last executing test programs: 10m28.972517143s ago: executing program 4 (id=94): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000002180)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff814f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c36981edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ce852364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b00000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb4acff907560500ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ad72a89a7f6d74126f327bf7dfa718d3e1e9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d7462c080c159ce40c14089c82759106f425a2554644b2582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9c35f4259e3452b53ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788"], &(0x7f0000000340)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2f, 0x6000004d, &(0x7f0000000100)="b90000000044268cb89e14f086dd65e0ffff01032c00631177fbac141416e000030a44079f030000000000000000000000222f050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa007346111960500000000000000000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000ac0)="4313a5e1de73ef94a52904aad04fce16f49604c1dc63d9c8cc35e6d2e21bad5f52f04dde32f51f1857b0a340996c2daaeef13787fa577badae0fbafd3f609eda08ec9ebbeddabc201ebe14f7634882897578faa4a3fc0438525683562027d26fe8d349e08100ac9f654e6e2e4b2dc800652266b0720296c690c6b47afecc028741048e97cfdd5a078b1ba3fde5b21f61b40bf334853a68f5", &(0x7f0000000a00), 0x0, 0x700}, 0x2c) 10m28.752626516s ago: executing program 4 (id=97): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000008c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d48001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008000001800b6fcf1a22796e73657400000800", @ANYRES64=r0], 0xd4}, 0x1, 0x0, 0x0, 0x20044841}, 0x44) 10m28.541573229s ago: executing program 4 (id=100): socket$unix(0x1, 0x1, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = epoll_create(0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x40210, 0xffffffffffffffff, 0xf8238000) r2 = syz_open_procfs(0x0, &(0x7f0000000300)='io\x00') pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0) r3 = epoll_create1(0x0) r4 = shmget$private(0x0, 0x1000, 0x1000, &(0x7f00009b7000/0x1000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRESHEX=r0, @ANYRESOCT, @ANYRES32, @ANYBLOB="00000000b8750000223d4d89000000000000000000000000000000002c2a9af3eab13ff39cf116c9fac641a8ddf8"], 0x48) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x40240, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x200010) sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7) r5 = getpid() sched_setscheduler(r5, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setgroups(0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4000) shmctl$IPC_RMID(r4, 0x0) shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000001b80)=""/71) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000180)) poll(&(0x7f0000000080), 0x20000000000003b4, 0xffff568d) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0xe, 0xa, 0x9}]}, 0x10) 10m27.190914655s ago: executing program 4 (id=105): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b145b, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) 10m26.896498275s ago: executing program 4 (id=107): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000002180)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff814f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c36981edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ce852364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b00000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb4acff907560500ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ad72a89a7f6d74126f327bf7dfa718d3e1e9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d7462c080c159ce40c14089c82759106f425a2554644b2582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9c35f4259e3452b53ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788"], &(0x7f0000000340)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2f, 0x6000004d, &(0x7f0000000100)="b90000000044268cb89e14f086dd65e0ffff01032c00631177fbac141416e000030a44079f030000000000000000000000222f050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa007346111960500000000000000000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000ac0)="4313a5e1de73ef94a52904aad04fce16f49604c1dc63d9c8cc35e6d2e21bad5f52f04dde32f51f1857b0a340996c2daaeef13787fa577badae0fbafd3f609eda08ec9ebbeddabc201ebe14f7634882897578faa4a3fc0438525683562027d26fe8d349e08100ac9f654e6e2e4b2dc800652266b0720296c690c6b47afecc028741048e97cfdd5a078b1ba3fde5b21f61b40bf334853a68f5", &(0x7f0000000a00), 0x0, 0x700}, 0x2c) 10m26.122667012s ago: executing program 4 (id=116): fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) socket(0x28, 0x1, 0x0) epoll_create1(0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbd}]}) 10m24.89898254s ago: executing program 32 (id=116): fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) socket(0x28, 0x1, 0x0) epoll_create1(0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbd}]}) 2m48.664327494s ago: executing program 0 (id=3115): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000680)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x0, 0x0, 0x3ff}}}, 0x118) 2m48.608621039s ago: executing program 0 (id=3116): socket$packet(0x11, 0x3, 0x300) r0 = socket(0x40000000015, 0x5, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x37) syz_emit_vhci(&(0x7f00000011c0)=ANY=[@ANYRES32=r0], 0x10) 2m47.252671785s ago: executing program 0 (id=3118): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x2003}, 0x94) recvmmsg(r0, &(0x7f0000007280)=[{{0x0, 0x0, &(0x7f0000004000)=[{0x0}, {&(0x7f00000070c0)=""/148, 0x94}], 0x2}, 0x3}], 0x1, 0x101, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2m47.036543131s ago: executing program 1 (id=3121): getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) ptrace$ARCH_SHSTK_LOCK(0x1e, 0x0, 0x2, 0x5003) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000b80), 0x103042, 0x0) write$sequencer(r1, &(0x7f0000000bc0)=[@t={0x81, 0x5, 0x6, 0x2, @generic=0x8b6c}], 0x8) 2m45.639530873s ago: executing program 1 (id=3123): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16, @ANYBLOB="a7"], 0x18}}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x11, 0x3, 0x4000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000880)={'ip6gretap0\x00', 0x0}) bind$packet(r1, &(0x7f0000000680)={0x11, 0xf6, r2, 0x1, 0x0, 0x6, @multicast}, 0x1b) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4) sendmsg$netlink(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000054}, 0x0) 2m44.936495777s ago: executing program 0 (id=3124): writev(0xffffffffffffffff, 0x0, 0x0) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x283a2, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 2m44.862381702s ago: executing program 0 (id=3125): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, 0x0, 0x1, 0x2, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c055}, 0x24004040) 2m44.720952035s ago: executing program 0 (id=3126): socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000280)) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, 0x0, 0x800) sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0xc008001, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffd}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) open(0x0, 0x4c37e, 0x0) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000000c0)='source', 0x0, r1) r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r2, 0xa) 2m43.984535542s ago: executing program 1 (id=3128): madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f00000c9000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0xffffffff, 0x0, 0x0, 0x2, 0x2c, 0xa, 0x6e, 0x20}) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0x3a, &(0x7f00000003c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x68, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@nop]}}}}}}}, 0x0) 2m43.53851411s ago: executing program 1 (id=3129): socket$kcm(0x23, 0x5, 0x0) r0 = syz_io_uring_setup(0x2051, &(0x7f0000000400)={0x0, 0x9be2, 0x800, 0x0, 0x400250}, 0x0, &(0x7f00000002c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=0x0, &(0x7f0000000240)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7}) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0) syz_io_uring_submit(r2, r1, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r3, 0x0, 0x0, 0x152, 0x105100, 0x23456}) io_uring_enter(r0, 0x627, 0xc1040000, 0x43, 0x0, 0x0) 2m41.234279133s ago: executing program 1 (id=3135): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000001140)=[{{&(0x7f0000004440)={0xa, 0x4e22, 0x0, @private1, 0x1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000080)='P', 0x1}], 0x1}}], 0x1, 0x1) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x80, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000380)={0x0, @in={{0x2, 0x6e20, @local}}}, 0x84) 2m39.747686656s ago: executing program 1 (id=3138): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003101a08, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETGROUP(r0, 0x400454ce, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40001, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x88c, 0x30, 0xffff, 0x70bd2d, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x1d, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x6, 0x0, 0x4e16, 0x4, 0x0, 0x9, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000002, 0x0, 0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x8000000, 0x4, 0x2, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10, 0x0, 0x6, 0x8a, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1ff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x3a4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x4, 0x0, 0x0, 0x3, 0x894e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4000000, 0x9, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4000000, 0x9, 0x0, 0x800, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x400400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x10, 0x0, 0x8, 0x7, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000, 0x0, 0x0, 0x319e, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x401]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x200001, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x5, 0xc}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0) 2m22.676921868s ago: executing program 33 (id=3138): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003101a08, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETGROUP(r0, 0x400454ce, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40001, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x88c, 0x30, 0xffff, 0x70bd2d, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x1d, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x6, 0x0, 0x4e16, 0x4, 0x0, 0x9, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000002, 0x0, 0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x8000000, 0x4, 0x2, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10, 0x0, 0x6, 0x8a, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1ff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x3a4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x4, 0x0, 0x0, 0x3, 0x894e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4000000, 0x9, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4000000, 0x9, 0x0, 0x800, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x400400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x10, 0x0, 0x8, 0x7, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000, 0x0, 0x0, 0x319e, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x401]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x200001, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x5, 0xc}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0) 1m53.752468319s ago: executing program 2 (id=3199): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0x12) lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01) 1m53.036938637s ago: executing program 2 (id=3202): syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x8, 0x2c, 0x0, @remote, @local, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 1m51.99438443s ago: executing program 2 (id=3204): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x4, 0x1000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) 1m49.45721374s ago: executing program 2 (id=3209): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x1000, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$video4linux(&(0x7f0000000000), 0x401, 0x400) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000002c0)={0x1, @win={{0xfd3, 0x36d, 0x9, 0xb}, 0x1, 0x75e, &(0x7f00000003c0)={{0x0, 0x1, 0x4f, 0x7}, &(0x7f0000000280)={{0xbf, 0x9, 0x8, 0x1}}}, 0xfffffff8, 0x0, 0x1}}) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) 1m41.134335669s ago: executing program 2 (id=3218): socket$kcm(0x10, 0x7, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000300)={0x0, "030000000000000023000000debd12ffff00000004000000001020000400", 0xffffffffffffffff}) fcntl$getown(r1, 0x9) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$vsock_stream(0x28, 0x1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 1m33.733258931s ago: executing program 2 (id=3227): ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r5 = socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(r5, 0x0, r5) openat$binderfs(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x305) 1m30.216188181s ago: executing program 3 (id=3229): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000840)={0x2c, &(0x7f00000005c0)={0x0, 0xe, 0x4, "d4c58c73"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1m25.006473249s ago: executing program 3 (id=3231): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x2, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xe, 0xc}, {0xfff3, 0x10}, {0xffe0, 0x5}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x3, 0xe83, 0x3, 0x0, 0x6, 0x80}}, {0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x403}, 0x20}, 0x1, 0xba01, 0x0, 0x6000000}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 1m22.846649575s ago: executing program 3 (id=3234): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010001d0025bd7000fadbdf2500000000", @ANYRES32=r1, @ANYBLOB="138000002b9201002400128009000100626f6e6400000000140002800800", @ANYRES64=r0], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000) 1m21.929698288s ago: executing program 3 (id=3236): timerfd_create(0x0, 0x0) timerfd_create(0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000001a40)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, @in={0x2, 0x0, @local}, @in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast1}], 0x40) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000050, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0xf6d, 0x0, 0xd, 0x0, 0x0, 0x4, 0x200000000000000, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x1000, 0x2000000000008, 0x9, 0x3, 0x8000000000005a, 0x3}) 1m21.326710572s ago: executing program 3 (id=3239): mknodat$loop(0xffffffffffffff9c, 0x0, 0x20, 0x1) r0 = syz_open_dev$dri(0x0, 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x689, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) writev(r4, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x14, 0x15, 0x301, 0x2, 0x0, {0xb}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) 1m19.51307783s ago: executing program 3 (id=3240): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000dc0)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5}) io_setup(0x239f, &(0x7f0000000380)) 1m17.956771392s ago: executing program 34 (id=3227): ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r5 = socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(r5, 0x0, r5) openat$binderfs(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x305) 1m4.019611297s ago: executing program 35 (id=3240): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000dc0)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5}) io_setup(0x239f, &(0x7f0000000380)) 7.284414307s ago: executing program 5 (id=3297): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x28}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 5.114116967s ago: executing program 5 (id=3298): mknod(&(0x7f0000000000)='./file0\x00', 0x6000, 0x77b) mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) 4.086932701s ago: executing program 5 (id=3299): bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x35c, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x41, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045) io_uring_setup(0x4ff1, &(0x7f0000000040)={0x0, 0x835c, 0xf000, 0x20000a, 0x20002f3}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x400c805}, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r4, &(0x7f0000001140)=[{{&(0x7f0000004440)={0xa, 0x4e22, 0x0, @private1, 0x1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000080)='P', 0x1}], 0x1}}], 0x1, 0x1) shutdown(r4, 0x1) setsockopt(r4, 0x84, 0x80, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 1.902195226s ago: executing program 5 (id=3300): r0 = socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f00000000c0)=@req={0x28, &(0x7f0000000000)={'macvtap0\x00', @ifru_flags=0x2000}}) 720.752144ms ago: executing program 5 (id=3301): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$inet_udp(0x2, 0x2, 0x0) r0 = syz_io_uring_setup(0x20c3, &(0x7f0000000400)={0x0, 0xea51, 0x3380, 0x1, 0x40024d}, 0x0, 0x0) syz_io_uring_setup(0x30a, &(0x7f0000000680)={0x0, 0x80334c, 0x400, 0x2, 0x3d3, 0x0, r0}, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="ec0000001000010800"/20, @ANYRES32=r4, @ANYBLOB="0b00000000000000cc001a8018000a80140007"], 0xec}}, 0x0) 0s ago: executing program 5 (id=3302): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40186f40, 0x0) syz_open_procfs(0x0, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000002c80)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0) kernel console output (not intermixed with test programs): U to 1532 would solve the problem. [ 97.810209][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.813248][ T5822] team0: Port device team_slave_0 added [ 97.844198][ T5821] Bluetooth: hci4: command tx timeout [ 97.881896][ T5822] team0: Port device team_slave_1 added [ 97.946941][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.946958][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.946981][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.953583][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.953598][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.953621][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.999879][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.999896][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.999919][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.022447][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.022462][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.022486][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.045177][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.045194][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.045217][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.093303][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.093320][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.093343][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.106249][ T5808] hsr_slave_0: entered promiscuous mode [ 98.107702][ T5808] hsr_slave_1: entered promiscuous mode [ 98.123599][ T5810] hsr_slave_0: entered promiscuous mode [ 98.125713][ T5810] hsr_slave_1: entered promiscuous mode [ 98.126720][ T5810] debugfs: 'hsr0' already exists in 'hsr' [ 98.126835][ T5810] Cannot create hsr debugfs directory [ 98.278860][ T5809] hsr_slave_0: entered promiscuous mode [ 98.279626][ T5809] hsr_slave_1: entered promiscuous mode [ 98.280110][ T5809] debugfs: 'hsr0' already exists in 'hsr' [ 98.280131][ T5809] Cannot create hsr debugfs directory [ 98.321658][ T5813] hsr_slave_0: entered promiscuous mode [ 98.322415][ T5813] hsr_slave_1: entered promiscuous mode [ 98.322914][ T5813] debugfs: 'hsr0' already exists in 'hsr' [ 98.322936][ T5813] Cannot create hsr debugfs directory [ 98.382272][ T5822] hsr_slave_0: entered promiscuous mode [ 98.383132][ T5822] hsr_slave_1: entered promiscuous mode [ 98.383639][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 98.383660][ T5822] Cannot create hsr debugfs directory [ 99.336248][ T5808] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 99.382459][ T5808] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 99.400001][ T5808] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 99.455955][ T5808] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 99.564772][ T5810] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.613396][ T5810] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.649573][ T5810] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 99.685965][ T5810] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.764628][ T5821] Bluetooth: hci0: command tx timeout [ 99.764656][ T5821] Bluetooth: hci2: command tx timeout [ 99.816278][ T5809] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 99.844251][ T5127] Bluetooth: hci1: command tx timeout [ 99.844284][ T5127] Bluetooth: hci3: command tx timeout [ 99.852708][ T5809] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 99.908557][ T5809] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 99.925440][ T5127] Bluetooth: hci4: command tx timeout [ 99.974900][ T5809] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 100.109413][ T5813] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 100.142499][ T5813] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 100.174107][ T5813] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 100.202528][ T5813] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 100.317485][ T5822] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 100.360377][ T5822] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 100.385617][ T5822] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 100.426815][ T5822] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 100.468257][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.525505][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.552653][ T5808] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.585655][ T177] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.586004][ T177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.617855][ T3633] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.618655][ T3633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.635514][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.669030][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.669145][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.695750][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.706819][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.707530][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.778609][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.803325][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.823427][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.823609][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.858938][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.859052][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.932610][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.956800][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.987874][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.988394][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.039252][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.039441][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.093276][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.159726][ T3633] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.159855][ T3633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.191264][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.201335][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.452562][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.495883][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.647474][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.728175][ T5808] veth0_vlan: entered promiscuous mode [ 101.748990][ T5810] veth0_vlan: entered promiscuous mode [ 101.768309][ T5808] veth1_vlan: entered promiscuous mode [ 101.790108][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.811186][ T5810] veth1_vlan: entered promiscuous mode [ 101.845302][ T5127] Bluetooth: hci2: command tx timeout [ 101.845332][ T5127] Bluetooth: hci0: command tx timeout [ 101.881270][ T5809] veth0_vlan: entered promiscuous mode [ 101.897842][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.922551][ T5808] veth0_macvtap: entered promiscuous mode [ 101.924350][ T5821] Bluetooth: hci3: command tx timeout [ 101.924374][ T5821] Bluetooth: hci1: command tx timeout [ 101.941518][ T5809] veth1_vlan: entered promiscuous mode [ 101.965945][ T5808] veth1_macvtap: entered promiscuous mode [ 101.981198][ T5810] veth0_macvtap: entered promiscuous mode [ 102.004744][ T5127] Bluetooth: hci4: command tx timeout [ 102.034642][ T5810] veth1_macvtap: entered promiscuous mode [ 102.039152][ T5813] veth0_vlan: entered promiscuous mode [ 102.073565][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.119625][ T5813] veth1_vlan: entered promiscuous mode [ 102.132206][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.142993][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.177396][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.180897][ T177] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.183430][ T5809] veth0_macvtap: entered promiscuous mode [ 102.211343][ T177] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.224811][ T177] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.229184][ T1491] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.258395][ T5809] veth1_macvtap: entered promiscuous mode [ 102.260586][ T1491] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.266002][ T1491] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.330330][ T1491] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.353507][ T1491] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.497875][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.593818][ T5813] veth0_macvtap: entered promiscuous mode [ 102.600625][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.702681][ T5813] veth1_macvtap: entered promiscuous mode [ 102.713519][ T1491] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.723436][ T1491] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.738369][ T1491] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.739796][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.739809][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.773661][ T1491] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.839947][ T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.839969][ T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.932449][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.932674][ T5822] veth0_vlan: entered promiscuous mode [ 102.966477][ T3679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.966495][ T3679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.062301][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.074492][ T3679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.074507][ T3679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.107271][ T5822] veth1_vlan: entered promiscuous mode [ 103.123342][ T177] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.123611][ T177] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.131019][ T177] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.131240][ T177] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.212056][ T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.212076][ T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.435917][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.435936][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.531325][ T5822] veth0_macvtap: entered promiscuous mode [ 103.600010][ T5822] veth1_macvtap: entered promiscuous mode [ 103.604356][ T1491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.604376][ T1491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.702005][ T3679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.702023][ T3679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.721125][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.755902][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.820069][ T3633] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.820117][ T3633] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.820148][ T3633] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.820180][ T3633] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.922890][ T5928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 103.924491][ T5821] Bluetooth: hci2: command tx timeout [ 103.924533][ T5127] Bluetooth: hci0: command tx timeout [ 104.005645][ T5821] Bluetooth: hci3: command tx timeout [ 104.005689][ T5127] Bluetooth: hci1: command tx timeout [ 104.085928][ T5127] Bluetooth: hci4: command tx timeout [ 104.252817][ T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.252838][ T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.373504][ T3739] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.373524][ T3739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.649094][ T5959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16'. [ 106.710283][ T5988] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29'. [ 107.239946][ T6000] netlink: 'syz.1.36': attribute type 10 has an invalid length. [ 108.376430][ T6000] team0: Device wg1 is of different type [ 108.709351][ T6019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.42'. [ 109.755307][ T6031] netlink: 24 bytes leftover after parsing attributes in process `syz.2.46'. [ 111.484503][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.55'. [ 113.928458][ T6093] netlink: 8 bytes leftover after parsing attributes in process `syz.1.71'. [ 114.279465][ T6105] netlink: 144 bytes leftover after parsing attributes in process `syz.0.74'. [ 114.279669][ T6105] Zero length message leads to an empty skb [ 115.264095][ T38] audit: type=1326 audit(1773120237.462:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.264140][ T38] audit: type=1326 audit(1773120237.462:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.302893][ T38] audit: type=1326 audit(1773120237.502:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.304528][ T38] audit: type=1326 audit(1773120237.502:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.304570][ T38] audit: type=1326 audit(1773120237.512:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.322662][ T38] audit: type=1326 audit(1773120237.512:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.322708][ T38] audit: type=1326 audit(1773120237.522:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.322744][ T38] audit: type=1326 audit(1773120237.522:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 115.322780][ T38] audit: type=1326 audit(1773120237.522:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6110 comm="syz.0.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 116.538821][ T6115] 8021q: adding VLAN 0 to HW filter on device bond1 [ 116.558595][ T6116] vlan2: entered allmulticast mode [ 116.558610][ T6116] bond1: entered allmulticast mode [ 117.205645][ T38] audit: type=1326 audit(1773120239.402:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6120 comm="syz.1.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x7ffc0000 [ 117.583770][ T6148] netlink: 144 bytes leftover after parsing attributes in process `syz.2.87'. [ 119.650853][ T6179] netlink: 144 bytes leftover after parsing attributes in process `syz.3.103'. [ 120.715573][ T6186] ======================================================= [ 120.715573][ T6186] WARNING: The mand mount option has been deprecated and [ 120.715573][ T6186] and is ignored by this kernel. Remove the mand [ 120.715573][ T6186] option from the mount to silence this warning. [ 120.715573][ T6186] ======================================================= [ 121.647031][ T6205] netlink: 144 bytes leftover after parsing attributes in process `syz.2.114'. [ 122.086103][ T6193] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.097922][ T6193] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 122.787244][ T6193] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 122.852003][ T6193] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.852118][ T6193] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 122.963510][ T6193] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 123.994018][ T6193] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.994168][ T6193] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.074066][ T5127] Bluetooth: hci0: command 0x0c1a tx timeout [ 124.155835][ T6193] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.219728][ T1491] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.274057][ T6193] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.274217][ T6193] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.370999][ T6193] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.473703][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 124.480885][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 124.482871][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 124.485568][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 124.486380][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 124.802752][ T1491] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.522134][ T5821] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.642755][ T5821] Bluetooth: hci4: command tx timeout [ 126.824086][ T5127] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.824093][ T5811] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.825510][ T5821] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.956132][ T6265] Driver unsupported XDP return value 0 on prog (id 14) dev N/A, expect packet loss! [ 126.992076][ T1491] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.524602][ T5821] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.416421][ T1491] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.579765][ T6303] netlink: 'syz.0.154': attribute type 1 has an invalid length. [ 128.579989][ T6303] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 128.580000][ T6303] IPv6: NLM_F_CREATE should be set when creating new route [ 128.580117][ T6303] IPv6: NLM_F_CREATE should be set when creating new route [ 128.655109][ T5821] Bluetooth: hci4: command tx timeout [ 128.885331][ T5821] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.885366][ T5821] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.885388][ T5821] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.605967][ T5127] Bluetooth: hci1: command 0x0c1a tx timeout [ 130.358581][ T6219] chnl_net:caif_netlink_parms(): no params data found [ 130.475060][ T1491] bridge_slave_1: left allmulticast mode [ 130.475239][ T1491] bridge_slave_1: left promiscuous mode [ 130.477606][ T1491] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.655586][ T1491] bridge_slave_0: left allmulticast mode [ 130.655613][ T1491] bridge_slave_0: left promiscuous mode [ 130.694463][ T1491] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.724000][ T5127] Bluetooth: hci4: command tx timeout [ 130.774294][ T6363] netlink: 'syz.1.175': attribute type 1 has an invalid length. [ 130.774314][ T6363] netlink: 108 bytes leftover after parsing attributes in process `syz.1.175'. [ 130.964012][ T5127] Bluetooth: hci2: command 0x0c1a tx timeout [ 130.964046][ T5127] Bluetooth: hci3: command 0x0c1a tx timeout [ 132.770149][ T38] kauditd_printk_skb: 50 callbacks suppressed [ 132.770168][ T38] audit: type=1326 audit(1773120254.972:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6386 comm="syz.0.182" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 132.771062][ T6411] netlink: 144 bytes leftover after parsing attributes in process `syz.3.191'. [ 132.804098][ T5821] Bluetooth: hci4: command tx timeout [ 134.384191][ T6438] netlink: 144 bytes leftover after parsing attributes in process `syz.0.202'. [ 134.474992][ T1491] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.587002][ T6445] usb usb9: usbfs: process 6445 (syz.0.206) did not claim interface 0 before use [ 134.619936][ T1491] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.638755][ T5913] IPVS: starting estimator thread 0... [ 134.641946][ T6451] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 134.685563][ T1491] bond0 (unregistering): Released all slaves [ 134.746311][ T6452] IPVS: using max 9 ests per chain, 21600 per kthread [ 134.751936][ T38] audit: type=1326 audit(1773120256.952:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6449 comm="syz.2.207" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 135.153317][ T6468] netlink: 144 bytes leftover after parsing attributes in process `syz.3.215'. [ 136.539806][ T6219] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.552409][ T6219] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.552627][ T6219] bridge_slave_0: entered allmulticast mode [ 136.571389][ T6219] bridge_slave_0: entered promiscuous mode [ 136.583318][ T6219] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.583448][ T6219] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.583646][ T6219] bridge_slave_1: entered allmulticast mode [ 136.607499][ T6488] mmap: syz.3.219 (6488) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 136.607558][ T6219] bridge_slave_1: entered promiscuous mode [ 137.019281][ T6502] netlink: 144 bytes leftover after parsing attributes in process `syz.0.225'. [ 137.552384][ T6219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.575484][ T6219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.659298][ T6219] team0: Port device team_slave_0 added [ 137.731269][ T6219] team0: Port device team_slave_1 added [ 138.504498][ T38] audit: type=1326 audit(1773120260.702:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6517 comm="syz.2.229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 138.539497][ T6219] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.539513][ T6219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 138.539535][ T6219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.545304][ T6219] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.545320][ T6219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 138.545343][ T6219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.664208][ T6539] netlink: 144 bytes leftover after parsing attributes in process `syz.1.236'. [ 138.853687][ T6543] netlink: 44 bytes leftover after parsing attributes in process `syz.0.238'. [ 139.526870][ T6555] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 139.530319][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.530414][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.654383][ T1491] hsr_slave_0: left promiscuous mode [ 139.696077][ T1491] hsr_slave_1: left promiscuous mode [ 139.734579][ T1491] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 139.734669][ T1491] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 139.788074][ T1491] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.788108][ T1491] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.891562][ T1491] veth1_macvtap: left promiscuous mode [ 139.891792][ T1491] veth0_macvtap: left promiscuous mode [ 139.893649][ T1491] veth1_vlan: left promiscuous mode [ 139.913133][ T1491] veth0_vlan: left promiscuous mode [ 140.099660][ C1] vcan0: j1939_tp_rxtimer: 0xffff888061271800: rx timeout, send abort [ 140.600476][ C1] vcan0: j1939_tp_rxtimer: 0xffff888061271800: abort rx timeout. Force session deactivation [ 140.603374][ C1] vcan0: j1939_tp_rxtimer: 0xffff888061270c00: rx timeout, send abort [ 140.740603][ T38] audit: type=1326 audit(1773120262.942:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6572 comm="syz.1.249" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x0 [ 140.987770][ T1491] team0 (unregistering): Port device team_slave_1 removed [ 141.044834][ T1491] team0 (unregistering): Port device team_slave_0 removed [ 141.103442][ C1] vcan0: j1939_tp_rxtimer: 0xffff888061270c00: abort rx timeout. Force session deactivation [ 141.104832][ T6585] netlink: 44 bytes leftover after parsing attributes in process `syz.1.252'. [ 141.691051][ T6219] hsr_slave_0: entered promiscuous mode [ 141.693534][ T6219] hsr_slave_1: entered promiscuous mode [ 141.700029][ T6219] debugfs: 'hsr0' already exists in 'hsr' [ 141.700054][ T6219] Cannot create hsr debugfs directory [ 142.293993][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 142.748808][ T6616] netlink: 44 bytes leftover after parsing attributes in process `syz.1.262'. [ 142.979408][ T6219] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 143.054552][ T6219] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 143.257369][ T6219] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 143.345703][ T6219] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 143.714445][ T38] audit: type=1326 audit(1773120265.912:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.0.261" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 143.967318][ T6219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.089140][ T6219] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.112979][ T3739] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.113239][ T3739] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.233117][ T3739] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.233264][ T3739] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.814501][ T6219] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.230035][ T6704] netlink: 12 bytes leftover after parsing attributes in process `syz.3.278'. [ 147.688954][ T6715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.282'. [ 149.238412][ T6219] veth0_vlan: entered promiscuous mode [ 149.361065][ T6219] veth1_vlan: entered promiscuous mode [ 149.575076][ T6219] veth0_macvtap: entered promiscuous mode [ 149.598678][ T6219] veth1_macvtap: entered promiscuous mode [ 149.672353][ T6219] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.736907][ T38] audit: type=1326 audit(1773120271.942:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6702 comm="syz.3.278" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x0 [ 149.741890][ T6219] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.884066][ T159] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.904077][ T159] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.912891][ T159] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.917142][ T159] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.198872][ T6757] netlink: 20 bytes leftover after parsing attributes in process `syz.0.295'. [ 151.451571][ T3679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.451590][ T3679] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.883295][ T1366] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.883316][ T1366] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.239829][ T6796] netlink: 12 bytes leftover after parsing attributes in process `syz.3.308'. [ 154.133667][ T6801] netlink: 16 bytes leftover after parsing attributes in process `syz.5.309'. [ 154.749339][ T38] audit: type=1326 audit(1773120276.952:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6794 comm="syz.3.308" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x0 [ 155.099945][ T6827] netlink: 'syz.1.319': attribute type 27 has an invalid length. [ 157.268267][ T6827] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.288601][ T6827] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.546157][ T6861] netlink: 12 bytes leftover after parsing attributes in process `syz.2.333'. [ 158.554439][ T38] audit: type=1326 audit(1773120280.752:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6860 comm="syz.2.333" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 159.759678][ T6827] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.796711][ T6827] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.958076][ T6832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.959085][ T6832] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.984773][ T6832] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 161.064828][ T177] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.146639][ T177] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.491215][ T38] audit: type=1326 audit(1773120284.692:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.1.351" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x0 [ 162.651948][ T177] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.685356][ T177] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.085971][ T6938] macsec1: entered allmulticast mode [ 163.085993][ T6938] macsec0: entered allmulticast mode [ 163.086004][ T6938] veth1_macvtap: entered allmulticast mode [ 164.076961][ T38] audit: type=1326 audit(1773120286.282:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6972 comm="syz.2.368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 166.412623][ T7051] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 166.412640][ T7051] IPv6: NLM_F_CREATE should be set when creating new route [ 166.452214][ T5893] IPVS: starting estimator thread 0... [ 166.469458][ T7048] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 166.758774][ T7053] IPVS: using max 9 ests per chain, 21600 per kthread [ 167.603664][ T38] audit: type=1326 audit(1773120289.802:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7056 comm="syz.0.396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 169.110692][ T38] audit: type=1326 audit(1773120291.312:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7133 comm="syz.1.422" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x0 [ 169.472826][ T1366] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.478859][ T1366] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.480479][ T96] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.480516][ T96] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.496127][ T1115] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.496996][ T1115] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.497035][ T1115] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.497068][ T1115] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 171.733323][ T7210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.452'. [ 172.040907][ T38] audit: type=1326 audit(1773120294.242:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7199 comm="syz.2.448" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 173.507513][ T7252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'. [ 174.728272][ T38] audit: type=1326 audit(1773120296.922:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7249 comm="syz.2.468" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 176.526782][ T38] audit: type=1326 audit(1773120298.732:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7309 comm="syz.2.494" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb11a1c799 code=0x0 [ 177.236204][ T7357] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 177.662117][ T7376] netlink: 40 bytes leftover after parsing attributes in process `syz.5.523'. [ 177.689148][ T38] audit: type=1326 audit(1773120299.882:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7369 comm="syz.0.521" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 182.216687][ T38] audit: type=1326 audit(1773120304.412:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7429 comm="syz.5.546" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x0 [ 185.766321][ T1366] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.766389][ T1366] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.766438][ T1366] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.766472][ T1366] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.773445][ T38] audit: type=1326 audit(1773120307.972:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7537 comm="syz.1.584" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x0 [ 186.415602][ T7556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.592'. [ 187.743614][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.608'. [ 187.812804][ T7601] netlink: 'syz.1.610': attribute type 1 has an invalid length. [ 187.984534][ T7606] netlink: 12 bytes leftover after parsing attributes in process `syz.5.611'. [ 187.988768][ T7603] gretap1: entered allmulticast mode [ 188.008217][ T7603] bond1: (slave gretap1): making interface the new active one [ 188.019638][ T7603] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 189.517362][ T7648] netlink: 7 bytes leftover after parsing attributes in process `syz.1.628'. [ 200.980079][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.980148][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.463779][ T7833] netlink: 68 bytes leftover after parsing attributes in process `syz.0.695'. [ 204.847574][ T7869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.709'. [ 204.847617][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.709'. [ 206.982662][ T7900] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 206.982681][ T7900] IPv6: NLM_F_CREATE should be set when creating new route [ 210.067353][ T7934] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 210.067369][ T7934] IPv6: NLM_F_CREATE should be set when creating new route [ 210.389573][ T7939] netlink: 12 bytes leftover after parsing attributes in process `syz.0.735'. [ 210.389943][ T7939] 8021q: VLANs not supported on nlmon0 [ 212.005141][ T7966] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 212.359449][ T7984] netlink: 'syz.1.758': attribute type 1 has an invalid length. [ 220.703284][ T8186] netlink: 4 bytes leftover after parsing attributes in process `syz.5.843'. [ 220.978487][ T8186] team0: Port device team_slave_0 removed [ 221.612112][ T8211] netlink: 24 bytes leftover after parsing attributes in process `syz.2.855'. [ 222.805919][ T8239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.863'. [ 223.015549][ T8239] team0: Port device team_slave_0 removed [ 223.682719][ T8284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.885'. [ 224.356948][ T38] audit: type=1326 audit(1773120346.562:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8298 comm="syz.3.889" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x0 [ 224.514705][ T8284] team0: Port device team_slave_0 removed [ 225.007197][ T8327] netlink: 'syz.5.901': attribute type 1 has an invalid length. [ 225.087016][ T8327] gretap1: entered allmulticast mode [ 225.103114][ T8327] bond1: (slave gretap1): making interface the new active one [ 225.107949][ T8327] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 226.442119][ T8348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.905'. [ 226.537658][ T8353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.909'. [ 226.537694][ T8353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.909'. [ 226.705038][ T8348] team0: Port device team_slave_0 removed [ 226.753481][ T8353] gretap0: entered promiscuous mode [ 226.784185][ T8353] gretap0: left promiscuous mode [ 227.736386][ T8363] gretap1: entered allmulticast mode [ 230.716671][ T8418] netlink: 28 bytes leftover after parsing attributes in process `syz.1.933'. [ 230.716706][ T8418] netlink: 28 bytes leftover after parsing attributes in process `syz.1.933'. [ 230.775508][ T8418] gretap0: entered promiscuous mode [ 230.844076][ T8418] gretap0: left promiscuous mode [ 231.623033][ T8461] netlink: 28 bytes leftover after parsing attributes in process `syz.1.953'. [ 231.623068][ T8461] netlink: 28 bytes leftover after parsing attributes in process `syz.1.953'. [ 231.681253][ T8461] gretap0: entered promiscuous mode [ 231.724374][ T8461] gretap0: left promiscuous mode [ 231.842288][ T38] audit: type=1326 audit(1773120354.042:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8469 comm="syz.0.957" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 232.468710][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.971'. [ 232.468743][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.971'. [ 232.473452][ T8499] gretap0: entered promiscuous mode [ 232.515414][ T8499] gretap0: left promiscuous mode [ 232.581598][ T38] audit: type=1326 audit(1773120354.782:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8503 comm="syz.1.972" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f903ccac799 code=0x0 [ 234.241163][ T38] audit: type=1326 audit(1773120356.442:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8543 comm="syz.0.987" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 234.458063][ T8556] netlink: 'syz.0.992': attribute type 4 has an invalid length. [ 235.674394][ T8577] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1002'. [ 235.727364][ T38] audit: type=1326 audit(1773120357.922:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8579 comm="syz.5.1003" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x0 [ 236.303831][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1015'. [ 236.303867][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1015'. [ 236.317945][ T8606] gretap0: entered promiscuous mode [ 237.302277][ T8606] gretap0: left promiscuous mode [ 237.371938][ T8613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1018'. [ 239.393680][ T38] audit: type=1326 audit(1773120361.592:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.397580][ T38] audit: type=1326 audit(1773120361.592:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.397625][ T38] audit: type=1326 audit(1773120361.592:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.397661][ T38] audit: type=1326 audit(1773120361.602:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.397696][ T38] audit: type=1326 audit(1773120361.602:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.397731][ T38] audit: type=1326 audit(1773120361.602:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.400878][ T38] audit: type=1326 audit(1773120361.602:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.403769][ T38] audit: type=1326 audit(1773120361.602:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdad489cfce code=0x7ffc0000 [ 239.414683][ T38] audit: type=1326 audit(1773120361.612:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdad489cfce code=0x7ffc0000 [ 239.414731][ T38] audit: type=1326 audit(1773120361.622:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8624 comm="syz.5.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad48dc799 code=0x7ffc0000 [ 239.618336][ T8638] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1028'. [ 239.696258][ T8642] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1029'. [ 239.962472][ T8659] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1038'. [ 240.088276][ T8667] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1042'. [ 240.275553][ T8675] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1044'. [ 240.329506][ T8677] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 240.521962][ T8689] netlink: 'syz.2.1051': attribute type 1 has an invalid length. [ 240.619020][ T8692] gretap1: entered allmulticast mode [ 241.066696][ T8713] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 241.716233][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1076'. [ 247.165502][ T8841] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1113'. [ 249.001428][ T8883] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1129'. [ 249.124076][ T5821] Bluetooth: hci4: command 0x0406 tx timeout [ 251.294716][ T8916] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1145'. [ 251.369151][ T8918] 9pnet: p9_errstr2errno: server reported unknown error [ 252.631588][ T8955] 9pnet: p9_errstr2errno: server reported unknown error [ 254.082048][ T9004] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1181'. [ 254.082084][ T9004] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1181'. [ 254.132921][ T9004] gretap0: entered promiscuous mode [ 254.257608][ T9004] gretap0: left promiscuous mode [ 257.053132][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1198'. [ 257.053166][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1198'. [ 257.069724][ T9055] gretap0: entered promiscuous mode [ 257.097149][ T9059] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1197'. [ 257.117197][ T9055] gretap0: left promiscuous mode [ 257.158497][ T9063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1197'. [ 259.326223][ T9101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1213'. [ 259.326259][ T9101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1213'. [ 259.389576][ T9101] gretap0: entered promiscuous mode [ 259.435015][ T9101] gretap0: left promiscuous mode [ 259.486840][ T9077] netlink: 'syz.3.1207': attribute type 4 has an invalid length. [ 259.537310][ T9081] netlink: 'syz.3.1207': attribute type 4 has an invalid length. [ 260.928662][ T9124] TCP: TCP_TX_DELAY enabled [ 261.059020][ T9133] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1226'. [ 262.647350][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.647418][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.834287][ T9166] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1240'. [ 264.472260][ T9202] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1254'. [ 264.683558][ T5127] Bluetooth: hci1: unexpected event for opcode 0x0000 [ 265.075356][ T9237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1265'. [ 266.069518][ T9248] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1271'. [ 266.472876][ T9263] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1278'. [ 266.472912][ T9263] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1278'. [ 266.521844][ T9263] gretap0: entered promiscuous mode [ 266.582124][ T9263] gretap0: left promiscuous mode [ 267.684158][ T9282] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1284'. [ 267.983957][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.983996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984027][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984057][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984088][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984118][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984178][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 267.984209][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 268.729662][ T5127] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 268.730000][ T5127] Bluetooth: hci1: Injecting HCI hardware error event [ 268.731891][ T5127] Bluetooth: hci1: hardware error 0x00 [ 268.879562][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1294'. [ 268.879611][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1294'. [ 269.494947][ T9304] gretap0: entered promiscuous mode [ 269.524211][ T9304] gretap0: left promiscuous mode [ 269.665010][ T9319] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1298'. [ 270.367504][ T9346] syz.1.1305 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 271.084065][ T5127] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 271.424566][ T9355] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1312'. [ 274.222870][ T9394] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1326'. [ 274.454547][ T9400] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1330'. [ 274.454582][ T9400] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1330'. [ 274.463824][ T9400] gretap0: entered promiscuous mode [ 275.294347][ T9400] gretap0: left promiscuous mode [ 275.904514][ T9426] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1340'. [ 277.418085][ T5127] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 278.404825][ T9459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1352'. [ 278.404870][ T9459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1352'. [ 278.421442][ T9459] gretap0: entered promiscuous mode [ 278.455889][ T9459] gretap0: left promiscuous mode [ 278.555446][ T9462] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1353'. [ 279.072410][ T38] kauditd_printk_skb: 14 callbacks suppressed [ 279.072427][ T38] audit: type=1326 audit(1773120401.272:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9446 comm="syz.0.1348" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 279.336452][ T9485] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1364'. [ 279.417708][ T9489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1366'. [ 279.417742][ T9489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1366'. [ 279.436201][ T9489] gretap0: entered promiscuous mode [ 279.472819][ T9489] gretap0: left promiscuous mode [ 280.385162][ T9525] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 280.385162][ T9525] program syz.2.1382 not setting count and/or reply_len properly [ 280.807701][ T38] audit: type=1326 audit(1773120403.012:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9509 comm="syz.0.1376" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x0 [ 287.085550][ T9603] syz.0.1410 uses obsolete (PF_INET,SOCK_PACKET) [ 290.347511][ T9688] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 290.447657][ T9692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1445'. [ 290.587066][ T9696] bridge1: entered promiscuous mode [ 290.587310][ T9696] macsec1: entered promiscuous mode [ 291.665650][ T9711] syz.5.1450 (9711) used greatest stack depth: 17680 bytes left [ 296.287130][ T9787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1479'. [ 296.316743][ T9787] hsr_slave_0: left promiscuous mode [ 296.364185][ T9787] hsr_slave_1: left promiscuous mode [ 304.430392][ T9896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1517'. [ 304.590343][ T9896] hsr_slave_0: left promiscuous mode [ 304.614135][ T9896] hsr_slave_1: left promiscuous mode [ 307.440767][ T9950] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1537'. [ 308.371473][ T5821] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 308.378590][ T5821] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 308.385795][ T5821] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 308.386906][ T5821] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 308.387910][ T5821] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 308.588862][ T3679] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 308.588896][ T3679] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.453257][ T9980] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1550'. [ 309.497158][ T9999] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1557'. [ 309.497195][ T9999] netlink: 'syz.5.1557': attribute type 7 has an invalid length. [ 309.497207][ T9999] netlink: 'syz.5.1557': attribute type 8 has an invalid length. [ 309.497218][ T9999] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1557'. [ 309.599818][ T38] audit: type=1326 audit(1773120431.802:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.616692][ T38] audit: type=1326 audit(1773120431.822:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.616737][ T38] audit: type=1326 audit(1773120431.822:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.616773][ T38] audit: type=1326 audit(1773120431.822:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628410][ T38] audit: type=1326 audit(1773120431.822:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628455][ T38] audit: type=1326 audit(1773120431.832:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628490][ T38] audit: type=1326 audit(1773120431.832:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628525][ T38] audit: type=1326 audit(1773120431.832:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628559][ T38] audit: type=1326 audit(1773120431.832:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 309.628594][ T38] audit: type=1326 audit(1773120431.832:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10000 comm="syz.0.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 310.029083][ T3679] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 310.029117][ T3679] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.176236][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1569'. [ 310.395330][ T3679] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 310.395352][ T3679] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.486058][ T5127] Bluetooth: hci3: command tx timeout [ 310.706883][ T3679] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 310.706912][ T3679] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.138913][ T9981] chnl_net:caif_netlink_parms(): no params data found [ 312.564313][ T5127] Bluetooth: hci3: command tx timeout [ 312.787220][ T3679] bridge_slave_1: left allmulticast mode [ 312.787244][ T3679] bridge_slave_1: left promiscuous mode [ 312.787435][ T3679] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.865474][ T3679] bridge_slave_0: left allmulticast mode [ 312.865501][ T3679] bridge_slave_0: left promiscuous mode [ 312.865767][ T3679] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.632395][ T38] audit: type=1326 audit(1773120436.832:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 314.644043][ T5127] Bluetooth: hci3: command tx timeout [ 314.666402][ T38] audit: type=1326 audit(1773120436.832:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 314.668744][ T38] audit: type=1326 audit(1773120436.872:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 314.669822][ T38] audit: type=1326 audit(1773120436.872:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 314.670070][ T38] audit: type=1326 audit(1773120436.872:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 314.670294][ T38] audit: type=1326 audit(1773120436.872:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10149 comm="syz.3.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e307c799 code=0x7ffc0000 [ 316.164991][ T3679] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 316.213448][ T38] audit: type=1326 audit(1773120438.412:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10177 comm="syz.0.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 316.240461][ T38] audit: type=1326 audit(1773120438.412:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10177 comm="syz.0.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 316.245844][ T38] audit: type=1326 audit(1773120438.452:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10177 comm="syz.0.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 316.245959][ T38] audit: type=1326 audit(1773120438.452:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10177 comm="syz.0.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 316.345032][ T3679] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 316.387440][ T3679] bond0 (unregistering): Released all slaves [ 316.392869][ T3679] bond1 (unregistering): Released all slaves [ 316.532678][ T9981] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.532803][ T9981] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.533042][ T9981] bridge_slave_0: entered allmulticast mode [ 316.536374][ T9981] bridge_slave_0: entered promiscuous mode [ 316.552602][ T9981] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.552715][ T9981] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.552933][ T9981] bridge_slave_1: entered allmulticast mode [ 316.560696][ T9981] bridge_slave_1: entered promiscuous mode [ 316.613139][T10188] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1635'. [ 316.632243][T10188] gretap1: entered allmulticast mode [ 316.753580][ T5127] Bluetooth: hci3: command tx timeout [ 317.687505][ T9981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.819215][ T9981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 319.517977][ T9981] team0: Port device team_slave_0 added [ 319.535527][ T9981] team0: Port device team_slave_1 added [ 320.052488][ T9981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 320.052504][ T9981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 320.052526][ T9981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 320.120323][ T9981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 320.120339][ T9981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 320.120362][ T9981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 320.441086][T10251] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1651'. [ 321.264198][T10253] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1652'. [ 322.344264][ T3679] hsr_slave_0: left promiscuous mode [ 322.484180][ T3679] hsr_slave_1: left promiscuous mode [ 322.485112][ T3679] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 322.485144][ T3679] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 322.655017][ T3679] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 322.655043][ T3679] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 323.541871][ T3679] veth1_macvtap: left promiscuous mode [ 323.541978][ T3679] veth0_macvtap: left promiscuous mode [ 323.542225][ T3679] veth1_vlan: left promiscuous mode [ 323.542390][ T3679] veth0_vlan: left promiscuous mode [ 323.848173][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.848249][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.490044][ T3679] team0 (unregistering): Port device team_slave_1 removed [ 325.070367][ T9981] hsr_slave_0: entered promiscuous mode [ 325.085905][ T9981] hsr_slave_1: entered promiscuous mode [ 328.185588][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1677'. [ 328.646289][T10355] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1680'. [ 329.993546][T10369] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1686'. [ 330.163429][T10377] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1689'. [ 330.721042][ T9981] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 331.474056][ T9981] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 331.571006][ T9981] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 331.654549][ T9981] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 331.771703][T10410] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1698'. [ 332.377523][T10427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1701'. [ 332.510450][ T9981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.533801][T10430] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1702'. [ 332.593289][ T9981] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.667142][ T3679] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.676177][ T3679] bridge0: port 1(bridge_slave_0) entered forwarding state [ 332.695581][ T3633] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.695817][ T3633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.350185][ T9981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 334.559271][T10475] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1715'. [ 334.602990][ T9981] veth0_vlan: entered promiscuous mode [ 334.671446][ T9981] veth1_vlan: entered promiscuous mode [ 334.686970][T10479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'. [ 334.885853][ T9981] veth0_macvtap: entered promiscuous mode [ 334.903644][ T9981] veth1_macvtap: entered promiscuous mode [ 334.985440][ T9981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 335.002018][ T9981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 335.034441][ T3679] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.036787][ T3679] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.038068][ T3679] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.040315][ T3679] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.454779][T10511] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1726'. [ 335.495650][ T3679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.495668][ T3679] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.644895][ T3679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.644915][ T3679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 339.394302][T10607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1758'. [ 339.511101][T10611] gretap1: entered allmulticast mode [ 340.171362][T10613] netlink: 'syz.0.1760': attribute type 5 has an invalid length. [ 343.268665][T10668] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1777'. [ 343.368571][T10673] gretap1: entered allmulticast mode [ 348.954804][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1803'. [ 349.018710][T10742] hsr_slave_0: left promiscuous mode [ 349.066758][T10742] hsr_slave_1: left promiscuous mode [ 351.798724][T10777] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1813'. [ 352.036902][T10777] team0: Port device team_slave_0 removed [ 352.321980][T10792] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1823'. [ 354.363084][T10821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1835'. [ 354.916606][T10841] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1846'. [ 357.015184][T10890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1865'. [ 358.501743][T10919] netlink: 'syz.3.1878': attribute type 1 has an invalid length. [ 358.603387][T10923] gretap1: entered allmulticast mode [ 358.622097][T10923] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 358.829142][T10931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1882'. [ 359.656203][T10954] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1888'. [ 360.510859][T10958] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1893'. [ 360.654799][T10969] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1895'. [ 360.673030][T10969] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1895'. [ 360.673373][T10969] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1895'. [ 361.168700][ T38] kauditd_printk_skb: 11 callbacks suppressed [ 361.168717][ T38] audit: type=1326 audit(1773120483.372:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.171455][ T38] audit: type=1326 audit(1773120483.372:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.217796][ T38] audit: type=1326 audit(1773120483.422:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.224494][ T38] audit: type=1326 audit(1773120483.432:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.224544][ T38] audit: type=1326 audit(1773120483.432:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.396240][ T38] audit: type=1326 audit(1773120483.602:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.396293][ T38] audit: type=1326 audit(1773120483.602:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.396330][ T38] audit: type=1326 audit(1773120483.602:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.398993][ T38] audit: type=1326 audit(1773120483.602:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 361.399256][ T38] audit: type=1326 audit(1773120483.602:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10986 comm="syz.0.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03273c799 code=0x7ffc0000 [ 362.419050][T11001] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1906'. [ 362.652146][T11018] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1913'. [ 362.653137][T11018] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1913'. [ 362.653465][T11018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1913'. [ 366.661027][T11052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1925'. [ 368.527927][T11086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1939'. [ 368.597523][ T5127] Bluetooth: hci2: unexpected event for opcode 0x200d [ 372.021081][T11187] warning: `syz.0.1982' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 372.058279][T11187] netlink: 'syz.0.1982': attribute type 10 has an invalid length. [ 372.350357][T11198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1985'. [ 373.129433][T11187] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 373.415619][T11198] hsr_slave_0: left promiscuous mode [ 374.235259][T11198] hsr_slave_1: left promiscuous mode [ 374.409440][ T5127] Bluetooth: hci2: unexpected event for opcode 0x200d [ 374.992316][T11254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2006'. [ 374.992343][T11254] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2006'. [ 375.020162][T11254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2006'. [ 375.020190][T11254] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2006'. [ 375.078940][T11254] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2006'. [ 376.864900][T11287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2017'. [ 380.194015][T11340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2035'. [ 381.563852][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2046'. [ 382.866856][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2053'. [ 383.223362][T11395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2057'. [ 385.290802][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 385.290872][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 386.236854][T11436] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2068'. [ 387.043398][T11454] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2076'. [ 388.434509][T11484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2086'. [ 388.849460][T11499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2092'. [ 389.548806][T11524] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2103'. [ 391.135111][T11557] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2116'. [ 391.166370][T11557] gretap1: entered allmulticast mode [ 391.289770][T11565] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2118'. [ 391.486707][T11575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2120'. [ 391.886816][T11595] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2129'. [ 392.073131][T11605] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2133'. [ 392.143426][T11605] gretap1: entered allmulticast mode [ 393.441428][T11617] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2137'. [ 393.533592][T11627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2135'. [ 393.706495][T11634] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2144'. [ 394.089496][T11645] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2148'. [ 394.114907][T11645] gretap1: entered allmulticast mode [ 394.432355][T11652] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2151'. [ 394.779421][T11666] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2155'. [ 397.964966][T11710] __nla_validate_parse: 3 callbacks suppressed [ 397.965018][T11710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2169'. [ 398.175281][T11717] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2173'. [ 399.573592][T11734] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2177'. [ 402.860833][T11755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2184'. [ 402.938352][T11759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2186'. [ 404.340523][T11780] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2191'. [ 406.137192][T11821] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2208'. [ 409.355092][T11867] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2224'. [ 411.781802][T11918] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2245'. [ 413.832998][T11939] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2253'. [ 415.435768][T11973] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 415.525736][T11980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2270'. [ 415.598464][T11976] sch_tbf: burst 6281 is lower than device lo mtu (65550) ! [ 415.703498][T11987] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2274'. [ 416.643170][T12015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2286'. [ 416.878996][T12023] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 416.880155][T12023] sch_tbf: burst 6281 is lower than device lo mtu (11337746) ! [ 417.957811][T12044] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2298'. [ 418.602059][T12060] netlink: 'syz.2.2304': attribute type 10 has an invalid length. [ 418.952375][T12060] team0: Port device geneve1 added [ 419.376971][T12087] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2314'. [ 420.360983][T12105] ptrace attach of "./syz-executor exec"[6219] was attempted by ""[12105] [ 421.464594][T12130] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2328'. [ 422.198101][T12158] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2340'. [ 431.465085][T12276] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2383'. [ 431.465114][T12276] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2383'. [ 433.461802][T12273] Bluetooth: hci3: command 0x0406 tx timeout [ 446.733304][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.733344][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.896928][T12547] netlink: 'syz.0.2494': attribute type 1 has an invalid length. [ 446.950600][T12547] gretap1: entered allmulticast mode [ 446.959998][T12547] bond1: (slave gretap1): making interface the new active one [ 446.960803][T12547] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 448.490513][T12589] netlink: 'syz.2.2510': attribute type 1 has an invalid length. [ 448.759693][T12597] gretap1: entered allmulticast mode [ 448.770519][T12597] bond1: (slave gretap1): making interface the new active one [ 448.775143][T12597] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 452.998487][T12643] netlink: 'syz.3.2528': attribute type 1 has an invalid length. [ 454.347473][T12662] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 454.348556][T12662] sch_tbf: burst 6281 is lower than device lo mtu (65550) ! [ 454.756121][T12663] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2534'. [ 458.269946][T12704] syz.3.2547 (12704) used greatest stack depth: 16560 bytes left [ 458.291775][T12706] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2549'. [ 460.112660][T12723] No control pipe specified [ 461.790654][T12744] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2563'. [ 467.983354][T12811] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 468.057778][ T5127] Bluetooth: hci2: unexpected event for opcode 0x2042 [ 475.321289][ T38] kauditd_printk_skb: 1 callbacks suppressed [ 475.321303][ T38] audit: type=1107 audit(1773120597.522:153): pid=12931 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 475.394524][T12934] capability: warning: `syz.5.2630' uses deprecated v2 capabilities in a way that may be insecure [ 484.433154][T13064] fuse: Bad value for 'group_id' [ 484.433173][T13064] fuse: Bad value for 'group_id' [ 489.409437][T13148] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2704'. [ 489.410435][T13148] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2704'. [ 489.410759][T13148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2704'. [ 494.336904][ T9] IPVS: starting estimator thread 0... [ 494.424096][T13240] IPVS: using max 8 ests per chain, 19200 per kthread [ 495.618621][T13258] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2745'. [ 498.708935][T12273] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 498.723186][T12273] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 498.731334][T12273] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 498.735897][T12273] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 498.739548][T12273] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 500.663054][T13334] chnl_net:caif_netlink_parms(): no params data found [ 500.804193][ T5127] Bluetooth: hci5: command tx timeout [ 502.168297][T13390] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 502.289639][T13396] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2792'. [ 503.324005][ T5127] Bluetooth: hci5: command tx timeout [ 503.764323][T13334] bridge0: port 1(bridge_slave_0) entered blocking state [ 503.764518][T13334] bridge0: port 1(bridge_slave_0) entered disabled state [ 503.764827][T13334] bridge_slave_0: entered allmulticast mode [ 503.767576][T13334] bridge_slave_0: entered promiscuous mode [ 503.801012][T13334] bridge0: port 2(bridge_slave_1) entered blocking state [ 503.801150][T13334] bridge0: port 2(bridge_slave_1) entered disabled state [ 503.801378][T13334] bridge_slave_1: entered allmulticast mode [ 503.823239][T13334] bridge_slave_1: entered promiscuous mode [ 503.913560][T13425] netlink: 'syz.0.2802': attribute type 72 has an invalid length. [ 503.913579][T13425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2802'. [ 504.570375][T13428] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 504.914486][T13334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 504.940098][T13334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 505.015104][T13334] team0: Port device team_slave_0 added [ 505.018533][T13334] team0: Port device team_slave_1 added [ 505.366018][ T5127] Bluetooth: hci5: command tx timeout [ 506.381403][T13460] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 507.445098][ T5127] Bluetooth: hci5: command tx timeout [ 507.515141][T13463] overlayfs: failed to resolve './bus': -2 [ 507.790041][T13334] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 507.790057][T13334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 507.790080][T13334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 508.694697][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 508.694765][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.734217][T13334] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 508.734229][T13334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 508.734242][T13334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 508.775205][T13475] netlink: 'syz.3.2815': attribute type 72 has an invalid length. [ 508.775225][T13475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2815'. [ 510.102352][T13334] hsr_slave_0: entered promiscuous mode [ 510.106629][T13334] hsr_slave_1: entered promiscuous mode [ 510.123079][T13497] fuse: Unknown parameter 'group_i00000000000000000000' [ 510.439456][T13508] netlink: 'syz.3.2830': attribute type 72 has an invalid length. [ 510.439476][T13508] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2830'. [ 514.680168][T13533] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 514.680252][T13533] overlayfs: missing 'lowerdir' [ 516.053330][T13550] fuse: Unknown parameter 'group_i00000000000000000000' [ 516.074266][ T3633] bridge_slave_1: left allmulticast mode [ 516.074294][ T3633] bridge_slave_1: left promiscuous mode [ 516.074534][ T3633] bridge0: port 2(bridge_slave_1) entered disabled state [ 516.094970][T13551] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2841'. [ 516.247100][ T3633] bridge_slave_0: left allmulticast mode [ 516.247128][ T3633] bridge_slave_0: left promiscuous mode [ 516.247377][ T3633] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.254222][ T3633] bond1 (unregistering): (slave gretap1): Releasing active interface [ 520.484809][ T3633] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 520.600130][T13592] fuse: Unknown parameter 'group_i00000000000000000000' [ 520.612076][ T3633] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 520.628612][T13593] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2854'. [ 520.645342][ T3633] bond0 (unregistering): Released all slaves [ 520.662414][ T3633] bond1 (unregistering): Released all slaves [ 520.695248][ T3633] bond2 (unregistering): Released all slaves [ 521.505231][T13596] overlayfs: failed to resolve './file0': -2 [ 523.309350][T13638] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2868'. [ 524.878587][T13674] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2878'. [ 525.124715][T13688] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2883'. [ 525.534537][ T3633] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 526.186160][ T3633] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 526.715558][T13731] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2897'. [ 527.031875][T13733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2898'. [ 527.043521][ T3633] team0 (unregistering): Port device team_slave_1 removed [ 527.094589][ T3633] team0 (unregistering): Port device team_slave_0 removed [ 527.370767][T13720] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2891'. [ 527.372622][T13733] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 527.431359][T13733] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 527.777415][ T5127] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 528.847210][T13334] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 528.929798][T13334] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 528.969737][T13334] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 529.221359][T13334] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 530.244214][T13776] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2910'. [ 530.299528][T13334] 8021q: adding VLAN 0 to HW filter on device bond0 [ 530.327874][T13334] 8021q: adding VLAN 0 to HW filter on device team0 [ 530.345203][ T3679] bridge0: port 1(bridge_slave_0) entered blocking state [ 530.345399][ T3679] bridge0: port 1(bridge_slave_0) entered forwarding state [ 530.405879][ T3739] bridge0: port 2(bridge_slave_1) entered blocking state [ 530.406001][ T3739] bridge0: port 2(bridge_slave_1) entered forwarding state [ 531.178070][T13334] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 531.290897][T13334] veth0_vlan: entered promiscuous mode [ 531.309733][T13334] veth1_vlan: entered promiscuous mode [ 531.352121][T13334] veth0_macvtap: entered promiscuous mode [ 531.363380][T13334] veth1_macvtap: entered promiscuous mode [ 531.398434][T13334] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 531.414514][T13334] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 531.443648][ T4439] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 531.443871][ T4439] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 531.463358][ T4439] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 531.472962][ T4439] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 533.304384][ T4439] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 533.304403][ T4439] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 533.318406][T13819] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2924'. [ 533.429730][ T3679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 533.429750][ T3679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 535.298223][T13848] overlayfs: failed to resolve './bus': -2 [ 535.432945][T12273] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 535.448556][T12273] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 535.462447][T12273] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 535.463538][T12273] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 535.490683][T12273] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 537.326839][T13844] chnl_net:caif_netlink_parms(): no params data found [ 537.621144][ T5127] Bluetooth: hci0: command tx timeout [ 538.723455][T13889] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2949'. [ 540.310373][T12273] Bluetooth: hci0: command tx timeout [ 540.384561][T13844] bridge0: port 1(bridge_slave_0) entered blocking state [ 540.385720][T13844] bridge0: port 1(bridge_slave_0) entered disabled state [ 540.385949][T13844] bridge_slave_0: entered allmulticast mode [ 540.545465][T13844] bridge_slave_0: entered promiscuous mode [ 541.139194][T13926] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2965'. [ 541.139393][T13844] bridge0: port 2(bridge_slave_1) entered blocking state [ 541.139495][T13844] bridge0: port 2(bridge_slave_1) entered disabled state [ 541.139693][T13844] bridge_slave_1: entered allmulticast mode [ 541.142292][T13844] bridge_slave_1: entered promiscuous mode [ 541.401954][ T177] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 541.401987][ T177] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 541.530853][T13844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 541.545853][T13844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 541.870716][ T177] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 541.870750][ T177] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 541.943182][T13844] team0: Port device team_slave_0 added [ 541.958958][T13844] team0: Port device team_slave_1 added [ 542.323001][ T177] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 542.323034][ T177] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 542.358212][ T5127] Bluetooth: hci0: command tx timeout [ 542.518699][T13844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 542.518715][T13844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 542.518737][T13844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 544.229259][T13958] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2976'. [ 544.230408][T13844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 544.230422][T13844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 544.230445][T13844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 544.298671][T13962] veth1_to_bond: entered promiscuous mode [ 544.298769][T13962] macsec1: entered promiscuous mode [ 544.409299][ T5127] Bluetooth: hci0: command tx timeout [ 544.649918][ T177] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 544.650790][ T177] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 544.974166][T13844] hsr_slave_0: entered promiscuous mode [ 544.975923][T13844] hsr_slave_1: entered promiscuous mode [ 544.976921][T13844] debugfs: 'hsr0' already exists in 'hsr' [ 544.976943][T13844] Cannot create hsr debugfs directory [ 545.956581][T14000] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2992'. [ 547.704623][ T177] bridge_slave_1: left allmulticast mode [ 547.704650][ T177] bridge_slave_1: left promiscuous mode [ 547.705063][ T177] bridge0: port 2(bridge_slave_1) entered disabled state [ 547.795530][ T177] bridge_slave_0: left allmulticast mode [ 547.795556][ T177] bridge_slave_0: left promiscuous mode [ 547.795796][ T177] bridge0: port 1(bridge_slave_0) entered disabled state [ 547.825601][T14029] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3000'. [ 547.871027][T14031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3003'. [ 551.847311][ T177] bond2 (unregistering): (slave gretap1): Releasing backup interface [ 552.146542][ T177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 552.181583][T14069] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3015'. [ 552.224599][ T177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 552.247323][ T177] bond0 (unregistering): Released all slaves [ 552.252770][ T177] bond1 (unregistering): Released all slaves [ 552.269542][ T177] bond2 (unregistering): Released all slaves [ 552.331719][T14048] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3008'. [ 553.928141][T14100] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3026'. [ 554.261228][T14102] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3027'. [ 554.625464][T14127] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3032'. [ 556.220555][T14150] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3042'. [ 556.907952][T14165] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3045'. [ 557.292366][ T811] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 557.816035][ T811] usb 2-1: Using ep0 maxpacket: 32 [ 558.391632][T14186] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3055'. [ 558.427254][ T811] usb 2-1: unable to get BOS descriptor or descriptor too short [ 558.436115][ T811] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 113, changing to 7 [ 558.441916][ T811] usb 2-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 558.441940][ T811] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.441955][ T811] usb 2-1: Product: syz [ 558.441966][ T811] usb 2-1: Manufacturer: syz [ 558.441977][ T811] usb 2-1: SerialNumber: syz [ 558.541921][ T177] hsr_slave_0: left promiscuous mode [ 558.556162][ T177] hsr_slave_1: left promiscuous mode [ 558.559894][ T177] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 558.559920][ T177] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 558.601112][ T177] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 558.601132][ T177] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 558.773311][ T811] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 558.916364][ T177] macsec0: left allmulticast mode [ 558.916384][ T177] veth1_macvtap: left allmulticast mode [ 558.917301][ T177] veth1_macvtap: left promiscuous mode [ 558.917395][ T177] veth0_macvtap: left promiscuous mode [ 558.917654][ T177] veth1_vlan: left promiscuous mode [ 558.917822][ T177] veth0_vlan: left promiscuous mode [ 559.144397][ T811] usb 2-1: USB disconnect, device number 2 [ 562.749921][ T177] team0 (unregistering): Port device team_slave_1 removed [ 564.224130][T14209] netlink: 'syz.1.3061': attribute type 29 has an invalid length. [ 564.583597][T14225] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3064'. [ 565.356504][T13844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 565.722079][T13844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 565.763839][T14236] sg_write: data in/out 426460/128 bytes for SCSI command 0x0-- guessing data in; [ 565.763839][T14236] program syz.2.3068 not setting count and/or reply_len properly [ 566.186587][T13844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 566.369279][T13844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 566.804313][T14254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3073'. [ 566.966168][T14267] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3076'. [ 568.634940][T14289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3079'. [ 569.622371][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 569.622439][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.109850][T13844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 572.193154][T13844] 8021q: adding VLAN 0 to HW filter on device team0 [ 572.242240][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state [ 572.242475][ T1366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 572.278543][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state [ 572.278835][ T1366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 573.442420][T14321] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3089'. [ 573.891952][T14330] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3093'. [ 573.933546][T13844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 574.399753][T13844] veth0_vlan: entered promiscuous mode [ 575.452884][T13844] veth1_vlan: entered promiscuous mode [ 575.593043][T13844] veth0_macvtap: entered promiscuous mode [ 575.623841][T13844] veth1_macvtap: entered promiscuous mode [ 575.734849][T13844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 575.776543][T13844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 576.318058][ T1115] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.321856][ T1115] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.322034][ T1115] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.322067][ T1115] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.955103][T14356] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3103'. [ 579.138668][ T5127] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 579.707057][ T3580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 579.707100][ T3580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 581.857232][ T4439] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 581.857254][ T4439] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 582.025089][T14404] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3122'. [ 582.025110][T14404] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3122'. [ 583.230344][ T5814] libceph: connect (1)[c::]:6789 error -22 [ 583.230978][ T5814] libceph: mon0 (1)[c::]:6789 connect error [ 583.587800][ T5913] libceph: connect (1)[c::]:6789 error -22 [ 583.588006][ T5913] libceph: mon0 (1)[c::]:6789 connect error [ 583.792823][ T5127] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 583.878753][T14415] ceph: No mds server is up or the cluster is laggy [ 584.136006][ T5814] libceph: connect (1)[c::]:6789 error -22 [ 584.136209][ T5814] libceph: mon0 (1)[c::]:6789 connect error [ 588.153543][T12273] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 588.196235][T12273] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 588.202062][T12273] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 588.205733][T12273] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 588.797135][T12273] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 590.525557][T14474] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 590.964130][ T5127] Bluetooth: hci1: command tx timeout [ 591.219185][ C1] llc_process_tmr_ev: timer called on closed connection [ 593.044315][ T5127] Bluetooth: hci1: command tx timeout [ 595.448695][ T5127] Bluetooth: hci1: command tx timeout [ 597.524396][T12273] Bluetooth: hci1: command tx timeout [ 597.995131][T14502] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3150'. [ 598.099709][T14503] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3149'. [ 601.522381][T14450] chnl_net:caif_netlink_parms(): no params data found [ 606.232530][T14450] bridge0: port 1(bridge_slave_0) entered blocking state [ 606.232649][T14450] bridge0: port 1(bridge_slave_0) entered disabled state [ 606.232901][T14450] bridge_slave_0: entered allmulticast mode [ 606.262213][T14450] bridge_slave_0: entered promiscuous mode [ 606.514258][T14450] bridge0: port 2(bridge_slave_1) entered blocking state [ 606.514385][T14450] bridge0: port 2(bridge_slave_1) entered disabled state [ 606.514615][T14450] bridge_slave_1: entered allmulticast mode [ 606.582093][T14450] bridge_slave_1: entered promiscuous mode [ 607.040463][ T5127] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 607.065130][ T5127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 607.072028][ T5127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 607.104500][ T5127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 607.122167][ T5127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 607.627200][T14450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 607.764492][T14450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 608.830552][T14450] team0: Port device team_slave_0 added [ 609.058782][T14450] team0: Port device team_slave_1 added [ 609.364141][ T5127] Bluetooth: hci2: command tx timeout [ 611.444022][ T5127] Bluetooth: hci2: command tx timeout [ 612.696996][T14450] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 612.697012][T14450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 612.697033][T14450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 614.228844][ T5127] Bluetooth: hci2: command tx timeout [ 614.259908][T14450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 614.259926][T14450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 614.259950][T14450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 615.751193][T14450] hsr_slave_0: entered promiscuous mode [ 615.760904][T14450] hsr_slave_1: entered promiscuous mode [ 615.761816][T14450] debugfs: 'hsr0' already exists in 'hsr' [ 615.761839][T14450] Cannot create hsr debugfs directory [ 615.768570][T14603] sg_write: data in/out 434652/160 bytes for SCSI command 0x0-- guessing data in; [ 615.768570][T14603] program syz.2.3182 not setting count and/or reply_len properly [ 616.267399][ T5127] Bluetooth: hci2: command tx timeout [ 617.562284][ T5872] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 618.024056][ T5872] usb 4-1: Using ep0 maxpacket: 32 [ 618.042990][ T5872] usb 4-1: unable to get BOS descriptor or descriptor too short [ 618.052714][ T5872] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 113, changing to 7 [ 618.095952][ T5872] usb 4-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 618.095979][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.095997][ T5872] usb 4-1: Product: syz [ 618.096009][ T5872] usb 4-1: Manufacturer: syz [ 618.096022][ T5872] usb 4-1: SerialNumber: syz [ 619.318862][ T5872] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 619.331474][ T5872] usb 4-1: unit 2 not found! [ 621.123181][ T5872] usb 4-1: USB disconnect, device number 2 [ 622.169340][T14611] udevd[14611]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 623.685856][T14651] fuse: Unknown parameter 'user_id00000000000000000000' [ 624.679451][T14546] chnl_net:caif_netlink_parms(): no params data found [ 625.306106][T14655] faux_driver vkms: [drm] Unknown color mode 11; guessing buffer size. [ 631.106571][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 631.106638][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 637.749019][T14450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.749053][T14450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.789813][T14546] bridge0: port 1(bridge_slave_0) entered blocking state [ 638.855071][T14546] bridge0: port 1(bridge_slave_0) entered disabled state [ 638.855651][T14546] bridge_slave_0: entered allmulticast mode [ 638.858145][T14546] bridge_slave_0: entered promiscuous mode [ 638.866723][T14546] bridge0: port 2(bridge_slave_1) entered blocking state [ 638.882981][T14546] bridge0: port 2(bridge_slave_1) entered disabled state [ 638.883238][T14546] bridge_slave_1: entered allmulticast mode [ 638.887026][T14546] bridge_slave_1: entered promiscuous mode [ 639.546687][T14546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 639.759860][T14546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 641.799972][T14546] team0: Port device team_slave_0 added [ 641.803166][T14546] team0: Port device team_slave_1 added [ 642.297450][T14546] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 642.297470][T14546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 642.297492][T14546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 642.345661][T14546] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 642.345679][T14546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 642.345701][T14546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 644.206743][T14546] hsr_slave_0: entered promiscuous mode [ 644.220245][T14546] hsr_slave_1: entered promiscuous mode [ 644.221201][T14546] debugfs: 'hsr0' already exists in 'hsr' [ 644.221225][T14546] Cannot create hsr debugfs directory [ 649.551049][T12273] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 649.564703][T12273] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 649.566970][T12273] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 649.569756][T12273] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 649.570664][T12273] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 651.684141][ T5127] Bluetooth: hci5: command tx timeout [ 653.764080][ T5127] Bluetooth: hci5: command tx timeout [ 655.777918][ T38] audit: type=1326 audit(1773121033.986:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14760 comm="syz.5.3226" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdad48dc799 code=0x0 [ 655.844076][ T5127] Bluetooth: hci5: command tx timeout [ 657.891781][T14729] chnl_net:caif_netlink_parms(): no params data found [ 657.996263][ T5127] Bluetooth: hci5: command tx timeout [ 658.544051][ T5913] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 658.964056][ T5127] Bluetooth: hci0: command 0x0406 tx timeout [ 659.093970][ T5913] usb 4-1: Using ep0 maxpacket: 32 [ 659.097367][ T5913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 659.097396][ T5913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 659.097430][ T5913] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 659.097450][ T5913] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.103048][ T5913] usb 4-1: config 0 descriptor?? [ 659.478000][ T5913] hub 4-1:0.0: USB hub found [ 659.680807][ T5913] hub 4-1:0.0: 1 port detected [ 659.935728][T14729] bridge0: port 1(bridge_slave_0) entered blocking state [ 659.935926][T14729] bridge0: port 1(bridge_slave_0) entered disabled state [ 659.936148][T14729] bridge_slave_0: entered allmulticast mode [ 659.938990][T14729] bridge_slave_0: entered promiscuous mode [ 659.942751][T14729] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.942942][T14729] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.943125][T14729] bridge_slave_1: entered allmulticast mode [ 659.993732][T14729] bridge_slave_1: entered promiscuous mode [ 660.067698][T14729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 660.072826][T14729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.171532][T14729] team0: Port device team_slave_0 added [ 660.181684][T14729] team0: Port device team_slave_1 added [ 660.963620][ T5913] hub 4-1:0.0: activate --> -90 [ 661.612338][ T5913] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 661.612364][ T5913] usb 4-1-port1: config error [ 661.613236][ T5913] usb 4-1-port1: cannot disable (err = -71) [ 661.642280][ T10] usb 4-1: USB disconnect, device number 3 [ 661.642783][T14532] usb 4-1: Failed to suspend device, error -19 [ 662.457441][T14729] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 662.457458][T14729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 662.457481][T14729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 662.459849][T14729] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 662.459862][T14729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 662.459884][T14729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 663.432859][T14729] hsr_slave_0: entered promiscuous mode [ 663.994209][T14729] hsr_slave_1: entered promiscuous mode [ 663.995155][T14729] debugfs: 'hsr0' already exists in 'hsr' [ 663.995178][T14729] Cannot create hsr debugfs directory [ 664.904665][T14790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3234'. [ 668.453767][ T5127] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 668.486797][ T5127] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 668.505800][ T5127] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 668.554400][ T5127] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 668.555190][ T5127] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 670.651066][T12273] Bluetooth: hci6: command tx timeout [ 671.022151][T14805] chnl_net:caif_netlink_parms(): no params data found [ 672.858017][T12273] Bluetooth: hci6: command tx timeout [ 673.191066][ T5127] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 673.198073][T14828] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3245'. [ 673.231916][ T5127] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 673.234091][ T5127] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 673.264279][ T5127] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 673.276137][ T5127] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 674.804330][T14805] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.861446][T14805] bridge0: port 1(bridge_slave_0) entered disabled state [ 674.884032][ T5127] Bluetooth: hci6: command tx timeout [ 674.884381][T14805] bridge_slave_0: entered allmulticast mode [ 674.892634][T14805] bridge_slave_0: entered promiscuous mode [ 675.344286][T14805] bridge0: port 2(bridge_slave_1) entered blocking state [ 675.344418][T14805] bridge0: port 2(bridge_slave_1) entered disabled state [ 675.344773][T14805] bridge_slave_1: entered allmulticast mode [ 675.347369][T14805] bridge_slave_1: entered promiscuous mode [ 675.604238][ T5127] Bluetooth: hci7: command tx timeout [ 676.500884][T14805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 676.644699][T14805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 676.964031][ T5127] Bluetooth: hci6: command tx timeout [ 677.684020][ T5127] Bluetooth: hci7: command tx timeout [ 678.477025][T14805] team0: Port device team_slave_0 added [ 678.516772][T14805] team0: Port device team_slave_1 added [ 678.829635][T14843] sctp: [Deprecated]: syz.5.3248 (pid 14843) Use of int in max_burst socket option. [ 678.829635][T14843] Use struct sctp_assoc_value instead [ 679.764029][ T5127] Bluetooth: hci7: command tx timeout [ 680.799502][T14805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 680.799518][T14805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 680.799542][T14805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 680.832969][T14805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 680.832985][T14805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 680.833010][T14805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 681.446363][T14805] hsr_slave_0: entered promiscuous mode [ 681.448004][T14805] hsr_slave_1: entered promiscuous mode [ 681.449178][T14805] debugfs: 'hsr0' already exists in 'hsr' [ 681.449201][T14805] Cannot create hsr debugfs directory [ 681.950606][ T5127] Bluetooth: hci7: command tx timeout [ 685.636096][T14824] chnl_net:caif_netlink_parms(): no params data found [ 686.085227][T12273] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 686.106247][T12273] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 686.107770][T12273] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 686.109123][T12273] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 686.109853][T12273] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 687.054898][T14868] capability: warning: `syz.5.3256' uses 32-bit capabilities (legacy support in use) [ 688.406012][ T5127] Bluetooth: hci8: command tx timeout [ 689.449743][T14824] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.449852][T14824] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.450063][T14824] bridge_slave_0: entered allmulticast mode [ 689.452604][T14824] bridge_slave_0: entered promiscuous mode [ 689.996157][T14824] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.996338][T14824] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.996573][T14824] bridge_slave_1: entered allmulticast mode [ 689.999078][T14824] bridge_slave_1: entered promiscuous mode [ 690.484165][ T5127] Bluetooth: hci8: command tx timeout [ 690.540949][T14824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 690.613731][T14824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 692.564545][ T5127] Bluetooth: hci8: command tx timeout [ 692.718620][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 692.732909][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 694.432993][T14824] team0: Port device team_slave_0 added [ 694.644553][ T5127] Bluetooth: hci8: command tx timeout [ 694.876536][T14824] team0: Port device team_slave_1 added [ 695.496057][T14824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 695.496075][T14824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 695.496101][T14824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 695.588451][T14824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 695.588470][T14824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 695.588495][T14824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 697.412744][T14824] hsr_slave_0: entered promiscuous mode [ 697.424292][T14824] hsr_slave_1: entered promiscuous mode [ 697.431561][T14824] debugfs: 'hsr0' already exists in 'hsr' [ 697.431585][T14824] Cannot create hsr debugfs directory [ 697.576761][T14862] chnl_net:caif_netlink_parms(): no params data found [ 700.828374][T14862] bridge0: port 1(bridge_slave_0) entered blocking state [ 700.828565][T14862] bridge0: port 1(bridge_slave_0) entered disabled state [ 700.828777][T14862] bridge_slave_0: entered allmulticast mode [ 700.834845][T14862] bridge_slave_0: entered promiscuous mode [ 700.903477][T14862] bridge0: port 2(bridge_slave_1) entered blocking state [ 700.903598][T14862] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.903807][T14862] bridge_slave_1: entered allmulticast mode [ 700.928740][T14862] bridge_slave_1: entered promiscuous mode [ 701.086400][T14862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 701.090896][T14862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 702.109679][T14909] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3267'. [ 702.418988][T14862] team0: Port device team_slave_0 added [ 702.429184][T14862] team0: Port device team_slave_1 added [ 702.670221][T14862] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 702.670247][T14862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 702.670271][T14862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 702.701572][T14862] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 702.701588][T14862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 702.701614][T14862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 703.960460][T14862] hsr_slave_0: entered promiscuous mode [ 703.984828][T14862] hsr_slave_1: entered promiscuous mode [ 703.988558][T14862] debugfs: 'hsr0' already exists in 'hsr' [ 703.988585][T14862] Cannot create hsr debugfs directory [ 710.210765][ T5127] Bluetooth: hci4: Malformed MSFT vendor event: 0x02 [ 710.860221][T12273] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 710.872649][T12273] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 710.877573][T12273] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 710.891615][T12273] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 710.892441][T12273] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 712.967569][T12273] Bluetooth: hci9: command tx timeout [ 715.044153][ T5821] Bluetooth: hci1: command 0x0406 tx timeout [ 715.046602][ T5821] Bluetooth: hci9: command tx timeout [ 715.821391][T14932] chnl_net:caif_netlink_parms(): no params data found [ 716.149854][T14954] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 717.134121][T12273] Bluetooth: hci9: command tx timeout [ 717.221619][T14932] bridge0: port 1(bridge_slave_0) entered blocking state [ 717.274637][T14932] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.274934][T14932] bridge_slave_0: entered allmulticast mode [ 717.278897][T14932] bridge_slave_0: entered promiscuous mode [ 717.773866][T14932] bridge0: port 2(bridge_slave_1) entered blocking state [ 717.774293][T14932] bridge0: port 2(bridge_slave_1) entered disabled state [ 717.774582][T14932] bridge_slave_1: entered allmulticast mode [ 717.777014][T14932] bridge_slave_1: entered promiscuous mode [ 718.202590][T14932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 718.358689][T14932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 719.204416][T12273] Bluetooth: hci9: command tx timeout [ 720.007863][T14932] team0: Port device team_slave_0 added [ 720.010038][T14932] team0: Port device team_slave_1 added [ 720.992189][T14932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 720.992207][T14932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 720.992232][T14932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 721.050311][T14932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 721.050323][T14932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 721.050345][T14932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 721.985964][T14932] hsr_slave_0: entered promiscuous mode [ 721.987394][T14932] hsr_slave_1: entered promiscuous mode [ 721.988329][T14932] debugfs: 'hsr0' already exists in 'hsr' [ 721.988361][T14932] Cannot create hsr debugfs directory [ 729.562152][T14991] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 729.585526][T14991] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 729.586779][T14991] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 729.587893][T14991] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 729.588666][T14991] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 730.584217][ T5127] Bluetooth: hci2: command 0x0406 tx timeout [ 731.854129][ T5821] Bluetooth: hci10: command tx timeout [ 733.936592][T12273] Bluetooth: hci10: command tx timeout [ 734.488750][ T5821] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 734.516818][ T5821] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 734.518476][ T5821] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 734.520009][ T5821] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 734.520855][ T5821] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 736.744093][ T5821] Bluetooth: hci10: command tx timeout [ 736.884424][ T5821] Bluetooth: hci11: command tx timeout [ 737.422194][T14990] chnl_net:caif_netlink_parms(): no params data found [ 738.804195][ T5821] Bluetooth: hci10: command tx timeout [ 739.017052][ T5821] Bluetooth: hci11: command tx timeout [ 740.887455][T14990] bridge0: port 1(bridge_slave_0) entered blocking state [ 740.887587][T14990] bridge0: port 1(bridge_slave_0) entered disabled state [ 740.887880][T14990] bridge_slave_0: entered allmulticast mode [ 740.890607][T14990] bridge_slave_0: entered promiscuous mode [ 741.108531][ T5821] Bluetooth: hci11: command tx timeout [ 742.238596][T14990] bridge0: port 2(bridge_slave_1) entered blocking state [ 742.238717][T14990] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.239006][T14990] bridge_slave_1: entered allmulticast mode [ 742.274532][T14990] bridge_slave_1: entered promiscuous mode [ 742.747751][T15003] chnl_net:caif_netlink_parms(): no params data found [ 742.898152][T14990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 742.944146][T14990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 743.144479][ T5821] Bluetooth: hci11: command tx timeout [ 747.163608][T12273] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 747.183503][T12273] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 747.193060][T12273] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 747.204761][T12273] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 747.206155][T12273] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 747.354457][T14990] team0: Port device team_slave_0 added [ 747.552960][T14990] team0: Port device team_slave_1 added [ 749.374119][ T39] INFO: task syz-executor:5810 blocked for more than 144 seconds. [ 749.374163][ T39] Tainted: G L syzkaller #0 [ 749.374174][ T39] Blocked by coredump. [ 749.374180][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 749.374189][ T39] task:syz-executor state:D stack:22304 pid:5810 tgid:5810 ppid:1 task_flags:0x40054c flags:0x00080003 [ 749.374251][ T39] Call Trace: [ 749.374262][ T39] [ 749.374276][ T39] __schedule+0x1553/0x5240 [ 749.374532][ T39] ? __lock_acquire+0x6b5/0x2cf0 [ 749.374636][ T39] ? __lock_acquire+0x6b5/0x2cf0 [ 749.374656][ T39] ? __pfx___schedule+0x10/0x10 [ 749.374704][ T39] rt_mutex_schedule+0x76/0xf0 [ 749.374736][ T39] rt_mutex_slowlock_block+0x508/0x680 [ 749.374779][ T39] rt_mutex_slowlock+0x2dc/0x7b0 [ 749.374802][ T39] ? rt_mutex_slowlock+0x1fd/0x7b0 [ 749.374822][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 749.374860][ T39] ? rcu_barrier+0x4c/0x580 [ 749.374893][ T39] ? rcu_barrier+0x4c/0x580 [ 749.374911][ T39] mutex_lock_nested+0x168/0x1d0 [ 749.374929][ T39] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 749.374953][ T39] rcu_barrier+0x4c/0x580 [ 749.374983][ T39] netdev_run_todo+0x2e0/0xde0 [ 749.375100][ T39] ? __pfx_netdev_run_todo+0x10/0x10 [ 749.375123][ T39] ? kasan_quarantine_put+0xbb/0x1f0 [ 749.375227][ T39] ? lockdep_hardirqs_on+0x7a/0x110 [ 749.375294][ T39] ? netdev_state_change+0x1ca/0x220 [ 749.375317][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 749.375399][ T39] tun_chr_close+0x13f/0x1c0 [ 749.375423][ T39] __fput+0x461/0xa90 [ 749.375486][ T39] task_work_run+0x1d9/0x270 [ 749.375510][ T39] ? __pfx_task_work_run+0x10/0x10 [ 749.375538][ T39] ? kmem_cache_free+0x185/0x6b0 [ 749.375622][ T39] ? put_net+0x191/0x260 [ 749.375650][ T39] do_exit+0x70f/0x23c0 [ 749.375688][ T39] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 749.375742][ T39] ? __pfx_do_exit+0x10/0x10 [ 749.375759][ T39] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 749.375778][ T39] ? reacquire_held_locks+0x104/0x190 [ 749.375798][ T39] ? rt_spin_lock+0x1e0/0x400 [ 749.375828][ T39] do_group_exit+0x21b/0x2d0 [ 749.375848][ T39] ? rt_spin_unlock+0x160/0x200 [ 749.375870][ T39] get_signal+0x125c/0x1310 [ 749.375914][ T39] arch_do_signal_or_restart+0xbc/0x830 [ 749.375961][ T39] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 749.375991][ T39] ? ksys_read+0x202/0x270 [ 749.376055][ T39] exit_to_user_mode_loop+0x86/0x480 [ 749.376093][ T39] ? rcu_is_watching+0x15/0xb0 [ 749.376117][ T39] do_syscall_64+0x32d/0xf80 [ 749.376139][ T39] ? trace_irq_disable+0x3b/0x150 [ 749.376165][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.376197][ T39] ? clear_bhb_loop+0x40/0x90 [ 749.376220][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.376239][ T39] RIP: 0033:0x7fc0326fcfce [ 749.376293][ T39] RSP: 002b:00007ffffbd3c358 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 749.376341][ T39] RAX: 0000000000000000 RBX: 000055557ae23500 RCX: 00007fc0326fcfce [ 749.376354][ T39] RDX: 0000000000000030 RSI: 00007ffffbd3c450 RDI: 00000000000000f9 [ 749.376366][ T39] RBP: 00007ffffbd3c3fc R08: 0000000000000000 R09: 0000000000000000 [ 749.376378][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000029e [ 749.376389][ T39] R13: 00000000000927c0 R14: 000000000008e5b2 R15: 00007ffffbd3c450 [ 749.376419][ T39] [ 749.376506][ T39] [ 749.376506][ T39] Showing all locks held in the system: [ 749.376527][ T39] 5 locks held by rcuc/0/20: [ 749.376570][ T39] 6 locks held by ksoftirqd/1/30: [ 749.376580][ T39] 2 locks held by kworker/u8:2/34: [ 749.376591][ T39] 1 lock held by khungtaskd/39: [ 749.376602][ T39] #0: ffffffff8ddcb840 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 749.376672][ T39] 2 locks held by kworker/u8:4/68: [ 749.376682][ T39] 2 locks held by kworker/u8:5/96: [ 749.376695][ T39] 2 locks held by kworker/u8:7/159: [ 749.376705][ T39] 5 locks held by kworker/u8:8/177: [ 749.376716][ T39] #0: ffff88801aee1138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 [ 749.376763][ T39] #1: ffffc90003b27c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 749.376808][ T39] #2: ffffffff8f14b840 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800 [ 749.376906][ T39] #3: ffff88805f6f17b8 (&wg->device_update_lock){+.+.}-{4:4}, at: wg_destruct+0x116/0x310 [ 749.377002][ T39] #4: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.377049][ T39] 3 locks held by kworker/u8:11/1134: [ 749.377060][ T39] #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 [ 749.377107][ T39] #1: ffffc900056afc40 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 749.377162][ T39] #2: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.377207][ T39] 2 locks held by kworker/u8:14/1366: [ 749.377218][ T39] 2 locks held by kworker/u8:16/1491: [ 749.377239][ T39] 3 locks held by kworker/u8:20/3580: [ 749.377249][ T39] #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 [ 749.377295][ T39] #1: ffffc9000f0bfc40 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 749.377348][ T39] #2: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.377407][ T39] 2 locks held by kworker/u8:22/3679: [ 749.377418][ T39] 4 locks held by kworker/u8:26/4439: [ 749.377430][ T39] 2 locks held by getty/5571: [ 749.377441][ T39] #0: ffff88823be368a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 749.377559][ T39] #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0 [ 749.377636][ T39] 1 lock held by syz-executor/5810: [ 749.377647][ T39] #0: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.377693][ T39] 5 locks held by kworker/1:6/5913: [ 749.377707][ T39] 2 locks held by kworker/u8:0/12393: [ 749.377718][ T39] 1 lock held by syz-executor/13334: [ 749.377729][ T39] #0: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.377775][ T39] 7 locks held by syz-executor/14450: [ 749.377786][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.377843][ T39] #1: ffff888062486878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.377958][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.378009][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.378118][ T39] #4: ffff888021bff0d8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x870 [ 749.378207][ T39] #5: ffff88801ffae300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160 [ 749.378293][ T39] #6: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.378339][ T39] 2 locks held by kworker/u8:6/14532: [ 749.378350][ T39] 4 locks held by syz-executor/14546: [ 749.378360][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.378410][ T39] #1: ffff88802b6dd478 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.378455][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.378505][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.378557][ T39] 2 locks held by kworker/u8:9/14618: [ 749.378568][ T39] 2 locks held by kworker/u8:12/14664: [ 749.378579][ T39] 2 locks held by kworker/u8:15/14666: [ 749.378589][ T39] #0: ffff88801ef8a938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 [ 749.378636][ T39] #1: ffffc90004f97c40 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 749.378681][ T39] 2 locks held by kworker/u8:17/14667: [ 749.378693][ T39] 4 locks held by syz-executor/14729: [ 749.378704][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.378754][ T39] #1: ffff888061ba1c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.378801][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.378851][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.378897][ T39] 1 lock held by syz.2.3227/14755: [ 749.378907][ T39] #0: ffffffff8ddd1ab0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 749.378962][ T39] 4 locks held by syz-executor/14805: [ 749.378973][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.379022][ T39] #1: ffff888038e04078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.379068][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.379124][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.379170][ T39] 4 locks held by syz-executor/14824: [ 749.379180][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.379229][ T39] #1: ffff88802ba1a478 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.379275][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.379326][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.379374][ T39] 4 locks held by syz-executor/14862: [ 749.379384][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.379433][ T39] #1: ffff88806397c878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.379479][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.379536][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.379584][ T39] 4 locks held by syz-executor/14932: [ 749.379594][ T39] #0: ffff8880382ce480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 749.379660][ T39] #1: ffff888087a78078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 749.379706][ T39] #2: ffff8880284e1f08 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 749.379756][ T39] #3: ffffffff8e9c78b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 749.379802][ T39] 2 locks held by syz-executor/14990: [ 749.379813][ T39] #0: ffffffff8e8b5ca8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 749.379912][ T39] #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0 [ 749.379956][ T39] 2 locks held by syz-executor/15003: [ 749.379968][ T39] 2 locks held by syz-executor/15047: [ 749.379978][ T39] #0: ffffffff8f14b840 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x4f7/0x730 [ 749.380020][ T39] #1: ffffffff8f159ff8 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0 [ 749.380067][ T39] [ 749.380071][ T39] ============================================= [ 749.380071][ T39] [ 749.380086][ T39] NMI backtrace for cpu 1 [ 749.380110][ T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 749.380134][ T39] Tainted: [L]=SOFTLOCKUP [ 749.380141][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 749.380151][ T39] Call Trace: [ 749.380159][ T39] [ 749.380166][ T39] dump_stack_lvl+0xe8/0x150 [ 749.380204][ T39] nmi_cpu_backtrace+0x274/0x2d0 [ 749.380255][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 749.380305][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 749.380327][ T39] sys_info+0x135/0x170 [ 749.380376][ T39] watchdog+0xfd9/0x1030 [ 749.380402][ T39] ? watchdog+0x21a/0x1030 [ 749.380429][ T39] kthread+0x388/0x470 [ 749.380448][ T39] ? __pfx_watchdog+0x10/0x10 [ 749.380466][ T39] ? __pfx_kthread+0x10/0x10 [ 749.380486][ T39] ret_from_fork+0x51e/0xb90 [ 749.380525][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 749.380547][ T39] ? __switch_to+0xc7d/0x1450 [ 749.380572][ T39] ? __pfx_kthread+0x10/0x10 [ 749.380592][ T39] ret_from_fork_asm+0x1a/0x30 [ 749.380624][ T39] [ 749.380631][ T39] Sending NMI from CPU 1 to CPUs 0: [ 749.380661][ C0] NMI backtrace for cpu 0 [ 749.380676][ C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 749.380698][ C0] Tainted: [L]=SOFTLOCKUP [ 749.380704][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 749.380714][ C0] RIP: 0010:__unwind_start+0x5b8/0x760 [ 749.380732][ C0] Code: 80 3c 30 00 4c 8b 64 24 18 74 08 4c 89 e7 e8 5f e4 b3 00 48 8b 44 24 10 49 39 04 24 0f 87 1b fb ff ff 48 89 df e8 a8 d1 ff ff <48> be 00 00 00 00 00 fc ff df 48 8b 04 24 0f b6 04 30 84 c0 75 0e [ 749.380747][ C0] RSP: 0018:ffffc90000196488 EFLAGS: 00000296 [ 749.380760][ C0] RAX: 000000008ff66901 RBX: ffffc900001964e8 RCX: 0000000000000046 [ 749.380773][ C0] RDX: 0000000000000004 RSI: ffffffff8d7bb786 RDI: ffff88801ca98000 [ 749.380784][ C0] RBP: 1ffff92000032c9e R08: ffffc90000196570 R09: 0000000000000000 [ 749.380795][ C0] R10: ffffc90000196538 R11: fffff52000032ca9 R12: ffffc90000196520 [ 749.380806][ C0] R13: ffffc900001964f8 R14: 1ffff92000032c9f R15: ffffc900001964f0 [ 749.380818][ C0] FS: 0000000000000000(0000) GS:ffff88812633f000(0000) knlGS:0000000000000000 [ 749.380831][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 749.380842][ C0] CR2: 00007fead1ff5e78 CR3: 000000000dbba000 CR4: 00000000003526f0 [ 749.380856][ C0] Call Trace: [ 749.380862][ C0] [ 749.380871][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 749.380892][ C0] arch_stack_walk+0xe3/0x150 [ 749.380910][ C0] ? stack_trace_save+0xa9/0x100 [ 749.380930][ C0] stack_trace_save+0xa9/0x100 [ 749.380948][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 749.380969][ C0] ? unwind_next_frame+0xa5/0x23c0 [ 749.380985][ C0] kasan_save_track+0x3e/0x80 [ 749.381036][ C0] __kasan_kmalloc+0x93/0xb0 [ 749.381056][ C0] __kmalloc_cache_noprof+0x3a6/0x690 [ 749.381078][ C0] ? ref_tracker_alloc+0x15e/0x4a0 [ 749.381180][ C0] ref_tracker_alloc+0x15e/0x4a0 [ 749.381198][ C0] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 749.381220][ C0] ? rcu_is_watching+0x15/0xb0 [ 749.381236][ C0] ? trace_kmem_cache_alloc+0x29/0xf0 [ 749.381258][ C0] dst_init+0xd9/0x480 [ 749.381307][ C0] dst_alloc+0x12a/0x170 [ 749.381328][ C0] ip_route_output_key_hash_rcu+0x14d0/0x25d0 [ 749.381397][ C0] ? ip_route_output_key_hash+0xd8/0x2a0 [ 749.381415][ C0] ip_route_output_key_hash+0x18d/0x2a0 [ 749.381434][ C0] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 749.381458][ C0] ip_route_output_flow+0x2a/0x150 [ 749.381473][ C0] ? ip_route_me_harder+0x730/0xf90 [ 749.381527][ C0] ip_route_me_harder+0x742/0xf90 [ 749.381550][ C0] ? __pfx_ip_route_me_harder+0x10/0x10 [ 749.381575][ C0] ? __cookie_v4_init_sequence+0x25d/0x500 [ 749.381626][ C0] synproxy_send_tcp+0x34c/0x670 [ 749.381685][ C0] synproxy_send_client_synack+0x8c1/0xe30 [ 749.381710][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 749.381728][ C0] ? nft_osf_eval+0x578/0x770 [ 749.381781][ C0] ? synproxy_pernet+0x45/0x270 [ 749.381804][ C0] nft_synproxy_eval_v4+0x34a/0x4e0 [ 749.381826][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 749.381847][ C0] ? nf_ip_checksum+0x13c/0x510 [ 749.381897][ C0] nft_synproxy_do_eval+0x305/0x580 [ 749.381916][ C0] ? irqentry_exit+0x59e/0x620 [ 749.381937][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 749.381964][ C0] nft_do_chain+0x45e/0x1990 [ 749.382010][ C0] ? update_cfs_rq_load_avg+0x3fb/0x4e0 [ 749.382038][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 749.382055][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 749.382080][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 749.382095][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 749.382112][ C0] nft_do_chain_inet+0x29d/0x380 [ 749.382177][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 749.382199][ C0] ? rtlock_slowlock_locked+0xfb/0x3c80 [ 749.382220][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 749.382240][ C0] nf_hook_slow+0xc5/0x220 [ 749.382260][ C0] NF_HOOK+0x21f/0x3c0 [ 749.382280][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 749.382324][ C0] ? NF_HOOK+0x9e/0x3c0 [ 749.382342][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 749.382361][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 749.382382][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 749.382404][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 749.382425][ C0] NF_HOOK+0x336/0x3c0 [ 749.382443][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 749.382463][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 749.382482][ C0] ? NF_HOOK+0x9e/0x3c0 [ 749.382500][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 749.382520][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 749.382542][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 749.382561][ C0] ? process_backlog+0x271/0xc60 [ 749.382577][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 749.382596][ C0] process_backlog+0x569/0xc60 [ 749.382613][ C0] ? stack_trace_save+0xa9/0x100 [ 749.382638][ C0] __napi_poll+0xaf/0x580 [ 749.382652][ C0] ? skb_defer_free_flush+0x233/0x260 [ 749.382670][ C0] net_rx_action+0x696/0xe00 [ 749.382694][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 749.382716][ C0] ? sched_balance_domains+0x82d/0x950 [ 749.382739][ C0] handle_softirqs+0x1de/0x6f0 [ 749.382763][ C0] __local_bh_enable_ip+0x170/0x2b0 [ 749.382783][ C0] ? rcu_cpu_kthread+0x205/0x1470 [ 749.382797][ C0] rcu_cpu_kthread+0x9e8/0x1470 [ 749.382815][ C0] ? rcu_cpu_kthread+0x205/0x1470 [ 749.382834][ C0] ? __pfx_rcu_cpu_kthread+0x10/0x10 [ 749.382849][ C0] ? schedule+0x90/0x360 [ 749.382870][ C0] ? smpboot_thread_fn+0x4d/0xa50 [ 749.382890][ C0] smpboot_thread_fn+0x541/0xa50 [ 749.382916][ C0] ? smpboot_thread_fn+0x4d/0xa50 [ 749.382940][ C0] kthread+0x388/0x470 [ 749.382955][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 749.382974][ C0] ? __pfx_kthread+0x10/0x10 [ 749.382990][ C0] ret_from_fork+0x51e/0xb90 [ 749.383011][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 749.383038][ C0] ? __switch_to+0xc7d/0x1450 [ 749.383058][ C0] ? __pfx_kthread+0x10/0x10 [ 749.383073][ C0] ret_from_fork_asm+0x1a/0x30 [ 749.383099][ C0] [ 749.383668][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 749.383685][ T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 749.383710][ T39] Tainted: [L]=SOFTLOCKUP [ 749.383716][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 749.383727][ T39] Call Trace: [ 749.383734][ T39] [ 749.383743][ T39] vpanic+0x56c/0xa60 [ 749.383772][ T39] ? __pfx_vpanic+0x10/0x10 [ 749.383805][ T39] panic+0xc5/0xd0 [ 749.383828][ T39] ? __pfx_panic+0x10/0x10 [ 749.383849][ T39] ? printk_trigger_flush+0x117/0x180 [ 749.383874][ T39] ? lockdep_hardirqs_on+0x7a/0x110 [ 749.383903][ T39] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 749.383921][ T39] watchdog+0x1023/0x1030 [ 749.383943][ T39] ? watchdog+0x21a/0x1030 [ 749.383971][ T39] kthread+0x388/0x470 [ 749.383989][ T39] ? __pfx_watchdog+0x10/0x10 [ 749.384008][ T39] ? __pfx_kthread+0x10/0x10 [ 749.384027][ T39] ret_from_fork+0x51e/0xb90 [ 749.384052][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 749.384074][ T39] ? __switch_to+0xc7d/0x1450 [ 749.384099][ T39] ? __pfx_kthread+0x10/0x10 [ 749.384118][ T39] ret_from_fork_asm+0x1a/0x30 [ 749.384151][ T39] [ 749.384444][ T39] Kernel Offset: disabled