratelimit: 3 callbacks suppressed [ 166.057986][ T8032] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 166.129276][ T5939] usb 6-1: Using ep0 maxpacket: 16 [ 166.131277][ T8035] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 166.186790][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.268595][ T5939] usb 6-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 166.334154][ T5939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.358674][ T5939] usb 6-1: config 0 descriptor?? [ 166.788814][ T5939] apple 0003:05AC:024B.0016: item fetching failed at offset 2/69 [ 166.872594][ T5939] apple 0003:05AC:024B.0016: parse failed [ 166.920113][ T5939] apple 0003:05AC:024B.0016: probe with driver apple failed with error -22 [ 167.012194][ T5939] usb 6-1: USB disconnect, device number 4 [ 167.416807][ T8061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.957'. [ 167.544557][ T30] audit: type=1400 audit(2000000075.830:426): avc: denied { recv } for pid=5202 comm="udevd" saddr=10.128.0.169 src=30006 daddr=10.128.0.97 dest=47952 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 168.042673][ T30] audit: type=1400 audit(2000000076.350:427): avc: denied { write } for pid=8076 comm="syz.0.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 168.419385][ T8085] netlink: 12 bytes leftover after parsing attributes in process `syz.2.967'. [ 168.458367][ T30] audit: type=1400 audit(2000000076.760:428): avc: denied { read } for pid=8081 comm="syz.5.966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 168.801811][ T8090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.969'. [ 169.193818][ T30] audit: type=1400 audit(2000000077.500:429): avc: denied { read } for pid=8099 comm="syz.5.974" path="socket:[16237]" dev="sockfs" ino=16237 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 169.582460][ T30] audit: type=1400 audit(2000000077.890:430): avc: denied { connect } for pid=8109 comm="syz.4.979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 169.896681][ T8118] IPVS: stopping master sync thread 8119 ... [ 169.920264][ T8119] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 170.466159][ T5938] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 170.641863][ T5938] usb 5-1: Using ep0 maxpacket: 16 [ 170.663472][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.710113][ T8135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.990'. [ 170.726912][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.781190][ T5938] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 170.843120][ T5938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.879340][ T30] audit: type=1400 audit(2000000079.180:431): avc: denied { connect } for pid=8136 comm="syz.0.991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 170.954115][ T5938] usb 5-1: config 0 descriptor?? [ 171.429459][ T5938] gt683r_led 0003:1770:FF00.0017: ignoring exceeding usage max [ 171.485176][ T5938] gt683r_led 0003:1770:FF00.0017: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.4-1/input0 [ 171.639372][ T5938] usb 5-1: USB disconnect, device number 11 [ 171.700533][ T5939] gt683r_led 0003:1770:FF00.0017: failed to send set report request: -19 [ 171.797845][ T48] gt683r_led 0003:1770:FF00.0017: failed to send set report request: -19 [ 171.820880][ T8151] fido_id[8151]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 173.125735][ T30] audit: type=1400 audit(2000000081.430:432): avc: denied { connect } for pid=8177 comm="syz.2.1011" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 173.258136][ T8181] devpts: Bad value for 'max' [ 173.273100][ T30] audit: type=1400 audit(2000000081.530:433): avc: denied { mount } for pid=8180 comm="syz.3.1012" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 173.414563][ T30] audit: type=1400 audit(2000000081.570:434): avc: denied { remount } for pid=8180 comm="syz.3.1012" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 173.545994][ T30] audit: type=1400 audit(2000000081.720:435): avc: denied { unmount } for pid=5838 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 173.865586][ T5938] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 174.061833][ T5938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 174.146025][ T5938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.213720][ T5938] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 174.242945][ T8199] validate_nla: 36 callbacks suppressed [ 174.242963][ T8199] netlink: 'syz.2.1020': attribute type 1 has an invalid length. [ 174.289703][ T5938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.298607][ T196] bridge_slave_1: left allmulticast mode [ 174.340041][ T196] bridge_slave_1: left promiscuous mode [ 174.350443][ T8199] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1020'. [ 174.362441][ T5938] usb 4-1: config 0 descriptor?? [ 174.397179][ T196] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.424346][ T5938] hub 4-1:0.0: USB hub found [ 174.532690][ T196] bridge_slave_0: left allmulticast mode [ 174.579380][ T196] bridge_slave_0: left promiscuous mode [ 174.628973][ T196] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.695634][ T5938] hub 4-1:0.0: config failed, can't read hub descriptor (err -90) [ 174.852813][ T30] audit: type=1400 audit(2000000083.160:436): avc: denied { execute } for pid=8204 comm="syz.2.1022" path="/dev/audio1" dev="devtmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1 [ 174.900916][ T5938] usbhid 4-1:0.0: can't add hid device: -71 [ 174.926711][ T5938] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 175.018457][ T5938] usb 4-1: USB disconnect, device number 9 [ 175.078490][ T48] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 175.265761][ T48] usb 5-1: Using ep0 maxpacket: 8 [ 175.315644][ T48] usb 5-1: unable to get BOS descriptor or descriptor too short [ 175.344316][ T48] usb 5-1: config index 0 descriptor too short (expected 274, got 18) [ 175.404074][ T48] usb 5-1: config 4 interface 0 has no altsetting 0 [ 175.479271][ T48] usb 5-1: string descriptor 0 read error: -22 [ 175.515697][ T48] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 175.583201][ T48] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.669547][ T48] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 175.762494][ T48] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 175.869149][ T48] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 175.922147][ T48] usb 5-1: media controller created [ 176.067497][ T48] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 176.191291][ T48] zl10353_read_register: readreg error (reg=127, ret==0) [ 176.371466][ T48] usb 5-1: USB disconnect, device number 12 [ 176.730995][ T30] audit: type=1400 audit(2000000085.040:437): avc: denied { mounton } for pid=8230 comm="syz.4.1029" path="/212/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 176.833759][ T30] audit: type=1400 audit(2000000085.040:438): avc: denied { mount } for pid=8230 comm="syz.4.1029" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 176.932809][ T30] audit: type=1400 audit(2000000085.240:439): avc: denied { unmount } for pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 177.586005][ T5938] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 177.731875][ T8241] trusted_key: encrypted_key: key trusted:8sX not found [ 177.802045][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11 [ 177.858122][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.878149][ T5938] usb 5-1: New USB device found, idVendor=046d, idProduct=c211, bcdDevice= 0.00 [ 177.920064][ T5938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.968955][ T5938] usb 5-1: config 0 descriptor?? [ 178.429165][ T5938] logitech 0003:046D:C211.0018: unknown main item tag 0x1 [ 178.442839][ T5938] logitech 0003:046D:C211.0018: hidraw0: USB HID v0.00 Device [HID 046d:c211] on usb-dummy_hcd.4-1/input0 [ 178.480427][ T5938] logitech 0003:046D:C211.0018: no inputs found [ 178.670422][ T5938] usb 5-1: USB disconnect, device number 13 [ 179.679306][ T8263] ALSA: seq fatal error: cannot create timer (-22) [ 180.386258][ T5840] Bluetooth: hci5: command 0x0405 tx timeout [ 181.510889][ T8277] netlink: 16215 bytes leftover after parsing attributes in process `syz.0.1050'. [ 181.764635][ T30] audit: type=1400 audit(2000000090.070:440): avc: denied { write } for pid=8282 comm="syz.0.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 181.910898][ T30] audit: type=1400 audit(2000000090.220:441): avc: denied { write } for pid=8286 comm="syz.0.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 185.678590][ T5836] Bluetooth: hci2: command 0x0406 tx timeout [ 185.684662][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 185.691433][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 185.896021][ T196] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.936652][ T196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.959510][ T196] bond0 (unregistering): Released all slaves [ 186.337060][ T30] audit: type=1400 audit(2000000094.650:442): avc: denied { read write } for pid=8296 comm="syz.4.1058" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 186.353677][ T30] audit: type=1400 audit(2000000094.660:443): avc: denied { open } for pid=8296 comm="syz.4.1058" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 186.484216][ T30] audit: type=1400 audit(2000000094.790:444): avc: denied { ioctl } for pid=8296 comm="syz.4.1058" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x7040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 186.563990][ C1] vkms_vblank_simulate: vblank timer overrun [ 187.381025][ T30] audit: type=1400 audit(2000000095.690:445): avc: denied { read } for pid=8318 comm="syz.5.1065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 187.745982][ T8329] netlink: 'syz.5.1068': attribute type 1 has an invalid length. [ 187.782771][ T8329] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1068'. [ 188.572565][ T2147] IPVS: starting estimator thread 0... [ 188.685600][ T8348] IPVS: using max 36 ests per chain, 86400 per kthread [ 188.716511][ T30] audit: type=1400 audit(2000000097.020:446): avc: denied { egress } for pid=5815 comm="syz-executor" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 188.911283][ T30] audit: type=1400 audit(2000000097.030:447): avc: denied { sendto } for pid=5815 comm="syz-executor" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 188.973654][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'. [ 189.090514][ T30] audit: type=1326 audit(2000000097.210:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090565][ T30] audit: type=1326 audit(2000000097.210:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090604][ T30] audit: type=1326 audit(2000000097.260:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090645][ T30] audit: type=1326 audit(2000000097.260:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090684][ T30] audit: type=1326 audit(2000000097.260:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090723][ T30] audit: type=1326 audit(2000000097.270:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.090761][ T30] audit: type=1326 audit(2000000097.270:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa0f8e929 code=0x7ffc0000 [ 189.591921][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.208408][ C1] vkms_vblank_simulate: vblank timer overrun [ 191.154951][ T8394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1092'. [ 192.110211][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 192.119244][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 192.127674][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 192.145255][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 192.153282][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 193.316140][ T8411] chnl_net:caif_netlink_parms(): no params data found [ 193.846821][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.853154][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.045783][ T8411] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.057726][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 194.057751][ T30] audit: type=1400 audit(2000000102.370:457): avc: denied { name_bind } for pid=8452 comm="syz.4.1110" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 194.116408][ T8411] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.139819][ T8411] bridge_slave_0: entered allmulticast mode [ 194.185397][ T8411] bridge_slave_0: entered promiscuous mode [ 194.241458][ T5840] Bluetooth: hci3: command tx timeout [ 194.304573][ T30] audit: type=1400 audit(2000000102.610:458): avc: denied { create } for pid=8456 comm="syz.4.1111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 194.345940][ T30] audit: type=1400 audit(2000000102.650:459): avc: denied { setopt } for pid=8456 comm="syz.4.1111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 194.498166][ T8411] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.509262][ T8411] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.525310][ T8411] bridge_slave_1: entered allmulticast mode [ 194.543375][ T8411] bridge_slave_1: entered promiscuous mode [ 194.725311][ T8411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.751551][ T8411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 195.090012][ T8411] team0: Port device team_slave_0 added [ 195.148519][ T8411] team0: Port device team_slave_1 added [ 195.209064][ T30] audit: type=1326 audit(2000000103.510:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8466 comm="syz.3.1116" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd21dd8e929 code=0x0 [ 195.402171][ T8411] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 195.419679][ T8411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.509428][ T8411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 195.660565][ T8411] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 195.677127][ T8411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.712419][ T8411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.954039][ T8411] hsr_slave_0: entered promiscuous mode [ 195.982307][ T8411] hsr_slave_1: entered promiscuous mode [ 196.022129][ T8411] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.069625][ T8411] Cannot create hsr debugfs directory [ 196.310773][ T5840] Bluetooth: hci3: command tx timeout [ 197.239916][ T8411] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 197.330560][ T8411] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 197.468448][ T8411] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 197.531915][ T8411] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 197.707666][ T8488] infiniband syz2: set active [ 197.746165][ T8488] infiniband syz2: added bond_slave_0 [ 197.788704][ T8488] syz2: rxe_create_cq: returned err = -12 [ 197.846432][ T8488] infiniband syz2: Couldn't create ib_mad CQ [ 197.888187][ T8488] infiniband syz2: Couldn't open port 1 [ 198.043777][ T8411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.095196][ T8488] RDS/IB: syz2: added [ 198.153955][ T8411] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.178699][ T8488] smc: adding ib device syz2 with port count 1 [ 198.225148][ T8488] smc: ib device syz2 port 1 has pnetid [ 198.266219][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.273394][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.347204][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.354401][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.391497][ T5840] Bluetooth: hci3: command tx timeout [ 198.583767][ T5832] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 198.602448][ T5832] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 198.611533][ T5832] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 198.620042][ T5832] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 198.628290][ T5832] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 199.542138][ T8411] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.472265][ T5840] Bluetooth: hci3: command tx timeout [ 200.638237][ T8411] veth0_vlan: entered promiscuous mode [ 200.693395][ T8411] veth1_vlan: entered promiscuous mode [ 200.715842][ T5840] Bluetooth: hci6: command tx timeout [ 200.810762][ T8411] veth0_macvtap: entered promiscuous mode [ 200.841795][ T8411] veth1_macvtap: entered promiscuous mode [ 200.924140][ T8411] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.977491][ T8411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.036608][ T8411] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.086215][ T8411] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.094941][ T8411] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.156228][ T8411] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.538750][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.595111][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 201.706035][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.713883][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.614209][ T8513] chnl_net:caif_netlink_parms(): no params data found [ 202.786731][ T5840] Bluetooth: hci6: command tx timeout [ 203.189483][ T8513] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.216526][ T8513] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.245919][ T8513] bridge_slave_0: entered allmulticast mode [ 203.292814][ T8513] bridge_slave_0: entered promiscuous mode [ 203.315386][ T8513] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.356614][ T8513] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.363855][ T8513] bridge_slave_1: entered allmulticast mode [ 203.413335][ T8513] bridge_slave_1: entered promiscuous mode [ 203.710388][ T8513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.758724][ T8513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.104197][ T8513] team0: Port device team_slave_0 added [ 204.148606][ T8513] team0: Port device team_slave_1 added [ 204.331700][ T8513] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.349705][ T8513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.410099][ T8513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.442924][ T8513] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.475027][ T8513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.563025][ T8513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.788770][ T8513] hsr_slave_0: entered promiscuous mode [ 204.795392][ T8513] hsr_slave_1: entered promiscuous mode [ 204.808901][ T8513] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.821359][ T8513] Cannot create hsr debugfs directory [ 204.865973][ T5840] Bluetooth: hci6: command tx timeout [ 206.799031][ T8513] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 206.938605][ T8513] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 206.946721][ T5840] Bluetooth: hci6: command tx timeout [ 207.074719][ T8513] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 207.240864][ T8513] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 207.320968][ T5832] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 207.331348][ T5832] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 207.350500][ T5832] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 207.366706][ T5832] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 207.376710][ T5832] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 207.741647][ T8513] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.821883][ T8513] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.871447][ T3543] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.878616][ T3543] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.967607][ T3543] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.974743][ T3543] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.759551][ T30] audit: type=1400 audit(2000000117.060:461): avc: denied { getopt } for pid=8614 comm="syz.6.1133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 208.895391][ T8513] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.316001][ T30] audit: type=1400 audit(2000000117.620:462): avc: denied { ioctl } for pid=8622 comm="syz.6.1136" path="/newroot/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 209.429776][ T5832] Bluetooth: hci7: command tx timeout [ 209.852239][ T30] audit: type=1400 audit(2000000118.150:463): avc: denied { append } for pid=8632 comm="syz.4.1138" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 209.984461][ T8596] chnl_net:caif_netlink_parms(): no params data found [ 210.540750][ T30] audit: type=1400 audit(2000000118.840:464): avc: denied { compute_member } for pid=8645 comm="syz.4.1141" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 210.784207][ T8596] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.825668][ T8596] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.832934][ T8596] bridge_slave_0: entered allmulticast mode [ 210.897037][ T8596] bridge_slave_0: entered promiscuous mode [ 211.005999][ T8596] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.013142][ T8596] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.092633][ T8596] bridge_slave_1: entered allmulticast mode [ 211.133639][ T8596] bridge_slave_1: entered promiscuous mode [ 211.306790][ T8513] veth0_vlan: entered promiscuous mode [ 211.444932][ T8596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.516090][ T5832] Bluetooth: hci7: command tx timeout [ 211.563205][ T8596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.726855][ T8513] veth1_vlan: entered promiscuous mode [ 211.937196][ T8596] team0: Port device team_slave_0 added [ 212.058830][ T8596] team0: Port device team_slave_1 added [ 212.749142][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.768866][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.902409][ T8596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.986540][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.005633][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.057005][ T8687] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1151'. [ 213.122412][ T8687] netlink: 'syz.4.1151': attribute type 4 has an invalid length. [ 213.196480][ T8596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.277955][ T8513] veth0_macvtap: entered promiscuous mode [ 213.323785][ T5840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 213.337919][ T5840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 213.372811][ T5840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 213.381692][ T5840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 213.389804][ T5840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 213.547525][ T8513] veth1_macvtap: entered promiscuous mode [ 213.600991][ T5840] Bluetooth: hci7: command tx timeout [ 214.178156][ T8596] hsr_slave_0: entered promiscuous mode [ 214.191686][ T8596] hsr_slave_1: entered promiscuous mode [ 214.210805][ T8596] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.241972][ T8596] Cannot create hsr debugfs directory [ 214.285250][ T8513] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 214.478523][ T8513] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.684564][ T8513] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.707206][ T30] audit: type=1400 audit(2000000123.010:465): avc: denied { mount } for pid=8704 comm="syz.4.1157" name="/" dev="hugetlbfs" ino=19150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 214.744756][ T8513] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.773387][ T8513] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.791102][ T30] audit: type=1400 audit(2000000123.020:466): avc: denied { unmount } for pid=8704 comm="syz.4.1157" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 214.815540][ T8513] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.506243][ T5840] Bluetooth: hci8: command tx timeout [ 215.666035][ T5840] Bluetooth: hci7: command tx timeout [ 215.687763][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 215.750510][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.132226][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.162298][ T8596] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 216.204024][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.422281][ T8596] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 216.544152][ T8596] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 216.599865][ T8596] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 217.304739][ T30] audit: type=1326 audit(2000000125.610:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8722 comm="syz.6.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71efd8e929 code=0x7fc00000 [ 217.348672][ T5939] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 217.424813][ T8596] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.471284][ T8690] chnl_net:caif_netlink_parms(): no params data found [ 217.555718][ T5939] usb 5-1: Using ep0 maxpacket: 8 [ 217.582294][ T5939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 217.593359][ T5840] Bluetooth: hci8: command tx timeout [ 217.647941][ T5964] IPVS: starting estimator thread 0... [ 217.666194][ T5939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 217.703067][ T8596] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.735653][ T5939] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 217.768051][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.775199][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.785793][ T8747] IPVS: using max 35 ests per chain, 84000 per kthread [ 217.810514][ T5939] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.906975][ T5939] usb 5-1: config 0 descriptor?? [ 218.021952][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.029121][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.182236][ T5939] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 218.490500][ T8740] iowarrior 5-1:0.0: Error -90 while submitting URB [ 218.525056][ T5939] usb 5-1: USB disconnect, device number 14 [ 218.535203][ T8690] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.588275][ T8690] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.631239][ T8690] bridge_slave_0: entered allmulticast mode [ 218.674018][ T8690] bridge_slave_0: entered promiscuous mode [ 218.712333][ T8690] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.744069][ T8690] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.796092][ T8690] bridge_slave_1: entered allmulticast mode [ 218.848318][ T8690] bridge_slave_1: entered promiscuous mode [ 219.182720][ T8690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.326907][ T8690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.666135][ T5840] Bluetooth: hci8: command tx timeout [ 219.975400][ T8690] team0: Port device team_slave_0 added [ 220.118596][ T8690] team0: Port device team_slave_1 added [ 220.574503][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 220.623013][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.793051][ T8690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 220.806232][ T5939] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 220.923155][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 220.957068][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.998150][ T30] audit: type=1400 audit(2000000129.300:468): avc: denied { write } for pid=8803 comm="syz.4.1184" name="file0" dev="tmpfs" ino=1382 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 221.023955][ T5939] usb 8-1: Using ep0 maxpacket: 32 [ 221.079471][ T5939] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 221.123894][ T5939] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.163156][ T30] audit: type=1400 audit(2000000129.300:469): avc: denied { open } for pid=8803 comm="syz.4.1184" path="/270/file0" dev="tmpfs" ino=1382 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 221.197544][ T8690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.220404][ T5939] usb 8-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 221.274155][ T5939] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.403339][ T5939] usb 8-1: config 0 descriptor?? [ 221.687034][ T8690] hsr_slave_0: entered promiscuous mode [ 221.726917][ T8690] hsr_slave_1: entered promiscuous mode [ 221.756283][ T5840] Bluetooth: hci8: command tx timeout [ 221.786183][ T8690] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 221.839271][ T8690] Cannot create hsr debugfs directory [ 221.872878][ T5939] ft260 0003:0403:6030.0019: unknown main item tag 0x7 [ 221.902194][ T8596] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 222.073417][ T5939] ft260 0003:0403:6030.0019: failed to retrieve chip version [ 222.169952][ T5939] ft260 0003:0403:6030.0019: probe with driver ft260 failed with error -71 [ 222.319558][ T5939] usb 8-1: USB disconnect, device number 2 [ 223.119042][ T30] audit: type=1400 audit(2000000131.400:470): avc: denied { ioctl } for pid=8827 comm="syz.4.1191" path="socket:[19980]" dev="sockfs" ino=19980 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 223.370810][ T30] audit: type=1400 audit(2000000131.480:471): avc: denied { ioctl } for pid=8829 comm="syz.6.1192" path="socket:[19985]" dev="sockfs" ino=19985 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 223.660329][ T8838] netlink: 'syz.6.1195': attribute type 8 has an invalid length. [ 223.725901][ T8838] netlink: 197324 bytes leftover after parsing attributes in process `syz.6.1195'. [ 224.582564][ T8690] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 224.668019][ T8690] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 224.721694][ T8690] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 224.756083][ T5939] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 224.903684][ T8690] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 224.946059][ T5939] usb 8-1: Using ep0 maxpacket: 32 [ 224.955974][ T5939] usb 8-1: config 1 has an invalid interface number: 3 but max is 0 [ 225.010832][ T5939] usb 8-1: config 1 has no interface number 0 [ 225.039429][ T5939] usb 8-1: config 1 interface 3 has no altsetting 0 [ 225.064520][ T5939] usb 8-1: New USB device found, idVendor=d084, idProduct=c487, bcdDevice=f4.ce [ 225.094124][ T5939] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.120102][ T5939] usb 8-1: Product: syz [ 225.129800][ T5939] usb 8-1: Manufacturer: syz [ 225.134419][ T5939] usb 8-1: SerialNumber: syz [ 225.232100][ T8596] veth0_vlan: entered promiscuous mode [ 225.308087][ T8596] veth1_vlan: entered promiscuous mode [ 225.443157][ T5939] usb 8-1: USB disconnect, device number 3 [ 225.591921][ T8596] veth0_macvtap: entered promiscuous mode [ 225.645436][ T8596] veth1_macvtap: entered promiscuous mode [ 225.766494][ T8596] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 225.808522][ T8596] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.873453][ T8690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.914685][ T8596] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.961057][ T8596] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.985598][ T8596] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.044573][ T8596] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.225326][ T8690] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.344057][ T3543] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.351243][ T3543] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.459396][ T3543] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.466588][ T3543] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.680424][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.715824][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.921805][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.962874][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.954478][ T8690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.008154][ T8925] bridge0: entered promiscuous mode [ 229.071367][ T8925] macvlan2: entered promiscuous mode [ 229.730006][ T8690] veth0_vlan: entered promiscuous mode [ 229.801801][ T8690] veth1_vlan: entered promiscuous mode [ 229.962772][ T8690] veth0_macvtap: entered promiscuous mode [ 230.043043][ T8690] veth1_macvtap: entered promiscuous mode [ 230.165265][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.240570][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 230.326405][ T8690] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.369097][ T8690] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.422809][ T8690] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.479464][ T8690] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.673822][ T30] audit: type=1400 audit(2000000138.980:472): avc: denied { read } for pid=8950 comm="syz.7.1218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 230.936082][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.987840][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.197948][ T8755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.250987][ T8755] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.387648][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 233.221162][ T30] audit: type=1400 audit(2000000141.530:473): avc: denied { setopt } for pid=8997 comm="syz.9.1230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 234.593804][ T9029] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1239'. [ 234.912077][ T30] audit: type=1400 audit(2000000143.220:474): avc: denied { getopt } for pid=9034 comm="syz.9.1242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 235.181788][ T9039] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 235.706038][ T5938] usb 10-1: new full-speed USB device number 2 using dummy_hcd [ 235.870679][ T5938] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 235.886530][ T5938] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.909225][ T5938] usb 10-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00 [ 235.927199][ T5938] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.946295][ T5938] usb 10-1: config 0 descriptor?? [ 236.388892][ T5938] hid-generic 0003:04F3:0754.001A: failed to start in urb: -90 [ 236.427682][ T5938] hid-generic 0003:04F3:0754.001A: hidraw0: USB HID v1.01 Device [HID 04f3:0754] on usb-dummy_hcd.9-1/input0 [ 236.653177][ T5938] usb 10-1: USB disconnect, device number 2 [ 238.283274][ T30] audit: type=1400 audit(2000000146.593:475): avc: denied { execute } for pid=9061 comm="syz.9.1255" name="file0" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 239.810841][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 239.821268][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 239.837569][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 239.846345][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 239.857913][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 240.851755][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 240.861269][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 240.870903][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 240.884171][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 240.893145][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 241.407016][ T9098] netlink: 'syz.9.1270': attribute type 7 has an invalid length. [ 241.415139][ T9098] netlink: 'syz.9.1270': attribute type 1 has an invalid length. [ 241.499617][ T9082] chnl_net:caif_netlink_parms(): no params data found [ 241.907178][ T5840] Bluetooth: hci1: command tx timeout [ 242.074921][ T30] audit: type=1400 audit(2000000150.383:476): avc: denied { append } for pid=9108 comm="syz.7.1274" name="001" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 242.347664][ T9082] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.376269][ T9082] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.383531][ T9082] bridge_slave_0: entered allmulticast mode [ 242.467720][ T9082] bridge_slave_0: entered promiscuous mode [ 242.534235][ T9082] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.582747][ T9082] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.616527][ T9082] bridge_slave_1: entered allmulticast mode [ 242.640870][ T9082] bridge_slave_1: entered promiscuous mode [ 242.941706][ T9119] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1279'. [ 242.951234][ T5840] Bluetooth: hci2: command tx timeout [ 242.982121][ T9082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 243.100547][ T9082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 243.264253][ T9082] team0: Port device team_slave_0 added [ 243.294308][ T9082] team0: Port device team_slave_1 added [ 243.435002][ T9082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 243.451508][ T9082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.561566][ T9082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 243.711140][ T9082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 243.762090][ T9082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.788034][ C1] vkms_vblank_simulate: vblank timer overrun [ 243.819111][ T9126] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1282'. [ 243.842295][ T9082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 243.996372][ T5840] Bluetooth: hci1: command tx timeout [ 244.319798][ T9082] hsr_slave_0: entered promiscuous mode [ 244.354627][ T9082] hsr_slave_1: entered promiscuous mode [ 244.397884][ T9082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 244.433228][ T9082] Cannot create hsr debugfs directory [ 244.618666][ T9135] mkiss: ax0: crc mode is auto. [ 244.794306][ T9091] chnl_net:caif_netlink_parms(): no params data found [ 245.030605][ T5840] Bluetooth: hci2: command tx timeout [ 245.656024][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 245.672229][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 245.696780][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 245.715114][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 245.725846][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 246.026989][ T9091] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.076509][ T5832] Bluetooth: hci1: command tx timeout [ 246.088702][ T9091] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.123000][ T9091] bridge_slave_0: entered allmulticast mode [ 246.150889][ T9091] bridge_slave_0: entered promiscuous mode [ 246.194051][ T9091] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.212170][ T9091] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.246147][ T9091] bridge_slave_1: entered allmulticast mode [ 246.265948][ T9091] bridge_slave_1: entered promiscuous mode [ 246.457321][ T9091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.498032][ T9091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 246.723587][ T9091] team0: Port device team_slave_0 added [ 246.765051][ T9091] team0: Port device team_slave_1 added [ 246.994882][ T9091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.043501][ T9091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.070058][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.115644][ T5832] Bluetooth: hci2: command tx timeout [ 247.201661][ T9091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.257372][ T9091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.295748][ T9091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.321660][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.452069][ T9091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.826634][ T5832] Bluetooth: hci4: command tx timeout [ 247.939564][ T9091] hsr_slave_0: entered promiscuous mode [ 247.966770][ T9091] hsr_slave_1: entered promiscuous mode [ 247.992504][ T9091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 248.012450][ T9091] Cannot create hsr debugfs directory [ 248.147342][ T5832] Bluetooth: hci1: command tx timeout [ 248.960396][ T9146] chnl_net:caif_netlink_parms(): no params data found [ 249.188411][ T5832] Bluetooth: hci2: command tx timeout [ 249.409628][ T9146] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.442416][ T9146] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.460966][ T9146] bridge_slave_0: entered allmulticast mode [ 249.492868][ T9146] bridge_slave_0: entered promiscuous mode [ 249.530385][ T9146] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.545819][ T9146] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.553063][ T9146] bridge_slave_1: entered allmulticast mode [ 249.603082][ T9146] bridge_slave_1: entered promiscuous mode [ 249.852329][ T9146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 249.906304][ T5832] Bluetooth: hci4: command tx timeout [ 249.932020][ T9146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.157188][ T9146] team0: Port device team_slave_0 added [ 250.186480][ T9146] team0: Port device team_slave_1 added [ 250.382336][ T9146] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.404799][ T9146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.508965][ T9146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.555730][ T9146] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.562701][ T9146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.666151][ T9146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 250.918620][ T9146] hsr_slave_0: entered promiscuous mode [ 250.946807][ T9146] hsr_slave_1: entered promiscuous mode [ 250.966273][ T9146] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 250.973865][ T9146] Cannot create hsr debugfs directory [ 251.986242][ T5832] Bluetooth: hci4: command tx timeout [ 254.066323][ T5832] Bluetooth: hci4: command tx timeout [ 255.288366][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.294719][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.456411][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 258.465154][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 258.477372][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 258.497419][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 258.505016][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 259.180026][ T9259] chnl_net:caif_netlink_parms(): no params data found [ 259.463882][ T9259] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.473557][ T9259] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.488632][ T9259] bridge_slave_0: entered allmulticast mode [ 259.501191][ T9259] bridge_slave_0: entered promiscuous mode [ 259.514670][ T9259] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.530307][ T9259] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.553015][ T9259] bridge_slave_1: entered allmulticast mode [ 259.570555][ T9259] bridge_slave_1: entered promiscuous mode [ 259.694388][ T9259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 259.724213][ T9259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.869789][ T9259] team0: Port device team_slave_0 added [ 259.907088][ T9259] team0: Port device team_slave_1 added [ 260.154918][ T9259] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 260.162903][ T9259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.253382][ T9259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 260.417155][ T9259] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 260.424142][ T9259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.545919][ T5840] Bluetooth: hci5: command tx timeout [ 260.584394][ T9259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 260.676529][ T5832] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 260.685376][ T5832] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 260.704002][ T5832] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 260.712349][ T5832] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 260.726377][ T5832] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 260.902928][ T9259] hsr_slave_0: entered promiscuous mode [ 260.939013][ T9259] hsr_slave_1: entered promiscuous mode [ 260.966774][ T9259] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 260.974366][ T9259] Cannot create hsr debugfs directory [ 261.961473][ T9271] chnl_net:caif_netlink_parms(): no params data found [ 262.210752][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.222794][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.241657][ T9271] bridge_slave_0: entered allmulticast mode [ 262.266725][ T9271] bridge_slave_0: entered promiscuous mode [ 262.291040][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.302460][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.322258][ T9271] bridge_slave_1: entered allmulticast mode [ 262.332585][ T9271] bridge_slave_1: entered promiscuous mode [ 262.465265][ T9271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.496478][ T9271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.623547][ T9271] team0: Port device team_slave_0 added [ 262.629931][ T5840] Bluetooth: hci5: command tx timeout [ 262.647236][ T9271] team0: Port device team_slave_1 added [ 262.775280][ T9271] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 262.783226][ T9271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.813059][ T5840] Bluetooth: hci9: command tx timeout [ 262.839024][ T9271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 262.858632][ T9271] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 262.877659][ T9271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.917740][ T9271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 263.120865][ T9271] hsr_slave_0: entered promiscuous mode [ 263.139084][ T9271] hsr_slave_1: entered promiscuous mode [ 263.145343][ T9271] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 263.182464][ T9271] Cannot create hsr debugfs directory [ 264.706476][ T5840] Bluetooth: hci5: command tx timeout [ 264.904696][ T5840] Bluetooth: hci9: command tx timeout [ 265.466168][ T196] hsr_slave_0: left promiscuous mode [ 265.545547][ T196] hsr_slave_1: left promiscuous mode [ 265.555326][ T196] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.636494][ T196] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.696543][ T196] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 265.704040][ T196] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.801529][ T196] veth1_macvtap: left promiscuous mode [ 265.815291][ T196] veth0_macvtap: left promiscuous mode [ 265.835801][ T196] veth1_vlan: left promiscuous mode [ 265.842162][ T196] veth0_vlan: left promiscuous mode [ 266.788396][ T5840] Bluetooth: hci5: command tx timeout [ 266.945690][ T5832] Bluetooth: hci9: command tx timeout [ 267.242629][ T196] pimreg (unregistering): left allmulticast mode [ 268.637079][ T196] team0 (unregistering): Port device team_slave_1 removed [ 268.811985][ T196] team0 (unregistering): Port device team_slave_0 removed [ 269.025640][ T5832] Bluetooth: hci9: command tx timeout [ 274.268972][ T8859] bridge0: port 3(syz_tun) entered disabled state [ 275.018715][ T8859] syz_tun (unregistering): left allmulticast mode [ 275.025179][ T8859] syz_tun (unregistering): left promiscuous mode [ 275.042945][ T8859] bridge0: port 3(syz_tun) entered disabled state [ 299.986216][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 300.006983][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 300.021293][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 300.029262][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 300.038476][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 300.904525][ T9403] chnl_net:caif_netlink_parms(): no params data found [ 301.238099][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 301.247635][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 301.256713][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 301.264665][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 301.272953][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 301.357529][ T9403] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.364726][ T9403] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.380324][ T9403] bridge_slave_0: entered allmulticast mode [ 301.403488][ T9403] bridge_slave_0: entered promiscuous mode [ 301.431571][ T9403] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.460146][ T9403] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.472897][ T9403] bridge_slave_1: entered allmulticast mode [ 301.485022][ T9403] bridge_slave_1: entered promiscuous mode [ 301.677993][ T9403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 301.724730][ T9403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 301.959611][ T9403] team0: Port device team_slave_0 added [ 302.007570][ T9403] team0: Port device team_slave_1 added [ 302.146712][ T5840] Bluetooth: hci0: command tx timeout [ 302.156380][ T9403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 302.163351][ T9403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.206650][ T9403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 302.265300][ T9403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 302.281240][ T9403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.331362][ T9403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 302.562396][ T9403] hsr_slave_0: entered promiscuous mode [ 302.573435][ T9403] hsr_slave_1: entered promiscuous mode [ 302.590105][ T9403] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 302.601818][ T9403] Cannot create hsr debugfs directory [ 303.007148][ T9414] chnl_net:caif_netlink_parms(): no params data found [ 303.346438][ T5840] Bluetooth: hci3: command tx timeout [ 303.413821][ T9414] bridge0: port 1(bridge_slave_0) entered blocking state [ 303.430508][ T9414] bridge0: port 1(bridge_slave_0) entered disabled state [ 303.455369][ T9414] bridge_slave_0: entered allmulticast mode [ 303.482791][ T9414] bridge_slave_0: entered promiscuous mode [ 303.496182][ T9414] bridge0: port 2(bridge_slave_1) entered blocking state [ 303.503382][ T9414] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.520633][ T9414] bridge_slave_1: entered allmulticast mode [ 303.534045][ T9414] bridge_slave_1: entered promiscuous mode [ 303.680401][ T9414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 303.703654][ T9414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 303.860187][ T9414] team0: Port device team_slave_0 added [ 303.878491][ T9414] team0: Port device team_slave_1 added [ 304.095842][ T9414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.102820][ T9414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.150956][ T9414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.175356][ T9414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.185341][ T9414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.221228][ T9414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 304.234797][ T5840] Bluetooth: hci0: command tx timeout [ 304.411989][ T9414] hsr_slave_0: entered promiscuous mode [ 304.427014][ T9414] hsr_slave_1: entered promiscuous mode [ 304.465640][ T9414] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 304.495828][ T9414] Cannot create hsr debugfs directory [ 305.425654][ T5840] Bluetooth: hci3: command tx timeout [ 305.482293][ T5832] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 305.498857][ T5832] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 305.508120][ T5832] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 305.516278][ T5832] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 305.523900][ T5832] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 306.250962][ T9423] chnl_net:caif_netlink_parms(): no params data found [ 306.319081][ T5840] Bluetooth: hci0: command tx timeout [ 306.537162][ T9423] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.544372][ T9423] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.561513][ T9423] bridge_slave_0: entered allmulticast mode [ 306.585065][ T9423] bridge_slave_0: entered promiscuous mode [ 306.596559][ T9423] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.603679][ T9423] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.631286][ T9423] bridge_slave_1: entered allmulticast mode [ 306.644568][ T9423] bridge_slave_1: entered promiscuous mode [ 306.792662][ T9423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 306.829125][ T9423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 306.959262][ T9423] team0: Port device team_slave_0 added [ 306.979298][ T9423] team0: Port device team_slave_1 added [ 307.095810][ T9423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 307.102786][ T9423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.144715][ T9423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 307.179213][ T9423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 307.198145][ T9423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.238558][ T9423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 307.465418][ T9423] hsr_slave_0: entered promiscuous mode [ 307.472116][ T9423] hsr_slave_1: entered promiscuous mode [ 307.490001][ T9423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 307.506229][ T5840] Bluetooth: hci3: command tx timeout [ 307.522605][ T9423] Cannot create hsr debugfs directory [ 307.596150][ T5840] Bluetooth: hci6: command tx timeout [ 308.386230][ T5840] Bluetooth: hci0: command tx timeout [ 309.590776][ T5840] Bluetooth: hci3: command tx timeout [ 309.665763][ T5840] Bluetooth: hci6: command tx timeout [ 311.756195][ T5840] Bluetooth: hci6: command tx timeout [ 313.825597][ T5840] Bluetooth: hci6: command tx timeout [ 316.713097][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.727765][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.476733][ T5832] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 319.487518][ T5832] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 319.497350][ T5832] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 319.507215][ T5832] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 319.516259][ T5832] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 320.490800][ T9436] chnl_net:caif_netlink_parms(): no params data found [ 320.742047][ T5840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 320.758066][ T5840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 320.766593][ T5840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 320.774994][ T5840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 320.783628][ T5840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 320.960071][ T9436] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.975846][ T9436] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.983120][ T9436] bridge_slave_0: entered allmulticast mode [ 321.011753][ T9436] bridge_slave_0: entered promiscuous mode [ 321.048448][ T9436] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.085960][ T9436] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.093257][ T9436] bridge_slave_1: entered allmulticast mode [ 321.130398][ T9436] bridge_slave_1: entered promiscuous mode [ 321.399378][ T9436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 321.448668][ T9436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 321.585742][ T5840] Bluetooth: hci7: command tx timeout [ 321.616553][ T9436] team0: Port device team_slave_0 added [ 321.667182][ T9436] team0: Port device team_slave_1 added [ 321.907679][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 321.914665][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.035312][ T9436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.084804][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.116181][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.195141][ T9436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 322.541774][ T9436] hsr_slave_0: entered promiscuous mode [ 322.577660][ T9436] hsr_slave_1: entered promiscuous mode [ 322.583911][ T9436] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 322.624907][ T9436] Cannot create hsr debugfs directory [ 322.876053][ T5840] Bluetooth: hci8: command tx timeout [ 323.109223][ T9447] chnl_net:caif_netlink_parms(): no params data found [ 323.435076][ T9447] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.459352][ T9447] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.475794][ T9447] bridge_slave_0: entered allmulticast mode [ 323.494482][ T9447] bridge_slave_0: entered promiscuous mode [ 323.517224][ T9447] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.524424][ T9447] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.546007][ T9447] bridge_slave_1: entered allmulticast mode [ 323.571069][ T9447] bridge_slave_1: entered promiscuous mode [ 323.676814][ T5840] Bluetooth: hci7: command tx timeout [ 323.775981][ T9447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.804282][ T9447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.971421][ T9447] team0: Port device team_slave_0 added [ 323.988464][ T9447] team0: Port device team_slave_1 added [ 324.198081][ T9447] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 324.205072][ T9447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.247499][ T9447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.274691][ T9447] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.288538][ T9447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.330033][ T9447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.499017][ T9447] hsr_slave_0: entered promiscuous mode [ 324.518266][ T9447] hsr_slave_1: entered promiscuous mode [ 324.524724][ T9447] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 324.549312][ T9447] Cannot create hsr debugfs directory [ 324.946416][ T5840] Bluetooth: hci8: command tx timeout [ 325.746149][ T5840] Bluetooth: hci7: command tx timeout [ 327.032504][ T5840] Bluetooth: hci8: command tx timeout [ 327.825869][ T5840] Bluetooth: hci7: command tx timeout [ 329.105582][ T5840] Bluetooth: hci8: command tx timeout [ 359.384946][ T30] audit: type=1400 audit(2000000267.693:477): avc: denied { recv } for pid=36 comm="kworker/u8:2" saddr=10.128.0.169 src=43314 daddr=10.128.0.97 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 361.558544][ T5832] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 361.573422][ T50] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 361.582725][ T50] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 361.591719][ T50] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 361.599740][ T50] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 361.613248][ T50] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 361.622220][ T50] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 361.636266][ T50] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 361.645292][ T50] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 361.655581][ T50] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 362.757674][ T9570] chnl_net:caif_netlink_parms(): no params data found [ 363.228930][ T9570] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.245713][ T9570] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.271192][ T9570] bridge_slave_0: entered allmulticast mode [ 363.290481][ T9570] bridge_slave_0: entered promiscuous mode [ 363.307302][ T9570] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.314701][ T9570] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.333664][ T9570] bridge_slave_1: entered allmulticast mode [ 363.361249][ T9570] bridge_slave_1: entered promiscuous mode [ 363.574691][ T9570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 363.601069][ T9570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 363.746202][ T5832] Bluetooth: hci11: command tx timeout [ 363.753861][ T5832] Bluetooth: hci10: command tx timeout [ 363.837528][ T9570] team0: Port device team_slave_0 added [ 363.877394][ T9570] team0: Port device team_slave_1 added [ 364.078306][ T9568] chnl_net:caif_netlink_parms(): no params data found [ 364.111389][ T9570] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.126395][ T9570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.182443][ T9570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.217810][ T9570] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.225324][ T9570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.265023][ T9570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 364.651351][ T9570] hsr_slave_0: entered promiscuous mode [ 364.666586][ T9570] hsr_slave_1: entered promiscuous mode [ 364.683725][ T9570] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 364.698977][ T9570] Cannot create hsr debugfs directory [ 364.715526][ T9568] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.722667][ T9568] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.750878][ T9568] bridge_slave_0: entered allmulticast mode [ 364.769631][ T9568] bridge_slave_0: entered promiscuous mode [ 364.882068][ T5832] Bluetooth: hci1: command 0x0406 tx timeout [ 364.891346][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 364.961704][ T9568] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.981370][ T9568] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.019169][ T9568] bridge_slave_1: entered allmulticast mode [ 365.055520][ T9568] bridge_slave_1: entered promiscuous mode [ 365.300755][ T9568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 365.358792][ T9568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.747400][ T50] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 365.757462][ T50] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 365.766351][ T50] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 365.775612][ T50] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 365.788522][ T50] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 365.811581][ T9568] team0: Port device team_slave_0 added [ 365.835787][ T50] Bluetooth: hci10: command tx timeout [ 365.841321][ T50] Bluetooth: hci11: command tx timeout [ 365.948336][ T9568] team0: Port device team_slave_1 added [ 366.208151][ T9568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 366.234401][ T9568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.273418][ T9568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 366.299434][ T9568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 366.312441][ T9568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.360262][ T9568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.654668][ T9568] hsr_slave_0: entered promiscuous mode [ 366.677436][ T9568] hsr_slave_1: entered promiscuous mode [ 366.683797][ T9568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 366.714716][ T9568] Cannot create hsr debugfs directory [ 367.436581][ T9593] chnl_net:caif_netlink_parms(): no params data found [ 367.742315][ T9593] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.765913][ T9593] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.773220][ T9593] bridge_slave_0: entered allmulticast mode [ 367.793485][ T9593] bridge_slave_0: entered promiscuous mode [ 367.814262][ T9593] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.831493][ T9593] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.845479][ T50] Bluetooth: hci12: command tx timeout [ 367.866053][ T9593] bridge_slave_1: entered allmulticast mode [ 367.885550][ T9593] bridge_slave_1: entered promiscuous mode [ 367.926529][ T50] Bluetooth: hci11: command tx timeout [ 367.932058][ T50] Bluetooth: hci10: command tx timeout [ 368.080500][ T9593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 368.111903][ T9593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 368.262286][ T9593] team0: Port device team_slave_0 added [ 368.290990][ T9593] team0: Port device team_slave_1 added [ 368.439310][ T9593] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 368.455444][ T9593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 368.503847][ T9593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 368.537376][ T9593] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 368.552843][ T9593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 368.602763][ T9593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 368.820509][ T9593] hsr_slave_0: entered promiscuous mode [ 368.837736][ T9593] hsr_slave_1: entered promiscuous mode [ 368.863998][ T9593] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 368.881546][ T9593] Cannot create hsr debugfs directory [ 369.915467][ T50] Bluetooth: hci12: command tx timeout [ 370.000920][ T5840] Bluetooth: hci4: command 0x0406 tx timeout [ 370.008650][ T5832] Bluetooth: hci11: command tx timeout [ 370.014195][ T50] Bluetooth: hci10: command tx timeout [ 371.985765][ T5835] Bluetooth: hci12: command tx timeout [ 374.065835][ T5835] Bluetooth: hci12: command tx timeout [ 378.153743][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.161310][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.858959][ T50] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 379.869664][ T50] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 379.878573][ T50] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 379.890894][ T50] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 379.900416][ T50] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 380.831872][ T50] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 380.853805][ T50] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 380.864897][ T50] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 380.876482][ T50] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 380.884167][ T50] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 381.138731][ T9603] chnl_net:caif_netlink_parms(): no params data found [ 381.573260][ T9603] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.598909][ T9603] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.617059][ T9603] bridge_slave_0: entered allmulticast mode [ 381.636364][ T9603] bridge_slave_0: entered promiscuous mode [ 381.656491][ T9603] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.663625][ T9603] bridge0: port 2(bridge_slave_1) entered disabled state [ 381.695667][ T9603] bridge_slave_1: entered allmulticast mode [ 381.715649][ T9603] bridge_slave_1: entered promiscuous mode [ 381.917565][ T9603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 381.957014][ T9603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.988417][ T5835] Bluetooth: hci13: command tx timeout [ 382.174338][ T9603] team0: Port device team_slave_0 added [ 382.227840][ T9603] team0: Port device team_slave_1 added [ 382.426680][ T9603] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 382.433655][ T9603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 382.485238][ T9603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 382.533927][ T9603] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 382.562254][ T9603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 382.616229][ T9603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 382.784742][ T9610] chnl_net:caif_netlink_parms(): no params data found [ 382.875140][ T9603] hsr_slave_0: entered promiscuous mode [ 382.896510][ T9603] hsr_slave_1: entered promiscuous mode [ 382.904086][ T9603] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 382.925634][ T9603] Cannot create hsr debugfs directory [ 382.947051][ T50] Bluetooth: hci14: command tx timeout [ 383.495660][ T9610] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.502814][ T9610] bridge0: port 1(bridge_slave_0) entered disabled state [ 383.561101][ T9610] bridge_slave_0: entered allmulticast mode [ 383.588145][ T9610] bridge_slave_0: entered promiscuous mode [ 383.617846][ T9610] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.642836][ T9610] bridge0: port 2(bridge_slave_1) entered disabled state [ 383.675714][ T9610] bridge_slave_1: entered allmulticast mode [ 383.706441][ T9610] bridge_slave_1: entered promiscuous mode [ 383.949478][ T9610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 384.066099][ T5832] Bluetooth: hci13: command tx timeout [ 384.161135][ T9610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 384.374986][ T9610] team0: Port device team_slave_0 added [ 384.408066][ T9610] team0: Port device team_slave_1 added [ 384.540679][ T9610] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 384.562178][ T9610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 384.617510][ T9610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 384.644084][ T9610] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 384.663899][ T9610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 384.704009][ T9610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 384.914922][ T9610] hsr_slave_0: entered promiscuous mode [ 384.934176][ T9610] hsr_slave_1: entered promiscuous mode [ 384.947385][ T9610] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 384.983160][ T9610] Cannot create hsr debugfs directory [ 385.026221][ T5832] Bluetooth: hci14: command tx timeout [ 385.359038][ T5840] Bluetooth: hci9: command 0x0406 tx timeout [ 385.367102][ T5832] Bluetooth: hci5: command 0x0406 tx timeout [ 386.145793][ T5835] Bluetooth: hci13: command tx timeout [ 387.108276][ T5835] Bluetooth: hci14: command tx timeout [ 388.236641][ T5835] Bluetooth: hci13: command tx timeout [ 389.186593][ T5835] Bluetooth: hci14: command tx timeout [ 406.946051][ T31] INFO: task syz-executor:9091 blocked for more than 143 seconds. [ 406.953910][ T31] Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 [ 406.992935][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 407.046180][ T31] task:syz-executor state:D stack:24424 pid:9091 tgid:9091 ppid:1 task_flags:0x400140 flags:0x00004004 [ 407.155813][ T31] Call Trace: [ 407.159144][ T31] [ 407.162091][ T31] __schedule+0x116a/0x5de0 [ 407.235594][ T31] ? is_bpf_text_address+0x94/0x1a0 [ 407.240853][ T31] ? kernel_text_address+0x8d/0x100 [ 407.268520][ T31] ? __lock_acquire+0x622/0x1c90 [ 407.295437][ T31] ? __pfx___schedule+0x10/0x10 [ 407.300362][ T31] ? find_held_lock+0x2b/0x80 [ 407.305059][ T31] ? schedule+0x2d7/0x3a0 [ 407.341332][ T31] schedule+0xe7/0x3a0 [ 407.354667][ T31] schedule_preempt_disabled+0x13/0x30 [ 407.360930][ T31] __mutex_lock+0x6c7/0xb90 [ 407.375604][ T31] ? del_device_store+0xd1/0x4a0 [ 407.380590][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 407.403378][ T31] ? __pfx_sscanf+0x10/0x10 [ 407.412907][ T31] ? __lock_acquire+0x622/0x1c90 [ 407.425397][ T31] ? del_device_store+0xd1/0x4a0 [ 407.430390][ T31] del_device_store+0xd1/0x4a0 [ 407.435178][ T31] ? __pfx_del_device_store+0x10/0x10 [ 407.464572][ T31] ? find_held_lock+0x2b/0x80 [ 407.475401][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 407.487724][ T31] ? __pfx_del_device_store+0x10/0x10 [ 407.493160][ T31] bus_attr_store+0x71/0xb0 [ 407.511644][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 407.524211][ T31] sysfs_kf_write+0xef/0x150 [ 407.545417][ T31] kernfs_fop_write_iter+0x354/0x510 [ 407.550771][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 407.565722][ T31] vfs_write+0x6c4/0x1150 [ 407.570099][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 407.598275][ T31] ? __pfx_vfs_write+0x10/0x10 [ 407.603117][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 407.624214][ T31] ksys_write+0x12a/0x250 [ 407.629477][ T31] ? __pfx_ksys_write+0x10/0x10 [ 407.634374][ T31] do_syscall_64+0xcd/0x4c0 [ 407.656019][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.662268][ T31] RIP: 0033:0x7f9ddfd8d3df [ 407.675397][ T31] RSP: 002b:00007ffcf7132cb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 407.695443][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f9ddfd8d3df [ 407.703478][ T31] RDX: 0000000000000001 RSI: 00007ffcf7132d00 RDI: 0000000000000005 [ 407.724458][ T31] RBP: 00007f9ddfe11d8d R08: 0000000000000000 R09: 00007ffcf7132b07 [ 407.737881][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 407.755879][ T31] R13: 00007ffcf7132d00 R14: 00007f9de0ae4620 R15: 0000000000000003 [ 407.763929][ T31] [ 407.776247][ T31] INFO: task syz-executor:9146 blocked for more than 144 seconds. [ 407.804070][ T31] Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 [ 407.816913][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 407.835600][ T31] task:syz-executor state:D stack:24312 pid:9146 tgid:9146 ppid:1 task_flags:0x400140 flags:0x00004004 [ 407.870411][ T31] Call Trace: [ 407.873820][ T31] [ 407.878849][ T31] __schedule+0x116a/0x5de0 [ 407.883390][ T31] ? is_bpf_text_address+0x94/0x1a0 [ 407.906931][ T31] ? kernel_text_address+0x8d/0x100 [ 407.912198][ T31] ? __lock_acquire+0x622/0x1c90 [ 407.934294][ T31] ? __pfx___schedule+0x10/0x10 [ 407.940264][ T31] ? find_held_lock+0x2b/0x80 [ 407.944973][ T31] ? schedule+0x2d7/0x3a0 [ 407.964496][ T31] schedule+0xe7/0x3a0 [ 407.969833][ T31] schedule_preempt_disabled+0x13/0x30 [ 407.975324][ T31] __mutex_lock+0x6c7/0xb90 [ 407.998345][ T31] ? del_device_store+0xd1/0x4a0 [ 408.003357][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 408.023000][ T31] ? __pfx_sscanf+0x10/0x10 [ 408.035182][ T31] ? __lock_acquire+0x622/0x1c90 [ 408.045398][ T31] ? del_device_store+0xd1/0x4a0 [ 408.050391][ T31] del_device_store+0xd1/0x4a0 [ 408.055180][ T31] ? __pfx_del_device_store+0x10/0x10 [ 408.074370][ T31] ? find_held_lock+0x2b/0x80 [ 408.085739][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 408.092171][ T31] ? __pfx_del_device_store+0x10/0x10 [ 408.116066][ T31] bus_attr_store+0x71/0xb0 [ 408.120632][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 408.135428][ T31] sysfs_kf_write+0xef/0x150 [ 408.140087][ T31] kernfs_fop_write_iter+0x354/0x510 [ 408.162299][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 408.175404][ T31] vfs_write+0x6c4/0x1150 [ 408.179796][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 408.195210][ T31] ? __pfx_vfs_write+0x10/0x10 [ 408.214458][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 408.231216][ T31] ksys_write+0x12a/0x250 [ 408.245790][ T31] ? __pfx_ksys_write+0x10/0x10 [ 408.250703][ T31] do_syscall_64+0xcd/0x4c0 [ 408.255249][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.279136][ T31] RIP: 0033:0x7fbe95b8d3df [ 408.283619][ T31] RSP: 002b:00007ffdd51417d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 408.307594][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fbe95b8d3df [ 408.325402][ T31] RDX: 0000000000000001 RSI: 00007ffdd5141820 RDI: 0000000000000005 [ 408.333413][ T31] RBP: 00007fbe95c11d8d R08: 0000000000000000 R09: 00007ffdd5141627 [ 408.358766][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 408.380152][ T31] R13: 00007ffdd5141820 R14: 00007fbe968e4620 R15: 0000000000000003 [ 408.408361][ T31] [ 408.411480][ T31] INFO: task syz-executor:9259 blocked for more than 144 seconds. [ 408.464300][ T31] Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 [ 408.480421][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 408.501210][ T31] task:syz-executor state:D stack:24472 pid:9259 tgid:9259 ppid:1 task_flags:0x400140 flags:0x00004004 [ 408.532287][ T31] Call Trace: [ 408.542024][ T31] [ 408.544995][ T31] __schedule+0x116a/0x5de0 [ 408.555409][ T31] ? is_bpf_text_address+0x94/0x1a0 [ 408.560654][ T31] ? kernel_text_address+0x8d/0x100 [ 408.585899][ T31] ? __lock_acquire+0x622/0x1c90 [ 408.590887][ T31] ? __pfx___schedule+0x10/0x10 [ 408.612964][ T31] ? find_held_lock+0x2b/0x80 [ 408.625398][ T31] ? schedule+0x2d7/0x3a0 [ 408.629780][ T31] schedule+0xe7/0x3a0 [ 408.633868][ T31] schedule_preempt_disabled+0x13/0x30 [ 408.654526][ T31] __mutex_lock+0x6c7/0xb90 [ 408.663837][ T31] ? del_device_store+0xd1/0x4a0 [ 408.675396][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 408.684452][ T31] ? __pfx_sscanf+0x10/0x10 [ 408.703074][ T31] ? __lock_acquire+0x622/0x1c90 [ 408.719995][ T31] ? del_device_store+0xd1/0x4a0 [ 408.724991][ T31] del_device_store+0xd1/0x4a0 [ 408.735414][ T31] ? __pfx_del_device_store+0x10/0x10 [ 408.740845][ T31] ? find_held_lock+0x2b/0x80 [ 408.759262][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 408.764186][ T31] ? __pfx_del_device_store+0x10/0x10 [ 408.780758][ T31] bus_attr_store+0x71/0xb0 [ 408.785316][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 408.795388][ T31] sysfs_kf_write+0xef/0x150 [ 408.800024][ T31] kernfs_fop_write_iter+0x354/0x510 [ 408.805316][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 408.844232][ T31] vfs_write+0x6c4/0x1150 [ 408.849271][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 408.855134][ T31] ? __pfx_vfs_write+0x10/0x10 [ 408.874107][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 408.891160][ T31] ksys_write+0x12a/0x250 [ 408.905293][ T31] ? __pfx_ksys_write+0x10/0x10 [ 408.925426][ T31] do_syscall_64+0xcd/0x4c0 [ 408.929989][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.952713][ T31] RIP: 0033:0x7fa799b8d3df [ 408.965393][ T31] RSP: 002b:00007ffe0f8f9cf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 408.974209][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa799b8d3df [ 408.996389][ T31] RDX: 0000000000000001 RSI: 00007ffe0f8f9d40 RDI: 0000000000000005 [ 409.005016][ T31] RBP: 00007fa799c11d8d R08: 0000000000000000 R09: 00007ffe0f8f9b47 [ 409.042732][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 409.062706][ T31] R13: 00007ffe0f8f9d40 R14: 00007fa79a8e4620 R15: 0000000000000003 [ 409.075408][ T31] [ 409.078962][ T31] INFO: task syz-executor:9271 blocked for more than 145 seconds. [ 409.102337][ T31] Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 [ 409.126272][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 409.135035][ T31] task:syz-executor state:D stack:24296 pid:9271 tgid:9271 ppid:1 task_flags:0x400140 flags:0x00004004 [ 409.169889][ T31] Call Trace: [ 409.173218][ T31] [ 409.183453][ T31] __schedule+0x116a/0x5de0 [ 409.195395][ T31] ? is_bpf_text_address+0x94/0x1a0 [ 409.200662][ T31] ? kernel_text_address+0x8d/0x100 [ 409.215400][ T31] ? __lock_acquire+0x622/0x1c90 [ 409.235399][ T31] ? __pfx___schedule+0x10/0x10 [ 409.240310][ T31] ? find_held_lock+0x2b/0x80 [ 409.245006][ T31] ? schedule+0x2d7/0x3a0 [ 409.264066][ T31] schedule+0xe7/0x3a0 [ 409.279893][ T31] schedule_preempt_disabled+0x13/0x30 [ 409.295092][ T31] __mutex_lock+0x6c7/0xb90 [ 409.300601][ T31] ? del_device_store+0xd1/0x4a0 [ 409.315614][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 409.324841][ T31] ? __pfx_sscanf+0x10/0x10 [ 409.343678][ T31] ? __lock_acquire+0x622/0x1c90 [ 409.355396][ T31] ? del_device_store+0xd1/0x4a0 [ 409.360388][ T31] del_device_store+0xd1/0x4a0 [ 409.365173][ T31] ? __pfx_del_device_store+0x10/0x10 [ 409.392730][ T31] ? find_held_lock+0x2b/0x80 [ 409.405391][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 409.410285][ T31] ? __pfx_del_device_store+0x10/0x10 [ 409.431963][ T31] bus_attr_store+0x71/0xb0 [ 409.445419][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 409.450667][ T31] sysfs_kf_write+0xef/0x150 [ 409.455290][ T31] kernfs_fop_write_iter+0x354/0x510 [ 409.475999][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 409.481250][ T31] vfs_write+0x6c4/0x1150 [ 409.498564][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 409.504418][ T31] ? __pfx_vfs_write+0x10/0x10 [ 409.537526][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 409.542788][ T31] ksys_write+0x12a/0x250 [ 409.562052][ T31] ? __pfx_ksys_write+0x10/0x10 [ 409.575417][ T31] do_syscall_64+0xcd/0x4c0 [ 409.579975][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.595393][ T31] RIP: 0033:0x7f02daf8d3df [ 409.599846][ T31] RSP: 002b:00007ffcd9bfbd20 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 409.621556][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f02daf8d3df [ 409.647821][ T31] RDX: 0000000000000001 RSI: 00007ffcd9bfbd70 RDI: 0000000000000005 [ 409.668932][ T31] RBP: 00007f02db011d8d R08: 0000000000000000 R09: 00007ffcd9bfbb77 [ 409.692620][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 409.706605][ T31] R13: 00007ffcd9bfbd70 R14: 00007f02dbce4620 R15: 0000000000000003 [ 409.714630][ T31] [ 409.725472][ T31] [ 409.725472][ T31] Showing all locks held in the system: [ 409.752575][ T31] 3 locks held by kworker/0:0/9: [ 409.765384][ T31] 3 locks held by kworker/0:1/10: [ 409.770439][ T31] 4 locks held by kworker/u8:1/13: [ 409.791022][ T31] #0: ffff88802f8a0148 ((wq_completion)wg-kex-wg1#19){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 409.823575][ T31] #1: ffffc90000127d10 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 409.845432][ T31] #2: ffff88804ab35308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0xec/0x650 [ 409.874503][ T31] #3: ffff88804fc92ad8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x100/0x650 [ 409.895419][ T31] 4 locks held by kworker/1:0/24: [ 409.900474][ T31] #0: ffff88802b187548 ((wq_completion)wg-kex-wg0#18){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 409.932036][ T31] #1: ffffc900001e7d10 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 409.995315][ T31] #2: ffff88806e671308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1c2/0x880 [ 410.026607][ T31] #3: ffff888023ec5278 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x5ac/0x880 [ 410.056226][ T31] 1 lock held by khungtaskd/31: [ 410.061104][ T31] #0: ffffffff8e5c4940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 410.092525][ T31] 4 locks held by kworker/u8:4/59: [ 410.110992][ T31] #0: ffff88804b3a5148 ((wq_completion)wg-kex-wg0#17){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.136430][ T31] #1: ffffc9000210fd10 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.171715][ T31] #2: ffff88806e671308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0xec/0x650 [ 410.190762][ T31] #3: ffff888023ec5278 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x100/0x650 [ 410.211473][ T31] 3 locks held by kworker/0:2/92: [ 410.229314][ T31] 5 locks held by kworker/u8:5/196: [ 410.234548][ T31] #0: ffff88801c6f3948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.265710][ T31] #1: ffffc90003087d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.285392][ T31] #2: ffffffff9034b590 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 410.294794][ T31] #3: ffff8880783394e8 (&wg->device_update_lock){+.+.}-{4:4}, at: wg_destruct+0x151/0x3d0 [ 410.319543][ T31] #4: ffffffff8e5cfe00 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 410.357926][ T31] 4 locks held by kworker/u8:6/1141: [ 410.363244][ T31] #0: ffff888031824148 ((wq_completion)wg-kex-wg0#13){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.387156][ T31] #1: ffffc900041bfd10 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.416123][ T31] #2: ffff88801dbfd308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0xec/0x650 [ 410.443526][ T31] #3: ffff88802a025c60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x100/0x650 [ 410.476187][ T31] 2 locks held by getty/5592: [ 410.480903][ T31] #0: ffff888032ca90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 410.515395][ T31] #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 410.535396][ T31] 3 locks held by kworker/0:3/5844: [ 410.540635][ T31] 2 locks held by kworker/0:4/5876: [ 410.571124][ T31] 2 locks held by kworker/0:5/5889: [ 410.585609][ T31] 2 locks held by kworker/0:6/5896: [ 410.590830][ T31] 4 locks held by kworker/1:3/5903: [ 410.605393][ T31] #0: ffff8880363c9148 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.630566][ T31] #1: ffffc9000431fd10 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.695739][ T31] #2: ffff888032be1308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1c2/0x880 [ 410.725676][ T31] #3: ffff8880251fc890 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x5ac/0x880 [ 410.750538][ T31] 5 locks held by kworker/0:7/5910: [ 410.765406][ T31] 3 locks held by kworker/1:5/5939: [ 410.770631][ T31] #0: ffff888036cd6548 ((wq_completion)wg-kex-wg2#10){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.795121][ T31] #1: ffffc9000454fd10 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.866280][ T31] #2: ffff88802a020338 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x30/0xe80 [ 410.885612][ T31] 3 locks held by kworker/1:7/5964: [ 410.890834][ T31] #0: ffff8880412f0548 ((wq_completion)wg-kex-wg2#12){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 410.920540][ T31] #1: ffffc9000453fd10 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 410.992759][ T31] #2: ffff88802a024890 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x30/0xe80 [ 411.015314][ T31] 2 locks held by kworker/0:8/5979: [ 411.023320][ T31] 4 locks held by kworker/0:9/7767: [ 411.044057][ T31] 3 locks held by kworker/0:10/8576: [ 411.053382][ T31] 3 locks held by kworker/0:11/8637: [ 411.073058][ T31] 3 locks held by kworker/0:12/8958: [ 411.094565][ T31] 2 locks held by kworker/0:13/8962: [ 411.105386][ T31] 2 locks held by kworker/0:14/9025: [ 411.110721][ T31] 7 locks held by syz-executor/9082: [ 411.133803][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.150166][ T31] #1: ffff888053695c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.172979][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.192035][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.225447][ T31] #4: ffff88807cbe50e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620 [ 411.249181][ T31] #5: ffff88807cbe6250 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0 [ 411.270051][ T31] #6: ffffffff8e5cfe00 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 411.294114][ T31] 4 locks held by syz-executor/9091: [ 411.305384][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.314422][ T31] #1: ffff888078d92c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.347351][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.366092][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.393239][ T31] 4 locks held by syz-executor/9146: [ 411.403971][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.421371][ T31] #1: ffff88803ac11c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.467433][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.494851][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.521926][ T31] 3 locks held by kworker/0:15/9257: [ 411.533227][ T31] 4 locks held by syz-executor/9259: [ 411.545391][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.573221][ T31] #1: ffff88803ac2a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.595441][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.621756][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.635380][ T31] 4 locks held by syz-executor/9271: [ 411.640687][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.665053][ T31] #1: ffff8880686e8088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.695803][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.718981][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.742478][ T31] 3 locks held by kworker/0:16/9290: [ 411.755696][ T31] 3 locks held by kworker/0:17/9294: [ 411.761020][ T31] 4 locks held by syz-executor/9403: [ 411.780177][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.808340][ T31] #1: ffff88802a7ba088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.831843][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.850649][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.869133][ T31] 4 locks held by syz-executor/9414: [ 411.874466][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 411.905400][ T31] #1: ffff888049669488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 411.915219][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 411.945158][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 411.965415][ T31] 4 locks held by syz-executor/9423: [ 411.970751][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.001811][ T31] #1: ffff888056743488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.021255][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.038614][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.067676][ T31] 2 locks held by kworker/0:18/9428: [ 412.073008][ T31] 4 locks held by syz-executor/9436: [ 412.085256][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.115399][ T31] #1: ffff888080635088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.125207][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.150943][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.185396][ T31] 4 locks held by syz-executor/9447: [ 412.192456][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.221781][ T31] #1: ffff888041fc3088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.235381][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.262446][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.279911][ T31] 4 locks held by syz-executor/9568: [ 412.285229][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.309117][ T31] #1: ffff888094dec488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.335567][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.355624][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.392579][ T31] 4 locks held by syz-executor/9570: [ 412.405385][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.414412][ T31] #1: ffff888049815888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.443381][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.462711][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.484061][ T31] 4 locks held by syz-executor/9593: [ 412.490398][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.521649][ T31] #1: ffff888096bc2c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.539493][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.564154][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.580295][ T31] 4 locks held by syz-executor/9603: [ 412.593714][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.612578][ T31] #1: ffff8880912f4488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.634788][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.655409][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.686192][ T31] 4 locks held by syz-executor/9610: [ 412.691515][ T31] #0: ffff888034282428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 412.718393][ T31] #1: ffff888087380c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 412.745115][ T31] #2: ffff888028bda4b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 412.771849][ T31] #3: ffffffff8f8e9608 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 412.792596][ T31] [ 412.794955][ T31] ============================================= [ 412.794955][ T31] [ 412.816204][ T31] NMI backtrace for cpu 1 [ 412.816219][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 412.816241][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 412.816251][ T31] Call Trace: [ 412.816257][ T31] [ 412.816263][ T31] dump_stack_lvl+0x116/0x1f0 [ 412.816295][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 412.816316][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 412.816344][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 412.816366][ T31] watchdog+0xf70/0x12c0 [ 412.816391][ T31] ? __pfx_watchdog+0x10/0x10 [ 412.816408][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 412.816434][ T31] ? __kthread_parkme+0x19e/0x250 [ 412.816461][ T31] ? __pfx_watchdog+0x10/0x10 [ 412.816480][ T31] kthread+0x3c2/0x780 [ 412.816497][ T31] ? __pfx_kthread+0x10/0x10 [ 412.816515][ T31] ? rcu_is_watching+0x12/0xc0 [ 412.816538][ T31] ? __pfx_kthread+0x10/0x10 [ 412.816555][ T31] ret_from_fork+0x5d4/0x6f0 [ 412.816579][ T31] ? __pfx_kthread+0x10/0x10 [ 412.816596][ T31] ret_from_fork_asm+0x1a/0x30 [ 412.816627][ T31] [ 412.816633][ T31] Sending NMI from CPU 1 to CPUs 0: [ 412.940335][ C0] NMI backtrace for cpu 0 [ 412.940351][ C0] CPU: 0 UID: 0 PID: 5910 Comm: kworker/0:7 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 412.940371][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 412.940381][ C0] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 412.940403][ C0] RIP: 0010:__orc_find+0x97/0xf0 [ 412.940418][ C0] Code: b6 34 0a 48 89 da 83 e2 07 83 c2 03 40 38 f2 7c 05 40 84 f6 75 4b 48 63 13 48 01 da 49 39 d5 73 af 4c 8d 63 fc 49 39 ec 73 b2 <4d> 29 f7 49 c1 ff 02 4b 8d 14 7f 48 8d 04 50 48 83 c4 08 5b 5d 41 [ 412.940432][ C0] RSP: 0018:ffffc90000006c68 EFLAGS: 00000297 [ 412.940443][ C0] RAX: ffffffff91d0d224 RBX: ffffffff911bf1a4 RCX: dffffc0000000000 [ 412.940453][ C0] RDX: ffffffff8963da77 RSI: 0000000000000000 RDI: ffffffff911bf18c [ 412.940462][ C0] RBP: ffffffff911bf1a4 R08: ffffffff91d0d260 R09: 0000000000000000 [ 412.940471][ C0] R10: 0000000000000000 R11: 00000000000863da R12: ffffffff911bf1a0 [ 412.940479][ C0] R13: ffffffff8963da6c R14: ffffffff911bf18c R15: ffffffff911bf1a0 [ 412.940488][ C0] FS: 0000000000000000(0000) GS:ffff888124717000(0000) knlGS:0000000000000000 [ 412.940503][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 412.940512][ C0] CR2: 00007fff7028ccbf CR3: 000000000e382000 CR4: 00000000003526f0 [ 412.940521][ C0] Call Trace: [ 412.940526][ C0] [ 412.940534][ C0] ? __netif_receive_skb+0x1c/0x160 [ 412.940552][ C0] unwind_next_frame+0x2ec/0x20a0 [ 412.940565][ C0] ? __netif_receive_skb+0x1d/0x160 [ 412.940582][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 412.940602][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 412.940621][ C0] arch_stack_walk+0x94/0x100 [ 412.940637][ C0] ? __netif_receive_skb+0x1d/0x160 [ 412.940655][ C0] stack_trace_save+0x8e/0xc0 [ 412.940673][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 412.940692][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 412.940707][ C0] kasan_save_stack+0x33/0x60 [ 412.940726][ C0] ? kasan_save_stack+0x33/0x60 [ 412.940743][ C0] ? kasan_save_track+0x14/0x30 [ 412.940759][ C0] ? kasan_save_free_info+0x3b/0x60 [ 412.940774][ C0] ? __kasan_slab_free+0x51/0x70 [ 412.940792][ C0] ? kfree+0x2b4/0x4d0 [ 412.940806][ C0] ? nf_conntrack_free+0x104/0x460 [ 412.940827][ C0] ? nf_ct_destroy+0x18b/0x2a0 [ 412.940840][ C0] ? nf_conntrack_in+0x392/0x1950 [ 412.940855][ C0] ? ipv4_conntrack_local+0x160/0x250 [ 412.940874][ C0] ? nf_hook_slow+0xbe/0x200 [ 412.940892][ C0] ? nf_hook+0x370/0x680 [ 412.940904][ C0] ? __ip_local_out+0x339/0x7c0 [ 412.940918][ C0] ? ip_local_out+0x2a/0x4a0 [ 412.940931][ C0] ? synproxy_send_tcp.isra.0+0x439/0x630 [ 412.940943][ C0] ? synproxy_send_client_synack+0x6f6/0x8f0 [ 412.940956][ C0] ? nft_synproxy_do_eval+0xa63/0xd80 [ 412.940972][ C0] ? nft_do_chain+0x2e9/0x1920 [ 412.940986][ C0] ? nft_do_chain_inet+0x18a/0x340 [ 412.941000][ C0] ? nf_hook_slow+0xbe/0x200 [ 412.941017][ C0] ? nf_hook.constprop.0+0x422/0x750 [ 412.941035][ C0] ? ip_local_deliver+0x169/0x1f0 [ 412.941054][ C0] ? ip_rcv+0x2c3/0x5d0 [ 412.941072][ C0] ? __netif_receive_skb_one_core+0x197/0x1e0 [ 412.941088][ C0] ? __netif_receive_skb+0x1d/0x160 [ 412.941114][ C0] kasan_save_track+0x14/0x30 [ 412.941131][ C0] kasan_save_free_info+0x3b/0x60 [ 412.941145][ C0] __kasan_slab_free+0x51/0x70 [ 412.941163][ C0] kfree+0x2b4/0x4d0 [ 412.941178][ C0] ? nf_conntrack_free+0x104/0x460 [ 412.941193][ C0] nf_conntrack_free+0x104/0x460 [ 412.941207][ C0] nf_ct_destroy+0x18b/0x2a0 [ 412.941220][ C0] nf_conntrack_in+0x392/0x1950 [ 412.941238][ C0] ? __pfx_nf_conntrack_in+0x10/0x10 [ 412.941254][ C0] ? __pfx_selinux_netlbl_skbuff_setsid+0x10/0x10 [ 412.941275][ C0] ? __pfx_ipt_do_table+0x10/0x10 [ 412.941294][ C0] ? __pfx_ipv4_conntrack_local+0x10/0x10 [ 412.941313][ C0] ipv4_conntrack_local+0x160/0x250 [ 412.941332][ C0] nf_hook_slow+0xbe/0x200 [ 412.941351][ C0] nf_hook+0x370/0x680 [ 412.941364][ C0] ? __pfx_dst_output+0x10/0x10 [ 412.941378][ C0] ? __pfx_nf_hook+0x10/0x10 [ 412.941390][ C0] ? __pfx_ip_route_me_harder+0x10/0x10 [ 412.941404][ C0] ? __pfx_dst_output+0x10/0x10 [ 412.941418][ C0] ? do_csum+0x26f/0x2d0 [ 412.941434][ C0] __ip_local_out+0x339/0x7c0 [ 412.941447][ C0] ? __pfx_dst_output+0x10/0x10 [ 412.941461][ C0] ip_local_out+0x2a/0x4a0 [ 412.941476][ C0] synproxy_send_tcp.isra.0+0x439/0x630 [ 412.941491][ C0] synproxy_send_client_synack+0x6f6/0x8f0 [ 412.941506][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 412.941520][ C0] ? nft_xfrm_reduce+0x2b8/0x390 [ 412.941536][ C0] nft_synproxy_do_eval+0xa63/0xd80 [ 412.941553][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 412.941567][ C0] ? process_one_work+0x9cf/0x1b70 [ 412.941582][ C0] ? worker_thread+0x6c8/0xf10 [ 412.941594][ C0] ? kthread+0x3c2/0x780 [ 412.941606][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 412.941625][ C0] ? __pfx_nft_synproxy_eval+0x10/0x10 [ 412.941641][ C0] nft_do_chain+0x2e9/0x1920 [ 412.941657][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 412.941671][ C0] ? mark_held_locks+0x49/0x80 [ 412.941683][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 412.941704][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 412.941721][ C0] ? ipt_do_table+0xd48/0x1ae0 [ 412.941743][ C0] nft_do_chain_inet+0x18a/0x340 [ 412.941757][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 412.941772][ C0] ? __pfx_ipt_do_table+0x10/0x10 [ 412.941787][ C0] ? __pfx_iptable_mangle_hook+0x10/0x10 [ 412.941804][ C0] ? nf_nat_ipv4_local_in+0x181/0x720 [ 412.941829][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 412.941842][ C0] nf_hook_slow+0xbe/0x200 [ 412.941861][ C0] nf_hook.constprop.0+0x422/0x750 [ 412.941880][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 412.941900][ C0] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 412.941919][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 412.941939][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 412.941962][ C0] ip_local_deliver+0x169/0x1f0 [ 412.941980][ C0] ? __pfx_ip_local_deliver+0x10/0x10 [ 412.942000][ C0] ip_rcv+0x2c3/0x5d0 [ 412.942019][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 412.942038][ C0] __netif_receive_skb_one_core+0x197/0x1e0 [ 412.942055][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 412.942072][ C0] ? lock_acquire+0x179/0x350 [ 412.942087][ C0] ? process_backlog+0x3f0/0x15e0 [ 412.942103][ C0] __netif_receive_skb+0x1d/0x160 [ 412.942119][ C0] process_backlog+0x442/0x15e0 [ 412.942137][ C0] __napi_poll.constprop.0+0xb7/0x550 [ 412.942155][ C0] net_rx_action+0xa9f/0xfe0 [ 412.942175][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 412.942191][ C0] ? mark_held_locks+0x49/0x80 [ 412.942203][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 412.942221][ C0] ? tmigr_handle_remote+0x132/0x380 [ 412.942242][ C0] ? run_timer_base+0x121/0x190 [ 412.942262][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 412.942283][ C0] handle_softirqs+0x219/0x8e0 [ 412.942302][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 412.942317][ C0] ? irqtime_account_irq+0x18d/0x2e0 [ 412.942338][ C0] ? wg_packet_tx_worker+0x535/0x810 [ 412.942352][ C0] ? wg_packet_tx_worker+0x535/0x810 [ 412.942366][ C0] do_softirq+0xb2/0xf0 [ 412.942381][ C0] [ 412.942386][ C0] [ 412.942391][ C0] __local_bh_enable_ip+0x100/0x120 [ 412.942407][ C0] wg_packet_tx_worker+0x54a/0x810 [ 412.942424][ C0] process_one_work+0x9cf/0x1b70 [ 412.942442][ C0] ? __pfx_wg_packet_handshake_receive_worker+0x10/0x10 [ 412.942460][ C0] ? __pfx_process_one_work+0x10/0x10 [ 412.942478][ C0] ? assign_work+0x1a0/0x250 [ 412.942492][ C0] worker_thread+0x6c8/0xf10 [ 412.942509][ C0] ? __kthread_parkme+0x19e/0x250 [ 412.942528][ C0] ? __pfx_worker_thread+0x10/0x10 [ 412.942543][ C0] kthread+0x3c2/0x780 [ 412.942555][ C0] ? __pfx_kthread+0x10/0x10 [ 412.942568][ C0] ? rcu_is_watching+0x12/0xc0 [ 412.942586][ C0] ? __pfx_kthread+0x10/0x10 [ 412.942600][ C0] ret_from_fork+0x5d4/0x6f0 [ 412.942618][ C0] ? __pfx_kthread+0x10/0x10 [ 412.942631][ C0] ret_from_fork_asm+0x1a/0x30 [ 412.942650][ C0] [ 413.861984][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 413.868959][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 413.880772][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 413.890839][ T31] Call Trace: [ 413.894117][ T31] [ 413.897046][ T31] dump_stack_lvl+0x3d/0x1f0 [ 413.901653][ T31] panic+0x71c/0x800 [ 413.905558][ T31] ? __pfx___irq_work_queue_local+0x10/0x10 [ 413.911472][ T31] ? __pfx_panic+0x10/0x10 [ 413.915903][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 413.921284][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 413.927272][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 413.932661][ T31] ? watchdog+0xdda/0x12c0 [ 413.937083][ T31] ? watchdog+0xdcd/0x12c0 [ 413.941518][ T31] watchdog+0xdeb/0x12c0 [ 413.945771][ T31] ? __pfx_watchdog+0x10/0x10 [ 413.950450][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 413.955683][ T31] ? __kthread_parkme+0x19e/0x250 [ 413.960729][ T31] ? __pfx_watchdog+0x10/0x10 [ 413.965416][ T31] kthread+0x3c2/0x780 [ 413.969487][ T31] ? __pfx_kthread+0x10/0x10 [ 413.974081][ T31] ? rcu_is_watching+0x12/0xc0 [ 413.978853][ T31] ? __pfx_kthread+0x10/0x10 [ 413.983449][ T31] ret_from_fork+0x5d4/0x6f0 [ 413.988054][ T31] ? __pfx_kthread+0x10/0x10 [ 413.992645][ T31] ret_from_fork_asm+0x1a/0x30 [ 413.997428][ T31] [ 414.000552][ T31] Kernel Offset: disabled [ 414.004858][ T31] Rebooting in 86400 seconds..