last executing test programs: 6m29.233826026s ago: executing program 1 (id=1431): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000280)=0x41) fchown(r1, r2, 0x0) fchown(r1, r2, 0x0) 6m29.079082942s ago: executing program 1 (id=1432): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="08000000000000006d02"]) 6m27.321469871s ago: executing program 1 (id=1437): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x800000000f, 0x0, 0x0) waitid(0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0) 6m27.019563669s ago: executing program 1 (id=1441): socket$unix(0x1, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000054c0)=[{{&(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4011}}, {{&(0x7f0000003880)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4000084}}], 0x2, 0x20040040) 6m26.757036536s ago: executing program 1 (id=1443): pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff) read$char_usb(r0, &(0x7f00000003c0)=""/50, 0x32) 6m25.645899088s ago: executing program 1 (id=1450): ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15) move_pages(0x0, 0x90249c01dd736e4b, &(0x7f0000000000)=[&(0x7f0000ffd000/0x3000)=nil], 0x0, &(0x7f0000000040), 0x0) mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x2}) ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) 6m10.163272583s ago: executing program 32 (id=1450): ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15) move_pages(0x0, 0x90249c01dd736e4b, &(0x7f0000000000)=[&(0x7f0000ffd000/0x3000)=nil], 0x0, &(0x7f0000000040), 0x0) mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x2}) ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) 49.783580428s ago: executing program 4 (id=3610): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000010c0)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000180)={r2, @in={{0x2, 0x4e20, @empty}}, 0x7, 0x4002}, 0x90) 46.690242287s ago: executing program 4 (id=3613): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002a00)={0x30, 0x3e, 0x107, 0x0, 0x4000, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @typed={0xc, 0x7, 0x0, 0x0, @u64=0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0x404c080) 43.603208223s ago: executing program 4 (id=3615): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan0\x00'}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x38, r0, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x400}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004890}, 0x4000800) 40.444256222s ago: executing program 4 (id=3635): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x1, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0xfffffff9}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000fc0)={{r0}, &(0x7f0000000f40), &(0x7f0000000f80)='%pK \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='fib6_table_lookup\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) 37.23638881s ago: executing program 4 (id=3658): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0x10, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff2}, {0x0, 0x2}, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20018804}, 0x0) 34.102315252s ago: executing program 4 (id=3673): recvmmsg$unix(0xffffffffffffffff, &(0x7f00000054c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x40010120, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @local, 'tunl0\x00'}}, 0x1e) sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0) 17.71830094s ago: executing program 3 (id=3747): sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10, 0x0}, 0x4000001) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002000000090001"], 0x7c}}, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newchain={0x6c, 0x64, 0x1, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0xe, 0xd}, {0xa, 0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_ADDEND={0x8, 0x5, 0x5}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x8001}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1d04e}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x7}]}}, @filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x5317}]}}]}, 0x6c}}, 0x48010) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 14.66110374s ago: executing program 3 (id=3748): recvmmsg$unix(0xffffffffffffffff, &(0x7f00000054c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{0x0, 0x2f}, {&(0x7f00000001c0)=""/124, 0x7c}], 0x2}}], 0x1, 0x40010120, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, 0x0, 0x0) sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0) 11.502419928s ago: executing program 3 (id=3761): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r4, &(0x7f0000001ec0)={&(0x7f0000000c00)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0x4) 8.286185024s ago: executing program 3 (id=3773): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000d70400f07203", @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x48) r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r5, 0x1) close(r5) 8.221072726s ago: executing program 5 (id=3774): r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f00000001c0), 0x10) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r1, &(0x7f00000007c0)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0300000100000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x20000000) recvmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=""/84, 0x54}, {0x0}], 0x2}, 0x9}], 0x1, 0x60000163, 0x0) 7.726182322s ago: executing program 5 (id=3776): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) getpeername$l2tp6(r0, 0x0, &(0x7f0000000100)) 7.553404731s ago: executing program 5 (id=3777): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'tunl0\x00', &(0x7f0000000300)=@ethtool_perm_addr={0x20, 0x2, "aa14"}}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x3261e) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'wlan0\x00', 0x0}) 7.512422635s ago: executing program 2 (id=3778): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 7.338051397s ago: executing program 5 (id=3779): socket$inet6(0xa, 0x2, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) socket$xdp(0x2c, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x10, 0xf}, {}, {0x8, 0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xa, 0x7}}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x15625}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x8}]}}]}, 0x54}}, 0x0) 6.455456986s ago: executing program 2 (id=3782): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x1, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0xfffffff9}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000fc0)={{r0}, &(0x7f0000000f40), &(0x7f0000000f80)='%pK \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='fib6_table_lookup\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, 0x0, 0x0) 6.35787692s ago: executing program 0 (id=3783): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r4, &(0x7f0000001ec0)={&(0x7f0000000c00)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xf}, @loopback}}}], 0x20}, 0x4) 6.239646175s ago: executing program 2 (id=3784): r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000"], 0x30}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x7d, &(0x7f0000000040), 0x8) 5.989831442s ago: executing program 2 (id=3785): r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f00000001c0), 0x10) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r1, &(0x7f00000007c0)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0300000100000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x20000000) recvmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=""/84, 0x54}, {0x0}], 0x2}, 0x9}], 0x1, 0x60000163, 0x0) 5.082204396s ago: executing program 3 (id=3786): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x6, 0x4}, 0x20) getpeername$l2tp6(r0, 0x0, &(0x7f0000000100)) 4.96159951s ago: executing program 0 (id=3787): syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) rt_sigqueueinfo(r0, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000004ac0)={0x2020}, 0x2020) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00'}, 0x10) socket$key(0xf, 0x3, 0x2) 3.469614341s ago: executing program 0 (id=3788): unshare(0x24060400) r0 = socket$netlink(0x10, 0x3, 0xb) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, 0x0, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$sock(r1, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x48094) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) bind$pptp(0xffffffffffffffff, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) socket(0x40000000015, 0x805, 0x0) bind$alg(r3, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3", 0x4) r4 = accept4(r3, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r4) write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a) sendfile(r1, r2, 0x0, 0xffffffff000) 3.357217576s ago: executing program 2 (id=3789): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d00000085000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r4, &(0x7f0000001ec0)={&(0x7f0000000c00)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xf}, @loopback}}}, @ip_retopts={{0x10}}], 0x30}, 0x4) 3.206491927s ago: executing program 5 (id=3790): pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6821, 0x0, 0x9, 0x0, 0x0, 0x3, 0x2}, 0x0, 0x0) 3.074299372s ago: executing program 5 (id=3791): socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r3}, 0x10) r4 = socket(0x10, 0x3, 0x0) r5 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x9d, 0xea, 0x78, 0x40, 0x18b4, 0xfffb, 0xdc7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0xa0, 0x1f, 0x71}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r5, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000000000)={0x0, 0x0, 0x1, "01"}, 0x0, 0x0}) syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c"], 0x0) r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000a40)={&(0x7f0000000140)=[{0x18, 0x4000, 0x1a, &(0x7f00000001c0)="0000006f456583a47c064da3340297b36e93fc6a777b65dd50f7"}, {0x2, 0x201, 0x0, 0x0}], 0x2}) socket$nl_generic(0x10, 0x3, 0x10) mknod(0x0, 0x8001420, 0x0) preadv(r6, &(0x7f0000000180)=[{&(0x7f0000000200)=""/197, 0xc5}, {0x0}], 0x2, 0x2, 0x4) r7 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'}) sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x30}}, 0x80) socketpair(0x0, 0x0, 0x0, &(0x7f0000000140)) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32], 0x50) 1.834167653s ago: executing program 2 (id=3792): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 1.767928965s ago: executing program 0 (id=3793): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x1, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0xfffffff9}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000fc0)={{r0}, &(0x7f0000000f40), &(0x7f0000000f80)='%pK \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='fib6_table_lookup\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, 0x0, 0x0) 1.760976657s ago: executing program 3 (id=3794): r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000"], 0x30}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x7d, &(0x7f0000000040), 0x8) 1.334118299s ago: executing program 0 (id=3795): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000d70400f07203", @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x48) r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r5, 0x1) close(r5) 0s ago: executing program 0 (id=3796): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) dup(0xffffffffffffffff) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000d70400f07203", @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x48) r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r5, 0x1) close(r5) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.53' (ED25519) to the list of known hosts. [ 89.405622][ T5825] cgroup: Unknown subsys name 'net' [ 89.662317][ T5825] cgroup: Unknown subsys name 'cpuset' [ 89.696521][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.676733][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.360666][ T3120] cfg80211: failed to load regulatory.db [ 94.553080][ T5158] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.556970][ T5158] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.557891][ T5158] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.559921][ T5158] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.560833][ T5158] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.618068][ T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.622635][ T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.623486][ T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.647887][ T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.648851][ T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.713389][ T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.715125][ T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.716673][ T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.718073][ T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.718990][ T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.872737][ T59] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.874528][ T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.892008][ T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.894953][ T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.917224][ T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.919185][ T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 94.920878][ T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 94.922212][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 94.966635][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 94.967563][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.770644][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 95.893035][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 95.902370][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 96.507480][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 96.534848][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 96.657971][ T5842] Bluetooth: hci0: command tx timeout [ 96.658330][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.659495][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.660140][ T5837] bridge_slave_0: entered allmulticast mode [ 96.662389][ T5837] bridge_slave_0: entered promiscuous mode [ 96.735739][ T5842] Bluetooth: hci1: command tx timeout [ 96.816041][ T5842] Bluetooth: hci2: command tx timeout [ 96.913358][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.913482][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.915265][ T5837] bridge_slave_1: entered allmulticast mode [ 96.920903][ T5837] bridge_slave_1: entered promiscuous mode [ 96.985841][ T5842] Bluetooth: hci3: command tx timeout [ 97.056879][ T5842] Bluetooth: hci4: command tx timeout [ 97.318580][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.318729][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.318927][ T5843] bridge_slave_0: entered allmulticast mode [ 97.321699][ T5843] bridge_slave_0: entered promiscuous mode [ 97.323718][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.323858][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.324045][ T5840] bridge_slave_0: entered allmulticast mode [ 97.326874][ T5840] bridge_slave_0: entered promiscuous mode [ 97.466410][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.466562][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.467114][ T5843] bridge_slave_1: entered allmulticast mode [ 97.470015][ T5843] bridge_slave_1: entered promiscuous mode [ 97.473730][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.473878][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.474420][ T5840] bridge_slave_1: entered allmulticast mode [ 97.481487][ T5840] bridge_slave_1: entered promiscuous mode [ 97.521366][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.729274][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.304198][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.314207][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.476868][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.477104][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.477566][ T5847] bridge_slave_0: entered allmulticast mode [ 98.479640][ T5847] bridge_slave_0: entered promiscuous mode [ 98.484303][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.499551][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.500105][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.500262][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.500477][ T5846] bridge_slave_0: entered allmulticast mode [ 98.504166][ T5846] bridge_slave_0: entered promiscuous mode [ 98.538092][ T5837] team0: Port device team_slave_0 added [ 98.546192][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.546368][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.546626][ T5847] bridge_slave_1: entered allmulticast mode [ 98.552446][ T5847] bridge_slave_1: entered promiscuous mode [ 98.735925][ T5842] Bluetooth: hci0: command tx timeout [ 98.748191][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.748354][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.748575][ T5846] bridge_slave_1: entered allmulticast mode [ 98.751941][ T5846] bridge_slave_1: entered promiscuous mode [ 98.758874][ T5837] team0: Port device team_slave_1 added [ 98.815935][ T5842] Bluetooth: hci1: command tx timeout [ 98.895803][ T5842] Bluetooth: hci2: command tx timeout [ 99.055960][ T5842] Bluetooth: hci3: command tx timeout [ 99.135846][ T5842] Bluetooth: hci4: command tx timeout [ 99.269405][ T5843] team0: Port device team_slave_0 added [ 99.370683][ T5840] team0: Port device team_slave_0 added [ 99.579681][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.585321][ T5843] team0: Port device team_slave_1 added [ 99.606017][ T5840] team0: Port device team_slave_1 added [ 99.610698][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.630831][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.633496][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.633516][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.633544][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.831285][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.900664][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.900679][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.900698][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.253217][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.253232][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.253251][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.254576][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.254591][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.254618][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.388874][ T5847] team0: Port device team_slave_0 added [ 100.392340][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.392358][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.392385][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.393493][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.393504][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.393523][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.509334][ T5846] team0: Port device team_slave_0 added [ 100.511623][ T5847] team0: Port device team_slave_1 added [ 100.541499][ T5846] team0: Port device team_slave_1 added [ 100.815899][ T5842] Bluetooth: hci0: command tx timeout [ 100.895899][ T5842] Bluetooth: hci1: command tx timeout [ 100.975874][ T5842] Bluetooth: hci2: command tx timeout [ 100.998219][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.998237][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.998263][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.138174][ T5842] Bluetooth: hci3: command tx timeout [ 101.162733][ T5837] hsr_slave_0: entered promiscuous mode [ 101.164193][ T5837] hsr_slave_1: entered promiscuous mode [ 101.215760][ T5842] Bluetooth: hci4: command tx timeout [ 101.248377][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.248397][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.248424][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.251463][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.251482][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.251508][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.459281][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.459301][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.459328][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.511439][ T5843] hsr_slave_0: entered promiscuous mode [ 101.512874][ T5843] hsr_slave_1: entered promiscuous mode [ 101.514140][ T5843] debugfs: 'hsr0' already exists in 'hsr' [ 101.514266][ T5843] Cannot create hsr debugfs directory [ 101.573173][ T5840] hsr_slave_0: entered promiscuous mode [ 101.574222][ T5840] hsr_slave_1: entered promiscuous mode [ 101.574854][ T5840] debugfs: 'hsr0' already exists in 'hsr' [ 101.574882][ T5840] Cannot create hsr debugfs directory [ 102.164909][ T5847] hsr_slave_0: entered promiscuous mode [ 102.166427][ T5847] hsr_slave_1: entered promiscuous mode [ 102.167570][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 102.167599][ T5847] Cannot create hsr debugfs directory [ 102.428645][ T5846] hsr_slave_0: entered promiscuous mode [ 102.430096][ T5846] hsr_slave_1: entered promiscuous mode [ 102.431062][ T5846] debugfs: 'hsr0' already exists in 'hsr' [ 102.431087][ T5846] Cannot create hsr debugfs directory [ 102.895750][ T5842] Bluetooth: hci0: command tx timeout [ 102.975673][ T5842] Bluetooth: hci1: command tx timeout [ 103.056944][ T5842] Bluetooth: hci2: command tx timeout [ 103.225868][ T5842] Bluetooth: hci3: command tx timeout [ 103.295863][ T5842] Bluetooth: hci4: command tx timeout [ 103.991693][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 104.043392][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 104.065332][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 104.129606][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 104.301940][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.341601][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.377104][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.443100][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.630122][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 104.669708][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 104.710839][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 104.764363][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.957145][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.003741][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 105.045281][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 105.110001][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 105.218750][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.326299][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 105.367198][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 105.427445][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 105.486708][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 105.550911][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.633668][ T2831] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.634642][ T2831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.702156][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.723259][ T2831] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.723513][ T2831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.868710][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.922541][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.922704][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.974941][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.003771][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.003948][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.137856][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.142208][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.231369][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.233661][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.302385][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.302544][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.345325][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.408513][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.408698][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.458274][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.524288][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.525304][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.668077][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.740695][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.740954][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.801305][ T2831] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.801568][ T2831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.971382][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.240381][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.391548][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.423145][ T5837] veth0_vlan: entered promiscuous mode [ 107.540929][ T5837] veth1_vlan: entered promiscuous mode [ 107.666030][ T5843] veth0_vlan: entered promiscuous mode [ 107.744192][ T5843] veth1_vlan: entered promiscuous mode [ 107.768603][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.770858][ T5840] veth0_vlan: entered promiscuous mode [ 107.811917][ T5837] veth0_macvtap: entered promiscuous mode [ 107.858576][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.860809][ T5837] veth1_macvtap: entered promiscuous mode [ 107.863236][ T5840] veth1_vlan: entered promiscuous mode [ 107.993809][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.036234][ T5843] veth0_macvtap: entered promiscuous mode [ 108.073503][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.107910][ T5843] veth1_macvtap: entered promiscuous mode [ 108.174303][ T3570] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.195381][ T5847] veth0_vlan: entered promiscuous mode [ 108.216665][ T3570] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.233492][ T3570] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.235370][ T5840] veth0_macvtap: entered promiscuous mode [ 108.242260][ T3570] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.326665][ T5840] veth1_macvtap: entered promiscuous mode [ 108.340918][ T5847] veth1_vlan: entered promiscuous mode [ 108.357307][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.471120][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.569701][ T67] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.591699][ T67] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.607338][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.609558][ T67] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.643224][ T67] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.704276][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.769864][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.769895][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.839205][ T3570] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.874544][ T67] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.912217][ T67] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.937035][ T5847] veth0_macvtap: entered promiscuous mode [ 108.943747][ T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.124360][ T5847] veth1_macvtap: entered promiscuous mode [ 109.139223][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.139247][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.201525][ T5846] veth0_vlan: entered promiscuous mode [ 109.259567][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.259642][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.375903][ T5846] veth1_vlan: entered promiscuous mode [ 109.425069][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.522673][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.537015][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.537036][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.704649][ T2831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.704672][ T2831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.704960][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.737393][ T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.765733][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.814787][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.029019][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.029043][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.129662][ T5846] veth0_macvtap: entered promiscuous mode [ 110.287400][ T5846] veth1_macvtap: entered promiscuous mode [ 110.559454][ T3570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.559478][ T3570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.636778][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.748668][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.945093][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.007278][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.022659][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.039894][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.039917][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.051495][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.780717][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.780742][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.068897][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.068922][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.258146][ T5979] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 113.641163][ T5993] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'. [ 115.844927][ T6017] syz.2.18 (6017): drop_caches: 4 [ 121.564397][ T6049] netlink: 4 bytes leftover after parsing attributes in process `syz.4.29'. [ 127.025621][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.035606][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.045587][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.055556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.065554][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.075545][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.085549][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.095546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.105546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 127.115543][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 128.367317][ T6104] netlink: 8 bytes leftover after parsing attributes in process `syz.4.40'. [ 129.082716][ T5839] Bluetooth: hci4: command 0x0405 tx timeout [ 129.266188][ T6104] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 130.854847][ T6123] netlink: 'syz.4.51': attribute type 1 has an invalid length. [ 131.295991][ T6127] syz.3.53 (6127) used greatest stack depth: 17256 bytes left [ 133.565325][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.62'. [ 133.670251][ T6154] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 133.765734][ T6169] netlink: 'syz.2.66': attribute type 1 has an invalid length. [ 136.000035][ T6207] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 138.432421][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.432537][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 157.902595][ T38] audit: type=1326 audit(1757885797.865:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.902656][ T38] audit: type=1326 audit(1757885797.865:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.902704][ T38] audit: type=1326 audit(1757885797.865:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.902751][ T38] audit: type=1326 audit(1757885797.865:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.974137][ T38] audit: type=1326 audit(1757885797.935:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fceb94d1465 code=0x7ffc0000 [ 157.989559][ T38] audit: type=1326 audit(1757885797.955:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.989629][ T38] audit: type=1326 audit(1757885797.955:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.989682][ T38] audit: type=1326 audit(1757885797.955:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.989732][ T38] audit: type=1326 audit(1757885797.955:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 157.989783][ T38] audit: type=1326 audit(1757885797.955:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6543 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 172.724975][ T6798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.308'. [ 179.243342][ T6933] mmap: syz.3.352 (6933) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 182.435918][ T6995] netlink: 'syz.3.387': attribute type 11 has an invalid length. [ 182.505538][ T38] audit: type=1326 audit(1757885822.465:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505596][ T38] audit: type=1326 audit(1757885822.465:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505643][ T38] audit: type=1326 audit(1757885822.465:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505686][ T38] audit: type=1326 audit(1757885822.465:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505730][ T38] audit: type=1326 audit(1757885822.465:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505774][ T38] audit: type=1326 audit(1757885822.465:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505832][ T38] audit: type=1326 audit(1757885822.465:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505878][ T38] audit: type=1326 audit(1757885822.465:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505924][ T38] audit: type=1326 audit(1757885822.465:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 182.505976][ T38] audit: type=1326 audit(1757885822.465:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6996 comm="syz.2.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb949eba9 code=0x7ffc0000 [ 186.501137][ T7077] Zero length message leads to an empty skb [ 199.879403][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.879487][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.104964][ T38] kauditd_printk_skb: 33 callbacks suppressed [ 202.104985][ T38] audit: type=1800 audit(1757885842.065:55): pid=7366 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.539" name="bus" dev="tmpfs" ino=503 res=0 errno=0 [ 205.367446][ T38] audit: type=1800 audit(1757885845.325:56): pid=7444 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.570" name="bus" dev="tmpfs" ino=639 res=0 errno=0 [ 208.983050][ T7536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.608'. [ 210.535221][ T7569] netlink: 16 bytes leftover after parsing attributes in process `syz.0.619'. [ 211.645695][ T7594] netlink: 16 bytes leftover after parsing attributes in process `syz.2.630'. [ 212.056676][ T7599] syz.4.633 (7599) used greatest stack depth: 16424 bytes left [ 213.067430][ T7632] netlink: 16 bytes leftover after parsing attributes in process `syz.3.644'. [ 213.910093][ T38] audit: type=1326 audit(1757885853.865:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7645 comm="syz.0.650" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x0 [ 214.652351][ T7660] netlink: 16 bytes leftover after parsing attributes in process `syz.3.656'. [ 216.489116][ T38] audit: type=1326 audit(1757885856.455:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.489542][ T38] audit: type=1326 audit(1757885856.455:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.496238][ T38] audit: type=1326 audit(1757885856.465:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.496289][ T38] audit: type=1326 audit(1757885856.465:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.496870][ T38] audit: type=1326 audit(1757885856.465:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.496924][ T38] audit: type=1326 audit(1757885856.465:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.498836][ T38] audit: type=1326 audit(1757885856.465:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.518699][ T38] audit: type=1326 audit(1757885856.485:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 216.518765][ T38] audit: type=1326 audit(1757885856.485:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7698 comm="syz.4.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 217.300779][ T7674] Bluetooth: hci0: command 0x0406 tx timeout [ 217.300910][ T7674] Bluetooth: hci1: command 0x0406 tx timeout [ 217.300937][ T7674] Bluetooth: hci2: command 0x0406 tx timeout [ 217.300961][ T7674] Bluetooth: hci3: command 0x0406 tx timeout [ 230.645650][ T38] kauditd_printk_skb: 5 callbacks suppressed [ 230.645669][ T38] audit: type=1326 audit(1757885870.605:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.645723][ T38] audit: type=1326 audit(1757885870.605:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.645766][ T38] audit: type=1326 audit(1757885870.605:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.645810][ T38] audit: type=1326 audit(1757885870.605:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647730][ T38] audit: type=1326 audit(1757885870.615:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647782][ T38] audit: type=1326 audit(1757885870.615:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647827][ T38] audit: type=1326 audit(1757885870.615:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647871][ T38] audit: type=1326 audit(1757885870.615:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647916][ T38] audit: type=1326 audit(1757885870.615:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 230.647960][ T38] audit: type=1326 audit(1757885870.615:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.1.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 242.895772][ T5839] Bluetooth: hci4: command 0x0405 tx timeout [ 252.207913][ T38] kauditd_printk_skb: 23 callbacks suppressed [ 252.207934][ T38] audit: type=1326 audit(1757885892.165:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8346 comm="syz.4.911" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa62f7feba9 code=0x0 [ 254.778023][ T38] audit: type=1326 audit(1757885894.745:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 254.785029][ T38] audit: type=1326 audit(1757885894.745:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 254.792172][ T38] audit: type=1326 audit(1757885894.755:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 254.792552][ T38] audit: type=1326 audit(1757885894.755:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 254.796193][ T38] audit: type=1326 audit(1757885894.755:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 254.854473][ T38] audit: type=1326 audit(1757885894.815:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f23f10d1465 code=0x7ffc0000 [ 254.858032][ T38] audit: type=1326 audit(1757885894.825:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f23f10d1465 code=0x7ffc0000 [ 254.865765][ T38] audit: type=1326 audit(1757885894.825:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f23f10d1465 code=0x7ffc0000 [ 254.873147][ T38] audit: type=1326 audit(1757885894.835:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8394 comm="syz.0.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f23f10d1465 code=0x7ffc0000 [ 261.308621][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.308715][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.074488][ T8661] process 'syz.4.1025' launched '/dev/fd/6' with NULL argv: empty string added [ 274.317960][ T38] kauditd_printk_skb: 25 callbacks suppressed [ 274.317981][ T38] audit: type=1326 audit(1757885914.275:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.318768][ T38] audit: type=1326 audit(1757885914.285:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.318820][ T38] audit: type=1326 audit(1757885914.285:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.320957][ T38] audit: type=1326 audit(1757885914.285:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.322102][ T38] audit: type=1326 audit(1757885914.285:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.322155][ T38] audit: type=1326 audit(1757885914.285:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.323450][ T38] audit: type=1326 audit(1757885914.285:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.323503][ T38] audit: type=1326 audit(1757885914.285:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.331058][ T38] audit: type=1326 audit(1757885914.285:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 274.331454][ T38] audit: type=1326 audit(1757885914.295:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8821 comm="syz.1.1084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb45610eba9 code=0x7ffc0000 [ 280.794074][ T8936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1127'. [ 297.020959][ T9237] sctp: [Deprecated]: syz.1.1234 (pid 9237) Use of int in max_burst socket option. [ 297.020959][ T9237] Use struct sctp_assoc_value instead [ 299.927585][ T38] kauditd_printk_skb: 260 callbacks suppressed [ 299.927605][ T38] audit: type=1326 audit(1757885939.885:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.930405][ T38] audit: type=1326 audit(1757885939.895:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.930475][ T38] audit: type=1326 audit(1757885939.895:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.930604][ T38] audit: type=1326 audit(1757885939.895:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.938377][ T38] audit: type=1326 audit(1757885939.895:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.940875][ T38] audit: type=1326 audit(1757885939.905:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.945718][ T38] audit: type=1326 audit(1757885939.905:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.945790][ T38] audit: type=1326 audit(1757885939.905:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.947895][ T38] audit: type=1326 audit(1757885939.915:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 299.952611][ T38] audit: type=1326 audit(1757885939.915:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9290 comm="syz.4.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62f7feba9 code=0x7ffc0000 [ 306.996934][ T9395] ip_vti0: entered allmulticast mode [ 306.997638][ T9394] ip_vti0: left allmulticast mode [ 311.836709][ T38] kauditd_printk_skb: 24 callbacks suppressed [ 311.836729][ T38] audit: type=1326 audit(1757885951.805:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.836908][ T38] audit: type=1326 audit(1757885951.805:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.838493][ T38] audit: type=1326 audit(1757885951.805:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875566][ T38] audit: type=1326 audit(1757885951.835:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875641][ T38] audit: type=1326 audit(1757885951.835:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875696][ T38] audit: type=1326 audit(1757885951.835:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875747][ T38] audit: type=1326 audit(1757885951.835:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875799][ T38] audit: type=1326 audit(1757885951.835:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 311.875849][ T38] audit: type=1326 audit(1757885951.835:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9473 comm="syz.0.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 312.849078][ T9495] capability: warning: `syz.2.1340' uses 32-bit capabilities (legacy support in use) [ 322.746374][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.746460][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 349.462565][ T5839] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 349.478241][ T5839] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 349.479393][ T5839] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 349.482589][ T5839] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 349.483942][ T5839] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 351.028475][T10027] chnl_net:caif_netlink_parms(): no params data found [ 351.695539][ T59] Bluetooth: hci5: command tx timeout [ 353.775792][ T59] Bluetooth: hci5: command tx timeout [ 353.996354][ T3570] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.461011][ T3570] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.529426][T10027] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.536297][T10027] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.540263][T10027] bridge_slave_0: entered allmulticast mode [ 355.569303][T10027] bridge_slave_0: entered promiscuous mode [ 355.828294][ T3570] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.858668][ T59] Bluetooth: hci5: command tx timeout [ 355.936429][T10027] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.936638][T10027] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.936931][T10027] bridge_slave_1: entered allmulticast mode [ 356.005887][T10027] bridge_slave_1: entered promiscuous mode [ 357.308968][ T3570] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.459739][T10027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 357.522837][T10027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 357.918790][T10027] team0: Port device team_slave_0 added [ 357.923352][T10027] team0: Port device team_slave_1 added [ 357.935867][ T59] Bluetooth: hci5: command tx timeout [ 358.388948][T10027] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 358.388967][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.388995][T10027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 358.391712][T10027] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 358.391728][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.391755][T10027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 358.714495][ T38] audit: type=1326 audit(1757885998.675:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.714554][ T38] audit: type=1326 audit(1757885998.675:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.714598][ T38] audit: type=1326 audit(1757885998.675:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.714644][ T38] audit: type=1326 audit(1757885998.675:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.715756][ T38] audit: type=1326 audit(1757885998.675:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.715810][ T38] audit: type=1326 audit(1757885998.675:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.715856][ T38] audit: type=1326 audit(1757885998.675:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.725707][ T38] audit: type=1326 audit(1757885998.675:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.736064][ T38] audit: type=1326 audit(1757885998.695:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 358.736126][ T38] audit: type=1326 audit(1757885998.695:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10176 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbe4cabeba9 code=0x7ffc0000 [ 359.444585][T10027] hsr_slave_0: entered promiscuous mode [ 359.480082][T10027] hsr_slave_1: entered promiscuous mode [ 359.481283][T10027] debugfs: 'hsr0' already exists in 'hsr' [ 359.481310][T10027] Cannot create hsr debugfs directory [ 360.398592][ T3570] bridge_slave_1: left allmulticast mode [ 360.398973][ T3570] bridge_slave_1: left promiscuous mode [ 360.401979][ T3570] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.577357][ T3570] bridge_slave_0: left allmulticast mode [ 360.577394][ T3570] bridge_slave_0: left promiscuous mode [ 360.580148][ T3570] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.447115][ T3570] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 364.566379][ T3570] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 364.624399][ T3570] bond0 (unregistering): Released all slaves [ 367.258875][T10027] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 367.996829][T10027] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 368.493136][T10027] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 368.623182][T10027] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 369.781423][ T3570] hsr_slave_0: left promiscuous mode [ 369.850864][ T3570] hsr_slave_1: left promiscuous mode [ 369.852099][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 369.852188][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.938499][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.938534][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 370.258600][ T3570] veth1_macvtap: left promiscuous mode [ 370.258886][ T3570] veth0_macvtap: left promiscuous mode [ 370.261072][ T3570] veth1_vlan: left promiscuous mode [ 370.261490][ T3570] veth0_vlan: left promiscuous mode [ 376.549155][ T3570] team0 (unregistering): Port device team_slave_1 removed [ 376.996348][ T3570] team0 (unregistering): Port device team_slave_0 removed [ 383.346721][T10027] 8021q: adding VLAN 0 to HW filter on device bond0 [ 383.419950][T10027] 8021q: adding VLAN 0 to HW filter on device team0 [ 383.503739][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.503978][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 383.541029][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.541266][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.196834][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.196916][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.936565][T10027] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 386.494562][T10027] veth0_vlan: entered promiscuous mode [ 386.568749][T10027] veth1_vlan: entered promiscuous mode [ 386.798698][T10027] veth0_macvtap: entered promiscuous mode [ 386.831249][T10027] veth1_macvtap: entered promiscuous mode [ 386.941136][T10027] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 387.017884][T10027] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 387.087729][ T57] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.123556][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.165980][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.215572][ T67] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.935946][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 387.935970][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 388.198059][ T2824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 388.198081][ T2824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 425.200707][ T38] kauditd_printk_skb: 9 callbacks suppressed [ 425.200727][ T38] audit: type=1800 audit(1757886065.165:472): pid=11470 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.2066" name="bus" dev="tmpfs" ino=2157 res=0 errno=0 [ 432.942492][ T38] audit: type=1326 audit(1757886072.905:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz.5.2133" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff389aeeba9 code=0x0 [ 437.430143][ T38] audit: type=1326 audit(1757886077.395:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11696 comm="syz.0.2154" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23f109eba9 code=0x0 [ 439.456716][ T38] audit: type=1326 audit(1757886079.425:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11746 comm="syz.2.2170" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fceb949eba9 code=0x0 [ 441.484360][ T38] audit: type=1326 audit(1757886081.445:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.484517][ T38] audit: type=1326 audit(1757886081.445:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.531350][ T38] audit: type=1326 audit(1757886081.495:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537064][ T38] audit: type=1326 audit(1757886081.505:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537128][ T38] audit: type=1326 audit(1757886081.505:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537180][ T38] audit: type=1326 audit(1757886081.505:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537231][ T38] audit: type=1326 audit(1757886081.505:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537282][ T38] audit: type=1326 audit(1757886081.505:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 441.537332][ T38] audit: type=1326 audit(1757886081.505:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11791 comm="syz.0.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f23f109eba9 code=0x7ffc0000 [ 445.622604][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.622686][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.730386][T11964] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 473.295561][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 490.965060][T12737] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2568'. [ 493.269797][T12768] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2580'. [ 507.068332][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.068414][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 527.416666][T13121] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 527.422872][T13121] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 527.425241][T13121] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 527.438069][T13121] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 527.440311][T13121] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 528.660532][ T3570] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 528.955004][ T3570] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.350936][ T3570] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.535498][ T59] Bluetooth: hci0: command tx timeout [ 529.660690][ T3570] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.715047][T13120] chnl_net:caif_netlink_parms(): no params data found [ 530.174526][T13120] bridge0: port 1(bridge_slave_0) entered blocking state [ 530.174677][T13120] bridge0: port 1(bridge_slave_0) entered disabled state [ 530.174918][T13120] bridge_slave_0: entered allmulticast mode [ 530.183362][T13120] bridge_slave_0: entered promiscuous mode [ 530.203926][T13120] bridge0: port 2(bridge_slave_1) entered blocking state [ 530.204217][T13120] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.204487][T13120] bridge_slave_1: entered allmulticast mode [ 530.221014][T13120] bridge_slave_1: entered promiscuous mode [ 530.578696][T13120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 530.670213][T13120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 530.770276][ T3570] bridge_slave_1: left allmulticast mode [ 530.770312][ T3570] bridge_slave_1: left promiscuous mode [ 530.770615][ T3570] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.837419][ T3570] bridge_slave_0: left allmulticast mode [ 530.837456][ T3570] bridge_slave_0: left promiscuous mode [ 530.837774][ T3570] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.615577][ T59] Bluetooth: hci0: command tx timeout [ 532.896422][ T3570] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 532.976634][ T3570] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 533.001013][ T3570] bond0 (unregistering): Released all slaves [ 533.219772][T13120] team0: Port device team_slave_0 added [ 533.224521][T13120] team0: Port device team_slave_1 added [ 533.701114][ T59] Bluetooth: hci0: command tx timeout [ 533.781676][T13120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 533.781692][T13120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 533.781714][T13120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 533.806490][T13120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 533.806511][T13120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 533.806544][T13120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 534.504603][T13120] hsr_slave_0: entered promiscuous mode [ 534.506638][T13120] hsr_slave_1: entered promiscuous mode [ 534.795645][ T3570] hsr_slave_0: left promiscuous mode [ 534.842376][ T3570] hsr_slave_1: left promiscuous mode [ 534.843577][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 534.843609][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 534.886765][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 534.886801][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 535.066505][ T3570] veth1_macvtap: left promiscuous mode [ 535.066643][ T3570] veth0_macvtap: left promiscuous mode [ 535.070064][ T3570] veth1_vlan: left promiscuous mode [ 535.070292][ T3570] veth0_vlan: left promiscuous mode [ 535.785755][ T59] Bluetooth: hci0: command tx timeout [ 537.888279][ T3570] team0 (unregistering): Port device team_slave_1 removed [ 538.146429][ T3570] team0 (unregistering): Port device team_slave_0 removed [ 543.773287][T13120] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 543.835425][T13120] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 543.923938][T13120] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 543.986632][T13120] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 544.434761][T13120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 544.499460][T13120] 8021q: adding VLAN 0 to HW filter on device team0 [ 544.534089][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 544.534415][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 544.584613][ T3570] bridge0: port 2(bridge_slave_1) entered blocking state [ 544.584772][ T3570] bridge0: port 2(bridge_slave_1) entered forwarding state [ 545.572235][T13120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 545.814459][T13120] veth0_vlan: entered promiscuous mode [ 545.892741][T13120] veth1_vlan: entered promiscuous mode [ 545.972051][T13120] veth0_macvtap: entered promiscuous mode [ 546.021216][T13120] veth1_macvtap: entered promiscuous mode [ 546.069572][T13120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 546.083886][T13120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 546.153199][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.153262][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.153300][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.153337][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.473743][ T3557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.473767][ T3557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 546.571221][ T2824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.571245][ T2824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 559.955533][T13497] syz.5.2875 uses obsolete (PF_INET,SOCK_PACKET) [ 568.502793][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.502881][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.363824][T13740] bridge0: port 1(bridge_slave_0) entered disabled state [ 575.823332][ T2824] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7 [ 579.768423][T13868] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.827114][ T59] Bluetooth: hci0: link tx timeout [ 580.827403][ T59] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 580.835737][ T59] Bluetooth: hci0: link tx timeout [ 580.835759][ T59] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 580.836016][ T59] Bluetooth: hci0: link tx timeout [ 580.836029][ T59] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 580.994639][T13893] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3057'. [ 580.994674][T13893] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3057'. [ 580.994693][T13893] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3057'. [ 582.180868][ T31] IPVS: starting estimator thread 0... [ 582.265774][T13914] IPVS: using max 7 ests per chain, 16800 per kthread [ 582.899217][ T59] Bluetooth: hci0: command 0x0406 tx timeout [ 583.191239][ T31] IPVS: starting estimator thread 0... [ 583.310135][T13941] IPVS: using max 7 ests per chain, 16800 per kthread [ 583.374779][T13945] openvswitch: netlink: Flow key attr not present in new flow. [ 583.988568][T13957] netlink: 'syz.5.3082': attribute type 11 has an invalid length. [ 584.517116][T13973] warning: `syz.2.3090' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 586.368339][T14014] netlink: 'syz.2.3105': attribute type 29 has an invalid length. [ 586.368364][T14014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3105'. [ 591.317519][T14141] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3164'. [ 591.317656][T14141] block nbd0: not configured, cannot reconfigure [ 595.547044][T14210] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3194'. [ 595.611577][T14211] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3194'. [ 595.611615][T14211] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3194'. [ 595.611633][T14211] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3194'. [ 595.611647][T14211] netlink: 540 bytes leftover after parsing attributes in process `syz.5.3194'. [ 595.663936][T14212] netlink: 'syz.5.3194': attribute type 10 has an invalid length. [ 595.832916][T14212] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 604.913492][T14366] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 608.058117][T14421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3288'. [ 608.119636][T14422] netlink: 'syz.2.3288': attribute type 10 has an invalid length. [ 608.255694][T14422] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 609.114938][T14438] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3296'. [ 610.175594][T14458] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 610.175614][T14458] IPv6: NLM_F_CREATE should be set when creating new route [ 610.478456][T14462] Bluetooth: MGMT ver 1.23 [ 612.809696][T14483] IPVS: Scheduler module ip_vs_sip not found [ 615.021569][T14512] netlink: 'syz.5.3337': attribute type 1 has an invalid length. [ 615.021592][T14512] netlink: 'syz.5.3337': attribute type 1 has an invalid length. [ 615.021607][T14512] netlink: 184 bytes leftover after parsing attributes in process `syz.5.3337'. [ 616.347298][T14540] Illegal XDP return value 4294967274 on prog (id 24) dev syz_tun, expect packet loss! [ 619.061924][T14610] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3373'. [ 619.273135][T14610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 619.320074][T14610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 619.782742][T14622] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3376'. [ 626.414367][T14745] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3438'. [ 626.519717][T14746] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3438'. [ 626.519745][T14746] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3438'. [ 626.519761][T14746] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3438'. [ 626.519775][T14746] netlink: 540 bytes leftover after parsing attributes in process `syz.5.3438'. [ 629.944339][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.944429][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 633.141082][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804b882800: rx timeout, send abort [ 633.384792][T14799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3463'. [ 633.384821][T14799] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3463'. [ 633.384838][T14799] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3463'. [ 633.384853][T14799] netlink: 540 bytes leftover after parsing attributes in process `syz.2.3463'. [ 633.438946][T14800] netlink: 'syz.2.3463': attribute type 10 has an invalid length. [ 633.642407][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804b882800: abort rx timeout. Force session deactivation [ 634.612192][T14813] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 634.612211][T14813] IPv6: NLM_F_CREATE should be set when creating new route [ 634.612251][ T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 634.648596][ T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 634.654722][ T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 634.671002][ T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 634.672044][ T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 636.671899][ T57] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.735487][T13121] Bluetooth: hci1: command tx timeout [ 637.150904][T14840] openvswitch: netlink: Message has 4 unknown bytes. [ 637.280691][ T57] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.740810][ T57] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.788873][T14814] chnl_net:caif_netlink_parms(): no params data found [ 638.139650][ T57] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.825713][T13121] Bluetooth: hci1: command tx timeout [ 639.057032][T14814] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.057244][T14814] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.057503][T14814] bridge_slave_0: entered allmulticast mode [ 639.063973][T14814] bridge_slave_0: entered promiscuous mode [ 639.110166][T14814] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.110575][T14814] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.110852][T14814] bridge_slave_1: entered allmulticast mode [ 639.129470][T14814] bridge_slave_1: entered promiscuous mode [ 639.661103][T14814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 639.724497][T14814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 639.887508][ T57] bridge_slave_1: left allmulticast mode [ 639.887544][ T57] bridge_slave_1: left promiscuous mode [ 639.887813][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.989004][ T57] bridge_slave_0: left allmulticast mode [ 639.989041][ T57] bridge_slave_0: left promiscuous mode [ 639.989333][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 640.055134][T14882] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3495'. [ 640.055165][T14882] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3495'. [ 640.055183][T14882] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3495'. [ 640.055198][T14882] netlink: 540 bytes leftover after parsing attributes in process `syz.5.3495'. [ 640.107224][T14883] netlink: 'syz.5.3495': attribute type 10 has an invalid length. [ 640.895731][T13121] Bluetooth: hci1: command tx timeout [ 642.391218][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 642.446438][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 642.476893][ T57] bond0 (unregistering): Released all slaves [ 642.761896][T14814] team0: Port device team_slave_0 added [ 642.793782][T14814] team0: Port device team_slave_1 added [ 642.976479][T13121] Bluetooth: hci1: command tx timeout [ 643.478752][T14905] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 643.539802][T14814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 643.539819][T14814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 643.539847][T14814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 643.600005][T14814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 643.600024][T14814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 643.600053][T14814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 644.144948][T14915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3509'. [ 644.144980][T14915] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3509'. [ 644.144998][T14915] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3509'. [ 644.145013][T14915] netlink: 540 bytes leftover after parsing attributes in process `syz.2.3509'. [ 644.200054][T14918] netlink: 'syz.2.3509': attribute type 10 has an invalid length. [ 644.793853][T14814] hsr_slave_0: entered promiscuous mode [ 644.794844][T14814] hsr_slave_1: entered promiscuous mode [ 644.809946][T14814] debugfs: 'hsr0' already exists in 'hsr' [ 644.809977][T14814] Cannot create hsr debugfs directory [ 644.969794][ T57] hsr_slave_0: left promiscuous mode [ 645.007460][ T57] hsr_slave_1: left promiscuous mode [ 645.008540][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 645.008572][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 645.076659][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 645.076694][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 645.221408][ T57] veth1_macvtap: left promiscuous mode [ 645.221544][ T57] veth0_macvtap: left promiscuous mode [ 645.221851][ T57] veth1_vlan: left promiscuous mode [ 645.222065][ T57] veth0_vlan: left promiscuous mode [ 646.865715][T14958] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3519'. [ 646.865746][T14958] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3519'. [ 646.865764][T14958] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3519'. [ 646.865778][T14958] netlink: 540 bytes leftover after parsing attributes in process `syz.5.3519'. [ 646.912592][T14958] netlink: 'syz.5.3519': attribute type 10 has an invalid length. [ 648.106577][ T57] team0 (unregistering): Port device team_slave_1 removed [ 648.399945][ T57] team0 (unregistering): Port device team_slave_0 removed [ 651.987975][T14991] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 653.319544][T15020] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 654.219943][T14814] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 654.271273][T14814] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 654.403763][T14814] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 654.537574][T14814] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 655.114688][T14814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 655.198797][T14814] 8021q: adding VLAN 0 to HW filter on device team0 [ 655.227859][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 655.227985][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 655.277791][ T3570] bridge0: port 2(bridge_slave_1) entered blocking state [ 655.277954][ T3570] bridge0: port 2(bridge_slave_1) entered forwarding state [ 656.401852][T14814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 656.668114][T14814] veth0_vlan: entered promiscuous mode [ 656.694239][T14814] veth1_vlan: entered promiscuous mode [ 656.855156][T14814] veth0_macvtap: entered promiscuous mode [ 656.873938][T14814] veth1_macvtap: entered promiscuous mode [ 656.934594][T14814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 656.991657][T14814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 657.046571][ T57] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.057284][ T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.087311][ T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.093594][ T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.567083][T15117] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 657.577135][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 657.577154][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 657.703687][ T2833] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 657.703706][ T2833] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.540474][ T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 659.559594][ T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 659.563624][ T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 659.596244][ T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 659.599986][ T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 660.084455][T15169] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3578'. [ 660.146594][T15171] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3578'. [ 660.146622][T15171] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3578'. [ 660.146639][T15171] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3578'. [ 660.146654][T15171] netlink: 540 bytes leftover after parsing attributes in process `syz.0.3578'. [ 660.193709][T15171] netlink: 'syz.0.3578': attribute type 10 has an invalid length. [ 660.363075][T15171] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 660.692992][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.268912][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.653394][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.695586][T13121] Bluetooth: hci2: command tx timeout [ 662.066495][ T13] bond0: (slave netdevsim0): Releasing backup interface [ 662.159137][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.951133][ T13] bridge_slave_1: left allmulticast mode [ 662.951232][ T13] bridge_slave_1: left promiscuous mode [ 662.951536][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.052635][ T13] bridge_slave_0: left allmulticast mode [ 663.052671][ T13] bridge_slave_0: left promiscuous mode [ 663.053077][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.775522][T13121] Bluetooth: hci2: command tx timeout [ 665.106613][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 665.171135][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 665.209337][ T13] bond0 (unregistering): Released all slaves [ 665.542739][T15152] chnl_net:caif_netlink_parms(): no params data found [ 665.855738][T13121] Bluetooth: hci2: command tx timeout [ 666.074598][T15238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3601'. [ 667.667326][T15152] bridge0: port 1(bridge_slave_0) entered blocking state [ 667.667536][T15152] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.667778][T15152] bridge_slave_0: entered allmulticast mode [ 667.689807][T15152] bridge_slave_0: entered promiscuous mode [ 667.710486][T15152] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.710676][T15152] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.710991][T15152] bridge_slave_1: entered allmulticast mode [ 667.714287][T15152] bridge_slave_1: entered promiscuous mode [ 667.935612][T13121] Bluetooth: hci2: command tx timeout [ 668.193991][T15278] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3611'. [ 668.205911][ T13] hsr_slave_0: left promiscuous mode [ 668.247189][ T13] hsr_slave_1: left promiscuous mode [ 668.248669][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 668.248693][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 668.249265][T15279] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3611'. [ 668.249282][T15279] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3611'. [ 668.249293][T15279] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3611'. [ 668.249303][T15279] netlink: 540 bytes leftover after parsing attributes in process `syz.2.3611'. [ 668.315218][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 668.315254][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 668.332667][T15280] netlink: 'syz.2.3611': attribute type 10 has an invalid length. [ 668.492412][ T13] veth1_macvtap: left promiscuous mode [ 668.492544][ T13] veth0_macvtap: left promiscuous mode [ 668.492859][ T13] veth1_vlan: left promiscuous mode [ 668.493103][ T13] veth0_vlan: left promiscuous mode [ 670.997243][ T13] team0 (unregistering): Port device team_slave_1 removed [ 671.226700][ T13] team0 (unregistering): Port device team_slave_0 removed [ 673.563860][T15152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 673.887194][T15152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 674.321420][T15152] team0: Port device team_slave_0 added [ 674.358269][T15300] netlink: 'syz.0.3616': attribute type 1 has an invalid length. [ 674.358292][T15300] netlink: 236 bytes leftover after parsing attributes in process `syz.0.3616'. [ 674.388791][T15152] team0: Port device team_slave_1 added [ 674.951673][T15152] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 674.951691][T15152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 674.951719][T15152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 674.973522][T15152] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 674.973542][T15152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 674.973576][T15152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 675.436648][T15152] hsr_slave_0: entered promiscuous mode [ 675.442211][T15152] hsr_slave_1: entered promiscuous mode [ 675.444615][T15152] debugfs: 'hsr0' already exists in 'hsr' [ 675.444645][T15152] Cannot create hsr debugfs directory [ 675.732773][ T13] IPVS: stop unused estimator thread 0... [ 675.964359][T15331] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3626'. [ 676.025860][T15327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3626'. [ 676.025887][T15327] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3626'. [ 676.025905][T15327] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3626'. [ 676.025918][T15327] netlink: 540 bytes leftover after parsing attributes in process `syz.2.3626'. [ 676.087352][T15335] netlink: 'syz.2.3626': attribute type 10 has an invalid length. [ 680.636498][T15152] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 680.678058][T15152] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 680.709738][T15152] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 680.758087][T15152] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 681.480262][T15152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 681.553526][T15152] 8021q: adding VLAN 0 to HW filter on device team0 [ 681.598229][ T2826] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.599330][ T2826] bridge0: port 1(bridge_slave_0) entered forwarding state [ 681.639397][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.639620][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 682.601661][T15152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 683.616546][T15511] netlink: 'syz.0.3672': attribute type 1 has an invalid length. [ 683.616574][T15511] netlink: 236 bytes leftover after parsing attributes in process `syz.0.3672'. [ 683.743555][T15152] veth0_vlan: entered promiscuous mode [ 683.818656][T15152] veth1_vlan: entered promiscuous mode [ 684.724120][T15152] veth0_macvtap: entered promiscuous mode [ 684.754369][T15152] veth1_macvtap: entered promiscuous mode [ 684.878308][T15152] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 684.941970][T15152] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 684.973233][ T37] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.973519][ T37] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.973578][ T37] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.973617][ T37] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 685.423040][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.423064][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 685.611374][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.611395][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 686.905845][T15581] tipc: Started in network mode [ 686.905880][T15581] tipc: Node identity 3261e5fd6ca4, cluster identity 4711 [ 686.906981][T15581] tipc: Enabled bearer , priority 0 [ 686.909808][T15581] syzkaller0: entered promiscuous mode [ 686.909837][T15581] syzkaller0: entered allmulticast mode [ 686.939461][T15581] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 687.198251][T15586] tipc: Resetting bearer [ 687.309477][T15580] tipc: Resetting bearer [ 687.672300][T15580] tipc: Disabling bearer [ 688.180004][T15608] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3695'. [ 688.351278][ T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 688.385695][ T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 688.388202][ T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 688.401512][ T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 688.408965][ T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 689.149777][T15634] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3703'. [ 689.202734][T15635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3703'. [ 689.202754][T15635] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3703'. [ 689.202765][T15635] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3703'. [ 689.202775][T15635] netlink: 540 bytes leftover after parsing attributes in process `syz.0.3703'. [ 689.269540][T15636] netlink: 'syz.0.3703': attribute type 10 has an invalid length. [ 690.119430][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.334877][T15652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3708'. [ 690.532345][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.575526][T13121] Bluetooth: hci5: command tx timeout [ 690.637008][T15660] tipc: Started in network mode [ 690.637039][T15660] tipc: Node identity 6e59f0a0c4ad, cluster identity 4711 [ 690.637240][T15660] tipc: Enabled bearer , priority 0 [ 690.661695][T15663] syzkaller0: entered promiscuous mode [ 690.661732][T15663] syzkaller0: entered allmulticast mode [ 690.949784][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 691.006616][T15656] tipc: Resetting bearer [ 691.035820][T15655] tipc: Resetting bearer [ 691.166466][T15655] tipc: Disabling bearer [ 691.382929][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.382995][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.541316][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 692.219500][T15613] chnl_net:caif_netlink_parms(): no params data found [ 692.426428][T15686] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3718'. [ 692.521751][T15690] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3718'. [ 692.521792][T15690] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3718'. [ 692.521809][T15690] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3718'. [ 692.569725][T15690] netlink: 'syz.5.3718': attribute type 10 has an invalid length. [ 692.656432][ T59] Bluetooth: hci5: command tx timeout [ 692.717525][T15698] netlink: 'syz.0.3720': attribute type 10 has an invalid length. [ 692.724080][T15690] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 693.151449][T15698] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 693.343493][ T13] bridge_slave_1: left allmulticast mode [ 693.343529][ T13] bridge_slave_1: left promiscuous mode [ 693.343838][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 693.415764][T15711] netlink: 'syz.2.3722': attribute type 1 has an invalid length. [ 693.453652][ T13] bridge_slave_0: left allmulticast mode [ 693.453690][ T13] bridge_slave_0: left promiscuous mode [ 693.455939][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.017575][T15728] Bluetooth: MGMT ver 1.23 [ 694.745860][ T59] Bluetooth: hci5: command tx timeout [ 696.007106][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 696.069572][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 696.091135][ T13] bond0 (unregistering): Released all slaves [ 696.518113][T15743] tipc: Started in network mode [ 696.518146][T15743] tipc: Node identity be821d1e8581, cluster identity 4711 [ 696.518377][T15743] tipc: Enabled bearer , priority 0 [ 696.815494][ T59] Bluetooth: hci5: command tx timeout [ 696.833536][T15747] syzkaller0: entered promiscuous mode [ 696.833568][T15747] syzkaller0: entered allmulticast mode [ 696.843682][T15613] bridge0: port 1(bridge_slave_0) entered blocking state [ 696.843868][T15613] bridge0: port 1(bridge_slave_0) entered disabled state [ 696.844149][T15613] bridge_slave_0: entered allmulticast mode [ 696.865624][T15613] bridge_slave_0: entered promiscuous mode [ 696.969673][T15744] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 697.105768][T15756] tipc: Resetting bearer [ 697.109357][T15613] bridge0: port 2(bridge_slave_1) entered blocking state [ 697.109589][T15613] bridge0: port 2(bridge_slave_1) entered disabled state [ 697.109774][T15613] bridge_slave_1: entered allmulticast mode [ 697.111833][T15613] bridge_slave_1: entered promiscuous mode [ 697.195839][T15742] tipc: Resetting bearer [ 697.316812][T15742] tipc: Disabling bearer [ 698.230160][T15613] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 698.254622][T15613] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 698.417010][ T13] hsr_slave_0: left promiscuous mode [ 698.480383][ T13] hsr_slave_1: left promiscuous mode [ 698.481541][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 698.481571][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 698.536860][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 698.536905][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 698.736527][ T13] veth1_macvtap: left promiscuous mode [ 698.738527][ T13] veth0_macvtap: left promiscuous mode [ 698.738845][ T13] veth1_vlan: left promiscuous mode [ 698.739222][ T13] veth0_vlan: left promiscuous mode [ 701.256468][ T13] team0 (unregistering): Port device team_slave_1 removed [ 701.474073][ T13] team0 (unregistering): Port device team_slave_0 removed [ 704.378792][T15613] team0: Port device team_slave_0 added [ 704.411868][T15613] team0: Port device team_slave_1 added [ 704.830119][T15613] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 704.830137][T15613] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 704.830166][T15613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 704.832838][T15613] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 704.832853][T15613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 704.832876][T15613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 705.240687][T15805] bridge_slave_0: left allmulticast mode [ 705.240733][T15805] bridge_slave_0: left promiscuous mode [ 705.241022][T15805] bridge0: port 1(bridge_slave_0) entered disabled state [ 705.412937][T15805] bridge_slave_1: left allmulticast mode [ 705.412974][T15805] bridge_slave_1: left promiscuous mode [ 705.413320][T15805] bridge0: port 2(bridge_slave_1) entered disabled state [ 705.510983][T15815] netlink: 'syz.2.3757': attribute type 1 has an invalid length. [ 705.511008][T15815] __nla_validate_parse: 2 callbacks suppressed [ 705.511020][T15815] netlink: 236 bytes leftover after parsing attributes in process `syz.2.3757'. [ 705.567225][T15805] bond0: (slave bond_slave_0): Releasing backup interface [ 705.657137][T15805] bond0: (slave bond_slave_1): Releasing backup interface [ 705.815875][T15805] team0: Port device team_slave_0 removed [ 705.872609][T15805] team0: Port device team_slave_1 removed [ 705.873811][T15805] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 705.873843][T15805] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 705.899606][T15805] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 705.899640][T15805] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 706.007644][T15805] bond0: (slave netdevsim0): Releasing backup interface [ 706.084595][T15805] bond0: (slave wlan1): Releasing backup interface [ 706.648850][T15613] hsr_slave_0: entered promiscuous mode [ 706.656535][T15613] hsr_slave_1: entered promiscuous mode [ 706.663262][T15613] debugfs: 'hsr0' already exists in 'hsr' [ 706.663293][T15613] Cannot create hsr debugfs directory [ 709.779880][T15868] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3775'. [ 709.842909][T15869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3775'. [ 709.842936][T15869] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3775'. [ 709.842953][T15869] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3775'. [ 709.842967][T15869] netlink: 540 bytes leftover after parsing attributes in process `syz.2.3775'. [ 709.895169][T15870] netlink: 'syz.2.3775': attribute type 10 has an invalid length. [ 710.455082][T15878] tipc: Enabled bearer , priority 0 [ 710.458350][T15878] syzkaller0: entered promiscuous mode [ 710.458385][T15878] syzkaller0: entered allmulticast mode [ 710.663439][T15880] tipc: Resetting bearer [ 710.869536][T15876] tipc: Resetting bearer [ 711.038247][T15876] tipc: Disabling bearer [ 716.166053][T15942] tipc: Enabled bearer , priority 0 [ 716.175869][T15942] syzkaller0: entered promiscuous mode [ 716.175904][T15942] syzkaller0: entered allmulticast mode [ 716.375923][ T5917] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 716.472949][T15948] tipc: Resetting bearer [ 716.592366][T15941] tipc: Resetting bearer [ 716.815650][ T5917] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 716.815679][ T5917] usb 6-1: config 0 has no interface number 0 [ 717.794559][ T9] tipc: Node number set to 990059806 [ 717.821148][T15938] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 717.821168][T15938] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 15938, name: syz.5.3791 [ 717.821185][T15938] preempt_count: 0, expected: 0 [ 717.821198][T15938] RCU nest depth: 0, expected: 0 [ 717.821220][T15938] 1 lock held by syz.5.3791/15938: [ 717.821231][T15938] #0: ffff888027de4058 (&dum_hcd->dum->lock){+.+.}-{3:3}, at: dummy_dequeue+0x164/0x480 [ 717.821309][T15938] irq event stamp: 6354 [ 717.821317][T15938] hardirqs last enabled at (6353): [] _raw_spin_unlock_irq+0x23/0x50 [ 717.821356][T15938] hardirqs last disabled at (6354): [] dummy_dequeue+0x151/0x480 [ 717.821384][T15938] softirqs last enabled at (1212): [] __local_bh_enable_ip+0x1a4/0x270 [ 717.821412][T15938] softirqs last disabled at (1206): [] mac80211_hwsim_netlink_notify+0x108/0x710 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 717.821471][T15938] CPU: 1 UID: 0 PID: 15938 Comm: syz.5.3791 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 717.821496][T15938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 717.821513][T15938] Call Trace: [ 717.821522][T15938] [ 717.821532][T15938] dump_stack_lvl+0x189/0x250 [ 717.821567][T15938] ? mac80211_hwsim_netlink_notify+0x108/0x710 [ 717.821596][T15938] ? mac80211_hwsim_netlink_notify+0x108/0x710 [ 717.821629][T15938] ? __pfx_dump_stack_lvl+0x10/0x10 [ 717.821698][T15938] ? print_lock_name+0xde/0x100 [ 717.821729][T15938] __might_resched+0x44b/0x5d0 [ 717.821761][T15938] ? __pfx___might_resched+0x10/0x10 [ 717.821786][T15938] ? dummy_dequeue+0x164/0x480 [ 717.821831][T15938] rt_spin_lock+0xc7/0x2c0 [ 717.821863][T15938] ? _raw_spin_unlock_irq+0x23/0x50 [ 717.821895][T15938] ? __pfx_rt_spin_lock+0x10/0x10 [ 717.821925][T15938] ? rcu_is_watching+0x15/0xb0 [ 717.821962][T15938] dummy_dequeue+0x164/0x480 [ 717.821997][T15938] ? __pfx_dummy_dequeue+0x10/0x10 [ 717.822030][T15938] ? __pfx_schedule_timeout+0x10/0x10 [ 717.822061][T15938] ? __pfx___wait_for_common+0x10/0x10 [ 717.822101][T15938] usb_ep_dequeue+0x66/0x250 [ 717.822134][T15938] raw_process_ep0_io+0x435/0x980 [ 717.822174][T15938] raw_ioctl+0x22f6/0x3ba0 [ 717.822205][T15938] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 717.822234][T15938] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 717.822263][T15938] ? do_vfs_ioctl+0xbeb/0x1440 [ 717.822291][T15938] ? __pfx_raw_ioctl+0x10/0x10 [ 717.822318][T15938] ? __pfx_smack_log+0x10/0x10 [ 717.822355][T15938] ? smk_access+0x14c/0x4e0 [ 717.822397][T15938] ? smk_tskacc+0x2fc/0x370 [ 717.822434][T15938] ? smack_file_ioctl+0x24d/0x340 [ 717.822461][T15938] ? __pfx_smack_file_ioctl+0x10/0x10 [ 717.822497][T15938] ? __fget_files+0x2a/0x420 [ 717.822526][T15938] ? __fget_files+0x3a6/0x420 [ 717.822552][T15938] ? __fget_files+0x2a/0x420 [ 717.822584][T15938] ? bpf_lsm_file_ioctl+0x9/0x20 [ 717.822608][T15938] ? __pfx_raw_ioctl+0x10/0x10 [ 717.822646][T15938] __se_sys_ioctl+0xff/0x170 [ 717.822672][T15938] do_syscall_64+0xfa/0x3b0 [ 717.822692][T15938] ? lockdep_hardirqs_on+0x9c/0x150 [ 717.822724][T15938] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.822744][T15938] ? clear_bhb_loop+0x60/0xb0 [ 717.822769][T15938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.822795][T15938] RIP: 0033:0x7fe072bbe7ab [ 717.822819][T15938] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 717.822838][T15938] RSP: 002b:00007fe070170f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 717.822861][T15938] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fe072bbe7ab [ 717.822877][T15938] RDX: 00007fe070170fd0 RSI: 0000000040085503 RDI: 0000000000000008 [ 717.822892][T15938] RBP: 00007fe070171fe0 R08: 0000000000000080 R09: 00007fe070170fd8 [ 717.822908][T15938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502 [ 717.822921][T15938] R13: 0000000800000000 R14: 0000000000000008 R15: 00007fe072c4d391 [ 717.822956][T15938] [ 718.588920][T15941] tipc: Disabling bearer [ 724.634596][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.439339][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.303074][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.820035][ T12] bond0: (slave netdevsim0): Releasing backup interface [ 726.904896][ T5917] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 726.904931][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.972058][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 727.076192][ T5917] usb 6-1: config 0 descriptor?? [ 727.087527][ T5917] usb 6-1: can't set config #0, error -32 [ 727.821991][ T12] bridge_slave_1: left allmulticast mode [ 727.822028][ T12] bridge_slave_1: left promiscuous mode [ 727.822440][ T12] bridge0: port 2(bridge_slave_1) entered disabled state