last executing test programs: 1m38.290414331s ago: executing program 3 (id=1695): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x0) 1m37.157521175s ago: executing program 2 (id=1696): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x1) unshare(0x2c020400) pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) sendmmsg(r3, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040881) setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000004880)=0xffff580c, 0x4) syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0x10) 1m36.859206994s ago: executing program 3 (id=1698): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x58, &(0x7f00000006c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x58, &(0x7f0000000780)}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x10, 0x2, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 1m36.256328369s ago: executing program 3 (id=1699): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e20, 0x3, 'ovf\x00', 0x1, 0xa7e, 0x70}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, 0x0, 0x0) r2 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x11}, {@remote, 0x4e1d, 0x3, 0xcd}}, 0x44) 1m35.883330846s ago: executing program 3 (id=1702): r0 = syz_usb_connect(0x5, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000100)={0x14, 0x0, 0x0}, &(0x7f0000000280)={0x1c, &(0x7f00000002c0)={0x0, 0x16, 0x3, "07fb26"}, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000040)=ANY=[@ANYBLOB="20070100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1m32.134790903s ago: executing program 4 (id=1710): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) sendmmsg$inet(r1, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000000800)="3aae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dea658eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0", 0x2de}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0768021fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a6e453a8a28cd5c4b733fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b1574826727f5f62", 0x1e9}, {&(0x7f0000000240)="05437c98b91b1455046f57b5fc913814bde2bbeac2104eaea9c9d01a7838d859207067c10aa7352abbdf98e9bf033a3184a11e84639d3b9164d9c5d729f3dd409d39ff041e657c8df70e1607d58c863d5f323f6d5cf367cd939f790732e8d2310e876fcb299cd44b72bda697035b7b475bc35afbb483db39ac864dbee0c9760c22a1d32d83588afd7c994652413b22db76874ca052ef2013317eb7fcc5677e9d", 0xa0}, {&(0x7f0000000200)="f610e61fc81cc3edc86f0500194d27a5a42cf1880b0dfd1ecda0fd0ed9", 0x1d}, {&(0x7f00000000c0)='q', 0x1}], 0x5, 0x0, 0x0, 0x900}}], 0x2, 0x0) 1m31.665789892s ago: executing program 4 (id=1712): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e20, 0x3, 'ovf\x00', 0x1, 0xa7e, 0x70}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, 0x0, 0x0) r2 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x11}, {@remote, 0x4e1d, 0x3, 0xcd}}, 0x44) 1m31.206958923s ago: executing program 4 (id=1715): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000380)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'sh\x00', 0x0, 0x60000001, 0xc}, {@loopback, 0x4e22, 0x3, 0x3, 0x8001, 0xffffffff}}, 0x44) 1m31.181959567s ago: executing program 2 (id=1716): syz_open_procfs(0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x101, 0x5, &(0x7f00000025c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) r4 = socket$pppl2tp(0x18, 0x1, 0x1) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) connect$pppl2tp(r4, 0x0, 0x0) 1m31.050926417s ago: executing program 3 (id=1717): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef36"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r4) sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="000325bd7000fbdbdf254c00000008000300020000000c00a6000b0000000000000011e94d426ab8672287cb7a1e1852af7499ad7fd8814b6d9d69eb85033604eb1f8c02c4cbf07d1c11b0e5ddc29865afd1cb6548c4043c98c977b0bc8dbf7443475122e5added281466aa1b1bd9e8c6101d4ac04630411b461870081de1d92079744fb8201c387a2979efd3621c35df47dd002792deb5b12f15f4d57370b47b56227ceef4d2d3fbe45cc2364b23fbad12ea4115c0db19515fe3139ea8ec852c363e1bfa89940360ab894c74eda4786eefc86439deea6795d0acc4e5926c498bb3a9248"], 0x28}, 0x1, 0x0, 0x0, 0x2000a005}, 0x10) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendto$inet(r5, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0) 1m30.867883636s ago: executing program 4 (id=1718): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6d"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="000325bd7000fbdbdf254c00000008000300020000000c00a6000b0000000000000011e94d426ab8672287cb7a1e1852af7499ad7fd8814b6d9d69eb85033604eb1f8c02c4cbf07d1c11b0e5ddc29865afd1cb6548c4043c98c977b0bc8dbf7443475122e5added281466aa1b1bd9e8c6101d4ac04630411b461870081de1d92079744fb8201c387a2979efd3621c35df47dd002792deb5b12f15f4d57370b47b56227ceef4d2d3fbe45cc2364b23fbad12ea4115c0db19515fe3139ea8ec852c363e1bfa89940"], 0x28}, 0x1, 0x0, 0x0, 0x2000a005}, 0x10) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10) sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r6, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbf08d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba416f7b1fc251409afd53815f775ab04810637bd8c9b2606a8512ee5622829a369d77900cfc7987f950003fb657f4c17131695efdcead8816ddae634049c3dab49a0ca36b1d5d93c8dac8fa0ba2a74f55d159667e3b52ec903f439a21a023b4bc7bf4463d73f5ae46a680f138c34f0ab2e8503ce342bfb26e481f087a08d410a8886335ac1fda0df344dfbb68b6bb8fcc2bf9a85fe835f350fb281e1159b093d52c519a3d61cd4979941c87ebf52404bdb04ebce4e1980314c1b03a674a86d6cf027b9076559eecadd6cbc5daab4002468d3653a11bbcb9cf625b1e4fe49a398e63200944d4ecee2741a09daf3650edb6a8dca6dc705873b78767c0e942a766c8be2bf425eeba3c277f09332f84fe9f24272059625703661763ed5efd08af27a1b6ccc3a7ae63ff339676e5caa6447e4a0575131495bc643681ca8e18b95bc7db66366c50cd89c9a59746da83dcced2526003b48e250bb7a20eabaf34e950fd1eeb6cce37de630e51a067e786dc3ecde5d2218962d33adde6734636adcf597b93be0cc3f307127d2b0df08a75d14f41ed41237db5e7b10fdacd56231cd781566b26080a06edbd7af51e6310233f0cea9aea8fe2c08a94cdc1ae11c6bef6f0fb5d4155567b47db0c4fc61940d157fc5a1df14ff33bd638b56b200b032cd99504751cb6c29d8252e6ebd0c1ac4c3df73d335aaf060f54d6a4f1c225eaca5e3f313a1d29f940d7a9fcaa040d7cab55550954a3c4d8bd772890fff6eadf3de96a39675", 0x2e4}], 0x1}}], 0x1, 0x400c0) sendto$inet(r6, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0) sendfile(r4, r5, 0x0, 0x20000023896) 1m27.669169326s ago: executing program 3 (id=1721): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0xa0142, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) io_setup(0x206, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) quotactl_fd$Q_SYNC(r0, 0xffffffff80000100, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x8, 0x2, 0x0, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x34, 0x1, 0x70bd2d, 0x25dfdbfd, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x24040040) 1m27.333088328s ago: executing program 4 (id=1723): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x58, &(0x7f00000006c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x58, &(0x7f0000000780)}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x10, 0x2, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 1m26.403454171s ago: executing program 4 (id=1725): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2}, &(0x7f0000000340)=0x0, &(0x7f00000000c0)=0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='io_uring_task_add\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r0, 0x0, 0x0, 0x0, 0x80000}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) 1m26.349930466s ago: executing program 2 (id=1726): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x1) unshare(0x2c020400) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) sendmmsg(r3, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040881) setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000004880)=0xffff580c, 0x4) syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0x10) 1m14.867468915s ago: executing program 2 (id=1741): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x101080, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1m10.535358237s ago: executing program 32 (id=1721): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0xa0142, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) io_setup(0x206, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) quotactl_fd$Q_SYNC(r0, 0xffffffff80000100, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x8, 0x2, 0x0, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x34, 0x1, 0x70bd2d, 0x25dfdbfd, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x24040040) 1m10.320952647s ago: executing program 2 (id=1744): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0xa2c25) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000340)=0xe) writev(r2, &(0x7f000009de80)=[{&(0x7f0000002a80)="92", 0x1}, {0x0}], 0x2) 1m9.408126121s ago: executing program 33 (id=1725): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2}, &(0x7f0000000340)=0x0, &(0x7f00000000c0)=0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='io_uring_task_add\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r0, 0x0, 0x0, 0x0, 0x80000}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) 1m9.295173959s ago: executing program 2 (id=1746): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x58, &(0x7f00000006c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x58, &(0x7f0000000780)}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x10, 0x2, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 52.68940149s ago: executing program 34 (id=1746): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x58, &(0x7f00000006c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x58, &(0x7f0000000780)}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x10, 0x2, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 46.699401325s ago: executing program 1 (id=1764): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="b8000000150001000000000000000000e0000002000000000000000000000000fe80000000000000000000000000000e4e200000000000000a00100000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08000000000000000100000000000000000000000000000000000000000000000000000000000000d309000000000000ffffffff000000000000000000000000fdffffffffffffff000000000000000000000000000000000000000000000000fdffffffb56b6e000000000000000000112b56b44bf90888415904d2618b751d76bed5d9142f19f9023f21fb8a0efd8acecd101002499fec8b62fc1eaa6a65cc22c848ed66cac1dec201feae4a27be86ee3bca56efd40450faaf406b06615e3e8a7334093bceffd97e867bc7914d3eafa2c1fc22abc2ffe04816fa2172ee3be7da0dc26f14d428349aed4bb65c8df9df7d0fb89b51aabf"], 0xb8}}, 0x0) 46.267790137s ago: executing program 1 (id=1766): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004580)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x28}}], 0x1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) ioctl$FAT_IOCTL_GET_ATTRIBUTES(0xffffffffffffffff, 0x80047210, &(0x7f00000001c0)) writev(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x18, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400100016800c0001000000000000000fff080005000a010102060015000600f8fd07004d226d309e78387e397f069db7c76dcc982e78e3f75d36617bc54d2b930436d76bf68f8cbcec04e39d9da821d20c215894d95a1d1f0bb11c14b3eab7d7a1a3d1554b5a182dbd1a5525c2e7b4c8973b8cda2f87217135ddb50622615c"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 45.046937061s ago: executing program 1 (id=1767): r0 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000280)={'comedi_parport\x00', [0x80004f27, 0xb, 0xcd, 0x400, 0x1, 0xcc7, 0x5, 0x5c95239b, 0x3, 0x3ff, 0x7fffffff, 0x1600, 0x3, 0x40008, 0x5, 0xe1cb, 0x6, 0xffffffff, 0x3, 0x3, 0xe, 0xfffffffd, 0xffffffff, 0xfffffff5, 0x6, 0x200003, 0x2000003c, 0x4, 0x3528, 0x2, 0x401]}) 44.447750722s ago: executing program 1 (id=1768): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff) r3 = syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x1885, 0x80, 0x2}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r6 = socket$rds(0x15, 0x5, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r6, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(r3, 0xb516, 0xc2de, 0x8, 0x0, 0x0) syz_open_dev$dri(0x0, 0x2, 0x0) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000002400)={0x1, 0x0, [{0x40000107}]}) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) epoll_create(0x3ff) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c5fe68bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8ba58502975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000380)=""/176) 36.17429225s ago: executing program 0 (id=1769): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000005b574e69622bf85eda07b3"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGUCODE(r1, 0xc018480d, &(0x7f0000000040)={0x3, 0x100, 0x0, 0x7, 0xf, 0x52b}) syz_open_dev$evdev(&(0x7f0000000040), 0x4, 0x12200) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 30.004506852s ago: executing program 1 (id=1770): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c4a616dc4010203010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 29.159743733s ago: executing program 0 (id=1771): add_key$user(&(0x7f00000036c0), &(0x7f0000003700)={'syz', 0x3}, &(0x7f0000003740)="41e98ea512ac20b0c1295b645741b13295e9720d4e66bb4b7e3ba0eb12049d6d8c9249ad6999f4ee34d761a5d0e0373750b5497dd4d503baac24adb69109e6df547e1976eec9", 0x46, 0xfffffffffffffffb) 28.801852245s ago: executing program 0 (id=1772): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) dup(r2) ioctl$sock_bt_hci(r0, 0x400448c9, 0x0) 28.54403528s ago: executing program 0 (id=1773): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000056544820e105080411250102030109021b000100000000090436cd8601", @ANYRES32=r0], 0x0) 27.921613926s ago: executing program 0 (id=1774): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 27.845402601s ago: executing program 0 (id=1775): creat(&(0x7f0000000100)='./file0\x00', 0x1c) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000"], 0xb0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 27.602567917s ago: executing program 1 (id=1776): shutdown(0xffffffffffffffff, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 291.872359ms ago: executing program 35 (id=1775): creat(&(0x7f0000000100)='./file0\x00', 0x1c) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000"], 0xb0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 0s ago: executing program 36 (id=1776): shutdown(0xffffffffffffffff, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.101' (ED25519) to the list of known hosts. [ 87.036847][ T1232] cfg80211: failed to load regulatory.db [ 89.248516][ T5824] cgroup: Unknown subsys name 'net' [ 89.509081][ T5824] cgroup: Unknown subsys name 'cpuset' [ 89.564470][ T5824] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.965712][ T5824] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 95.354928][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.372703][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.385831][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.387581][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.388162][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.399510][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.406578][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.410584][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.411160][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.414827][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.414997][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.434474][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.464059][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.496745][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.497829][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.518786][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.520368][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.559432][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.560706][ T5851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 95.565251][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.566202][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.576527][ T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 95.584756][ T5155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 95.591375][ T5851] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 95.596111][ T5851] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 96.660922][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 96.717140][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 96.798405][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 97.039544][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 97.055153][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 97.505899][ T5851] Bluetooth: hci2: command tx timeout [ 97.584029][ T5851] Bluetooth: hci3: command tx timeout [ 97.664007][ T5851] Bluetooth: hci4: command tx timeout [ 97.664203][ T5851] Bluetooth: hci1: command tx timeout [ 97.673997][ T5846] Bluetooth: hci0: command tx timeout [ 97.742009][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.743160][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.745092][ T5844] bridge_slave_0: entered allmulticast mode [ 97.748356][ T5844] bridge_slave_0: entered promiscuous mode [ 97.933286][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.933477][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.933705][ T5844] bridge_slave_1: entered allmulticast mode [ 97.943912][ T5844] bridge_slave_1: entered promiscuous mode [ 97.952431][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.952574][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.952778][ T5835] bridge_slave_0: entered allmulticast mode [ 97.964658][ T5835] bridge_slave_0: entered promiscuous mode [ 98.176516][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.176706][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.176911][ T5835] bridge_slave_1: entered allmulticast mode [ 98.180103][ T5835] bridge_slave_1: entered promiscuous mode [ 98.182788][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.182920][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.183128][ T5838] bridge_slave_0: entered allmulticast mode [ 98.187272][ T5838] bridge_slave_0: entered promiscuous mode [ 98.522424][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.522543][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.522663][ T5838] bridge_slave_1: entered allmulticast mode [ 98.525579][ T5838] bridge_slave_1: entered promiscuous mode [ 98.689417][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.835416][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.835533][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.835665][ T5845] bridge_slave_0: entered allmulticast mode [ 98.837487][ T5845] bridge_slave_0: entered promiscuous mode [ 98.840491][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.840644][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.840848][ T5842] bridge_slave_0: entered allmulticast mode [ 98.843056][ T5842] bridge_slave_0: entered promiscuous mode [ 98.851233][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.857706][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.073177][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.073291][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.073438][ T5845] bridge_slave_1: entered allmulticast mode [ 99.077171][ T5845] bridge_slave_1: entered promiscuous mode [ 99.078284][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.078419][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.078588][ T5842] bridge_slave_1: entered allmulticast mode [ 99.081756][ T5842] bridge_slave_1: entered promiscuous mode [ 99.097144][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.195164][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.478719][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.584015][ T5846] Bluetooth: hci2: command tx timeout [ 99.673947][ T5846] Bluetooth: hci3: command tx timeout [ 99.709735][ T5844] team0: Port device team_slave_0 added [ 99.744018][ T5846] Bluetooth: hci0: command tx timeout [ 99.744084][ T5846] Bluetooth: hci4: command tx timeout [ 99.744169][ T5851] Bluetooth: hci1: command tx timeout [ 99.851606][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.856903][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.859359][ T5835] team0: Port device team_slave_0 added [ 99.877317][ T5844] team0: Port device team_slave_1 added [ 99.979197][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.985438][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.988019][ T5835] team0: Port device team_slave_1 added [ 100.289316][ T5838] team0: Port device team_slave_0 added [ 100.601606][ T5838] team0: Port device team_slave_1 added [ 100.938717][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.938732][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.938747][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.042988][ T5845] team0: Port device team_slave_0 added [ 101.050069][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.050103][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.050162][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.057228][ T5842] team0: Port device team_slave_0 added [ 101.059899][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.059915][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.059938][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.197058][ T5845] team0: Port device team_slave_1 added [ 101.198090][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.198101][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.198116][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.200201][ T5842] team0: Port device team_slave_1 added [ 101.348793][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.348828][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.348883][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.507661][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.507674][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.507689][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.664022][ T5851] Bluetooth: hci2: command tx timeout [ 101.700670][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.700689][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.700716][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.714615][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.714633][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.714711][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.763880][ T5851] Bluetooth: hci3: command tx timeout [ 101.823940][ T5851] Bluetooth: hci1: command tx timeout [ 101.823980][ T5851] Bluetooth: hci0: command tx timeout [ 101.834294][ T5841] Bluetooth: hci4: command tx timeout [ 101.946583][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.946602][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.946627][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.950325][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.950339][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.950364][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.149023][ T5844] hsr_slave_0: entered promiscuous mode [ 102.150730][ T5844] hsr_slave_1: entered promiscuous mode [ 102.167916][ T5835] hsr_slave_0: entered promiscuous mode [ 102.169557][ T5835] hsr_slave_1: entered promiscuous mode [ 102.172842][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 102.172954][ T5835] Cannot create hsr debugfs directory [ 102.518479][ T5838] hsr_slave_0: entered promiscuous mode [ 102.519466][ T5838] hsr_slave_1: entered promiscuous mode [ 102.520237][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 102.520260][ T5838] Cannot create hsr debugfs directory [ 102.929849][ T5842] hsr_slave_0: entered promiscuous mode [ 102.931618][ T5842] hsr_slave_1: entered promiscuous mode [ 102.932782][ T5842] debugfs: 'hsr0' already exists in 'hsr' [ 102.932815][ T5842] Cannot create hsr debugfs directory [ 102.987853][ T5845] hsr_slave_0: entered promiscuous mode [ 102.990496][ T5845] hsr_slave_1: entered promiscuous mode [ 102.991964][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 102.991999][ T5845] Cannot create hsr debugfs directory [ 103.744036][ T5841] Bluetooth: hci2: command tx timeout [ 103.824870][ T5841] Bluetooth: hci3: command tx timeout [ 103.903999][ T5841] Bluetooth: hci0: command tx timeout [ 103.904013][ T5851] Bluetooth: hci4: command tx timeout [ 103.904039][ T5841] Bluetooth: hci1: command tx timeout [ 104.853505][ T5844] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 104.913273][ T5844] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 104.943583][ T5844] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 104.988350][ T5844] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 105.145780][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.181222][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.214140][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.283676][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.487965][ T5842] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 105.523649][ T5842] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 105.559317][ T5842] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 105.613165][ T5842] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 105.823170][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.887167][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 105.927440][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 105.999901][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 106.044575][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.208265][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.261323][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.261726][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.310655][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.349287][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.411922][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.412405][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.478709][ T3530] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.478887][ T3530] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.575583][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.711858][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.779976][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.783659][ T3498] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.784237][ T3498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.882799][ T3498] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.882986][ T3498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.011514][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.034938][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.082284][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.083200][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.151154][ T3498] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.151278][ T3498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.218010][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.309199][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.310381][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.359031][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.383361][ T5054] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.383933][ T5054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.562102][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.652054][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.673647][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.673973][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.758225][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.759104][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.076314][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.234999][ T5844] veth0_vlan: entered promiscuous mode [ 108.339265][ T5844] veth1_vlan: entered promiscuous mode [ 108.477420][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.680420][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.686432][ T5835] veth0_vlan: entered promiscuous mode [ 108.772817][ T5844] veth0_macvtap: entered promiscuous mode [ 108.801642][ T5835] veth1_vlan: entered promiscuous mode [ 108.830567][ T5844] veth1_macvtap: entered promiscuous mode [ 108.906827][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.998509][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.078511][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.151418][ T3530] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.171837][ T5835] veth0_macvtap: entered promiscuous mode [ 109.182228][ T3530] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.186667][ T5838] veth0_vlan: entered promiscuous mode [ 109.201665][ T3530] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.217170][ T3530] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.236035][ T5835] veth1_macvtap: entered promiscuous mode [ 109.342553][ T5838] veth1_vlan: entered promiscuous mode [ 109.447931][ T5845] veth0_vlan: entered promiscuous mode [ 109.543113][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.629229][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.647595][ T5845] veth1_vlan: entered promiscuous mode [ 109.677567][ T5842] veth0_vlan: entered promiscuous mode [ 109.702148][ T3546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.702171][ T3546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.742837][ T3546] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.769795][ T3546] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.787539][ T3546] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.789129][ T5842] veth1_vlan: entered promiscuous mode [ 109.821465][ T3546] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.882071][ T5838] veth0_macvtap: entered promiscuous mode [ 109.937481][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.937503][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.966459][ T5838] veth1_macvtap: entered promiscuous mode [ 110.265583][ T5845] veth0_macvtap: entered promiscuous mode [ 110.318550][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.362990][ T5845] veth1_macvtap: entered promiscuous mode [ 110.364372][ T3546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.364389][ T3546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.422151][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.450792][ T5842] veth0_macvtap: entered promiscuous mode [ 110.546692][ T67] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.549570][ T5842] veth1_macvtap: entered promiscuous mode [ 110.550980][ T67] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.566083][ T67] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.577004][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.595482][ T5054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.595505][ T5054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.600334][ T5958] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2'. [ 110.650791][ T1095] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.698025][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.852397][ T5960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6'. [ 110.862786][ T67] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.921068][ T67] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.932081][ T67] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.941761][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.017389][ T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.149012][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.387842][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.401086][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.407946][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.410034][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.432386][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.432408][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.913328][ T5054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.913352][ T5054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.169191][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.169214][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.409999][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.410031][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.524020][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.524044][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.851743][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.851767][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.712205][ T5990] netlink: 84 bytes leftover after parsing attributes in process `syz.2.12'. [ 118.371602][ T6012] syz.3.15 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 122.008293][ T6050] netlink: 84 bytes leftover after parsing attributes in process `syz.0.24'. [ 126.721164][ T6077] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 130.474012][ T6101] netlink: 84 bytes leftover after parsing attributes in process `syz.4.37'. [ 133.137777][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.137900][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.048098][ T6192] process 'syz.4.62' launched '/dev/fd/5' with NULL argv: empty string added [ 139.969427][ T6201] Bluetooth: MGMT ver 1.23 [ 141.142085][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.67'. [ 141.734782][ T6221] IPv4: Oversized IP packet from 127.202.26.0 [ 142.106454][ T6232] netlink: 208 bytes leftover after parsing attributes in process `syz.4.75'. [ 144.239236][ T6239] netlink: 'syz.4.81': attribute type 4 has an invalid length. [ 144.246643][ T6245] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.80'. [ 144.494164][ T6239] netlink: 'syz.4.81': attribute type 4 has an invalid length. [ 145.838030][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.2.93'. [ 147.262355][ T6291] Illegal XDP return value 4294967294 on prog (id 26) dev N/A, expect packet loss! [ 147.457960][ T6294] netlink: 8 bytes leftover after parsing attributes in process `syz.3.100'. [ 147.491004][ T6296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.99'. [ 147.581477][ T6296] hsr0: entered promiscuous mode [ 147.588028][ T6296] macsec1: entered promiscuous mode [ 147.588324][ T6296] macsec1: entered allmulticast mode [ 147.588336][ T6296] hsr0: entered allmulticast mode [ 147.588346][ T6296] hsr_slave_0: entered allmulticast mode [ 147.588367][ T6296] hsr_slave_1: entered allmulticast mode [ 147.658928][ T9] IPVS: starting estimator thread 0... [ 147.698162][ T6296] hsr0: left allmulticast mode [ 147.698185][ T6296] hsr_slave_0: left allmulticast mode [ 147.698209][ T6296] hsr_slave_1: left allmulticast mode [ 147.744207][ T6300] IPVS: using max 7 ests per chain, 16800 per kthread [ 148.710245][ T6321] netlink: 'syz.1.111': attribute type 1 has an invalid length. [ 148.710269][ T6321] netlink: 224 bytes leftover after parsing attributes in process `syz.1.111'. [ 149.112153][ T6328] netlink: 612 bytes leftover after parsing attributes in process `syz.4.114'. [ 152.877749][ T6370] syz.2.129: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 152.878009][ T6370] CPU: 1 UID: 0 PID: 6370 Comm: syz.2.129 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 152.878034][ T6370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 152.878047][ T6370] Call Trace: [ 152.878055][ T6370] [ 152.878064][ T6370] dump_stack_lvl+0x189/0x250 [ 152.878107][ T6370] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.878140][ T6370] ? __pfx__printk+0x10/0x10 [ 152.878164][ T6370] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 152.878188][ T6370] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 152.878214][ T6370] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 152.878240][ T6370] warn_alloc+0x22e/0x3b0 [ 152.878285][ T6370] ? __pfx_warn_alloc+0x10/0x10 [ 152.878324][ T6370] ? __kasan_kmalloc+0x93/0xb0 [ 152.878348][ T6370] ? __kmalloc_cache_noprof+0x1a8/0x320 [ 152.878375][ T6370] ? xskq_create+0x56/0x170 [ 152.878400][ T6370] ? xsk_init_queue+0xb0/0x110 [ 152.878423][ T6370] ? xsk_setsockopt+0x4dc/0x8d0 [ 152.878444][ T6370] ? do_sock_setsockopt+0x179/0x1b0 [ 152.878472][ T6370] ? __x64_sys_setsockopt+0x145/0x1b0 [ 152.878500][ T6370] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.878529][ T6370] __vmalloc_node_range_noprof+0x125/0x12f0 [ 152.878607][ T6370] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 152.878647][ T6370] ? __kasan_kmalloc+0x93/0xb0 [ 152.878677][ T6370] vmalloc_user_noprof+0xad/0xf0 [ 152.878707][ T6370] ? xskq_create+0xbf/0x170 [ 152.878732][ T6370] xskq_create+0xbf/0x170 [ 152.878761][ T6370] xsk_init_queue+0xb0/0x110 [ 152.878790][ T6370] xsk_setsockopt+0x4dc/0x8d0 [ 152.878815][ T6370] ? __pfx_xsk_setsockopt+0x10/0x10 [ 152.878854][ T6370] ? __fget_files+0x2a/0x420 [ 152.878880][ T6370] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 152.878901][ T6370] ? __pfx_xsk_setsockopt+0x10/0x10 [ 152.878928][ T6370] do_sock_setsockopt+0x179/0x1b0 [ 152.878962][ T6370] __x64_sys_setsockopt+0x145/0x1b0 [ 152.878998][ T6370] do_syscall_64+0xfa/0x3b0 [ 152.879026][ T6370] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.879052][ T6370] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.879073][ T6370] ? clear_bhb_loop+0x60/0xb0 [ 152.879099][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.879118][ T6370] RIP: 0033:0x7f2caa7febe9 [ 152.879138][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.879156][ T6370] RSP: 002b:00007f2ca8a5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 152.879176][ T6370] RAX: ffffffffffffffda RBX: 00007f2caaa35fa0 RCX: 00007f2caa7febe9 [ 152.879192][ T6370] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 152.879205][ T6370] RBP: 00007f2caa881e19 R08: 0000000000000004 R09: 0000000000000000 [ 152.879217][ T6370] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.879230][ T6370] R13: 00007f2caaa36038 R14: 00007f2caaa35fa0 R15: 00007ffd91604cf8 [ 152.879265][ T6370] [ 152.879274][ T6370] Mem-Info: [ 152.879283][ T6370] active_anon:278 inactive_anon:8952 isolated_anon:0 [ 152.879283][ T6370] active_file:5115 inactive_file:38143 isolated_file:0 [ 152.879283][ T6370] unevictable:768 dirty:115 writeback:0 [ 152.879283][ T6370] slab_reclaimable:11443 slab_unreclaimable:101983 [ 152.879283][ T6370] mapped:33303 shmem:4271 pagetables:1195 [ 152.879283][ T6370] sec_pagetables:0 bounce:0 [ 152.879283][ T6370] kernel_misc_reclaimable:0 [ 152.879283][ T6370] free:1329449 free_pcp:6235 free_cma:0 [ 152.879339][ T6370] Node 0 active_anon:1112kB inactive_anon:35808kB active_file:20256kB inactive_file:152572kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:133212kB dirty:460kB writeback:0kB shmem:15548kB kernel_stack:13196kB pagetables:4664kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 152.879388][ T6370] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 152.879434][ T6370] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 152.879495][ T6370] lowmem_reserve[]: 0 2512 2513 2513 2513 [ 152.879534][ T6370] Node 0 DMA32 free:1397492kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1108kB inactive_anon:35760kB active_file:19244kB inactive_file:152504kB unevictable:1536kB writepending:460kB present:3129332kB managed:2572320kB mlocked:0kB bounce:0kB free_pcp:23136kB local_pcp:14724kB free_cma:0kB [ 152.879604][ T6370] lowmem_reserve[]: 0 0 1 1 1 [ 152.879640][ T6370] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:48kB active_file:1012kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 152.879698][ T6370] lowmem_reserve[]: 0 0 0 0 0 [ 152.879733][ T6370] Node 1 Normal free:3904944kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:1804kB local_pcp:1804kB free_cma:0kB [ 152.879792][ T6370] lowmem_reserve[]: 0 0 0 0 0 [ 152.879825][ T6370] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 152.880179][ T6370] Node 0 DMA32: 1168*4kB (UME) 774*8kB (UME) 309*16kB (UME) 54*32kB (UME) 32*64kB (UME) 25*128kB (UME) 16*256kB (UM) 13*512kB (UME) 8*1024kB (UM) 6*2048kB (UM) 328*4096kB (M) = 1397504kB [ 152.880352][ T6370] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 152.880460][ T6370] Node 1 Normal: 211*4kB (UME) 49*8kB (UME) 33*16kB (UME) 202*32kB (UME) 95*64kB (UME) 24*128kB (UME) 10*256kB (UM) 8*512kB (UM) 2*1024kB (UM) 0*2048kB 947*4096kB (ME) = 3904996kB [ 152.880634][ T6370] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 152.880651][ T6370] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 152.880669][ T6370] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 152.880685][ T6370] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 152.880702][ T6370] 47525 total pagecache pages [ 152.880710][ T6370] 0 pages in swap cache [ 152.880717][ T6370] Free swap = 124996kB [ 152.880725][ T6370] Total swap = 124996kB [ 152.880733][ T6370] 2097051 pages RAM [ 152.880741][ T6370] 0 pages HighMem/MovableOnly [ 152.880748][ T6370] 422073 pages reserved [ 152.880756][ T6370] 0 pages cma reserved [ 153.311460][ T5222] hid-generic 0005:16BF:5505.0001: unknown main item tag 0x0 [ 153.311503][ T5222] hid-generic 0005:16BF:5505.0001: unknown main item tag 0x0 [ 153.311709][ T5222] hid-generic 0005:16BF:5505.0001: reserved main item tag 0xe [ 153.532243][ T5222] hid-generic 0005:16BF:5505.0001: hidraw0: BLUETOOTH HID vc3.b8 Device [syz0] on aa:aa:aa:aa:aa:aa [ 154.102953][ T6382] fido_id[6382]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci4/hci4:200/report_descriptor': No such file or directory [ 154.277075][ T6389] syz.3.136(6389): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 154.416311][ T6391] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 158.004034][ T6419] netlink: 'syz.1.144': attribute type 1 has an invalid length. [ 158.004056][ T6419] netlink: 224 bytes leftover after parsing attributes in process `syz.1.144'. [ 160.012963][ T6444] pim6reg: entered allmulticast mode [ 160.052182][ T6444] pim6reg: left allmulticast mode [ 160.314049][ T6448] netlink: 224 bytes leftover after parsing attributes in process `syz.2.157'. [ 161.945838][ T10] IPVS: starting estimator thread 0... [ 162.034519][ T6482] IPVS: using max 6 ests per chain, 14400 per kthread [ 162.053431][ T6479] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 169.144173][ T6537] netlink: 84 bytes leftover after parsing attributes in process `syz.3.190'. [ 176.188116][ T6594] netlink: 84 bytes leftover after parsing attributes in process `syz.3.206'. [ 181.544639][ T6633] netlink: 'syz.4.221': attribute type 1 has an invalid length. [ 181.544664][ T6633] netlink: 224 bytes leftover after parsing attributes in process `syz.4.221'. [ 182.226906][ T6644] netlink: 52 bytes leftover after parsing attributes in process `syz.1.224'. [ 183.805582][ T6652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.228'. [ 184.705390][ T6661] syz.1.229 uses obsolete (PF_INET,SOCK_PACKET) [ 184.989660][ T6665] Zero length message leads to an empty skb [ 187.066993][ T6674] netlink: 'syz.3.235': attribute type 1 has an invalid length. [ 187.067017][ T6674] netlink: 224 bytes leftover after parsing attributes in process `syz.3.235'. [ 187.254429][ T6680] netlink: 4 bytes leftover after parsing attributes in process `syz.0.234'. [ 187.309021][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.232'. [ 187.650107][ T6681] veth1_macvtap: left promiscuous mode [ 187.745968][ T6695] netlink: 52 bytes leftover after parsing attributes in process `syz.1.239'. [ 187.799466][ T6697] netlink: 84 bytes leftover after parsing attributes in process `syz.1.239'. [ 188.392541][ T6690] syz.3.237 (6690) used greatest stack depth: 15720 bytes left [ 190.370449][ T6711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.243'. [ 191.803485][ T6720] netlink: 'syz.2.246': attribute type 1 has an invalid length. [ 191.803510][ T6720] netlink: 224 bytes leftover after parsing attributes in process `syz.2.246'. [ 192.167656][ T6730] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 192.167677][ T6730] IPv6: NLM_F_CREATE should be set when creating new route [ 192.197838][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.250'. [ 192.347771][ T6738] netlink: 52 bytes leftover after parsing attributes in process `syz.2.251'. [ 192.391350][ T6740] netlink: 84 bytes leftover after parsing attributes in process `syz.2.251'. [ 192.447598][ T6742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'. [ 195.226709][ T6763] capability: warning: `syz.1.257' uses deprecated v2 capabilities in a way that may be insecure [ 195.716517][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.716608][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.848434][ T6771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.259'. [ 197.162477][ T6781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.263'. [ 197.575355][ T6787] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 197.688888][ T6790] netlink: 'syz.2.265': attribute type 4 has an invalid length. [ 197.688913][ T6790] netlink: 152 bytes leftover after parsing attributes in process `syz.2.265'. [ 198.655047][ T6790] Ã: renamed from bond0 (while UP) [ 198.731973][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'. [ 198.786244][ T6799] netlink: 4 bytes leftover after parsing attributes in process `syz.4.268'. [ 198.950152][ T6796] veth0: entered promiscuous mode [ 198.969842][ T6796] veth0: left promiscuous mode [ 200.051455][ T6809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.272'. [ 200.112322][ T6810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'. [ 200.690915][ T6821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'. [ 204.405608][ T6842] netlink: 'syz.1.283': attribute type 1 has an invalid length. [ 204.523511][ T6842] 8021q: adding VLAN 0 to HW filter on device bond1 [ 204.642079][ T6849] bond1: (slave ip6gretap1): making interface the new active one [ 204.666110][ T6849] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 204.910508][ T6858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.288'. [ 204.968416][ T6842] veth3: entered promiscuous mode [ 204.977794][ T6842] bond1: (slave veth3): Enslaving as an active interface with a down link [ 205.021486][ T6849] erspan0: entered allmulticast mode [ 205.079154][ T6849] bond1: (slave erspan0): Enslaving as an active interface with an up link [ 205.115606][ T6865] netlink: 4 bytes leftover after parsing attributes in process `syz.0.291'. [ 208.708973][ T5222] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 208.719766][ T5222] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 209.594080][ T6886] fido_id[6886]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 209.714001][ T6893] netlink: 84 bytes leftover after parsing attributes in process `syz.2.295'. [ 211.217960][ T6867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.291'. [ 212.425616][ T6926] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 213.979329][ T6512] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 214.046283][ T6512] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 214.942626][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz.4.311'. [ 215.302502][ T6957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.312'. [ 215.303539][ T6957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.312'. [ 215.312531][ T6952] fido_id[6952]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 216.337091][ T6976] netlink: 9 bytes leftover after parsing attributes in process `syz.1.317'. [ 216.337355][ T6976] ..0·: renamed from hsr0 (while UP) [ 217.651651][ T6976] ..0·: entered allmulticast mode [ 217.651675][ T6976] hsr_slave_0: entered allmulticast mode [ 217.651698][ T6976] hsr_slave_1: entered allmulticast mode [ 217.652402][ T6976] A link change request failed with some changes committed already. Interface ..0· may have been left with an inconsistent configuration, please check. [ 217.665088][ T6512] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 217.702842][ T6512] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 217.944531][ T6972] sctp: failed to load transform for md5: -2 [ 218.121321][ T6995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.324'. [ 218.188971][ T6990] fido_id[6990]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 219.976013][ T7003] netlink: 84 bytes leftover after parsing attributes in process `syz.0.322'. [ 221.075316][ T7013] Bluetooth: MGMT ver 1.23 [ 221.637102][ T7023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.329'. [ 221.855031][ T7023] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'. [ 222.362744][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.335'. [ 223.065644][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 223.518667][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 223.518839][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 223.518942][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 223.595390][ T5222] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 223.621133][ T5222] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 224.022581][ T7047] fido_id[7047]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 224.165256][ T7064] netlink: 84 bytes leftover after parsing attributes in process `syz.0.340'. [ 229.447989][ T6512] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 230.004548][ T6512] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 230.490939][ T7126] netlink: 84 bytes leftover after parsing attributes in process `syz.2.356'. [ 230.556863][ T7120] netlink: 64 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562262][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562333][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562455][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562512][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562568][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562624][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562679][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.562735][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'. [ 230.612315][ T7116] fido_id[7116]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 240.481586][ T7211] __nla_validate_parse: 101 callbacks suppressed [ 240.481609][ T7211] netlink: 64 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482420][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482483][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482538][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482593][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482647][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482701][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482755][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482814][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 240.482871][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.381'. [ 241.677628][ T31] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 242.056268][ T31] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 244.334832][ T7236] warning: `syz.0.388' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 244.417100][ T7232] fido_id[7232]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 245.740310][ T7250] netlink: 'syz.4.394': attribute type 1 has an invalid length. [ 246.039065][ T7250] 8021q: adding VLAN 0 to HW filter on device bond1 [ 246.112533][ T7258] vlan2: entered promiscuous mode [ 246.112557][ T7258] bond1: entered promiscuous mode [ 246.112801][ T7258] vlan2: entered allmulticast mode [ 246.112816][ T7258] bond1: entered allmulticast mode [ 246.853089][ T7262] bond1: (slave gretap1): making interface the new active one [ 246.853155][ T7262] gretap1: entered promiscuous mode [ 246.853363][ T7262] gretap1: entered allmulticast mode [ 246.905547][ T7262] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 247.651482][ T7285] __nla_validate_parse: 45 callbacks suppressed [ 247.651505][ T7285] netlink: 64 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652641][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652702][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652758][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652814][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652869][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652923][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.652979][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.653033][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 247.653089][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 250.776740][ T7323] netlink: 'syz.4.412': attribute type 1 has an invalid length. [ 250.821020][ T7318] veth3: entered promiscuous mode [ 251.114027][ T7323] 8021q: adding VLAN 0 to HW filter on device bond2 [ 252.201501][ T7327] vlan3: entered promiscuous mode [ 252.201526][ T7327] bond2: entered promiscuous mode [ 252.201747][ T7327] vlan3: entered allmulticast mode [ 252.201760][ T7327] bond2: entered allmulticast mode [ 256.260027][ T7384] __nla_validate_parse: 99 callbacks suppressed [ 256.260049][ T7384] netlink: 64 bytes leftover after parsing attributes in process `syz.3.430'. [ 256.454668][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.454759][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.694177][ T7374] veth3: entered promiscuous mode [ 257.738994][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739064][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739120][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739190][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739242][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739297][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739352][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739407][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 257.739461][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 262.492911][ T7430] __nla_validate_parse: 45 callbacks suppressed [ 262.492935][ T7430] netlink: 64 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.523942][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524057][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524114][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524171][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524227][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524283][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524338][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524406][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 262.524461][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 267.594016][ T7480] __nla_validate_parse: 46 callbacks suppressed [ 267.594039][ T7480] netlink: 64 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598519][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598586][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598642][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598697][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598756][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598815][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598874][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598930][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 267.598985][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 274.654358][ T7553] netlink: 'syz.3.484': attribute type 13 has an invalid length. [ 274.654382][ T7553] netlink: 'syz.3.484': attribute type 17 has an invalid length. [ 275.337518][ T7567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 276.843025][ T7576] __nla_validate_parse: 101 callbacks suppressed [ 276.843047][ T7576] netlink: 64 bytes leftover after parsing attributes in process `syz.0.490'. [ 276.974332][ T7553] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 277.028468][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029477][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029536][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029591][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029647][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029702][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029756][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029811][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 277.029866][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 282.170765][ T7634] __nla_validate_parse: 45 callbacks suppressed [ 282.170788][ T7634] netlink: 20 bytes leftover after parsing attributes in process `syz.4.509'. [ 284.410114][ T7664] netlink: 'syz.2.520': attribute type 6 has an invalid length. [ 284.633330][ T7667] netlink: 20 bytes leftover after parsing attributes in process `syz.0.521'. [ 284.827666][ T7670] netlink: 64 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.829936][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.829998][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.830045][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.830094][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.830149][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.830208][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.830276][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.523'. [ 284.960930][ T7674] netlink: 'syz.0.525': attribute type 1 has an invalid length. [ 285.229317][ T7674] 8021q: adding VLAN 0 to HW filter on device bond1 [ 285.360682][ T7678] bond1: (slave ip6gretap1): making interface the new active one [ 285.366763][ T7678] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 287.229175][ T7703] __nla_validate_parse: 45 callbacks suppressed [ 287.229195][ T7703] netlink: 20 bytes leftover after parsing attributes in process `syz.4.535'. [ 287.258123][ T7701] netlink: 'syz.1.534': attribute type 2 has an invalid length. [ 287.258148][ T7701] netlink: 'syz.1.534': attribute type 8 has an invalid length. [ 287.258160][ T7701] netlink: 132 bytes leftover after parsing attributes in process `syz.1.534'. [ 287.286245][ T7704] netlink: 64 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.286923][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.286989][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.287036][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.287086][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.287134][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.287181][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.287229][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.536'. [ 287.670292][ T7714] netlink: 'syz.1.539': attribute type 1 has an invalid length. [ 287.834814][ T7714] 8021q: adding VLAN 0 to HW filter on device bond2 [ 290.207073][ T7739] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 290.404498][ T7746] netlink: 'syz.4.552': attribute type 1 has an invalid length. [ 290.652129][ T7754] netlink: 'syz.2.555': attribute type 1 has an invalid length. [ 290.709816][ T7746] 8021q: adding VLAN 0 to HW filter on device bond3 [ 290.847468][ T7750] vlan4: entered promiscuous mode [ 290.847492][ T7750] bond3: entered promiscuous mode [ 290.847708][ T7750] vlan4: entered allmulticast mode [ 290.847722][ T7750] bond3: entered allmulticast mode [ 291.835832][ T7754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 292.446906][ T7755] bond0: (slave ip6gretap1): making interface the new active one [ 292.448657][ T7755] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link [ 293.324848][ T7778] netlink: 'syz.2.562': attribute type 1 has an invalid length. [ 293.507680][ T7778] 8021q: adding VLAN 0 to HW filter on device bond1 [ 296.054097][ T7802] netlink: 'syz.4.572': attribute type 1 has an invalid length. [ 296.457185][ T7802] 8021q: adding VLAN 0 to HW filter on device bond4 [ 296.458092][ T7807] __nla_validate_parse: 101 callbacks suppressed [ 296.458109][ T7807] netlink: 208 bytes leftover after parsing attributes in process `syz.1.571'. [ 297.657475][ T7811] netlink: 'syz.1.573': attribute type 1 has an invalid length. [ 297.773973][ T7806] netlink: 208 bytes leftover after parsing attributes in process `syz.2.570'. [ 298.031681][ T7802] veth5: entered promiscuous mode [ 298.071187][ T7802] bond4: (slave veth5): Enslaving as an active interface with a down link [ 299.742952][ T7811] 8021q: adding VLAN 0 to HW filter on device bond3 [ 301.534311][ T7850] netlink: 208 bytes leftover after parsing attributes in process `syz.0.583'. [ 302.539736][ T7862] netlink: 208 bytes leftover after parsing attributes in process `syz.0.587'. [ 302.904462][ T7867] netlink: 'syz.4.588': attribute type 1 has an invalid length. [ 303.165781][ T7867] 8021q: adding VLAN 0 to HW filter on device bond5 [ 303.485621][ T7871] veth7: entered promiscuous mode [ 303.507641][ T7871] bond5: (slave veth7): Enslaving as an active interface with a down link [ 303.993733][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.023688][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.053682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.383894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.385034][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.386181][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.443813][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.444950][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.446097][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 304.447236][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 306.843880][ T7897] netlink: 208 bytes leftover after parsing attributes in process `syz.1.597'. [ 307.365278][ T7900] netlink: 208 bytes leftover after parsing attributes in process `syz.2.599'. [ 308.074060][ T7913] netlink: 20 bytes leftover after parsing attributes in process `syz.3.605'. [ 308.074665][ T7913] netlink: 20 bytes leftover after parsing attributes in process `syz.3.605'. [ 308.192830][ T7917] netlink: 28 bytes leftover after parsing attributes in process `syz.4.607'. [ 311.030556][ T7932] veth3: entered promiscuous mode [ 311.649830][ T7942] netlink: 620 bytes leftover after parsing attributes in process `syz.2.616'. [ 312.292406][ T7953] netlink: 4 bytes leftover after parsing attributes in process `syz.2.619'. [ 316.973103][ T7977] netlink: 36 bytes leftover after parsing attributes in process `syz.3.626'. [ 317.086972][ T7965] sctp: failed to load transform for md5: -2 [ 317.131229][ T7981] netlink: 620 bytes leftover after parsing attributes in process `syz.1.628'. [ 317.327432][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.630'. [ 317.432369][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.432457][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.859883][ T7993] netlink: 'syz.1.632': attribute type 13 has an invalid length. [ 317.859909][ T7993] netlink: 'syz.1.632': attribute type 17 has an invalid length. [ 318.183353][ T7993] erspan0: left allmulticast mode [ 318.268116][ T7997] netlink: 28 bytes leftover after parsing attributes in process `syz.0.634'. [ 318.268155][ T7997] netlink: 20 bytes leftover after parsing attributes in process `syz.0.634'. [ 319.054290][ T7993] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 320.248348][ T8009] netlink: 'syz.4.637': attribute type 1 has an invalid length. [ 325.722078][ T8063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'. [ 325.818219][ T8065] netlink: 'syz.2.653': attribute type 13 has an invalid length. [ 325.818243][ T8065] netlink: 'syz.2.653': attribute type 17 has an invalid length. [ 327.178279][ T8065] 8021q: adding VLAN 0 to HW filter on device à [ 328.383992][ T8065] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 330.371170][ T37] audit: type=1326 audit(1756980093.106:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 330.371225][ T37] audit: type=1326 audit(1756980093.106:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.152464][ T37] audit: type=1326 audit(1756980093.866:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.152519][ T37] audit: type=1326 audit(1756980093.886:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714186][ T37] audit: type=1326 audit(1756980094.426:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714247][ T37] audit: type=1326 audit(1756980094.426:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714295][ T37] audit: type=1326 audit(1756980094.426:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714340][ T37] audit: type=1326 audit(1756980094.446:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714386][ T37] audit: type=1326 audit(1756980094.446:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 331.714433][ T37] audit: type=1326 audit(1756980094.446:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51128febe9 code=0x7ffc0000 [ 336.269018][ T8136] netlink: 36 bytes leftover after parsing attributes in process `syz.3.671'. [ 337.363993][ T8138] netlink: 28 bytes leftover after parsing attributes in process `syz.3.672'. [ 342.778234][ T8180] netlink: 28 bytes leftover after parsing attributes in process `syz.2.686'. [ 347.714163][ T8214] netlink: 28 bytes leftover after parsing attributes in process `syz.2.697'. [ 349.434568][ T8227] netlink: 'syz.0.700': attribute type 1 has an invalid length. [ 349.546050][ T8227] 8021q: adding VLAN 0 to HW filter on device bond2 [ 349.984785][ T8232] veth3: entered promiscuous mode [ 350.005697][ T8232] bond2: (slave veth3): Enslaving as an active interface with a down link [ 352.151659][ T8261] netlink: 'syz.2.711': attribute type 1 has an invalid length. [ 352.232505][ T8263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.709'. [ 352.234816][ T8263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.709'. [ 353.842008][ T8276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.715'. [ 355.249477][ T8291] netlink: 208 bytes leftover after parsing attributes in process `syz.1.718'. [ 356.394497][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 357.139006][ T8304] netlink: 'syz.4.724': attribute type 1 has an invalid length. [ 357.605480][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.4.725'. [ 359.319456][ T8315] ubi31: attaching mtd0 [ 359.437175][ T8315] ubi31: scanning is finished [ 359.437192][ T8315] ubi31: empty MTD device detected [ 361.261507][ T8315] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 361.261529][ T8315] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 361.261540][ T8315] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 361.261550][ T8315] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 361.261560][ T8315] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 361.261569][ T8315] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 361.261579][ T8315] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 615142441 [ 361.261590][ T8315] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 361.342984][ T8320] ubi31: background thread "ubi_bgt31d" started, PID 8320 [ 363.423762][ T8333] netlink: 208 bytes leftover after parsing attributes in process `syz.1.731'. [ 363.728410][ T8338] netlink: 'syz.3.735': attribute type 10 has an invalid length. [ 364.460331][ T8338] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 365.730735][ T8351] ceph: No mds server is up or the cluster is laggy [ 365.761728][ T8339] 8021q: adding VLAN 0 to HW filter on device bond1 [ 365.780523][ T6026] libceph: connect (1)[c::]:6789 error -101 [ 365.781213][ T6026] libceph: mon0 (1)[c::]:6789 connect error [ 365.982164][ T8361] netlink: 12 bytes leftover after parsing attributes in process `syz.3.740'. [ 366.149373][ T31] libceph: connect (1)[c::]:6789 error -101 [ 366.149623][ T31] libceph: mon0 (1)[c::]:6789 connect error [ 366.939791][ T8363] netlink: 208 bytes leftover after parsing attributes in process `syz.4.739'. [ 369.404787][ T8379] netlink: 208 bytes leftover after parsing attributes in process `syz.1.745'. [ 370.517928][ T8372] netlink: 'syz.2.742': attribute type 2 has an invalid length. [ 372.066021][ T8396] overlayfs: failed to clone upperpath [ 372.897033][ T8409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.753'. [ 373.004090][ T8411] netlink: 4 bytes leftover after parsing attributes in process `syz.1.754'. [ 373.014556][ T8411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.754'. [ 374.173502][ T8417] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 376.637864][ T8441] netlink: 208 bytes leftover after parsing attributes in process `syz.3.759'. [ 377.115263][ T8448] netlink: 12 bytes leftover after parsing attributes in process `syz.1.765'. [ 378.394980][ T8459] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 378.950782][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.962712][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.925309][ T8473] netlink: 52 bytes leftover after parsing attributes in process `syz.0.772'. [ 382.471520][ T8486] netlink: 12 bytes leftover after parsing attributes in process `syz.3.777'. [ 382.473953][ T8484] netlink: 'syz.0.775': attribute type 1 has an invalid length. [ 382.759428][ T8484] 8021q: adding VLAN 0 to HW filter on device bond3 [ 382.854835][ T8490] bond3: (slave gretap1): making interface the new active one [ 382.867168][ T8490] bond3: (slave gretap1): Enslaving as an active interface with an up link [ 386.258307][ T8520] netlink: 52 bytes leftover after parsing attributes in process `syz.2.784'. [ 386.976877][ T8537] netlink: 'syz.2.791': attribute type 1 has an invalid length. [ 387.038011][ T8537] 8021q: adding VLAN 0 to HW filter on device bond2 [ 387.179873][ T8537] bond2: (slave gretap1): making interface the new active one [ 387.182033][ T8537] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 387.664805][ T8545] netlink: 12 bytes leftover after parsing attributes in process `syz.2.793'. [ 389.662237][ T8569] netlink: 12 bytes leftover after parsing attributes in process `syz.0.800'. [ 389.906983][ T8569] netlink: 12 bytes leftover after parsing attributes in process `syz.0.800'. [ 392.030259][ T8588] netlink: 'syz.3.805': attribute type 1 has an invalid length. [ 392.797142][ T8588] 8021q: adding VLAN 0 to HW filter on device bond2 [ 393.861122][ T8592] bond2: (slave gretap1): making interface the new active one [ 393.867189][ T8592] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 394.275196][ T8603] netlink: 12 bytes leftover after parsing attributes in process `syz.0.808'. [ 396.994899][ T8630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'. [ 397.307630][ T8630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'. [ 398.244079][ C0] vkms_vblank_simulate: vblank timer overrun [ 398.304374][ C0] vkms_vblank_simulate: vblank timer overrun [ 398.576966][ C0] vkms_vblank_simulate: vblank timer overrun [ 398.897601][ T8645] netlink: 28 bytes leftover after parsing attributes in process `syz.3.821'. [ 399.276347][ T1232] libceph: connect (1)[c::]:6789 error -101 [ 399.276494][ T1232] libceph: mon0 (1)[c::]:6789 connect error [ 399.281064][ T1232] libceph: connect (1)[c::]:6789 error -101 [ 399.281207][ T1232] libceph: mon0 (1)[c::]:6789 connect error [ 399.649119][ T5222] libceph: connect (1)[c::]:6789 error -101 [ 399.649351][ T5222] libceph: mon0 (1)[c::]:6789 connect error [ 399.684417][ T8655] ceph: No mds server is up or the cluster is laggy [ 399.920819][ C0] vkms_vblank_simulate: vblank timer overrun [ 400.835333][ C0] vkms_vblank_simulate: vblank timer overrun [ 400.850555][ T5222] libceph: connect (1)[c::]:6789 error -101 [ 400.850828][ T5222] libceph: mon0 (1)[c::]:6789 connect error [ 401.042854][ C0] vkms_vblank_simulate: vblank timer overrun [ 402.295156][ T8681] netlink: 32 bytes leftover after parsing attributes in process `syz.4.831'. [ 404.000174][ T8704] netlink: 4 bytes leftover after parsing attributes in process `syz.1.840'. [ 404.000326][ T8704] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 405.618182][ T8704] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 406.073056][ T8718] mmap: syz.4.843 (8718) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 406.085115][ T8718] netlink: 388 bytes leftover after parsing attributes in process `syz.4.843'. [ 406.427483][ T8718] pim6reg: entered allmulticast mode [ 407.004989][ T8729] netlink: 208 bytes leftover after parsing attributes in process `syz.2.839'. [ 411.874427][ T8772] netlink: 20 bytes leftover after parsing attributes in process `syz.3.863'. [ 412.127013][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'. [ 412.555729][ T5851] Bluetooth: hci5: command 0x1003 tx timeout [ 412.555926][ T5841] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 413.786757][ T8802] netlink: 'syz.3.873': attribute type 178 has an invalid length. [ 414.678780][ T8811] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 417.453741][ T8827] netlink: 208 bytes leftover after parsing attributes in process `syz.0.875'. [ 421.903940][ T5851] Bluetooth: hci4: command 0x0406 tx timeout [ 425.207000][ T8902] netlink: 'syz.1.899': attribute type 1 has an invalid length. [ 425.384807][ T8902] 8021q: adding VLAN 0 to HW filter on device bond4 [ 428.561811][ T8937] 9pnet_fd: p9_fd_create_tcp (8937): problem connecting socket to 127.0.0.1 [ 431.406493][ T8958] ======================================================= [ 431.406493][ T8958] WARNING: The mand mount option has been deprecated and [ 431.406493][ T8958] and is ignored by this kernel. Remove the mand [ 431.406493][ T8958] option from the mount to silence this warning. [ 431.406493][ T8958] ======================================================= [ 432.344377][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.919'. [ 432.349915][ T8977] netlink: 12 bytes leftover after parsing attributes in process `syz.2.919'. [ 432.960325][ T8985] delete_channel: no stack [ 437.274426][ T9022] netlink: 208 bytes leftover after parsing attributes in process `syz.4.926'. [ 440.314638][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.314692][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 447.125056][ T9089] netlink: 208 bytes leftover after parsing attributes in process `syz.4.947'. [ 449.867290][ T9107] netlink: 20 bytes leftover after parsing attributes in process `syz.0.955'. [ 450.446631][ T9115] bridge0: entered allmulticast mode [ 451.149366][ T9127] overlayfs: missing 'lowerdir' [ 452.206370][ T9136] netlink: 20 bytes leftover after parsing attributes in process `syz.3.967'. [ 456.027274][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.976'. [ 456.435086][ T9166] overlayfs: missing 'lowerdir' [ 458.632274][ T9174] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 458.645038][ T9174] batadv_slave_0: entered promiscuous mode [ 458.799272][ T9177] netlink: 20 bytes leftover after parsing attributes in process `syz.0.979'. [ 459.480229][ C1] vkms_vblank_simulate: vblank timer overrun [ 459.917776][ C1] vkms_vblank_simulate: vblank timer overrun [ 459.944396][ C1] vkms_vblank_simulate: vblank timer overrun [ 460.045757][ C1] vkms_vblank_simulate: vblank timer overrun [ 460.192872][ C1] vkms_vblank_simulate: vblank timer overrun [ 460.721578][ C1] vkms_vblank_simulate: vblank timer overrun [ 461.037655][ C1] vkms_vblank_simulate: vblank timer overrun [ 461.806018][ C1] vkms_vblank_simulate: vblank timer overrun [ 462.798321][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.013535][ T9214] overlayfs: missing 'lowerdir' [ 463.018185][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.173761][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.218708][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.558912][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.850472][ C1] vkms_vblank_simulate: vblank timer overrun [ 464.195786][ T9220] wireguard0: entered promiscuous mode [ 464.195821][ T9220] wireguard0: entered allmulticast mode [ 467.268828][ T9234] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 467.900401][ T9245] netlink: 12 bytes leftover after parsing attributes in process `syz.2.999'. [ 469.944357][ T9260] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1005'. [ 470.467318][ T9269] netlink: 'syz.4.1008': attribute type 21 has an invalid length. [ 470.998389][ T9264] wireguard0: entered promiscuous mode [ 470.998426][ T9264] wireguard0: entered allmulticast mode [ 472.626100][ T9286] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 473.178206][ T9302] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1016'. [ 473.391928][ T9305] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1014'. [ 473.923233][ T9292] sctp: failed to load transform for md5: -2 [ 474.359541][ T9313] wireguard0: entered promiscuous mode [ 474.359576][ T9313] wireguard0: entered allmulticast mode [ 474.415327][ T9316] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1018'. [ 475.935069][ T9331] netlink: 'syz.3.1024': attribute type 10 has an invalid length. [ 476.816689][ T9337] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 477.034074][ T9335] 8021q: adding VLAN 0 to HW filter on device bond3 [ 478.313944][ T9347] sctp: failed to load transform for md5: -4 [ 479.107328][ T9365] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1032'. [ 479.777652][ T9368] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1036'. [ 480.253297][ T9368] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1036'. [ 483.000950][ T9369] wireguard1: entered promiscuous mode [ 483.000987][ T9369] wireguard1: entered allmulticast mode [ 483.854530][ T9383] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1039'. [ 484.475471][ T9391] netlink: 'syz.0.1043': attribute type 21 has an invalid length. [ 484.497040][ T9391] netlink: 'syz.0.1043': attribute type 39 has an invalid length. [ 484.531307][ T9394] netlink: 'syz.2.1045': attribute type 10 has an invalid length. [ 484.599972][ T9391] veth0_macvtap: left promiscuous mode [ 486.180031][ T9396] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 486.626818][ T9416] netlink: 'syz.3.1052': attribute type 1 has an invalid length. [ 487.802622][ T9421] wireguard1: entered promiscuous mode [ 487.802657][ T9421] wireguard1: entered allmulticast mode [ 487.806654][ T9423] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1050'. [ 491.672490][ T9433] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1054'. [ 492.145207][ T9436] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1059'. [ 493.258413][ T9447] netlink: 'syz.3.1060': attribute type 21 has an invalid length. [ 493.265317][ T9447] netlink: 'syz.3.1060': attribute type 39 has an invalid length. [ 493.584619][ T9453] netlink: 'syz.1.1064': attribute type 1 has an invalid length. [ 493.712225][ T9447] veth0_macvtap: left promiscuous mode [ 494.133934][ T9458] wireguard2: entered promiscuous mode [ 494.133971][ T9458] wireguard2: entered allmulticast mode [ 494.458782][ T9476] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1071'. [ 494.758031][ T9478] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1070'. [ 497.672259][ T9499] netlink: 'syz.0.1080': attribute type 21 has an invalid length. [ 497.706707][ T9499] netlink: 'syz.0.1080': attribute type 39 has an invalid length. [ 498.037427][ T9503] wireguard0: entered promiscuous mode [ 498.037460][ T9503] wireguard0: entered allmulticast mode [ 498.040402][ T9507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1082'. [ 498.079774][ T9508] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1084'. [ 499.732146][ T9524] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1087'. [ 501.988093][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.988185][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.587259][ T9544] netlink: 'syz.3.1096': attribute type 10 has an invalid length. [ 502.665348][ T9546] wireguard0: entered promiscuous mode [ 502.665392][ T9546] wireguard0: entered allmulticast mode [ 502.698107][ T9549] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1098'. [ 502.770853][ T9550] bond_slave_0: entered promiscuous mode [ 502.770947][ T9550] bond_slave_1: entered promiscuous mode [ 502.786112][ T9550] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 502.856366][ T9550] bond1: (slave macvlan4): Enslaving as an active interface with an up link [ 503.590891][ T9569] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1101'. [ 507.750372][ T9591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1111'. [ 508.034761][ T9594] wireguard2: entered promiscuous mode [ 508.034797][ T9594] wireguard2: entered allmulticast mode [ 508.324986][ T9599] netlink: 'syz.3.1114': attribute type 10 has an invalid length. [ 508.424996][ T9599] bond1: (slave macvlan5): Error -98 calling set_mac_address [ 508.514041][ T9601] netlink: 'syz.1.1115': attribute type 12 has an invalid length. [ 508.514067][ T9601] netlink: 'syz.1.1115': attribute type 29 has an invalid length. [ 508.514081][ T9601] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1115'. [ 508.514111][ T9601] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1115'. [ 509.934237][ T9613] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1116'. [ 511.998632][ T9621] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1122'. [ 512.368458][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1126'. [ 512.491022][ T9628] wireguard1: entered promiscuous mode [ 512.491091][ T9628] wireguard1: entered allmulticast mode [ 514.722144][ T9642] netlink: 'syz.3.1127': attribute type 12 has an invalid length. [ 514.722166][ T9642] netlink: 'syz.3.1127': attribute type 29 has an invalid length. [ 514.722180][ T9642] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1127'. [ 514.722209][ T9642] netlink: 59 bytes leftover after parsing attributes in process `syz.3.1127'. [ 515.498885][ T9661] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1134'. [ 518.471856][ T9676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1138'. [ 521.419076][ T9698] netlink: 'syz.2.1146': attribute type 12 has an invalid length. [ 521.419100][ T9698] netlink: 'syz.2.1146': attribute type 29 has an invalid length. [ 521.419113][ T9698] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1146'. [ 521.419143][ T9698] netlink: 59 bytes leftover after parsing attributes in process `syz.2.1146'. [ 522.975087][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1150'. [ 523.284992][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1153'. [ 523.449655][ T9727] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1157'. [ 524.893942][ T9736] netlink: 'syz.4.1160': attribute type 12 has an invalid length. [ 524.893968][ T9736] netlink: 'syz.4.1160': attribute type 29 has an invalid length. [ 524.893982][ T9736] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1160'. [ 524.894013][ T9736] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1160'. [ 525.244401][ T9745] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1163'. [ 525.443933][ T9750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1165'. [ 526.959579][ T9764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1170'. [ 530.718656][ T7475] libceph: connect (1)[c::]:6789 error -101 [ 530.718881][ T7475] libceph: mon0 (1)[c::]:6789 connect error [ 530.845148][ T9774] ceph: No mds server is up or the cluster is laggy [ 530.987058][ T7475] libceph: connect (1)[c::]:6789 error -101 [ 530.987290][ T7475] libceph: mon0 (1)[c::]:6789 connect error [ 531.533822][ T9802] netlink: 'syz.3.1181': attribute type 1 has an invalid length. [ 531.673255][ T9802] 8021q: adding VLAN 0 to HW filter on device bond4 [ 531.805456][ T9804] vlan2: entered promiscuous mode [ 531.805480][ T9804] bond4: entered promiscuous mode [ 531.805722][ T9804] vlan2: entered allmulticast mode [ 531.805737][ T9804] bond4: entered allmulticast mode [ 531.854956][ T9807] netlink: 'syz.4.1182': attribute type 21 has an invalid length. [ 531.931096][ T9809] netlink: 'syz.4.1182': attribute type 39 has an invalid length. [ 532.308945][ T9809] veth0_macvtap: left promiscuous mode [ 533.456868][ T9820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1186'. [ 536.496577][ T49] libceph: connect (1)[c::]:6789 error -101 [ 536.496824][ T49] libceph: mon0 (1)[c::]:6789 connect error [ 536.756927][ T49] libceph: connect (1)[c::]:6789 error -101 [ 536.757210][ T49] libceph: mon0 (1)[c::]:6789 connect error [ 537.264301][ T49] libceph: connect (1)[c::]:6789 error -101 [ 537.267463][ T49] libceph: mon0 (1)[c::]:6789 connect error [ 538.224720][ T7475] libceph: connect (1)[c::]:6789 error -101 [ 538.224970][ T7475] libceph: mon0 (1)[c::]:6789 connect error [ 538.412504][ T9834] ceph: No mds server is up or the cluster is laggy [ 540.444907][ T9874] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1201'. [ 543.085557][ T9892] netlink: 'syz.3.1207': attribute type 1 has an invalid length. [ 543.378060][ T9892] 8021q: adding VLAN 0 to HW filter on device bond5 [ 544.190645][ T6512] libceph: connect (1)[c::]:6789 error -101 [ 544.190811][ T6512] libceph: mon0 (1)[c::]:6789 connect error [ 544.458968][ T7475] libceph: connect (1)[c::]:6789 error -101 [ 544.459237][ T7475] libceph: mon0 (1)[c::]:6789 connect error [ 544.464422][ T9902] ceph: No mds server is up or the cluster is laggy [ 546.910432][ T9920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1215'. [ 548.590945][ T9948] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1224'. [ 548.851974][ T9946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.969179][ T9946] batadv_slave_0: entered promiscuous mode [ 550.666141][ C0] vkms_vblank_simulate: vblank timer overrun [ 550.866877][ C0] vkms_vblank_simulate: vblank timer overrun [ 551.023197][ C0] vkms_vblank_simulate: vblank timer overrun [ 551.163967][ T9966] netlink: 'syz.1.1230': attribute type 10 has an invalid length. [ 551.924180][ C0] vkms_vblank_simulate: vblank timer overrun [ 552.229037][ T9966] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 552.274749][ T9974] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1231'. [ 552.478782][ T9969] 8021q: adding VLAN 0 to HW filter on device bond5 [ 553.076803][ T9985] wireguard3: entered promiscuous mode [ 553.076837][ T9985] wireguard3: entered allmulticast mode [ 553.748029][ C0] vkms_vblank_simulate: vblank timer overrun [ 554.004552][ T9999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1238'. [ 554.072847][T10002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1239'. [ 554.359393][ T9999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1238'. [ 556.079527][T10019] netlink: 'syz.1.1243': attribute type 1 has an invalid length. [ 557.398933][T10019] 8021q: adding VLAN 0 to HW filter on device bond6 [ 557.636287][T10029] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1246'. [ 557.992393][T10038] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1250'. [ 558.589867][T10048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1253'. [ 558.980223][T10048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1253'. [ 560.265599][T10069] netlink: 'syz.3.1260': attribute type 1 has an invalid length. [ 560.282388][T10066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1258'. [ 560.417456][T10069] 8021q: adding VLAN 0 to HW filter on device bond6 [ 560.892144][T10087] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1264'. [ 563.718561][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.718650][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.169503][T10116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1272'. [ 564.371472][T10116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1272'. [ 564.399372][T10122] netlink: 'syz.3.1274': attribute type 1 has an invalid length. [ 564.654235][T10125] wireguard4: entered promiscuous mode [ 564.654273][T10125] wireguard4: entered allmulticast mode [ 564.940217][T10116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1272'. [ 565.147965][T10130] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1271'. [ 565.323092][T10132] 8021q: adding VLAN 0 to HW filter on device bond3 [ 565.443460][T10132] vlan2: entered promiscuous mode [ 565.443484][T10132] bond3: entered promiscuous mode [ 565.443982][T10132] vlan2: entered allmulticast mode [ 565.443998][T10132] bond3: entered allmulticast mode [ 567.140458][T10154] netlink: 'syz.2.1285': attribute type 1 has an invalid length. [ 568.608521][T10166] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1289'. [ 568.888619][T10166] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1289'. [ 570.006869][T10178] netlink: 'syz.3.1291': attribute type 178 has an invalid length. [ 572.503357][T10201] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1301'. [ 572.555232][T10204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1300'. [ 572.682341][T10201] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1301'. [ 572.750666][T10208] wireguard2: entered promiscuous mode [ 572.750700][T10208] wireguard2: entered allmulticast mode [ 578.645106][T10253] netlink: 'syz.0.1314': attribute type 12 has an invalid length. [ 578.645128][T10253] netlink: 'syz.0.1314': attribute type 29 has an invalid length. [ 578.645141][T10253] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1314'. [ 578.645169][T10253] netlink: 59 bytes leftover after parsing attributes in process `syz.0.1314'. [ 579.046663][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1315'. [ 579.093857][T10257] wireguard5: entered promiscuous mode [ 579.093891][T10257] wireguard5: entered allmulticast mode [ 579.926725][T10274] netlink: 'syz.0.1322': attribute type 1 has an invalid length. [ 579.989743][ T5917] libceph: connect (1)[c::]:6789 error -101 [ 579.990006][ T5917] libceph: mon0 (1)[c::]:6789 connect error [ 580.044915][T10274] 8021q: adding VLAN 0 to HW filter on device bond4 [ 580.113770][T10277] bond5: option mode: unable to set because the bond device is up [ 580.244246][ T5917] libceph: connect (1)[c::]:6789 error -101 [ 580.244509][ T5917] libceph: mon0 (1)[c::]:6789 connect error [ 580.316202][T10278] ceph: No mds server is up or the cluster is laggy [ 580.906194][T10277] bond_slave_0: entered promiscuous mode [ 580.906990][T10277] bond_slave_1: entered promiscuous mode [ 580.907053][T10277] syz_tun: entered promiscuous mode [ 580.928969][T10277] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 580.930051][T10277] bond5: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0) [ 580.930074][T10277] bond5: (slave macvlan2): speed changed to 0 on port 1 [ 580.950612][T10277] bond5: (slave macvlan2): Enslaving as an active interface with an up link [ 581.002321][T10291] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1326'. [ 583.299822][T10306] wireguard6: entered promiscuous mode [ 583.299859][T10306] wireguard6: entered allmulticast mode [ 585.348627][T10325] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 585.349573][T10325] batadv_slave_0: entered promiscuous mode [ 588.186610][T10344] wireguard1: entered promiscuous mode [ 588.186635][T10344] wireguard1: entered allmulticast mode [ 589.806283][T10369] random: crng reseeded on system resumption [ 591.771591][T10376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1354'. [ 592.566564][T10388] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 592.567179][T10388] batadv_slave_0: entered promiscuous mode [ 594.683215][ C0] vkms_vblank_simulate: vblank timer overrun [ 594.774558][T10407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1366'. [ 595.517033][ C0] vkms_vblank_simulate: vblank timer overrun [ 597.200861][ C0] vkms_vblank_simulate: vblank timer overrun [ 597.634796][ C0] vkms_vblank_simulate: vblank timer overrun [ 597.829711][T10444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1379'. [ 598.822383][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 598.822404][ T37] audit: type=1804 audit(1756980361.496:21): pid=10452 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1380" name="/newroot/292/bus/bus" dev="tmpfs" ino=1529 res=1 errno=0 [ 599.081439][T10454] 8021q: adding VLAN 0 to HW filter on device bond6 [ 599.163923][T10461] netlink: 'syz.0.1383': attribute type 178 has an invalid length. [ 599.166295][T10457] vlan5: entered promiscuous mode [ 599.166316][T10457] bond6: entered promiscuous mode [ 599.166552][T10457] vlan5: entered allmulticast mode [ 599.166565][T10457] bond6: entered allmulticast mode [ 602.286867][T10483] wireguard1: entered promiscuous mode [ 602.286910][T10483] wireguard1: entered allmulticast mode [ 605.382468][T10504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1397'. [ 608.033840][T10525] wireguard7: entered promiscuous mode [ 608.033877][T10525] wireguard7: entered allmulticast mode [ 609.279320][T10537] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1407'. [ 614.887392][T10577] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1421'. [ 619.724540][T10604] netlink: 'syz.4.1429': attribute type 178 has an invalid length. [ 622.467215][T10620] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1433'. [ 624.783903][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.783992][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.364562][T10642] netlink: 'syz.2.1440': attribute type 12 has an invalid length. [ 626.364594][T10642] netlink: 'syz.2.1440': attribute type 29 has an invalid length. [ 626.364609][T10642] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1440'. [ 626.364640][T10642] netlink: 59 bytes leftover after parsing attributes in process `syz.2.1440'. [ 629.517698][T10663] overlayfs: failed to clone upperpath [ 631.596067][T10681] netlink: 'syz.3.1453': attribute type 12 has an invalid length. [ 631.596091][T10681] netlink: 'syz.3.1453': attribute type 29 has an invalid length. [ 631.596104][T10681] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1453'. [ 631.596134][T10681] netlink: 59 bytes leftover after parsing attributes in process `syz.3.1453'. [ 633.754653][T10706] wireguard3: entered promiscuous mode [ 633.754690][T10706] wireguard3: entered allmulticast mode [ 634.728911][ C0] vkms_vblank_simulate: vblank timer overrun [ 635.931766][ C0] vkms_vblank_simulate: vblank timer overrun [ 635.972779][ C0] vkms_vblank_simulate: vblank timer overrun [ 636.320631][T10727] netlink: 'syz.0.1466': attribute type 12 has an invalid length. [ 636.320654][T10727] netlink: 'syz.0.1466': attribute type 29 has an invalid length. [ 636.320667][T10727] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1466'. [ 636.320698][T10727] netlink: 'syz.0.1466': attribute type 1 has an invalid length. [ 636.320711][T10727] netlink: 47 bytes leftover after parsing attributes in process `syz.0.1466'. [ 636.528563][ C0] vkms_vblank_simulate: vblank timer overrun [ 636.715735][ C0] vkms_vblank_simulate: vblank timer overrun [ 636.791833][ C0] vkms_vblank_simulate: vblank timer overrun [ 636.959627][ C0] vkms_vblank_simulate: vblank timer overrun [ 637.186384][ C0] vkms_vblank_simulate: vblank timer overrun [ 639.635329][T10744] overlayfs: failed to clone upperpath [ 639.714958][T10745] netlink: 'syz.4.1473': attribute type 39 has an invalid length. [ 641.935274][T10763] netlink: 'syz.1.1479': attribute type 12 has an invalid length. [ 641.935297][T10763] netlink: 'syz.1.1479': attribute type 29 has an invalid length. [ 641.935310][T10763] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1479'. [ 641.935341][T10763] netlink: 'syz.1.1479': attribute type 1 has an invalid length. [ 641.935355][T10763] netlink: 47 bytes leftover after parsing attributes in process `syz.1.1479'. [ 643.826532][T10784] overlayfs: missing 'lowerdir' [ 644.009871][T10786] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1485'. [ 644.365612][T10790] netlink: 'syz.0.1487': attribute type 39 has an invalid length. [ 649.752670][T10819] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1496'. [ 650.528496][T10827] netlink: 'syz.3.1499': attribute type 39 has an invalid length. [ 650.544259][ T49] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 650.905945][ T49] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 650.905978][ T49] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 650.905996][ T49] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 650.906055][ T49] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 650.906082][ T49] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 650.912232][ T49] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 650.912264][ T49] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 650.912284][ T49] usb 2-1: Product: syz [ 650.912299][ T49] usb 2-1: Manufacturer: syz [ 651.088598][ T5841] Bluetooth: hci1: unexpected event for opcode 0x0000 [ 654.557270][ T49] cdc_wdm 2-1:1.0: skipping garbage [ 654.557295][ T49] cdc_wdm 2-1:1.0: skipping garbage [ 655.726832][ T5841] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 655.727031][ T5841] Bluetooth: hci1: Injecting HCI hardware error event [ 655.751312][ T5841] Bluetooth: hci1: hardware error 0x00 [ 655.845569][ T49] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 655.845632][ T49] cdc_wdm 2-1:1.0: Unknown control protocol [ 656.442988][ T49] usb 2-1: USB disconnect, device number 2 [ 658.204919][T10857] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1507'. [ 658.304443][ T5841] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 658.509986][T10862] netlink: 'syz.0.1509': attribute type 1 has an invalid length. [ 663.444472][T10900] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1521'. [ 666.955664][T10927] netlink: 'syz.2.1531': attribute type 1 has an invalid length. [ 668.547761][T10944] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1535'. [ 668.811930][T10949] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1534'. [ 670.313927][T10961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1540'. [ 670.750281][T10965] overlayfs: failed to resolve './file1': -2 [ 671.408324][T10963] delete_channel: no stack [ 671.438819][ T5841] Bluetooth: hci2: unexpected event for opcode 0x0058 [ 671.889672][T10978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1547'. [ 674.139593][T11004] overlayfs: failed to resolve './file1': -2 [ 674.671911][T11013] delete_channel: no stack [ 677.226302][T11038] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 678.148136][T11056] delete_channel: no stack [ 679.163048][T11063] netlink: 'syz.1.1576': attribute type 4 has an invalid length. [ 679.852825][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.413147][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.758528][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.906439][ C1] vkms_vblank_simulate: vblank timer overrun [ 681.033314][ C1] vkms_vblank_simulate: vblank timer overrun [ 681.483379][T11090] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 681.486343][ C1] vkms_vblank_simulate: vblank timer overrun [ 682.154749][ C1] vkms_vblank_simulate: vblank timer overrun [ 682.662164][ C1] vkms_vblank_simulate: vblank timer overrun [ 682.877688][T11110] delete_channel: no stack [ 682.889789][ C1] vkms_vblank_simulate: vblank timer overrun [ 683.281298][ C1] vkms_vblank_simulate: vblank timer overrun [ 683.788765][ C1] vkms_vblank_simulate: vblank timer overrun [ 683.839986][ C1] vkms_vblank_simulate: vblank timer overrun [ 684.045391][ C1] vkms_vblank_simulate: vblank timer overrun [ 684.313450][ C1] vkms_vblank_simulate: vblank timer overrun [ 686.071564][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.071619][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.793418][ C0] vkms_vblank_simulate: vblank timer overrun [ 687.295709][ C0] vkms_vblank_simulate: vblank timer overrun [ 687.841245][ C0] vkms_vblank_simulate: vblank timer overrun [ 688.945125][ C0] vkms_vblank_simulate: vblank timer overrun [ 689.799026][ C0] vkms_vblank_simulate: vblank timer overrun [ 693.076479][ C1] vkms_vblank_simulate: vblank timer overrun [ 694.709602][ C1] vkms_vblank_simulate: vblank timer overrun [ 694.976551][ C1] vkms_vblank_simulate: vblank timer overrun [ 695.412404][ C1] vkms_vblank_simulate: vblank timer overrun [ 698.150265][T11238] netlink: 'syz.0.1632': attribute type 21 has an invalid length. [ 698.165059][T11238] netlink: 'syz.0.1632': attribute type 39 has an invalid length. [ 699.084071][T11248] 8021q: adding VLAN 0 to HW filter on device bond5 [ 707.846801][T11279] netlink: 'syz.3.1644': attribute type 21 has an invalid length. [ 707.860816][T11279] netlink: 'syz.3.1644': attribute type 39 has an invalid length. [ 709.934329][T11302] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1651'. [ 710.392962][T11306] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1653'. [ 719.110884][T11343] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1665'. [ 721.725060][T11367] netlink: 'syz.0.1673': attribute type 21 has an invalid length. [ 721.729945][T11367] netlink: 'syz.0.1673': attribute type 39 has an invalid length. [ 723.199072][T11390] netlink: 'syz.4.1685': attribute type 21 has an invalid length. [ 723.202140][T11390] netlink: 'syz.4.1685': attribute type 39 has an invalid length. [ 723.793675][ T5917] IPVS: starting estimator thread 0... [ 723.883754][T11400] IPVS: using max 11 ests per chain, 26400 per kthread [ 724.849139][T11405] overlayfs: failed to set uuid (307/file1, err=-1); falling back to uuid=null. [ 724.862752][T11405] overlayfs: failed to verify upper root origin [ 728.127549][T11432] netlink: 'syz.3.1698': attribute type 21 has an invalid length. [ 728.342728][T11434] netlink: 'syz.3.1698': attribute type 39 has an invalid length. [ 728.873201][ T7475] IPVS: starting estimator thread 0... [ 728.973895][T11441] IPVS: using max 5 ests per chain, 12000 per kthread [ 730.170567][ T5222] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 730.525409][ T5222] usb 4-1: Using ep0 maxpacket: 16 [ 730.853065][ T5222] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 730.853097][ T5222] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.853118][ T5222] usb 4-1: Product: syz [ 730.853132][ T5222] usb 4-1: Manufacturer: syz [ 730.853147][ T5222] usb 4-1: SerialNumber: syz [ 731.785729][ T5222] usb 4-1: config 0 descriptor?? [ 731.823305][ T5222] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 732.093723][ T5222] gp8psk: usb in 128 operation failed. [ 732.095692][ T5222] gp8psk: usb in 137 operation failed. [ 732.095712][ T5222] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 732.145487][ T5222] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver) [ 732.145588][ T5222] usb 4-1: media controller created [ 732.222730][ T5222] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 732.515448][ T5222] gp8psk_fe: Frontend revision 1 attached [ 732.516051][ T5222] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 732.516994][ T5222] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 732.743821][ T5222] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected. [ 732.743843][ T5222] gp8psk: found Genpix USB device pID = 201 (hex) [ 733.015188][T11473] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1710'. [ 733.118857][ T6931] usb 4-1: USB disconnect, device number 2 [ 733.366573][T11477] netlink: 'syz.0.1711': attribute type 21 has an invalid length. [ 733.384750][T11477] netlink: 'syz.0.1711': attribute type 39 has an invalid length. [ 733.693387][ T6931] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected. [ 733.847254][T11486] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 738.106808][T11509] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1722'. [ 738.161510][T11511] netlink: 'syz.4.1723': attribute type 21 has an invalid length. [ 738.202684][T11511] netlink: 'syz.4.1723': attribute type 39 has an invalid length. [ 738.277952][T11514] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294650][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294722][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294782][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294839][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294895][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.294950][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.295010][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 738.295066][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1724'. [ 740.905442][ C1] sched: DL replenish lagged too much [ 744.029384][T11545] netlink: 'syz.0.1735': attribute type 21 has an invalid length. [ 744.032477][T11545] netlink: 'syz.0.1735': attribute type 39 has an invalid length. [ 745.598759][T11551] __nla_validate_parse: 45 callbacks suppressed [ 745.598783][T11551] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.599969][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600031][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600091][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600172][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600228][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600282][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600336][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600401][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 745.600457][T11551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 748.640681][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.640770][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 755.774464][T11571] netlink: 'syz.2.1746': attribute type 21 has an invalid length. [ 755.815107][T11571] netlink: 'syz.2.1746': attribute type 39 has an invalid length. [ 756.566662][T11571] veth0_macvtap: left promiscuous mode [ 758.042834][T10840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 758.067197][T10840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 758.068672][T10840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 758.070639][T10840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 758.123812][T10840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 758.493036][T10840] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 758.549340][T10840] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 758.552029][T10840] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 758.563678][T10840] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 758.590562][T10840] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 759.065889][T11585] __nla_validate_parse: 44 callbacks suppressed [ 759.065913][T11585] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1750'. [ 760.223783][T10840] Bluetooth: hci5: command tx timeout [ 760.704549][T10840] Bluetooth: hci6: command tx timeout [ 762.204437][T11589] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1748'. [ 762.313889][T10840] Bluetooth: hci5: command tx timeout [ 762.784014][T10840] Bluetooth: hci6: command tx timeout [ 763.006461][T11596] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1752'. [ 764.383944][T10840] Bluetooth: hci5: command tx timeout [ 764.863725][T10840] Bluetooth: hci6: command tx timeout [ 766.463760][T10840] Bluetooth: hci5: command tx timeout [ 766.732431][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732670][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732732][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732789][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732872][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732933][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.732992][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.733053][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.733112][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.733169][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1748'. [ 766.943810][T10840] Bluetooth: hci6: command tx timeout [ 777.835153][T11627] __nla_validate_parse: 41 callbacks suppressed [ 777.835185][T11627] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1762'. [ 778.432080][T11635] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1764'. [ 778.852899][T11639] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547572][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547647][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547706][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547763][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547845][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547915][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 779.547971][T11639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 780.171759][ T5841] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 780.200858][ T5841] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 780.212909][ T5841] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 780.232687][ T5841] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 780.253112][ T5841] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 782.384684][ T5841] Bluetooth: hci7: command tx timeout [ 786.799907][ T5841] Bluetooth: hci7: command tx timeout [ 789.670825][T10840] Bluetooth: hci7: command tx timeout [ 792.220514][T10840] Bluetooth: hci7: command tx timeout [ 795.262617][T11575] chnl_net:caif_netlink_parms(): no params data found [ 795.312347][T11580] chnl_net:caif_netlink_parms(): no params data found [ 795.353644][ T5914] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 795.523610][ T5914] usb 2-1: Using ep0 maxpacket: 8 [ 795.643669][ T5914] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d [ 795.643702][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 795.643723][ T5914] usb 2-1: Product: syz [ 795.643737][ T5914] usb 2-1: Manufacturer: syz [ 795.643751][ T5914] usb 2-1: SerialNumber: syz [ 795.775238][ T5914] usb 2-1: config 0 descriptor?? [ 795.851183][ T5914] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 796.626740][ T5914] gspca_sonixj: reg_r err -71 [ 796.626860][ T5914] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 796.723689][ T5914] usb 2-1: USB disconnect, device number 3 [ 810.553630][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 810.553722][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 827.227905][T10840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 827.255173][T10840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 827.257160][T10840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 827.310642][T10840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 827.311593][T10840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 827.480405][ T5841] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 827.543842][ T5841] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 827.552503][ T5841] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 827.589143][ T5841] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 827.590127][ T5841] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 827.775539][ T5841] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 827.822532][ T5841] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 827.824825][ T5841] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 827.858203][ T5841] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 827.881706][ T5841] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 828.079438][T10840] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 828.110303][T10840] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 828.134083][T10840] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 828.135955][T10840] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 828.136886][T10840] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 829.504174][ T5841] Bluetooth: hci8: command tx timeout [ 829.757359][ T5841] Bluetooth: hci9: command tx timeout [ 829.984022][ T5841] Bluetooth: hci10: command tx timeout [ 830.223927][ T5841] Bluetooth: hci11: command tx timeout [ 830.580535][T11575] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR [ 831.593721][ T5841] Bluetooth: hci8: command tx timeout [ 831.823631][ T5841] Bluetooth: hci9: command tx timeout [ 832.215463][ T5841] Bluetooth: hci10: command tx timeout [ 832.303568][T10840] Bluetooth: hci11: command tx timeout [ 832.625830][T11645] chnl_net:caif_netlink_parms(): no params data found [ 833.671106][T10840] Bluetooth: hci8: command tx timeout [ 833.903904][T10840] Bluetooth: hci9: command tx timeout [ 834.223559][ T5841] Bluetooth: hci10: command tx timeout [ 834.383622][ T5841] Bluetooth: hci11: command tx timeout [ 835.744304][ T5841] Bluetooth: hci8: command tx timeout [ 835.984950][ T5841] Bluetooth: hci9: command tx timeout [ 836.303656][ T5841] Bluetooth: hci10: command tx timeout [ 836.463661][ T5841] Bluetooth: hci11: command tx timeout [ 838.835370][T10840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 838.860828][T10840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 838.862548][T10840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 838.884960][T10840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 838.887024][T10840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 844.073807][T10840] Bluetooth: hci4: command tx timeout [ 846.144335][T10840] Bluetooth: hci4: command tx timeout [ 848.224202][T10840] Bluetooth: hci4: command tx timeout [ 850.304237][T10840] Bluetooth: hci4: command tx timeout [ 853.555406][ T5844] bond0: (slave syz_tun): Releasing backup interface [ 870.407930][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.408039][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 888.095664][ T5841] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 888.126598][ T5841] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 888.129369][ T5841] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 888.130862][ T5841] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 888.132210][ T5841] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 888.312357][ T5841] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 888.340711][ T5841] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 888.359684][ T5841] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 888.361260][ T5841] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 888.362195][ T5841] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 888.876435][T11678] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 888.913948][T11678] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 888.916247][T11678] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 888.917704][T11678] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 888.918664][T11678] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 889.617094][T10840] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 889.654615][T10840] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 889.658740][T10840] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 889.660162][T10840] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 889.661095][T10840] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 890.303853][T11678] Bluetooth: hci5: command tx timeout [ 890.544415][T11678] Bluetooth: hci6: command tx timeout [ 891.023977][T11678] Bluetooth: hci7: command tx timeout [ 891.743730][T11678] Bluetooth: hci12: command tx timeout [ 892.386893][T11678] Bluetooth: hci5: command tx timeout [ 892.633773][T11678] Bluetooth: hci6: command tx timeout [ 893.103794][T11678] Bluetooth: hci7: command tx timeout [ 893.823608][T11678] Bluetooth: hci12: command tx timeout [ 894.464470][T11678] Bluetooth: hci5: command tx timeout [ 894.703749][T11678] Bluetooth: hci6: command tx timeout [ 894.705680][ T38] INFO: task syz.3.1721:11505 blocked for more than 143 seconds. [ 894.705704][ T38] Not tainted syzkaller #0 [ 894.705714][ T38] Blocked by coredump. [ 894.705720][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 894.705730][ T38] task:syz.3.1721 state:D stack:26760 pid:11505 tgid:11503 ppid:5838 task_flags:0x40054c flags:0x00004000 [ 894.705807][ T38] Call Trace: [ 894.705814][ T38] [ 894.705830][ T38] __schedule+0x16f3/0x4c20 [ 894.705891][ T38] ? __lock_acquire+0xab9/0xd20 [ 894.705920][ T38] ? __pfx___schedule+0x10/0x10 [ 894.705967][ T38] ? schedule+0x91/0x360 [ 894.705997][ T38] schedule+0x165/0x360 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 894.706025][ T38] schedule_timeout+0x9a/0x270 [ 894.706050][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 894.706092][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 894.706119][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 894.706144][ T38] ? wait_for_completion+0x267/0x5d0 [ 894.706173][ T38] wait_for_completion+0x2bf/0x5d0 [ 894.706216][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 894.706261][ T38] exit_aio+0x2f1/0x3b0 [ 894.706297][ T38] ? __pfx_exit_aio+0x10/0x10 [ 894.706339][ T38] ? uprobe_clear_state+0x280/0x2a0 [ 894.706360][ T38] ? mm_update_next_owner+0xa7/0x870 [ 894.706386][ [ 894.706386][ T38] __mmput+0x68/0x3d0 [ 894.706417][ T38] exit_mm+0x1da/0x2c0 [ 894.706440][ T38] ? __pfx_exit_mm+0x10/0x10 [ 894.706464][ T38] ? rcu_is_watching+0x15/0xb0 [ 894.706500][ T38] do_exit+0x648/0x2300 [ 894.706520][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 894.706554][ T38] ? __lock_acquire+0xab9/0xd20 [ 894.706584][ T38] ? __pfx_do_exit+0x10/0x10 [ 894.706601][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 894.706627][ T38] ? rt_spin_lock+0x1bb/0x2c0 [ 894.706662][ T38] do_group_exit+0x21c/0x2d0 [ 894.706689][ T38] get_signal+0x125e/0x1310 [ 894.706752][ T38] arch_do_signal_or_restart+0x9a/0x750 [ 894.706788][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 894.706833][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 894.706866][ T38] exit_to_user_mode_loop+0x75/0x110 [ 894.706894][ T38] do_syscall_64+0x2bd/0x3b0 [ 894.706921][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 894.706948][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.706968][ T38] ? clear_bhb_loop+0x60/0xb0 [ 894.706994][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.707014][ T38] RIP: 0033:0x7fd118d4ebe9 [ 894.707033][ T38] RSP: 002b:00007fd116fb60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 894.707061][ T38] RAX: fffffffffffffe00 RBX: 00007fd118f85fa8 RCX: 00007fd118d4ebe9 [ 894.707998][ T38] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd118f85fa8 [ 894.708016][ T38] RBP: 00007fd118f85fa0 R08: 0000000000000000 R09: 0000000000000000 [ 894.708029][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 894.708042][ T38] R13: 00007fd118f86038 R14: 00007ffc53bc4e70 R15: 00007ffc53bc4f58 [ 894.708078][ T38] [ 894.708088][ T38] INFO: task syz.4.1725:11517 blocked for more than 143 seconds. [ 894.708102][ T38] Not tainted syzkaller #0 [ 894.708112][ T38] Blocked by coredump. [ 894.708119][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 894.708128][ T38] task:syz.4.1725 state:D stack:25992 pid:11517 tgid:11515 ppid:5842 task_flags:0x400548 flags:0x00004000 [ 894.708191][ T38] Call Trace: [ 894.708198][ T38] [ 894.708212][ T38] __schedule+0x16f3/0x4c20 [ 894.708272][ T38] ? __pfx___schedule+0x10/0x10 [ 894.708328][ T38] rt_mutex_schedule+0x77/0xf0 [ 894.708350][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 894.708388][ T38] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 894.708416][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 894.708442][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 894.708465][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 894.708500][ T38] ? io_uring_del_tctx_node+0xf0/0x2c0 [ 894.708526][ T38] ? rt_spin_unlock+0x65/0x80 [ 894.708559][ T38] ? io_uring_del_tctx_node+0xf0/0x2c0 [ 894.708579][ T38] mutex_lock_nested+0x16a/0x1d0 [ 894.708608][ T38] io_uring_del_tctx_node+0xf0/0x2c0 [ 894.708637][ T38] io_uring_clean_tctx+0xd4/0x1a0 [ 894.708664][ T38] ? __pfx_io_uring_clean_tctx+0x10/0x10 [ 894.708688][ T38] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 894.708716][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 894.708751][ T38] ? io_uring_drop_tctx_refs+0x108/0x1c0 [ 894.708786][ T38] io_uring_cancel_generic+0x6ca/0x7d0 [ 894.708831][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 894.708854][ T38] ? __pfx_io_uring_cancel_generic+0x10/0x10 [ 894.708882][ T38] ? reacquire_held_locks+0x127/0x1d0 [ 894.708913][ T38] ? __pfx_migrate_enable+0x10/0x10 [ 894.708940][ T38] ? __pfx_autoremove_wake_function+0x10/0x10 [ 894.708976][ T38] ? io_uring_unreg_ringfd+0x52f/0x540 [ 894.709011][ T38] do_exit+0x345/0x2300 [ 894.709030][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 894.709065][ T38] ? __lock_acquire+0xab9/0xd20 [ 894.709095][ T38] ? __pfx_do_exit+0x10/0x10 [ 894.709111][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 894.709138][ T38] ? rt_spin_lock+0x1bb/0x2c0 [ 894.709172][ T38] do_group_exit+0x21c/0x2d0 [ 894.709199][ T38] get_signal+0x125e/0x1310 [ 894.709252][ T38] arch_do_signal_or_restart+0x9a/0x750 [ 894.709278][ T38] ? __pfx_sched_core_share_pid+0x10/0x10 [ 894.709300][ T38] ? static_key_count+0x41/0x70 [ 894.709328][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 894.709373][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 894.709405][ T38] exit_to_user_mode_loop+0x75/0x110 [ 894.709433][ T38] do_syscall_64+0x2bd/0x3b0 [ 894.709461][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 894.709487][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.709506][ T38] ? clear_bhb_loop+0x60/0xb0 [ 894.709532][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.709552][ T38] RIP: 0033:0x7f51128febe9 [ 894.709570][ T38] RSP: 002b:00007f5110b66038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 894.709590][ T38] RAX: 0000000000000000 RBX: 00007f5112b35fa0 RCX: 00007f51128febe9 [ 894.709604][ T38] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e [ 894.709617][ T38] RBP: 00007f5112981e19 R08: 0000000000000000 R09: 0000000000000000 [ 894.709630][ T38] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 894.709643][ T38] R13: 00007f5112b36038 R14: 00007f5112b35fa0 R15: 00007ffeecdebb08 [ 894.709678][ T38] [ 894.709704][ T38] [ 894.709704][ T38] Showing all locks held in the system: [ 894.709715][ T38] 2 locks held by rcuc/1/28: [ 894.709726][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.709794][ T38] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.709847][ T38] 2 locks held by ksoftirqd/1/30: [ 894.709858][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.709909][ T38] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.709962][ T38] 1 lock held by khungtaskd/38: [ 894.709973][ T38] #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 894.710026][ T38] 3 locks held by kworker/u8:5/169: [ 894.710037][ T38] #0: ffff88814c8d3138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 894.710089][ T38] #1: ffffc90003a87bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 894.710142][ T38] #2: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 894.710196][ T38] 3 locks held by kworker/u8:8/1121: [ 894.710207][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 894.710261][ T38] #1: ffffc90004887bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 894.710312][ T38] #2: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 894.710381][ T38] 2 locks held by kworker/u8:9/3498: [ 894.710395][ T38] 2 locks held by getty/5594: [ 894.710406][ T38] #0: ffff88823bf6a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 894.710462][ T38] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 894.710511][ T38] 1 lock held by syz-executor/5844: [ 894.710523][ T38] #0: ffffffff8d9ae570 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 894.710572][ T38] 8 locks held by kworker/R-wg-cr/5876: [ 894.710584][ T38] 2 locks held by kworker/R-wg-cr/5879: [ 894.710601][ T38] 2 locks held by kworker/1:6/6512: [ 894.710613][ T38] 4 locks held by kworker/1:7/7475: [ 894.710624][ T38] #0: ffff88805c8ef938 ((wq_completion)wg-crypt-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 894.710682][ T38] #1: ffffc9001b837bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 894.710735][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.710795][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.710850][ T38] 2 locks held by kworker/1:8/9387: [ 894.710866][ T38] 1 lock held by syz.4.1725/11517: [ 894.710878][ T38] #0: ffff888010ce4098 (&ctx->uring_lock){+.+.}-{4:4}, at: io_uring_del_tctx_node+0xf0/0x2c0 [ 894.710928][ T38] 4 locks held by syz.4.1725/11521: [ 894.710939][ T38] #0: ffff888010ce4098 (&ctx->uring_lock){+.+.}-{4:4}, at: io_handle_tw_list+0x1a7/0x4c0 [ 894.710991][ T38] #1: ffff88806036df50 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_accept+0x90/0x780 [ 894.711043][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.711093][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.711145][ T38] 1 lock held by syz.2.1746/11571: [ 894.711157][ T38] #0: ffffffff8d9ae570 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 894.711203][ T38] 1 lock held by syz-executor/11575: [ 894.711215][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 894.711268][ T38] 1 lock held by syz-executor/11580: [ 894.711280][ T38] #0: ffffffff8d9ae570 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 894.711327][ T38] 4 locks held by kworker/1:12/11592: [ 894.711338][ T38] #0: ffff88805c888d38 ((wq_completion)wg-crypt-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 894.711397][ T38] #1: ffffc9000c967bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 894.711450][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.711498][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.711551][ T38] 1 lock held by syz-executor/11645: [ 894.711563][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 894.711614][ T38] 1 lock held by syz.0.1775/11667: [ 894.711625][ T38] #0: ffffffff8d9ae570 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 894.711672][ T38] 1 lock held by syz-executor/11674: [ 894.711683][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 894.711729][ T38] 1 lock held by syz-executor/11676: [ 894.711749][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_newaddr+0x5b7/0xd20 [ 894.711800][ T38] 2 locks held by syz-executor/11679: [ 894.711811][ T38] #0: ffffffff8ecc5a20 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0 [ 894.711862][ T38] #1: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800 [ 894.711911][ T38] 1 lock held by syz-executor/11682: [ 894.711922][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70 [ 894.711974][ T38] 1 lock held by syz-executor/11696: [ 894.711985][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 894.712036][ T38] 4 locks held by kworker/1:17/11703: [ 894.712047][ T38] #0: ffff888039d6e138 ((wq_completion)wg-crypt-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 894.712104][ T38] #1: ffffc9000c4ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 894.712173][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 894.712224][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 894.712276][ T38] 4 locks held by kworker/1:18/11704: [ 894.712289][ T38] 1 lock held by syz-executor/11716: [ 894.712301][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 894.712348][ T38] 1 lock held by syz-executor/11719: [ 894.712359][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 894.712405][ T38] 1 lock held by syz-executor/11723: [ 894.712416][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 894.712461][ T38] 1 lock held by syz-executor/11726: [ 894.712473][ T38] #0: ffffffff8ecd2938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 894.712517][ T38] [ 894.712522][ T38] ============================================= [ 894.712522][ T38] [ 894.712532][ T38] NMI backtrace for cpu 0 [ 894.712546][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 894.712568][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 894.712580][ T38] Call Trace: [ 894.712588][ T38] [ 894.712596][ T38] dump_stack_lvl+0x189/0x250 [ 894.712630][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 894.712659][ T38] ? __pfx__printk+0x10/0x10 [ 894.712696][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 894.712724][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 894.712758][ T38] ? __pfx__printk+0x10/0x10 [ 894.712785][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 894.712813][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 894.712839][ T38] watchdog+0xf93/0xfe0 [ 894.712871][ T38] ? watchdog+0x1de/0xfe0 [ 894.712904][ T38] kthread+0x70e/0x8a0 [ 894.712938][ T38] ? __pfx_watchdog+0x10/0x10 [ 894.712963][ T38] ? __pfx_kthread+0x10/0x10 [ 894.712999][ T38] ? __pfx_kthread+0x10/0x10 [ 894.713030][ T38] ret_from_fork+0x3f9/0x770 [ 894.713060][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 894.713094][ T38] ? __switch_to_asm+0x39/0x70 [ 894.713111][ T38] ? __switch_to_asm+0x33/0x70 [ 894.713129][ T38] ? __pfx_kthread+0x10/0x10 [ 894.713161][ T38] ret_from_fork_asm+0x1a/0x30 [ 894.713198][ T38] [ 894.713206][ T38] Sending NMI from CPU 0 to CPUs 1: [ 894.713236][ C1] NMI backtrace for cpu 1 [ 894.713254][ C1] CPU: 1 UID: 0 PID: 5876 Comm: kworker/R-wg-cr Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 894.713273][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 894.713284][ C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 894.713305][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x2b/0xa0 [ 894.713327][ C1] Code: 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 f0 f5 91 65 44 8b 05 b7 8d 37 10 41 81 e0 00 00 ff 00 ba 00 01 00 00 23 91 0c 0b 00 00 <41> 89 d1 45 09 c1 74 12 45 85 c0 75 5f 85 d2 74 5b 83 b9 d4 15 00 [ 894.713341][ C1] RSP: 0018:ffffc90004dc6be8 EFLAGS: 00000206 [ 894.713355][ C1] RAX: ffffffff88d809dd RBX: 0000000000000001 RCX: ffff888034115940 [ 894.713367][ C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 0000000000000002 [ 894.713383][ C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 1ffffffff1e3aa26 [ 894.713394][ C1] R10: dffffc0000000000 R11: fffffbfff1e3aa27 R12: 1ffff920009b8db0 [ 894.713406][ C1] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000 [ 894.713417][ C1] FS: 0000000000000000(0000) GS:ffff8881269c1000(0000) knlGS:0000000000000000 [ 894.713431][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 894.713442][ C1] CR2: 0000000000000000 CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 894.713459][ C1] Call Trace: [ 894.713465][ C1] [ 894.713470][ C1] trace_consume_skb+0x6d/0x1f0 [ 894.713505][ C1] consume_skb+0x58/0xf0 [ 894.713525][ C1] nft_synproxy_eval_v4+0x376/0x560 [ 894.713552][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 894.713576][ C1] ? nf_ip_checksum+0x13c/0x510 [ 894.713601][ C1] nft_synproxy_do_eval+0x345/0x570 [ 894.713626][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 894.713649][ C1] ? __pfx___ip_vs_conn_in_get+0x10/0x10 [ 894.713671][ C1] nft_do_chain+0x40c/0x1920 [ 894.713700][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 894.713725][ C1] ? __pfx_ip_vs_conn_out_get_proto+0x10/0x10 [ 894.713751][ C1] ? ip_vs_out_hook+0x9b5/0xef0 [ 894.713768][ C1] ? __pfx_ip_vs_in_hook+0x10/0x10 [ 894.713787][ C1] nft_do_chain_inet+0x25d/0x340 [ 894.713809][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 894.713837][ C1] ? NF_HOOK+0x9a/0x3a0 [ 894.713855][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 894.713878][ C1] nf_hook_slow+0xc2/0x220 [ 894.713899][ C1] NF_HOOK+0x206/0x3a0 [ 894.713918][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 894.713937][ C1] ? NF_HOOK+0x9a/0x3a0 [ 894.713954][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 894.713970][ C1] ? ip_rcv_finish_core+0xda3/0x1c00 [ 894.713990][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 894.714010][ C1] ? skb_dst+0x4f/0xd0 [ 894.714029][ C1] ? ip_local_deliver+0x12a/0x1b0 [ 894.714049][ C1] NF_HOOK+0x309/0x3a0 [ 894.714067][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 894.714085][ C1] ? NF_HOOK+0x9a/0x3a0 [ 894.714102][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 894.714120][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 894.714144][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 894.714161][ C1] __netif_receive_skb+0x143/0x380 [ 894.714178][ C1] ? rt_spin_unlock+0x65/0x80 [ 894.714196][ C1] ? process_backlog+0x27b/0x900 [ 894.714213][ C1] process_backlog+0x31e/0x900 [ 894.714237][ C1] __napi_poll+0xb3/0x540 [ 894.714256][ C1] net_rx_action+0x707/0xe00 [ 894.714283][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 894.714304][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 894.714327][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 894.714349][ C1] handle_softirqs+0x22f/0x710 [ 894.714373][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 894.714397][ C1] __local_bh_enable_ip+0x179/0x270 [ 894.714416][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 894.714440][ C1] ? wg_packet_tx_worker+0x24a/0x7c0 [ 894.714459][ C1] ? wg_packet_tx_worker+0x24a/0x7c0 [ 894.714477][ C1] wg_packet_tx_worker+0x586/0x7c0 [ 894.714502][ C1] ? wg_packet_tx_worker+0x24a/0x7c0 [ 894.714520][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 894.714541][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 894.714561][ C1] process_scheduled_works+0xade/0x17b0 [ 894.714593][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 894.714616][ C1] ? assign_work+0x381/0x410 [ 894.714637][ C1] rescuer_thread+0x53c/0xdd0 [ 894.714659][ C1] ? rescuer_thread+0xbb/0xdd0 [ 894.714688][ C1] kthread+0x70e/0x8a0 [ 894.714711][ C1] ? __pfx_rescuer_thread+0x10/0x10 [ 894.714731][ C1] ? __pfx_kthread+0x10/0x10 [ 894.714756][ C1] ? __pfx_kthread+0x10/0x10 [ 894.714777][ C1] ret_from_fork+0x3f9/0x770 [ 894.714798][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 894.714820][ C1] ? __switch_to_asm+0x39/0x70 [ 894.714834][ C1] ? __switch_to_asm+0x33/0x70 [ 894.714848][ C1] ? __pfx_kthread+0x10/0x10 [ 894.714870][ C1] ret_from_fork_asm+0x1a/0x30 [ 894.714892][ C1] [ 894.884326][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 894.884351][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 894.884375][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 894.884388][ T38] Call Trace: [ 894.884396][ T38] [ 894.884407][ T38] dump_stack_lvl+0x99/0x250 [ 894.884442][ T38] ? __asan_memcpy+0x40/0x70 [ 894.884465][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 894.884493][ T38] ? __pfx__printk+0x10/0x10 [ 894.884531][ T38] vpanic+0x281/0x750 [ 894.884564][ T38] ? __pfx_vpanic+0x10/0x10 [ 894.884592][ T38] ? preempt_schedule+0xae/0xc0 [ 894.884621][ T38] ? preempt_schedule_common+0x83/0xd0 [ 894.884654][ T38] panic+0xb9/0xc0 [ 894.884683][ T38] ? __pfx_panic+0x10/0x10 [ 894.884714][ T38] ? preempt_schedule_thunk+0x16/0x30 [ 894.884754][ T38] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 894.884780][ T38] watchdog+0xfd2/0xfe0 [ 894.884814][ T38] ? watchdog+0x1de/0xfe0 [ 894.884846][ T38] kthread+0x70e/0x8a0 [ 894.884881][ T38] ? __pfx_watchdog+0x10/0x10 [ 894.884907][ T38] ? __pfx_kthread+0x10/0x10 [ 894.884943][ T38] ? __pfx_kthread+0x10/0x10 [ 894.884974][ T38] ret_from_fork+0x3f9/0x770 [ 894.885005][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 894.885037][ T38] ? __switch_to_asm+0x39/0x70 [ 894.885056][ T38] ? __switch_to_asm+0x33/0x70 [ 894.885074][ T38] ? __pfx_kthread+0x10/0x10 [ 894.885107][ T38] ret_from_fork_asm+0x1a/0x30 [ 894.885144][ T38] [ 894.885842][ T38] Kernel Offset: disabled