last executing test programs: 2.602881565s ago: executing program 0 (id=262): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) socket$packet(0x11, 0x2, 0x300) ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0xd, 0xfffffffffffffff8, 0x2, 0x8001, 0x8000059, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x80002, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x8, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 2.11461138s ago: executing program 2 (id=270): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000240)="48e85d0991", 0x5) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) 1.801275666s ago: executing program 2 (id=273): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be026e3448412ba8", 0x10}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x20000000}], 0x1, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x23) 1.789862491s ago: executing program 1 (id=274): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x50, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x6}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}}, 0x0) 1.706992406s ago: executing program 3 (id=275): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="09000000070000002a00000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.672576308s ago: executing program 1 (id=276): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000ac0), 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080), 0x25) sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094) r2 = accept4$unix(r0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) recvfrom$unix(r2, &(0x7f0000000240)=""/266, 0xffffffffffffffa6, 0x62, 0x0, 0x0) 1.592648692s ago: executing program 4 (id=277): socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f00000000c0)=@ethtool_perm_addr={0x4b, 0x46, "4b721b782a17a7b6a00d963e3f7fdafd95073830fb8cfb34eb9bbd173ef6f04cba5a1e6a6f0ef6c61346d54f61bd850588775cdefc80caece305583d19514421d1f398536d86"}}) 1.462408146s ago: executing program 1 (id=278): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@getchain={0x3c, 0x11, 0x1, 0x70bd27, 0x25dedbfc, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xfff3, 0xc}, {0xfff2, 0xfff2}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0xfff}, {0x8, 0xb, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000002e0000000a0001007770616e3100000005002e007f0000000c0005000201aada92afc3aa05002b"], 0x3c}}, 0x0) 1.454279409s ago: executing program 3 (id=279): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000200)=0x3, 0x4) 1.40707422s ago: executing program 4 (id=280): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000003c0)=@abs={0x1}, 0x2) 1.31275944s ago: executing program 0 (id=281): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83b23dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c11160fb20b1c581e7b0915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab3aa32f948c06b59b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2abd18cae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e26d0a5752813bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a7237841cef384b22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c74f0e2a9bf62ffec6459db40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced84680900000000000000d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d2782a70cf44ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d767671414c99d4894edff8249dc1e3428d2129369ee1b85af1eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038deb359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d40973109644fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f77abb21338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e155f455010b0cb578af7dc7d5e87d4cd376444e2de02f47c61e8e84ff828de453f3489460fd83210e95307e676e1fb4d5865c0ca177a4c7fbb4e62b4450900576b2b5cc7f819abd0f885cc4806f47ffbff01000054f5a2d3875e46000000000000e734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329a18cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481ed51a6359cade91fd645c6d924f36a86bf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf817becd9e5a225d67521d1128eac7d80a6225c3e2f0932223bfbf69ff861f4394836ddf128d6d19079e64336e09000000c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661fdcfa68f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b98a8bf6c747d9a1cc500bb892c3a16ff10feea20bdac89afb758cfa10000000000000000000000000200000000000000ed713df0c59e38928511a64845f1b21ed03369719fa905909d8ce35b42761c46d040e53a0a227e9cecd4d414231baa4894a13763ea5de7a52e61a588babaf5da9a28f477e032400938116cb294447898039724881de3ba3dd5e5e115b58d438b17ad11bf1b1f1ed057d89ec46b2b9bb434e9187a728d1136333958469b22d2126664b5299cc3167ac9a4d501638b978e1c692da5261dae5c9d13065b8ed8b358e7273dfa1e9a8dc1d16aa1edd0c274dedb7cd7e4753c152b4e0e3d124e561420587b9b00ab68c32d6b397c5e7cc4e803e6b6e8ed547e2875372023d111e64cd9ee3635888ecbc7352fd60f348456d74e9e7c09ee202dd09524ecfd3d8c836c0a13a9a45a7e2cec88fa2710ee35c9ed1b824fe4fe68849eee41b5e335aeec0f27053b3a07a001ffe29c5cc3a0ccdcc74330c2a995378d225495c5a543519d952c96da9257f47acc29c48d48b22b1f502b9d743d352de56efbb1b15158c4f0107ba5b3394d4cad4f0a1d31f694d0f559e7f82682775ec7569eeb7ef643dbcbafc4c1c5cbb0ad02dd2a69c5f2b5350049a817b546cf734a746a1cc147a6050bd16598e8e3a5c3515d0edc23e66bbdc6c117559357f49c59208af1162ba1d6667e3ab6bb1696c32dc3bcb2c8ab30d28265ff55c8a80c8e3ce29b2f576ea686d351a8cdb808739ed1a7022fb6e4e834593279c791085e49d1b8124adaf0010790e72ef2035e3da7ebb117c1a032a7378d5c62bb1a4e212618113bbd688091273028a44abfe09067e22fda361d6769d1f44bb06ca0cb9a14a54a8ba0dcb5445c4b368bd1dcce7500"/2356], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000100)="b9ff03076044238cb89e14f0080047", 0x0, 0x101, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.198024738s ago: executing program 3 (id=282): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001700)={0xffffffffffffffff, 0x2000002, 0xe, 0xfd47, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0xfffffbff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.145976743s ago: executing program 1 (id=283): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.144893328s ago: executing program 4 (id=284): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000009c0)={0x28, r1, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0xc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x28}}, 0x0) 995.523703ms ago: executing program 3 (id=285): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000000)=0xfffffffe, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000480)=0x17fe, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4c, 0xf3, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x40000002]}}) 941.632847ms ago: executing program 1 (id=286): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x4, 0x0, 0x0, 0x30, 0x0, 0xa3}, 0x9c) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000009a5ab6e10c00000000000000040000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000000008000000000000000001000000000000004400050000000000000000000000000000000000000000003c00000002000000ffffffff0002000000000000000000000600000004"], 0xfc}}, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 801.279091ms ago: executing program 2 (id=287): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x29, 0x0, 0x7e, 0x10006, 0x10, @mcast2, @loopback={0x0, 0xffff888101827518}, 0x40, 0x0, 0x240000, 0x5}}) 691.017674ms ago: executing program 0 (id=288): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x0, 0x3}, {0xe, 0x5}]}]}}, &(0x7f0000000f40)=""/4071, 0x42, 0xfe7, 0x8}, 0x28) 690.736636ms ago: executing program 3 (id=289): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000ac0), 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080), 0x25) sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094) r2 = accept4$unix(r0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) recvfrom$unix(r2, &(0x7f0000000240)=""/266, 0xffffffffffffffa6, 0x62, 0x0, 0x0) 607.87122ms ago: executing program 4 (id=290): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="09000000070000002a00000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 604.046696ms ago: executing program 1 (id=291): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x58) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040), 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 489.88349ms ago: executing program 0 (id=292): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000200)=0x3, 0x4) 464.242254ms ago: executing program 2 (id=293): setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="441f08ee00270bee724ecd8391ab161f02a7", 0x12) bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x3}}, 0x10) r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000029"], 0x18}, 0x40c0) 423.420099ms ago: executing program 4 (id=294): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x50) 409.316744ms ago: executing program 3 (id=295): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(sm4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000005c0)="b7f2288a911993f08d3aaea2bc0000de", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000500)=""/184, 0xb8}], 0x1}, 0x0) 257.078391ms ago: executing program 2 (id=296): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 214.067382ms ago: executing program 0 (id=297): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x50, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x6}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}}, 0x0) 202.491945ms ago: executing program 4 (id=298): sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="020f00000f0000000000000000000000080012000000000000000000000000000600000000000000000000160000000000000000000000000000000000000000fe800000000000000000000000000000050017000000000002"], 0x78}}, 0x0) 2.490157ms ago: executing program 2 (id=299): ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f00000004c0)={0x1, &(0x7f0000000700)=[{0xffffffff, 0x6d, &(0x7f0000000580)="e6afa7b8bd85c461c82d16ead06819b6ad7c62df1fd0a919d7eddd22d896dd7714bb82ef05768e73c0f52d1dd6cba3cbf442af94414997a220cdb2d1ae99e599abde7ff60e4375aa48f05dff900d0ed1d70d849bf300551926dba1882fb303567d8377753d175cc067406b87cc", 0x1, 0x1}]}) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000003000000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000800000000000000000000000000000700000000000000000000000000000000000000000000000300000000000000070000000000000000000000000000000000000000000000e02700000000000000000000000000002d00000000000000000000000000000084010500ac1414bb000000000000000000000000000000006c00000000000000ac14142c000000000000000000000000000000000000560000000000fdffffff01000000ac141410000000000000000000000000000000003200000000000000fe800000000000000000000000000500023500000000000000000000feffffff00000000ff010000000000000000000000000001000000003c00000002000000ff0200000000000000000000000000010000000001030000000000000000000000000000ff020000000000000000000000000001000004d33c00000002000000ffffffff00000000000000000000000000000000000000000000000003000000000000000a010102000000000000000000000000000000003200000002000000ac141400000000000000000000000000ffffffff0002000000000000000000000300000020010000000000000000000000000001000000003c00000002"], 0x23c}}, 0x0) 0s ago: executing program 0 (id=300): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)={0x10000010}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts. [ 82.664993][ T5828] cgroup: Unknown subsys name 'net' [ 82.903517][ T5828] cgroup: Unknown subsys name 'cpuset' [ 82.949133][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.683210][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.883401][ T9] cfg80211: failed to load regulatory.db [ 89.081031][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.083675][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.086992][ T5859] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.090207][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.090989][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.094482][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.094940][ T5859] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.099411][ T5859] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.101956][ T5859] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.102495][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.103452][ T5859] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.119582][ T5861] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.135375][ T5863] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.138636][ T5859] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.139704][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.144257][ T5859] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.145145][ T5859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.219146][ T5866] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.221849][ T5866] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.223869][ T5866] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.224755][ T5866] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.228848][ T5856] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.230609][ T5856] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.247503][ T5856] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.253354][ T5856] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.143559][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 90.197781][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 90.206072][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 90.272535][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 90.567904][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 91.100637][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.101620][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.102605][ T5848] bridge_slave_0: entered allmulticast mode [ 91.104461][ T5848] bridge_slave_0: entered promiscuous mode [ 91.119572][ T5157] Bluetooth: hci4: command tx timeout [ 91.198493][ T5866] Bluetooth: hci0: command tx timeout [ 91.199337][ T5157] Bluetooth: hci2: command tx timeout [ 91.278470][ T5157] Bluetooth: hci3: command tx timeout [ 91.358350][ T5157] Bluetooth: hci1: command tx timeout [ 91.386250][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.386334][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.386518][ T5848] bridge_slave_1: entered allmulticast mode [ 91.387984][ T5848] bridge_slave_1: entered promiscuous mode [ 91.403962][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.404092][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.404287][ T5845] bridge_slave_0: entered allmulticast mode [ 91.406913][ T5845] bridge_slave_0: entered promiscuous mode [ 91.420932][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.421061][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.421619][ T5846] bridge_slave_0: entered allmulticast mode [ 91.429014][ T5846] bridge_slave_0: entered promiscuous mode [ 91.641948][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.642044][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.642342][ T5845] bridge_slave_1: entered allmulticast mode [ 91.643876][ T5845] bridge_slave_1: entered promiscuous mode [ 91.644823][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.644951][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.645062][ T5846] bridge_slave_1: entered allmulticast mode [ 91.646526][ T5846] bridge_slave_1: entered promiscuous mode [ 91.651752][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.651883][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.652055][ T5847] bridge_slave_0: entered allmulticast mode [ 91.655022][ T5847] bridge_slave_0: entered promiscuous mode [ 91.969764][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.969907][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.970101][ T5847] bridge_slave_1: entered allmulticast mode [ 91.972851][ T5847] bridge_slave_1: entered promiscuous mode [ 92.065431][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.270039][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.270230][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.270474][ T5844] bridge_slave_0: entered allmulticast mode [ 92.273531][ T5844] bridge_slave_0: entered promiscuous mode [ 92.284289][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.297981][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.373574][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.460701][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.460835][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.461024][ T5844] bridge_slave_1: entered allmulticast mode [ 92.463663][ T5844] bridge_slave_1: entered promiscuous mode [ 92.572777][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.576418][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.594672][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.892653][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.972900][ T5848] team0: Port device team_slave_0 added [ 93.199728][ T5157] Bluetooth: hci4: command tx timeout [ 93.260293][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.262947][ T5848] team0: Port device team_slave_1 added [ 93.264710][ T5845] team0: Port device team_slave_0 added [ 93.278554][ T5866] Bluetooth: hci0: command tx timeout [ 93.278644][ T5157] Bluetooth: hci2: command tx timeout [ 93.359416][ T5157] Bluetooth: hci3: command tx timeout [ 93.383520][ T5846] team0: Port device team_slave_0 added [ 93.389185][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.438416][ T5157] Bluetooth: hci1: command tx timeout [ 93.462326][ T5845] team0: Port device team_slave_1 added [ 93.733763][ T5847] team0: Port device team_slave_0 added [ 93.736482][ T5846] team0: Port device team_slave_1 added [ 93.942273][ T5847] team0: Port device team_slave_1 added [ 94.084490][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.084503][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.084515][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.302098][ T5844] team0: Port device team_slave_0 added [ 94.303194][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.303207][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.303229][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.304283][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.304292][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.304305][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.441444][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.441460][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.441482][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.443853][ T5844] team0: Port device team_slave_1 added [ 94.465303][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.465318][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.465341][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.468867][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.468881][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.468902][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.479447][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.479461][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.479484][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.649519][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.649534][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.649555][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.899585][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.899595][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.899608][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.990026][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.990043][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.990065][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.161630][ T5848] hsr_slave_0: entered promiscuous mode [ 95.162716][ T5848] hsr_slave_1: entered promiscuous mode [ 95.278327][ T5157] Bluetooth: hci4: command tx timeout [ 95.358473][ T5866] Bluetooth: hci0: command tx timeout [ 95.358581][ T5157] Bluetooth: hci2: command tx timeout [ 95.448410][ T5157] Bluetooth: hci3: command tx timeout [ 95.466902][ T5845] hsr_slave_0: entered promiscuous mode [ 95.467704][ T5845] hsr_slave_1: entered promiscuous mode [ 95.469266][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 95.469393][ T5845] Cannot create hsr debugfs directory [ 95.480682][ T5846] hsr_slave_0: entered promiscuous mode [ 95.481924][ T5846] hsr_slave_1: entered promiscuous mode [ 95.482815][ T5846] debugfs: 'hsr0' already exists in 'hsr' [ 95.482838][ T5846] Cannot create hsr debugfs directory [ 95.494787][ T5847] hsr_slave_0: entered promiscuous mode [ 95.496124][ T5847] hsr_slave_1: entered promiscuous mode [ 95.496961][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 95.496982][ T5847] Cannot create hsr debugfs directory [ 95.518384][ T5157] Bluetooth: hci1: command tx timeout [ 96.094459][ T5844] hsr_slave_0: entered promiscuous mode [ 96.095244][ T5844] hsr_slave_1: entered promiscuous mode [ 96.095820][ T5844] debugfs: 'hsr0' already exists in 'hsr' [ 96.095841][ T5844] Cannot create hsr debugfs directory [ 97.358328][ T5157] Bluetooth: hci4: command tx timeout [ 97.438461][ T5866] Bluetooth: hci0: command tx timeout [ 97.438511][ T5157] Bluetooth: hci2: command tx timeout [ 97.528393][ T5157] Bluetooth: hci3: command tx timeout [ 97.598531][ T5157] Bluetooth: hci1: command tx timeout [ 97.660444][ T5848] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.696561][ T5848] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 97.737051][ T5848] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 97.795797][ T5848] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 97.933505][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.979481][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.024447][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.073214][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.225168][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.268217][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.303879][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.354528][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.522360][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.586153][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.626879][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.680141][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.872317][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.928421][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.973690][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 99.009038][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.017645][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.173665][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.196601][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.233917][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.234624][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.291854][ T3467] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.291995][ T3467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.344218][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.370639][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.415947][ T1021] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.416645][ T1021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.478296][ T3603] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.478426][ T3603] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.524553][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.565619][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.586701][ T3603] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.587205][ T3603] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.642353][ T3603] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.642553][ T3603] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.746549][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.812612][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.860804][ T1021] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.861112][ T1021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.930693][ T1021] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.931213][ T1021] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.022950][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.072742][ T3467] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.073920][ T3467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.169541][ T3467] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.169700][ T3467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.239949][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.477700][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.844576][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.080042][ T5845] veth0_vlan: entered promiscuous mode [ 101.175038][ T5845] veth1_vlan: entered promiscuous mode [ 101.184606][ T5848] veth0_vlan: entered promiscuous mode [ 101.216797][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.217875][ T5846] veth0_vlan: entered promiscuous mode [ 101.246403][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.247083][ T5848] veth1_vlan: entered promiscuous mode [ 101.278420][ T5846] veth1_vlan: entered promiscuous mode [ 101.367548][ T5845] veth0_macvtap: entered promiscuous mode [ 101.398104][ T5845] veth1_macvtap: entered promiscuous mode [ 101.457315][ T5848] veth0_macvtap: entered promiscuous mode [ 101.497443][ T5846] veth0_macvtap: entered promiscuous mode [ 101.502230][ T5847] veth0_vlan: entered promiscuous mode [ 101.516269][ T5848] veth1_macvtap: entered promiscuous mode [ 101.537906][ T5844] veth0_vlan: entered promiscuous mode [ 101.550159][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.552556][ T5846] veth1_macvtap: entered promiscuous mode [ 101.592077][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.595834][ T5847] veth1_vlan: entered promiscuous mode [ 101.633918][ T5844] veth1_vlan: entered promiscuous mode [ 101.662750][ T3603] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.675308][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.687757][ T3603] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.710188][ T3603] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.715833][ T3603] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.717574][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.739819][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.806659][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.809950][ T987] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.866158][ T987] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.876665][ T987] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.903321][ T987] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.973557][ T3603] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.020033][ T3603] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.024564][ T3603] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.052275][ T3603] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.073897][ T5847] veth0_macvtap: entered promiscuous mode [ 102.187981][ T5844] veth0_macvtap: entered promiscuous mode [ 102.223737][ T5847] veth1_macvtap: entered promiscuous mode [ 102.291987][ T1016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.292011][ T1016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.334839][ T5844] veth1_macvtap: entered promiscuous mode [ 102.477212][ T1021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.477231][ T1021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.525370][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.591506][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.598032][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.604085][ T3614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.604105][ T3614] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.707741][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.710670][ T3591] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.730508][ T1016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.730524][ T1016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.768091][ T3591] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.800618][ T3591] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.821380][ T3591] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.904439][ T987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.904458][ T987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.913507][ T3591] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.987298][ T3591] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.014658][ T3591] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.036534][ T3591] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.052909][ T5963] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.112259][ T987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.112288][ T987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.433835][ T5965] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 103.620930][ T987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.620950][ T987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.938715][ T3591] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.938734][ T3591] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.002351][ T3603] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.002370][ T3603] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.088231][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 104.209195][ T5979] FAULT_INJECTION: forcing a failure. [ 104.209195][ T5979] name failslab, interval 1, probability 0, space 0, times 1 [ 104.209250][ T5979] CPU: 0 UID: 0 PID: 5979 Comm: syz.4.8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 104.209268][ T5979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 104.209283][ T5979] Call Trace: [ 104.209291][ T5979] [ 104.209298][ T5979] dump_stack_lvl+0x189/0x250 [ 104.209326][ T5979] ? __pfx____ratelimit+0x10/0x10 [ 104.209347][ T5979] ? __pfx_dump_stack_lvl+0x10/0x10 [ 104.209368][ T5979] ? __pfx__printk+0x10/0x10 [ 104.209392][ T5979] ? __pfx___might_resched+0x10/0x10 [ 104.209409][ T5979] ? fs_reclaim_acquire+0x7d/0x100 [ 104.209429][ T5979] should_fail_ex+0x46c/0x600 [ 104.209458][ T5979] should_failslab+0xa8/0x100 [ 104.209482][ T5979] __kmalloc_noprof+0xcb/0x430 [ 104.209502][ T5979] ? io_cache_alloc_new+0x40/0x100 [ 104.209527][ T5979] io_cache_alloc_new+0x40/0x100 [ 104.209547][ T5979] io_msg_alloc_async+0x1b2/0x2d0 [ 104.209575][ T5979] io_sendmsg_prep+0x341/0x5f0 [ 104.209605][ T5979] io_submit_sqes+0x917/0x1d30 [ 104.209644][ T5979] ? __fget_files+0x2a/0x420 [ 104.209680][ T5979] __se_sys_io_uring_enter+0x2db/0x2b70 [ 104.209729][ T5979] ? __pfx___se_sys_io_uring_enter+0x10/0x10 [ 104.209750][ T5979] ? task_mm_cid_work+0x46e/0x760 [ 104.209770][ T5979] ? __pfx___might_resched+0x10/0x10 [ 104.209792][ T5979] ? __pfx_task_mm_cid_work+0x10/0x10 [ 104.209812][ T5979] ? blkcg_maybe_throttle_current+0x1a8/0xbc0 [ 104.209830][ T5979] ? _raw_spin_unlock_irq+0x23/0x50 [ 104.209866][ T5979] ? rcu_is_watching+0x15/0xb0 [ 104.209895][ T5979] ? __x64_sys_io_uring_enter+0x21/0xf0 [ 104.209921][ T5979] do_syscall_64+0xfa/0x3b0 [ 104.209949][ T5979] ? lockdep_hardirqs_on+0x9c/0x150 [ 104.209970][ T5979] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.209987][ T5979] ? clear_bhb_loop+0x60/0xb0 [ 104.210008][ T5979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.210025][ T5979] RIP: 0033:0x7f765a0aebe9 [ 104.210045][ T5979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.210059][ T5979] RSP: 002b:00007f765830e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 104.210078][ T5979] RAX: ffffffffffffffda RBX: 00007f765a2e5fa0 RCX: 00007f765a0aebe9 [ 104.210091][ T5979] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000004 [ 104.210101][ T5979] RBP: 00007f765830e090 R08: 0000000000000000 R09: 0000000000000000 [ 104.210112][ T5979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 104.210121][ T5979] R13: 00007f765a2e6038 R14: 00007f765a2e5fa0 R15: 00007ffd6e2cfec8 [ 104.210151][ T5979] [ 104.580127][ T1021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.580147][ T1021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.028225][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.038240][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.048191][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.058212][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.068195][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.078202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.088195][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.098177][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 105.108202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 107.355436][ T6011] Zero length message leads to an empty skb [ 107.552334][ T992] IPVS: starting estimator thread 0... [ 107.851116][ T6015] IPVS: using max 13 ests per chain, 31200 per kthread [ 109.071799][ T6027] netlink: 'syz.0.20': attribute type 2 has an invalid length. [ 109.204144][ T2165] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 109.628014][ T6030] IPVS: set_ctl: invalid protocol: 135 100.1.1.2:20004 [ 110.255002][ T5855] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 110.260699][ T6031] FAULT_INJECTION: forcing a failure. [ 110.260699][ T6031] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 110.260729][ T6031] CPU: 1 UID: 0 PID: 6031 Comm: syz.2.21 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 110.260748][ T6031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 110.260758][ T6031] Call Trace: [ 110.260765][ T6031] [ 110.260772][ T6031] dump_stack_lvl+0x189/0x250 [ 110.260800][ T6031] ? __pfx____ratelimit+0x10/0x10 [ 110.260822][ T6031] ? __pfx_dump_stack_lvl+0x10/0x10 [ 110.260844][ T6031] ? __pfx__printk+0x10/0x10 [ 110.260861][ T6031] ? __might_fault+0xb0/0x130 [ 110.260895][ T6031] should_fail_ex+0x46c/0x600 [ 110.260921][ T6031] _copy_from_user+0x2d/0xb0 [ 110.260941][ T6031] __sys_bpf+0x1ed/0x870 [ 110.260964][ T6031] ? __pfx___sys_bpf+0x10/0x10 [ 110.260996][ T6031] ? ksys_write+0x230/0x260 [ 110.261017][ T6031] ? __pfx_ksys_write+0x10/0x10 [ 110.261034][ T6031] ? rcu_is_watching+0x15/0xb0 [ 110.261064][ T6031] __x64_sys_bpf+0x7c/0x90 [ 110.261083][ T6031] do_syscall_64+0xfa/0x3b0 [ 110.261103][ T6031] ? lockdep_hardirqs_on+0x9c/0x150 [ 110.261123][ T6031] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.261139][ T6031] ? clear_bhb_loop+0x60/0xb0 [ 110.261166][ T6031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.261182][ T6031] RIP: 0033:0x7f87f4e8ebe9 [ 110.261197][ T6031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.261210][ T6031] RSP: 002b:00007f87f30f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 110.261227][ T6031] RAX: ffffffffffffffda RBX: 00007f87f50c5fa0 RCX: 00007f87f4e8ebe9 [ 110.261239][ T6031] RDX: 0000000000000020 RSI: 0000200000000b80 RDI: 0000000000000004 [ 110.261250][ T6031] RBP: 00007f87f30f6090 R08: 0000000000000000 R09: 0000000000000000 [ 110.261260][ T6031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.261270][ T6031] R13: 00007f87f50c6038 R14: 00007f87f50c5fa0 R15: 00007ffd0c6cd448 [ 110.261302][ T6031] [ 111.789332][ T5860] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 111.803565][ T5919] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 112.587560][ T5860] usb 1-1: config 0 has an invalid interface number: 219 but max is 0 [ 112.587587][ T5860] usb 1-1: config 0 has no interface number 0 [ 112.608313][ T5860] usb 1-1: New USB device found, idVendor=27c6, idProduct=5395, bcdDevice=a1.57 [ 112.608340][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.608358][ T5860] usb 1-1: Product: syz [ 112.608371][ T5860] usb 1-1: Manufacturer: syz [ 112.608383][ T5860] usb 1-1: SerialNumber: syz [ 112.685512][ T5860] usb 1-1: config 0 descriptor?? [ 112.717560][ T5919] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 112.717619][ T5919] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 112.717639][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.744637][ T5919] usb 3-1: config 0 descriptor?? [ 112.802841][ T5919] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 113.394116][ T5919] gspca_vc032x: reg_w err -71 [ 113.394181][ T5919] vc032x 3-1:0.0: probe with driver vc032x failed with error -71 [ 113.399438][ T5919] usb 3-1: USB disconnect, device number 2 [ 113.419295][ T6061] FAULT_INJECTION: forcing a failure. [ 113.419295][ T6061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 113.419315][ T6061] CPU: 1 UID: 0 PID: 6061 Comm: syz.4.31 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 113.419326][ T6061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 113.419332][ T6061] Call Trace: [ 113.419336][ T6061] [ 113.419340][ T6061] dump_stack_lvl+0x189/0x250 [ 113.419358][ T6061] ? __pfx____ratelimit+0x10/0x10 [ 113.419371][ T6061] ? __pfx_dump_stack_lvl+0x10/0x10 [ 113.419383][ T6061] ? __pfx__printk+0x10/0x10 [ 113.419401][ T6061] should_fail_ex+0x46c/0x600 [ 113.419417][ T6061] _copy_to_user+0x31/0xb0 [ 113.419429][ T6061] simple_read_from_buffer+0xe1/0x170 [ 113.419445][ T6061] proc_fail_nth_read+0x1b6/0x220 [ 113.419457][ T6061] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 113.419469][ T6061] ? rw_verify_area+0x2ac/0x4e0 [ 113.419480][ T6061] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 113.419490][ T6061] vfs_read+0x203/0xa30 [ 113.419505][ T6061] ? __pfx_vfs_read+0x10/0x10 [ 113.419514][ T6061] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 113.419529][ T6061] ? mutex_lock_nested+0x154/0x1d0 [ 113.419538][ T6061] ? fdget_pos+0x253/0x320 [ 113.419556][ T6061] ksys_read+0x14b/0x260 [ 113.419568][ T6061] ? __pfx_ksys_read+0x10/0x10 [ 113.419581][ T6061] ? do_syscall_64+0xbe/0x3b0 [ 113.419596][ T6061] do_syscall_64+0xfa/0x3b0 [ 113.419607][ T6061] ? lockdep_hardirqs_on+0x9c/0x150 [ 113.419618][ T6061] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.419627][ T6061] ? clear_bhb_loop+0x60/0xb0 [ 113.419639][ T6061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.419648][ T6061] RIP: 0033:0x7f765a0ad5fc [ 113.419657][ T6061] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 113.419664][ T6061] RSP: 002b:00007f765830e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 113.419675][ T6061] RAX: ffffffffffffffda RBX: 00007f765a2e5fa0 RCX: 00007f765a0ad5fc [ 113.419682][ T6061] RDX: 000000000000000f RSI: 00007f765830e0a0 RDI: 0000000000000007 [ 113.419688][ T6061] RBP: 00007f765830e090 R08: 0000000000000000 R09: 0000000000000000 [ 113.419693][ T6061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.419698][ T6061] R13: 00007f765a2e6038 R14: 00007f765a2e5fa0 R15: 00007ffd6e2cfec8 [ 113.419714][ T6061] [ 113.820226][ T5919] usb 1-1: USB disconnect, device number 2 [ 114.254801][ T6077] FAULT_INJECTION: forcing a failure. [ 114.254801][ T6077] name failslab, interval 1, probability 0, space 0, times 0 [ 114.254823][ T6077] CPU: 0 UID: 0 PID: 6077 Comm: syz.4.35 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 114.254834][ T6077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 114.254841][ T6077] Call Trace: [ 114.254845][ T6077] [ 114.254849][ T6077] dump_stack_lvl+0x189/0x250 [ 114.254867][ T6077] ? __pfx____ratelimit+0x10/0x10 [ 114.254881][ T6077] ? __pfx_dump_stack_lvl+0x10/0x10 [ 114.254893][ T6077] ? __pfx__printk+0x10/0x10 [ 114.254909][ T6077] ? __pfx___might_resched+0x10/0x10 [ 114.254927][ T6077] should_fail_ex+0x46c/0x600 [ 114.254947][ T6077] should_failslab+0xa8/0x100 [ 114.254960][ T6077] __kmalloc_cache_noprof+0x6e/0x320 [ 114.254973][ T6077] ? alloc_pipe_info+0xe9/0x4e0 [ 114.254987][ T6077] alloc_pipe_info+0xe9/0x4e0 [ 114.255000][ T6077] splice_direct_to_actor+0xa6e/0xcd0 [ 114.255014][ T6077] ? __lock_acquire+0xab9/0xd20 [ 114.255032][ T6077] ? __lock_acquire+0xab9/0xd20 [ 114.255043][ T6077] ? __pfx_direct_splice_actor+0x10/0x10 [ 114.255054][ T6077] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 114.255071][ T6077] do_splice_direct+0x187/0x270 [ 114.255084][ T6077] ? __pfx_do_splice_direct+0x10/0x10 [ 114.255096][ T6077] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 114.255112][ T6077] ? rw_verify_area+0x25b/0x4e0 [ 114.255125][ T6077] do_sendfile+0x4ec/0x7f0 [ 114.255143][ T6077] ? __pfx_do_sendfile+0x10/0x10 [ 114.255162][ T6077] __se_sys_sendfile64+0xd9/0x190 [ 114.255185][ T6077] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 114.255204][ T6077] ? rcu_is_watching+0x15/0xb0 [ 114.255231][ T6077] ? do_syscall_64+0xbe/0x3b0 [ 114.255254][ T6077] do_syscall_64+0xfa/0x3b0 [ 114.255273][ T6077] ? lockdep_hardirqs_on+0x9c/0x150 [ 114.255292][ T6077] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.255307][ T6077] ? clear_bhb_loop+0x60/0xb0 [ 114.255327][ T6077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.255342][ T6077] RIP: 0033:0x7f765a0aebe9 [ 114.255358][ T6077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.255371][ T6077] RSP: 002b:00007f765830e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 114.255388][ T6077] RAX: ffffffffffffffda RBX: 00007f765a2e5fa0 RCX: 00007f765a0aebe9 [ 114.255401][ T6077] RDX: 0000200000002080 RSI: 0000000000000003 RDI: 0000000000000004 [ 114.255410][ T6077] RBP: 00007f765830e090 R08: 0000000000000000 R09: 0000000000000000 [ 114.255419][ T6077] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001 [ 114.255429][ T6077] R13: 00007f765a2e6038 R14: 00007f765a2e5fa0 R15: 00007ffd6e2cfec8 [ 114.255454][ T6077] [ 115.058830][ T6084] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.087593][ T6105] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 117.212018][ T6032] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 117.215409][ T6111] FAULT_INJECTION: forcing a failure. [ 117.215409][ T6111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 117.215455][ T6111] CPU: 1 UID: 0 PID: 6111 Comm: syz.4.48 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 117.215474][ T6111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 117.215484][ T6111] Call Trace: [ 117.215491][ T6111] [ 117.215498][ T6111] dump_stack_lvl+0x189/0x250 [ 117.215525][ T6111] ? __pfx____ratelimit+0x10/0x10 [ 117.215547][ T6111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 117.215569][ T6111] ? __pfx__printk+0x10/0x10 [ 117.215587][ T6111] ? __might_fault+0xb0/0x130 [ 117.215620][ T6111] should_fail_ex+0x46c/0x600 [ 117.215645][ T6111] _copy_from_user+0x2d/0xb0 [ 117.215665][ T6111] __sys_bpf+0x1ed/0x870 [ 117.215687][ T6111] ? __pfx___sys_bpf+0x10/0x10 [ 117.215719][ T6111] ? ksys_write+0x230/0x260 [ 117.215741][ T6111] ? __pfx_ksys_write+0x10/0x10 [ 117.215768][ T6111] __x64_sys_bpf+0x7c/0x90 [ 117.215787][ T6111] do_syscall_64+0xfa/0x3b0 [ 117.215807][ T6111] ? lockdep_hardirqs_on+0x9c/0x150 [ 117.215828][ T6111] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.215845][ T6111] ? clear_bhb_loop+0x60/0xb0 [ 117.215865][ T6111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.215881][ T6111] RIP: 0033:0x7f765a0aebe9 [ 117.215897][ T6111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.215910][ T6111] RSP: 002b:00007f76582cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 117.215935][ T6111] RAX: ffffffffffffffda RBX: 00007f765a2e6180 RCX: 00007f765a0aebe9 [ 117.215947][ T6111] RDX: 0000000000000020 RSI: 0000200000000b80 RDI: 0000000000000004 [ 117.215957][ T6111] RBP: 00007f76582cc090 R08: 0000000000000000 R09: 0000000000000000 [ 117.215967][ T6111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 117.215975][ T6111] R13: 00007f765a2e6218 R14: 00007f765a2e6180 R15: 00007ffd6e2cfec8 [ 117.216001][ T6111] [ 117.218441][ T5860] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 117.476528][ T5933] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 117.679698][ T5933] usb 3-1: Using ep0 maxpacket: 32 [ 118.236341][ T5933] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 118.236366][ T5933] usb 3-1: config 0 has no interface number 0 [ 118.236411][ T5933] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 118.236434][ T5933] usb 3-1: config 0 interface 196 has no altsetting 0 [ 118.239315][ T5933] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 118.239337][ T5933] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.239354][ T5933] usb 3-1: Product: syz [ 118.239366][ T5933] usb 3-1: Manufacturer: syz [ 118.239378][ T5933] usb 3-1: SerialNumber: syz [ 118.266893][ T5933] usb 3-1: config 0 descriptor?? [ 118.311366][ T6100] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 118.399972][ T6032] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 118.513932][ T5860] usb 4-1: config 0 has an invalid interface number: 219 but max is 0 [ 118.513957][ T5860] usb 4-1: config 0 has no interface number 0 [ 118.535733][ T5860] usb 4-1: New USB device found, idVendor=27c6, idProduct=5395, bcdDevice=a1.57 [ 118.535761][ T5860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.535779][ T5860] usb 4-1: Product: syz [ 118.535791][ T5860] usb 4-1: Manufacturer: syz [ 118.535803][ T5860] usb 4-1: SerialNumber: syz [ 118.605394][ T5860] usb 4-1: config 0 descriptor?? [ 118.608077][ T6100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.636964][ T6100] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.162134][ T6100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.175646][ T6100] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.657507][ T6122] FAULT_INJECTION: forcing a failure. [ 119.657507][ T6122] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 119.657540][ T6122] CPU: 1 UID: 0 PID: 6122 Comm: syz.1.50 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 119.657560][ T6122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 119.657570][ T6122] Call Trace: [ 119.657577][ T6122] [ 119.657585][ T6122] dump_stack_lvl+0x189/0x250 [ 119.657622][ T6122] ? __pfx____ratelimit+0x10/0x10 [ 119.657644][ T6122] ? __pfx_dump_stack_lvl+0x10/0x10 [ 119.657668][ T6122] ? __pfx__printk+0x10/0x10 [ 119.657699][ T6122] should_fail_ex+0x46c/0x600 [ 119.657727][ T6122] _copy_from_user+0x2d/0xb0 [ 119.657747][ T6122] __copy_msghdr+0x3c5/0x5b0 [ 119.657775][ T6122] ___sys_sendmsg+0x1a5/0x2a0 [ 119.657800][ T6122] ? __pfx____sys_sendmsg+0x10/0x10 [ 119.657855][ T6122] ? __fget_files+0x2a/0x420 [ 119.657876][ T6122] ? __fget_files+0x3a6/0x420 [ 119.657906][ T6122] __x64_sys_sendmsg+0x1a1/0x260 [ 119.657931][ T6122] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 119.657961][ T6122] ? __pfx_ksys_write+0x10/0x10 [ 119.657979][ T6122] ? rcu_is_watching+0x15/0xb0 [ 119.658011][ T6122] ? do_syscall_64+0xbe/0x3b0 [ 119.658169][ T6122] do_syscall_64+0xfa/0x3b0 [ 119.658188][ T6122] ? lockdep_hardirqs_on+0x9c/0x150 [ 119.658207][ T6122] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.658223][ T6122] ? clear_bhb_loop+0x60/0xb0 [ 119.658242][ T6122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.658258][ T6122] RIP: 0033:0x7f3096e7ebe9 [ 119.658273][ T6122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.658285][ T6122] RSP: 002b:00007f30950de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.658302][ T6122] RAX: ffffffffffffffda RBX: 00007f30970b5fa0 RCX: 00007f3096e7ebe9 [ 119.658312][ T6122] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 0000000000000003 [ 119.658321][ T6122] RBP: 00007f30950de090 R08: 0000000000000000 R09: 0000000000000000 [ 119.658331][ T6122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.658340][ T6122] R13: 00007f30970b6038 R14: 00007f30970b5fa0 R15: 00007ffc7e5de088 [ 119.658369][ T6122] [ 119.693375][ T5933] ipheth 3-1:0.196: ipheth_get_macaddr: usb_control_msg: -71 [ 119.693820][ T5933] ipheth 3-1:0.196: probe with driver ipheth failed with error -71 [ 119.839607][ T5933] usb 3-1: USB disconnect, device number 3 [ 120.011026][ T5919] usb 4-1: USB disconnect, device number 2 [ 120.019871][ T6135] 9pnet_fd: Insufficient options for proto=fd [ 120.689657][ T5933] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 121.507445][ T3467] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 121.638382][ T5933] usb 3-1: device descriptor read/64, error -71 [ 121.747481][ T6159] FAULT_INJECTION: forcing a failure. [ 121.747481][ T6159] name failslab, interval 1, probability 0, space 0, times 0 [ 121.747516][ T6159] CPU: 0 UID: 0 PID: 6159 Comm: syz.0.57 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 121.747536][ T6159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 121.747546][ T6159] Call Trace: [ 121.747553][ T6159] [ 121.747561][ T6159] dump_stack_lvl+0x189/0x250 [ 121.747589][ T6159] ? __pfx____ratelimit+0x10/0x10 [ 121.747611][ T6159] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.747634][ T6159] ? __pfx__printk+0x10/0x10 [ 121.747658][ T6159] ? __pfx___might_resched+0x10/0x10 [ 121.747675][ T6159] ? fs_reclaim_acquire+0x7d/0x100 [ 121.747696][ T6159] should_fail_ex+0x46c/0x600 [ 121.747721][ T6159] ? __alloc_skb+0x112/0x2d0 [ 121.747741][ T6159] should_failslab+0xa8/0x100 [ 121.747764][ T6159] ? __alloc_skb+0x112/0x2d0 [ 121.747781][ T6159] kmem_cache_alloc_node_noprof+0x77/0x330 [ 121.747809][ T6159] __alloc_skb+0x112/0x2d0 [ 121.747834][ T6159] netlink_sendmsg+0x5c6/0xb30 [ 121.747865][ T6159] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.747893][ T6159] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 121.747910][ T6159] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.747931][ T6159] __sock_sendmsg+0x219/0x270 [ 121.747953][ T6159] ____sys_sendmsg+0x508/0x820 [ 121.747981][ T6159] ? __pfx_____sys_sendmsg+0x10/0x10 [ 121.748013][ T6159] ? import_iovec+0x74/0xa0 [ 121.748035][ T6159] ___sys_sendmsg+0x21f/0x2a0 [ 121.748067][ T6159] ? __pfx____sys_sendmsg+0x10/0x10 [ 121.748125][ T6159] ? __fget_files+0x2a/0x420 [ 121.748144][ T6159] ? __fget_files+0x3a6/0x420 [ 121.748176][ T6159] __x64_sys_sendmsg+0x1a1/0x260 [ 121.748201][ T6159] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 121.748233][ T6159] ? __pfx_ksys_write+0x10/0x10 [ 121.748251][ T6159] ? rcu_is_watching+0x15/0xb0 [ 121.748280][ T6159] ? do_syscall_64+0xbe/0x3b0 [ 121.748305][ T6159] do_syscall_64+0xfa/0x3b0 [ 121.748325][ T6159] ? lockdep_hardirqs_on+0x9c/0x150 [ 121.748345][ T6159] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.748362][ T6159] ? clear_bhb_loop+0x60/0xb0 [ 121.748383][ T6159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.748399][ T6159] RIP: 0033:0x7fe75cfdebe9 [ 121.748414][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.748428][ T6159] RSP: 002b:00007fe75b23e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 121.748447][ T6159] RAX: ffffffffffffffda RBX: 00007fe75d215fa0 RCX: 00007fe75cfdebe9 [ 121.748460][ T6159] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003 [ 121.748471][ T6159] RBP: 00007fe75b23e090 R08: 0000000000000000 R09: 0000000000000000 [ 121.748481][ T6159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.748491][ T6159] R13: 00007fe75d216038 R14: 00007fe75d215fa0 R15: 00007ffd9573ead8 [ 121.748520][ T6159] [ 123.124077][ T6172] netlink: 20 bytes leftover after parsing attributes in process `syz.2.60'. [ 123.252493][ T6179] FAULT_INJECTION: forcing a failure. [ 123.252493][ T6179] name failslab, interval 1, probability 0, space 0, times 0 [ 123.252525][ T6179] CPU: 0 UID: 0 PID: 6179 Comm: syz.3.64 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 123.252545][ T6179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 123.252555][ T6179] Call Trace: [ 123.252562][ T6179] [ 123.252570][ T6179] dump_stack_lvl+0x189/0x250 [ 123.252598][ T6179] ? __pfx____ratelimit+0x10/0x10 [ 123.252620][ T6179] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.252643][ T6179] ? __pfx__printk+0x10/0x10 [ 123.252667][ T6179] ? __pfx___might_resched+0x10/0x10 [ 123.252682][ T6179] ? fs_reclaim_acquire+0x7d/0x100 [ 123.252700][ T6179] should_fail_ex+0x46c/0x600 [ 123.252726][ T6179] ? __alloc_skb+0x112/0x2d0 [ 123.252745][ T6179] should_failslab+0xa8/0x100 [ 123.252766][ T6179] ? __alloc_skb+0x112/0x2d0 [ 123.252784][ T6179] kmem_cache_alloc_node_noprof+0x77/0x330 [ 123.252813][ T6179] __alloc_skb+0x112/0x2d0 [ 123.252834][ T6179] netlink_sendmsg+0x5c6/0xb30 [ 123.252864][ T6179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.252885][ T6179] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 123.252898][ T6179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.252914][ T6179] __sock_sendmsg+0x219/0x270 [ 123.252931][ T6179] ____sys_sendmsg+0x508/0x820 [ 123.252952][ T6179] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.252976][ T6179] ? import_iovec+0x74/0xa0 [ 123.252993][ T6179] ___sys_sendmsg+0x21f/0x2a0 [ 123.253012][ T6179] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.253054][ T6179] ? __fget_files+0x2a/0x420 [ 123.253071][ T6179] ? __fget_files+0x3a6/0x420 [ 123.253094][ T6179] __x64_sys_sendmsg+0x1a1/0x260 [ 123.253113][ T6179] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 123.253137][ T6179] ? __pfx_ksys_write+0x10/0x10 [ 123.253151][ T6179] ? rcu_is_watching+0x15/0xb0 [ 123.253172][ T6179] ? do_syscall_64+0xbe/0x3b0 [ 123.253191][ T6179] do_syscall_64+0xfa/0x3b0 [ 123.253207][ T6179] ? lockdep_hardirqs_on+0x9c/0x150 [ 123.253222][ T6179] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.253235][ T6179] ? clear_bhb_loop+0x60/0xb0 [ 123.253251][ T6179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.253263][ T6179] RIP: 0033:0x7fabaa75ebe9 [ 123.253275][ T6179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.253285][ T6179] RSP: 002b:00007faba89be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.253299][ T6179] RAX: ffffffffffffffda RBX: 00007fabaa995fa0 RCX: 00007fabaa75ebe9 [ 123.253308][ T6179] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004 [ 123.253316][ T6179] RBP: 00007faba89be090 R08: 0000000000000000 R09: 0000000000000000 [ 123.253323][ T6179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.253330][ T6179] R13: 00007fabaa996038 R14: 00007fabaa995fa0 R15: 00007ffdd51e79a8 [ 123.253351][ T6179] [ 123.904687][ T6188] ======================================================= [ 123.904687][ T6188] WARNING: The mand mount option has been deprecated and [ 123.904687][ T6188] and is ignored by this kernel. Remove the mand [ 123.904687][ T6188] option from the mount to silence this warning. [ 123.904687][ T6188] ======================================================= [ 124.643374][ T3467] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 126.347285][ T6204] FAULT_INJECTION: forcing a failure. [ 126.347285][ T6204] name failslab, interval 1, probability 0, space 0, times 0 [ 126.347318][ T6204] CPU: 1 UID: 0 PID: 6204 Comm: syz.4.72 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 126.347338][ T6204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 126.347347][ T6204] Call Trace: [ 126.347354][ T6204] [ 126.347362][ T6204] dump_stack_lvl+0x189/0x250 [ 126.347389][ T6204] ? __pfx____ratelimit+0x10/0x10 [ 126.347410][ T6204] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.347433][ T6204] ? __pfx__printk+0x10/0x10 [ 126.347471][ T6204] should_fail_ex+0x46c/0x600 [ 126.347499][ T6204] ? sctp_get_port_local+0x726/0x16a0 [ 126.347521][ T6204] should_failslab+0xa8/0x100 [ 126.347545][ T6204] ? sctp_get_port_local+0x726/0x16a0 [ 126.347565][ T6204] kmem_cache_alloc_noprof+0x6e/0x310 [ 126.347602][ T6204] sctp_get_port_local+0x726/0x16a0 [ 126.347636][ T6204] ? sctp_get_port_local+0x46c/0x16a0 [ 126.347659][ T6204] ? __pfx_sctp_get_port_local+0x10/0x10 [ 126.347686][ T6204] ? sctp_bind_addr_match+0x28b/0x2b0 [ 126.347713][ T6204] sctp_do_bind+0x4ea/0x940 [ 126.347751][ T6204] sctp_connect_new_asoc+0x25c/0x690 [ 126.347777][ T6204] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 126.347806][ T6204] ? sctp_endpoint_lookup_assoc+0x22f/0x260 [ 126.347830][ T6204] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 126.347846][ T6204] ? security_sctp_bind_connect+0x7e/0x2e0 [ 126.347868][ T6204] sctp_sendmsg+0x14fd/0x2590 [ 126.347903][ T6204] ? __pfx_sctp_sendmsg+0x10/0x10 [ 126.347924][ T6204] ? __might_fault+0xb0/0x130 [ 126.347947][ T6204] ? __might_fault+0xb0/0x130 [ 126.347989][ T6204] ? sock_rps_record_flow+0x19/0x410 [ 126.348008][ T6204] ? inet_sendmsg+0x2f4/0x370 [ 126.348028][ T6204] __sock_sendmsg+0x19c/0x270 [ 126.348051][ T6204] __sys_sendto+0x3c7/0x520 [ 126.348076][ T6204] ? __pfx___sys_sendto+0x10/0x10 [ 126.348135][ T6204] ? rcu_is_watching+0x15/0xb0 [ 126.348165][ T6204] __x64_sys_sendto+0xde/0x100 [ 126.348191][ T6204] do_syscall_64+0xfa/0x3b0 [ 126.348214][ T6204] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.348229][ T6204] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 126.348244][ T6204] ? clear_bhb_loop+0x60/0xb0 [ 126.348266][ T6204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.348282][ T6204] RIP: 0033:0x7f765a0aebe9 [ 126.348298][ T6204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.348312][ T6204] RSP: 002b:00007f765830e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 126.348330][ T6204] RAX: ffffffffffffffda RBX: 00007f765a2e5fa0 RCX: 00007f765a0aebe9 [ 126.348342][ T6204] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003 [ 126.348353][ T6204] RBP: 00007f765830e090 R08: 0000200000000140 R09: 000000000000001c [ 126.348364][ T6204] R10: 000000000400c0d4 R11: 0000000000000246 R12: 0000000000000001 [ 126.348374][ T6204] R13: 00007f765a2e6038 R14: 00007f765a2e5fa0 R15: 00007ffd6e2cfec8 [ 126.348406][ T6204] [ 127.230331][ T6021] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 127.696458][ T6210] FAULT_INJECTION: forcing a failure. [ 127.696458][ T6210] name failslab, interval 1, probability 0, space 0, times 0 [ 127.696489][ T6210] CPU: 1 UID: 0 PID: 6210 Comm: syz.4.74 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 127.696507][ T6210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 127.696516][ T6210] Call Trace: [ 127.696523][ T6210] [ 127.696530][ T6210] dump_stack_lvl+0x189/0x250 [ 127.696561][ T6210] ? __pfx____ratelimit+0x10/0x10 [ 127.696583][ T6210] ? __pfx_dump_stack_lvl+0x10/0x10 [ 127.696606][ T6210] ? __pfx__printk+0x10/0x10 [ 127.696629][ T6210] ? __pfx___might_resched+0x10/0x10 [ 127.696646][ T6210] ? fs_reclaim_acquire+0x7d/0x100 [ 127.696666][ T6210] should_fail_ex+0x46c/0x600 [ 127.696693][ T6210] should_failslab+0xa8/0x100 [ 127.696716][ T6210] __kmalloc_cache_noprof+0x6e/0x320 [ 127.696737][ T6210] ? sctp_association_new+0x89/0x25f0 [ 127.696764][ T6210] sctp_association_new+0x89/0x25f0 [ 127.696802][ T6210] sctp_connect_new_asoc+0x2c5/0x690 [ 127.696827][ T6210] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 127.696851][ T6210] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 127.696873][ T6210] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 127.696892][ T6210] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 127.696914][ T6210] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 127.696931][ T6210] ? security_sctp_bind_connect+0x7e/0x2e0 [ 127.696954][ T6210] sctp_sendmsg+0x14fd/0x2590 [ 127.696988][ T6210] ? __pfx_sctp_sendmsg+0x10/0x10 [ 127.697009][ T6210] ? __lock_acquire+0xab9/0xd20 [ 127.697047][ T6210] ? sock_rps_record_flow+0x19/0x410 [ 127.697067][ T6210] ? inet_sendmsg+0x2f4/0x370 [ 127.697082][ T6210] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 127.697102][ T6210] __sock_sendmsg+0x19c/0x270 [ 127.697123][ T6210] __sys_sendto+0x3c7/0x520 [ 127.697147][ T6210] ? __pfx___sys_sendto+0x10/0x10 [ 127.697195][ T6210] ? ksys_write+0x230/0x260 [ 127.697217][ T6210] ? __pfx_ksys_write+0x10/0x10 [ 127.697233][ T6210] ? rcu_is_watching+0x15/0xb0 [ 127.697261][ T6210] __x64_sys_sendto+0xde/0x100 [ 127.697286][ T6210] do_syscall_64+0xfa/0x3b0 [ 127.697306][ T6210] ? lockdep_hardirqs_on+0x9c/0x150 [ 127.697326][ T6210] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.697343][ T6210] ? clear_bhb_loop+0x60/0xb0 [ 127.697370][ T6210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.697386][ T6210] RIP: 0033:0x7f765a0aebe9 [ 127.697402][ T6210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.697415][ T6210] RSP: 002b:00007f765830e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 127.697433][ T6210] RAX: ffffffffffffffda RBX: 00007f765a2e5fa0 RCX: 00007f765a0aebe9 [ 127.697445][ T6210] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003 [ 127.697456][ T6210] RBP: 00007f765830e090 R08: 00002000000000c0 R09: 000000000000001c [ 127.697467][ T6210] R10: 0000000004000050 R11: 0000000000000246 R12: 0000000000000001 [ 127.697477][ T6210] R13: 00007f765a2e6038 R14: 00007f765a2e5fa0 R15: 00007ffd6e2cfec8 [ 127.697505][ T6210] [ 127.969857][ T5157] Bluetooth: hci3: unexpected cc 0x2039 length: 9 > 1 [ 128.184697][ T2165] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 128.283295][ T6217] syz.3.77 (6217) used greatest stack depth: 18968 bytes left [ 128.569336][ T5860] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 128.718432][ T5860] usb 5-1: Using ep0 maxpacket: 8 [ 128.722497][ T5860] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 128.722527][ T5860] usb 5-1: config 0 interface 0 has no altsetting 0 [ 128.722558][ T5860] usb 5-1: New USB device found, idVendor=20a0, idProduct=4287, bcdDevice= 0.00 [ 128.722578][ T5860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.953035][ T5860] usb 5-1: config 0 descriptor?? [ 129.764561][ T5860] hid-u2fzero 0003:20A0:4287.0001: hidraw0: USB HID v0.03 Device [HID 20a0:4287] on usb-dummy_hcd.4-1/input0 [ 129.808302][ T5860] hid-u2fzero 0003:20A0:4287.0001: NitroKey U2F LED initialised [ 129.808797][ T5860] hid-u2fzero 0003:20A0:4287.0001: NitroKey U2F RNG initialised [ 129.948964][ T5919] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 130.542989][ T5919] usb 1-1: unable to get BOS descriptor or descriptor too short [ 130.605449][ T5919] usb 1-1: not running at top speed; connect to a high speed hub [ 130.688041][ T5919] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 130.691059][ T5919] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 130.691135][ T5919] usb 1-1: config 1 has no interface number 1 [ 130.692172][ T5919] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 130.692395][ T5919] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 130.944463][ T5919] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 130.944489][ T5919] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.944506][ T5919] usb 1-1: Product: syz [ 130.944517][ T5919] usb 1-1: Manufacturer: syz [ 130.944529][ T5919] usb 1-1: SerialNumber: syz [ 131.007121][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 131.340955][ T6246] netlink: 16 bytes leftover after parsing attributes in process `syz.1.86'. [ 131.371031][ T5919] hub 1-1:1.0: Invalid hub with more than one config or interface [ 131.371057][ T5919] hub 1-1:1.0: probe with driver hub failed with error -22 [ 131.383164][ T5919] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 131.566114][ T6032] usb 5-1: USB disconnect, device number 2 [ 131.839237][ T5919] usb 1-1: USB disconnect, device number 3 [ 132.008538][ T5157] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 132.008674][ T5157] Bluetooth: hci3: Injecting HCI hardware error event [ 132.011429][ T5866] Bluetooth: hci3: hardware error 0x00 [ 132.083401][ T6259] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 132.083435][ T6259] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 132.342268][ T6263] netlink: 96 bytes leftover after parsing attributes in process `syz.4.93'. [ 132.577094][ T6067] udevd[6067]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 132.974321][ T6032] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 133.580592][ T5933] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 133.591987][ T43] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 133.611452][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.611578][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.633773][ T6263] IPVS: set_ctl: invalid protocol: 255 255.255.255.255:20001 [ 133.888507][ T5933] usb 2-1: config 0 has an invalid interface number: 219 but max is 0 [ 133.888524][ T5933] usb 2-1: config 0 has no interface number 0 [ 133.892912][ T5933] usb 2-1: New USB device found, idVendor=27c6, idProduct=5395, bcdDevice=a1.57 [ 133.892928][ T5933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 133.892941][ T5933] usb 2-1: Product: syz [ 133.892952][ T5933] usb 2-1: Manufacturer: syz [ 133.892960][ T5933] usb 2-1: SerialNumber: syz [ 133.896139][ T5933] usb 2-1: config 0 descriptor?? [ 133.925418][ T5919] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 134.128244][ T5919] usb 1-1: Using ep0 maxpacket: 8 [ 134.211237][ T5919] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 134.211260][ T5919] usb 1-1: config 0 has no interfaces? [ 134.227725][ T5919] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 134.227752][ T5919] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 134.227769][ T5919] usb 1-1: Product: syz [ 134.227781][ T5919] usb 1-1: Manufacturer: syz [ 134.227793][ T5919] usb 1-1: SerialNumber: syz [ 134.535097][ T5866] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 135.331098][ T2165] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 135.369062][ T5919] usb 1-1: config 0 descriptor?? [ 135.770063][ T6282] FAULT_INJECTION: forcing a failure. [ 135.770063][ T6282] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.770084][ T6282] CPU: 1 UID: 0 PID: 6282 Comm: syz.3.97 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 135.770096][ T6282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 135.770105][ T6282] Call Trace: [ 135.770109][ T6282] [ 135.770114][ T6282] dump_stack_lvl+0x189/0x250 [ 135.770133][ T6282] ? __pfx____ratelimit+0x10/0x10 [ 135.770159][ T6282] ? __pfx_dump_stack_lvl+0x10/0x10 [ 135.770172][ T6282] ? __pfx__printk+0x10/0x10 [ 135.770189][ T6282] should_fail_ex+0x46c/0x600 [ 135.770205][ T6282] _copy_to_user+0x31/0xb0 [ 135.770217][ T6282] simple_read_from_buffer+0xe1/0x170 [ 135.770232][ T6282] proc_fail_nth_read+0x1b6/0x220 [ 135.770244][ T6282] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 135.770256][ T6282] ? rw_verify_area+0x2ac/0x4e0 [ 135.770267][ T6282] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 135.770277][ T6282] vfs_read+0x203/0xa30 [ 135.770292][ T6282] ? __pfx_vfs_read+0x10/0x10 [ 135.770302][ T6282] ? mctp_connect+0xe9/0x490 [ 135.770315][ T6282] ? bpf_lsm_socket_connect+0x9/0x20 [ 135.770326][ T6282] ? __sys_connect+0x346/0x450 [ 135.770340][ T6282] ? __pfx___sys_connect+0x10/0x10 [ 135.770354][ T6282] ksys_read+0x14b/0x260 [ 135.770367][ T6282] ? __pfx_ksys_read+0x10/0x10 [ 135.770376][ T6282] ? rcu_is_watching+0x15/0xb0 [ 135.770392][ T6282] ? do_syscall_64+0xbe/0x3b0 [ 135.770406][ T6282] do_syscall_64+0xfa/0x3b0 [ 135.770418][ T6282] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.770427][ T6282] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 135.770436][ T6282] ? clear_bhb_loop+0x60/0xb0 [ 135.770447][ T6282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.770456][ T6282] RIP: 0033:0x7fabaa75d5fc [ 135.770466][ T6282] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 135.770473][ T6282] RSP: 002b:00007faba89be030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 135.770484][ T6282] RAX: ffffffffffffffda RBX: 00007fabaa995fa0 RCX: 00007fabaa75d5fc [ 135.770491][ T6282] RDX: 000000000000000f RSI: 00007faba89be0a0 RDI: 0000000000000004 [ 135.770497][ T6282] RBP: 00007faba89be090 R08: 0000000000000000 R09: 0000000000000000 [ 135.770502][ T6282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.770507][ T6282] R13: 00007fabaa996038 R14: 00007fabaa995fa0 R15: 00007ffdd51e79a8 [ 135.770522][ T6282] [ 135.855953][ T5919] usb 1-1: can't set config #0, error -71 [ 135.930670][ T5919] usb 1-1: USB disconnect, device number 4 [ 136.078553][ T3603] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 136.325396][ T6287] netlink: 4 bytes leftover after parsing attributes in process `syz.4.98'. [ 137.026598][ T6289] FAULT_INJECTION: forcing a failure. [ 137.026598][ T6289] name failslab, interval 1, probability 0, space 0, times 0 [ 137.026626][ T6289] CPU: 0 UID: 0 PID: 6289 Comm: syz.3.100 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 137.026641][ T6289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 137.026648][ T6289] Call Trace: [ 137.026653][ T6289] [ 137.026660][ T6289] dump_stack_lvl+0x189/0x250 [ 137.026683][ T6289] ? __pfx____ratelimit+0x10/0x10 [ 137.026701][ T6289] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.026718][ T6289] ? __pfx__printk+0x10/0x10 [ 137.026737][ T6289] ? __pfx___might_resched+0x10/0x10 [ 137.026750][ T6289] ? fs_reclaim_acquire+0x7d/0x100 [ 137.026767][ T6289] should_fail_ex+0x46c/0x600 [ 137.026789][ T6289] ? __alloc_skb+0x112/0x2d0 [ 137.026806][ T6289] should_failslab+0xa8/0x100 [ 137.026828][ T6289] ? __alloc_skb+0x112/0x2d0 [ 137.026844][ T6289] kmem_cache_alloc_node_noprof+0x77/0x330 [ 137.026865][ T6289] __alloc_skb+0x112/0x2d0 [ 137.026887][ T6289] netlink_sendmsg+0x5c6/0xb30 [ 137.026916][ T6289] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.026936][ T6289] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 137.026949][ T6289] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.026965][ T6289] __sock_sendmsg+0x219/0x270 [ 137.026983][ T6289] ____sys_sendmsg+0x508/0x820 [ 137.027009][ T6289] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.027050][ T6289] ? import_iovec+0x74/0xa0 [ 137.027066][ T6289] ___sys_sendmsg+0x21f/0x2a0 [ 137.027090][ T6289] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.027130][ T6289] ? __fget_files+0x2a/0x420 [ 137.027150][ T6289] ? __fget_files+0x3a6/0x420 [ 137.027181][ T6289] __x64_sys_sendmsg+0x1a1/0x260 [ 137.027205][ T6289] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 137.027232][ T6289] ? __pfx_ksys_write+0x10/0x10 [ 137.027246][ T6289] ? rcu_is_watching+0x15/0xb0 [ 137.027268][ T6289] ? do_syscall_64+0xbe/0x3b0 [ 137.027290][ T6289] do_syscall_64+0xfa/0x3b0 [ 137.027307][ T6289] ? lockdep_hardirqs_on+0x9c/0x150 [ 137.027325][ T6289] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.027341][ T6289] ? clear_bhb_loop+0x60/0xb0 [ 137.027361][ T6289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.027376][ T6289] RIP: 0033:0x7fabaa75ebe9 [ 137.027391][ T6289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.027403][ T6289] RSP: 002b:00007faba89be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.027421][ T6289] RAX: ffffffffffffffda RBX: 00007fabaa995fa0 RCX: 00007fabaa75ebe9 [ 137.027430][ T6289] RDX: 0000000000004000 RSI: 0000200000000240 RDI: 0000000000000003 [ 137.027439][ T6289] RBP: 00007faba89be090 R08: 0000000000000000 R09: 0000000000000000 [ 137.027447][ T6289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.027455][ T6289] R13: 00007fabaa996038 R14: 00007fabaa995fa0 R15: 00007ffdd51e79a8 [ 137.027476][ T6289] [ 139.391003][ T6298] netlink: 25 bytes leftover after parsing attributes in process `syz.0.102'. [ 139.392675][ T3603] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 140.419156][ T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 140.569821][ T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 140.569855][ T10] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 140.569869][ T10] usb 1-1: config 1 interface 0 has no altsetting 1 [ 140.570841][ T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 140.570856][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 140.570865][ T10] usb 1-1: SerialNumber: syz [ 140.652828][ T10] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 141.037419][ T6306] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 141.118999][ T5919] usb 2-1: USB disconnect, device number 3 [ 141.256844][ T5919] usb 1-1: USB disconnect, device number 5 [ 141.349116][ T6321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 141.357310][ T6321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 141.396484][ T6323] FAULT_INJECTION: forcing a failure. [ 141.396484][ T6323] name failslab, interval 1, probability 0, space 0, times 0 [ 141.396515][ T6323] CPU: 1 UID: 0 PID: 6323 Comm: syz.3.112 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 141.396534][ T6323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 141.396544][ T6323] Call Trace: [ 141.396551][ T6323] [ 141.396558][ T6323] dump_stack_lvl+0x189/0x250 [ 141.396585][ T6323] ? __pfx____ratelimit+0x10/0x10 [ 141.396607][ T6323] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.396629][ T6323] ? __pfx__printk+0x10/0x10 [ 141.396651][ T6323] ? __pfx___might_resched+0x10/0x10 [ 141.396667][ T6323] ? fs_reclaim_acquire+0x7d/0x100 [ 141.396688][ T6323] should_fail_ex+0x46c/0x600 [ 141.396713][ T6323] ? __alloc_skb+0x112/0x2d0 [ 141.396739][ T6323] should_failslab+0xa8/0x100 [ 141.396761][ T6323] ? __alloc_skb+0x112/0x2d0 [ 141.396778][ T6323] kmem_cache_alloc_node_noprof+0x77/0x330 [ 141.396807][ T6323] __alloc_skb+0x112/0x2d0 [ 141.396831][ T6323] netlink_sendmsg+0x5c6/0xb30 [ 141.396861][ T6323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 141.396889][ T6323] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 141.396906][ T6323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 141.396927][ T6323] __sock_sendmsg+0x219/0x270 [ 141.396949][ T6323] ____sys_sendmsg+0x508/0x820 [ 141.396977][ T6323] ? __pfx_____sys_sendmsg+0x10/0x10 [ 141.397009][ T6323] ? import_iovec+0x74/0xa0 [ 141.397031][ T6323] ___sys_sendmsg+0x21f/0x2a0 [ 141.397056][ T6323] ? __pfx____sys_sendmsg+0x10/0x10 [ 141.397114][ T6323] ? __fget_files+0x2a/0x420 [ 141.397135][ T6323] ? __fget_files+0x3a6/0x420 [ 141.397167][ T6323] __x64_sys_sendmsg+0x1a1/0x260 [ 141.397192][ T6323] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 141.397224][ T6323] ? __pfx_ksys_write+0x10/0x10 [ 141.397241][ T6323] ? rcu_is_watching+0x15/0xb0 [ 141.397269][ T6323] ? do_syscall_64+0xbe/0x3b0 [ 141.397294][ T6323] do_syscall_64+0xfa/0x3b0 [ 141.397313][ T6323] ? lockdep_hardirqs_on+0x9c/0x150 [ 141.397334][ T6323] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.397351][ T6323] ? clear_bhb_loop+0x60/0xb0 [ 141.397371][ T6323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.397387][ T6323] RIP: 0033:0x7fabaa75ebe9 [ 141.397403][ T6323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.397416][ T6323] RSP: 002b:00007faba89be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 141.397434][ T6323] RAX: ffffffffffffffda RBX: 00007fabaa995fa0 RCX: 00007fabaa75ebe9 [ 141.397446][ T6323] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 141.397457][ T6323] RBP: 00007faba89be090 R08: 0000000000000000 R09: 0000000000000000 [ 141.397468][ T6323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.397477][ T6323] R13: 00007fabaa996038 R14: 00007fabaa995fa0 R15: 00007ffdd51e79a8 [ 141.397506][ T6323] [ 141.833465][ T6328] netlink: 'syz.3.114': attribute type 1 has an invalid length. [ 142.392475][ T3467] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 142.409966][ T6330] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 142.414876][ T6332] 8021q: adding VLAN 0 to HW filter on device bond1 [ 142.427526][ T5064] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 142.554564][ T6335] netlink: 84 bytes leftover after parsing attributes in process `syz.2.115'. [ 142.554608][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.115'. [ 142.562127][ T12] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 142.903199][ T6343] FAULT_INJECTION: forcing a failure. [ 142.903199][ T6343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.903229][ T6343] CPU: 0 UID: 0 PID: 6343 Comm: syz.1.119 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 142.903260][ T6343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 142.903270][ T6343] Call Trace: [ 142.903276][ T6343] [ 142.903283][ T6343] dump_stack_lvl+0x189/0x250 [ 142.903311][ T6343] ? __pfx____ratelimit+0x10/0x10 [ 142.903333][ T6343] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.903354][ T6343] ? __pfx__printk+0x10/0x10 [ 142.903387][ T6343] should_fail_ex+0x46c/0x600 [ 142.903414][ T6343] _copy_to_user+0x31/0xb0 [ 142.903435][ T6343] simple_read_from_buffer+0xe1/0x170 [ 142.903461][ T6343] proc_fail_nth_read+0x1b6/0x220 [ 142.903482][ T6343] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 142.903502][ T6343] ? rw_verify_area+0x2ac/0x4e0 [ 142.903521][ T6343] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 142.903540][ T6343] vfs_read+0x203/0xa30 [ 142.903567][ T6343] ? __pfx_vfs_read+0x10/0x10 [ 142.903593][ T6343] ? __sys_connect+0x346/0x450 [ 142.903617][ T6343] ? __pfx___sys_connect+0x10/0x10 [ 142.903643][ T6343] ksys_read+0x14b/0x260 [ 142.903664][ T6343] ? __pfx_ksys_read+0x10/0x10 [ 142.903680][ T6343] ? rcu_is_watching+0x15/0xb0 [ 142.903708][ T6343] ? do_syscall_64+0xbe/0x3b0 [ 142.903734][ T6343] do_syscall_64+0xfa/0x3b0 [ 142.903753][ T6343] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.903773][ T6343] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.903790][ T6343] ? clear_bhb_loop+0x60/0xb0 [ 142.903811][ T6343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.903827][ T6343] RIP: 0033:0x7f3096e7d5fc [ 142.903842][ T6343] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 142.903856][ T6343] RSP: 002b:00007f30950de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 142.903874][ T6343] RAX: ffffffffffffffda RBX: 00007f30970b5fa0 RCX: 00007f3096e7d5fc [ 142.903887][ T6343] RDX: 000000000000000f RSI: 00007f30950de0a0 RDI: 0000000000000004 [ 142.903897][ T6343] RBP: 00007f30950de090 R08: 0000000000000000 R09: 0000000000000000 [ 142.903908][ T6343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.903917][ T6343] R13: 00007f30970b6038 R14: 00007f30970b5fa0 R15: 00007ffc7e5de088 [ 142.903946][ T6343] [ 143.639480][ T5919] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 144.247821][ T5919] usb 5-1: config 0 has an invalid interface number: 219 but max is 0 [ 144.247847][ T5919] usb 5-1: config 0 has no interface number 0 [ 144.276000][ T5919] usb 5-1: New USB device found, idVendor=27c6, idProduct=5395, bcdDevice=a1.57 [ 144.276027][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.276044][ T5919] usb 5-1: Product: syz [ 144.276057][ T5919] usb 5-1: Manufacturer: syz [ 144.276069][ T5919] usb 5-1: SerialNumber: syz [ 144.397711][ T6359] FAULT_INJECTION: forcing a failure. [ 144.397711][ T6359] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.397743][ T6359] CPU: 1 UID: 0 PID: 6359 Comm: syz.0.123 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 144.397763][ T6359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.397772][ T6359] Call Trace: [ 144.397788][ T6359] [ 144.397795][ T6359] dump_stack_lvl+0x189/0x250 [ 144.397824][ T6359] ? __pfx____ratelimit+0x10/0x10 [ 144.397846][ T6359] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.397869][ T6359] ? __pfx__printk+0x10/0x10 [ 144.397887][ T6359] ? __might_fault+0xb0/0x130 [ 144.397921][ T6359] should_fail_ex+0x46c/0x600 [ 144.397963][ T6359] _copy_from_user+0x2d/0xb0 [ 144.397983][ T6359] core_sys_select+0x606/0xa20 [ 144.398017][ T6359] ? __pfx_core_sys_select+0x10/0x10 [ 144.398062][ T6359] ? __pfx_set_user_sigmask+0x10/0x10 [ 144.398082][ T6359] ? rt_mutex_slowunlock+0x1be/0x2e0 [ 144.398103][ T6359] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 144.398124][ T6359] __se_sys_pselect6+0x27a/0x300 [ 144.398149][ T6359] ? __pfx___se_sys_pselect6+0x10/0x10 [ 144.398180][ T6359] ? __pfx_ksys_write+0x10/0x10 [ 144.398198][ T6359] ? rcu_is_watching+0x15/0xb0 [ 144.398226][ T6359] ? __x64_sys_pselect6+0x21/0xf0 [ 144.398250][ T6359] do_syscall_64+0xfa/0x3b0 [ 144.398271][ T6359] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.398291][ T6359] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.398308][ T6359] ? clear_bhb_loop+0x60/0xb0 [ 144.398329][ T6359] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.398345][ T6359] RIP: 0033:0x7fe75cfdebe9 [ 144.398360][ T6359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.398374][ T6359] RSP: 002b:00007fe75b21d038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 144.398392][ T6359] RAX: ffffffffffffffda RBX: 00007fe75d216090 RCX: 00007fe75cfdebe9 [ 144.398405][ T6359] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040 [ 144.398416][ T6359] RBP: 00007fe75b21d090 R08: 0000000000000000 R09: 0000000000000000 [ 144.398426][ T6359] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 144.398437][ T6359] R13: 00007fe75d216128 R14: 00007fe75d216090 R15: 00007ffd9573ead8 [ 144.398465][ T6359] [ 144.728401][ T5919] usb 5-1: config 0 descriptor?? [ 144.908521][ T992] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 144.908795][ C1] raw-gadget.1 gadget.2: ignoring, device is not running [ 145.108297][ T6365] syz.1.126 uses obsolete (PF_INET,SOCK_PACKET) [ 145.121226][ T5064] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 145.744722][ T992] usb 3-1: device descriptor read/64, error -32 [ 145.967529][ T6371] netlink: 'syz.3.127': attribute type 21 has an invalid length. [ 145.967643][ T6371] netlink: 156 bytes leftover after parsing attributes in process `syz.3.127'. [ 146.002048][ T10] usb 5-1: USB disconnect, device number 3 [ 146.044441][ T6373] netlink: 'syz.3.127': attribute type 21 has an invalid length. [ 146.044462][ T6373] netlink: 6 bytes leftover after parsing attributes in process `syz.3.127'. [ 146.136751][ T992] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 146.558677][ T992] usb 3-1: device descriptor read/64, error -71 [ 146.619175][ T5933] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 146.794937][ T992] usb usb3-port1: attempt power cycle [ 147.700295][ T1021] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 147.761768][ T5933] usb 4-1: device descriptor read/64, error -71 [ 148.068274][ T5933] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 148.198366][ T5933] usb 4-1: device descriptor read/64, error -71 [ 148.317032][ T5933] usb usb4-port1: attempt power cycle [ 148.336920][ T6402] Illegal XDP return value 671889880 on prog (id 27) dev N/A, expect packet loss! [ 148.678234][ T5933] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 148.700959][ T5933] usb 4-1: device descriptor read/8, error -71 [ 148.960447][ T5933] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 149.168246][ T5933] usb 4-1: device not accepting address 6, error -71 [ 149.168678][ T5933] usb usb4-port1: unable to enumerate USB device [ 150.229686][ T6458] warning: `syz.0.161' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 150.878726][ T3467] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 152.427743][ T6509] netlink: 8 bytes leftover after parsing attributes in process `syz.3.184'. [ 152.718822][ T987] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 153.847427][ T6552] netlink: 12 bytes leftover after parsing attributes in process `syz.4.200'. [ 155.548441][ T6591] netlink: 'syz.1.215': attribute type 1 has an invalid length. [ 155.548462][ T6591] netlink: 208 bytes leftover after parsing attributes in process `syz.1.215'. [ 155.920426][ T3638] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 156.671053][ T6613] syzkaller0: entered promiscuous mode [ 156.671084][ T6613] syzkaller0: entered allmulticast mode [ 157.051178][ T6634] netlink: 44 bytes leftover after parsing attributes in process `syz.4.229'. [ 157.051202][ T6634] netlink: 43 bytes leftover after parsing attributes in process `syz.4.229'. [ 157.051217][ T6634] netlink: 'syz.4.229': attribute type 5 has an invalid length. [ 157.051228][ T6634] netlink: 43 bytes leftover after parsing attributes in process `syz.4.229'. [ 157.226700][ T6634] netlink: 192 bytes leftover after parsing attributes in process `syz.4.229'. [ 157.776589][ T6652] trusted_key: syz.3.237 sent an empty control message without MSG_MORE. [ 158.570466][ T1115] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 158.927585][ T6681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.251'. [ 159.667058][ T6703] netlink: 4 bytes leftover after parsing attributes in process `syz.0.258'. [ 159.856555][ T6711] tipc: Started in network mode [ 159.856592][ T6711] tipc: Node identity 120c65be7f1b, cluster identity 4711 [ 159.857341][ T6711] tipc: Enabled bearer , priority 0 [ 159.883937][ T6711] syzkaller0: entered promiscuous mode [ 159.883964][ T6711] syzkaller0: entered allmulticast mode [ 160.152510][ T6718] tipc: Resetting bearer [ 160.437946][ T6709] tipc: Resetting bearer [ 160.776883][ T6709] tipc: Disabling bearer [ 160.850080][ T2165] tipc: Node number set to 1830249918 [ 161.122815][ T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 162.399152][ C1] ------------[ cut here ]------------ [ 162.399174][ C1] WARNING: CPU: 1 PID: 29 at ./include/linux/seqlock.h:221 est_timer+0x6dc/0x9f0 [ 162.399209][ C1] Modules linked in: [ 162.399227][ C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 162.399250][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 162.399260][ C1] RIP: 0010:est_timer+0x6dc/0x9f0 [ 162.399281][ C1] Code: ff c7 42 80 3c 23 00 74 08 4c 89 f7 e8 bd 2c 41 f9 4d 89 3e 42 80 3c 23 00 0f 85 54 ff ff ff e9 57 ff ff ff e8 d5 f4 e1 f8 90 <0f> 0b 90 e9 63 fd ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 65 fa ff ff [ 162.399296][ C1] RSP: 0018:ffffc90000a3f7a0 EFLAGS: 00010246 [ 162.399313][ C1] RAX: ffffffff88dc69fb RBX: 0000000000000001 RCX: ffff88801ca91dc0 [ 162.399328][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 162.399340][ C1] RBP: ffffc90000a3f8b0 R08: 0000000000000000 R09: 0000000000000100 [ 162.399353][ C1] R10: dffffc0000000000 R11: fffff52000147f0a R12: 0000000000000004 [ 162.399367][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888033ce4668 [ 162.399380][ C1] FS: 0000000000000000(0000) GS:ffff8881269c2000(0000) knlGS:0000000000000000 [ 162.399396][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.399410][ C1] CR2: 00007f765a2dff68 CR3: 0000000039f1e000 CR4: 00000000003526f0 [ 162.399427][ C1] Call Trace: [ 162.399435][ C1] [ 162.399461][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.399497][ C1] call_timer_fn+0x17b/0x5f0 [ 162.399524][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.399545][ C1] ? call_timer_fn+0xbe/0x5f0 [ 162.399570][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 162.399604][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 162.399629][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.399652][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.399676][ C1] __run_timer_base+0x648/0x970 [ 162.399719][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 162.399760][ C1] run_timer_softirq+0xb7/0x180 [ 162.399786][ C1] handle_softirqs+0x22c/0x710 [ 162.399824][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 162.399861][ C1] run_ktimerd+0xcf/0x190 [ 162.399889][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 162.399927][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 162.399948][ C1] smpboot_thread_fn+0x542/0xa60 [ 162.399973][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 162.400007][ C1] kthread+0x711/0x8a0 [ 162.400049][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 162.400074][ C1] ? __pfx_kthread+0x10/0x10 [ 162.400108][ C1] ? __pfx_kthread+0x10/0x10 [ 162.400134][ C1] ret_from_fork+0x3f9/0x770 [ 162.400161][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 162.400194][ C1] ? __switch_to_asm+0x39/0x70 [ 162.400213][ C1] ? __switch_to_asm+0x33/0x70 [ 162.400231][ C1] ? __pfx_kthread+0x10/0x10 [ 162.400258][ C1] ret_from_fork_asm+0x1a/0x30 [ 162.400293][ C1] [ 162.400303][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 162.400318][ C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 162.400342][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 162.400354][ C1] Call Trace: [ 162.400361][ C1] [ 162.400369][ C1] dump_stack_lvl+0x99/0x250 [ 162.400396][ C1] ? __asan_memcpy+0x40/0x70 [ 162.400418][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.400445][ C1] ? __pfx__printk+0x10/0x10 [ 162.400483][ C1] vpanic+0x281/0x750 [ 162.400512][ C1] ? __pfx__printk+0x10/0x10 [ 162.400533][ C1] ? __pfx_vpanic+0x10/0x10 [ 162.400562][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 162.400603][ C1] panic+0xb9/0xc0 [ 162.400631][ C1] ? __pfx_panic+0x10/0x10 [ 162.400678][ C1] __warn+0x31b/0x4b0 [ 162.400705][ C1] ? est_timer+0x6dc/0x9f0 [ 162.400730][ C1] ? est_timer+0x6dc/0x9f0 [ 162.400750][ C1] report_bug+0x2be/0x4f0 [ 162.400774][ C1] ? est_timer+0x6dc/0x9f0 [ 162.400796][ C1] ? est_timer+0x6dc/0x9f0 [ 162.400814][ C1] ? est_timer+0x6de/0x9f0 [ 162.400834][ C1] handle_bug+0x84/0x160 [ 162.400863][ C1] exc_invalid_op+0x1a/0x50 [ 162.400890][ C1] asm_exc_invalid_op+0x1a/0x20 [ 162.400909][ C1] RIP: 0010:est_timer+0x6dc/0x9f0 [ 162.400932][ C1] Code: ff c7 42 80 3c 23 00 74 08 4c 89 f7 e8 bd 2c 41 f9 4d 89 3e 42 80 3c 23 00 0f 85 54 ff ff ff e9 57 ff ff ff e8 d5 f4 e1 f8 90 <0f> 0b 90 e9 63 fd ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 65 fa ff ff [ 162.400949][ C1] RSP: 0018:ffffc90000a3f7a0 EFLAGS: 00010246 [ 162.400966][ C1] RAX: ffffffff88dc69fb RBX: 0000000000000001 RCX: ffff88801ca91dc0 [ 162.400980][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 162.400992][ C1] RBP: ffffc90000a3f8b0 R08: 0000000000000000 R09: 0000000000000100 [ 162.401005][ C1] R10: dffffc0000000000 R11: fffff52000147f0a R12: 0000000000000004 [ 162.401019][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888033ce4668 [ 162.401050][ C1] ? est_timer+0x6db/0x9f0 [ 162.401100][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.401135][ C1] call_timer_fn+0x17b/0x5f0 [ 162.401160][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.401179][ C1] ? call_timer_fn+0xbe/0x5f0 [ 162.401201][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 162.401236][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 162.401261][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.401283][ C1] ? __pfx_est_timer+0x10/0x10 [ 162.401306][ C1] __run_timer_base+0x648/0x970 [ 162.401348][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 162.401391][ C1] run_timer_softirq+0xb7/0x180 [ 162.401415][ C1] handle_softirqs+0x22c/0x710 [ 162.401450][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 162.401487][ C1] run_ktimerd+0xcf/0x190 [ 162.401515][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 162.401553][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 162.401576][ C1] smpboot_thread_fn+0x542/0xa60 [ 162.401603][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 162.401639][ C1] kthread+0x711/0x8a0 [ 162.401671][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 162.401694][ C1] ? __pfx_kthread+0x10/0x10 [ 162.401729][ C1] ? __pfx_kthread+0x10/0x10 [ 162.401759][ C1] ret_from_fork+0x3f9/0x770 [ 162.401785][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 162.401820][ C1] ? __switch_to_asm+0x39/0x70 [ 162.401839][ C1] ? __switch_to_asm+0x33/0x70 [ 162.401858][ C1] ? __pfx_kthread+0x10/0x10 [ 162.401890][ C1] ret_from_fork_asm+0x1a/0x30 [ 162.401930][ C1] [ 162.402184][ C1] Kernel Offset: disabled