last executing test programs: 32.101934673s ago: executing program 2 (id=1347): close(0x3) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x17ff, 0x4) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000", 0x17}], 0x1}, 0x40) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084) 31.858494148s ago: executing program 2 (id=1351): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14) syz_emit_ethernet(0x1201, &(0x7f0000001bc0)=ANY=[], 0x0) 31.525322559s ago: executing program 0 (id=1355): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x7, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) close(0x3) r2 = socket(0x2, 0x80805, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r5}, 0x8) 31.438949401s ago: executing program 0 (id=1356): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000007c0)={0x3, 'vlan1\x00'}) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{0x0}, {0x0}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e5635", 0x46}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323", 0x47}, {&(0x7f0000000900)}], 0x5}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000ac0)}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91", 0x15}], 0x2}}], 0x2, 0x20000044) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = accept4(r1, 0x0, 0x0, 0x800) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32], 0x1c}}, 0x4008054) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e", 0xc2}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 31.261291538s ago: executing program 2 (id=1357): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x438, &(0x7f0000003140)={[{0x96, 0x4e00, "a13f27a944e784dd9360085bd04148578193088de9b31028931d495543d02336ef4ba803947589df000cedc290e6a8febfa5b9b526853e2c73a14c2c0949ffc1e6b53b67c8bd2a2500cf742be2574d3d687b72d07e44dda0614499875e41250c9b9ad8ee51775bcc4746c5d4f738ffd7643faba5f02e001776a8f9ccc194392437870f5e49057cccebac9c34bea978808807ecf485cb"}, {0x11, 0x4e00, "f9eacd1abc6ef91f01df6e993373e8fcd9"}, {0x3d, 0x4e00, "0c24e4b5f15f83f99e925babc89b91eb57ccdbdd86ab46950a24306f9fa0294a8e2c026ba2cb7cd30285c6de3e6d37346bde7aa52c00798552b4aba9ae"}, {0x3d, 0x4e00, "dd83e87fbd275849328a86db9236bd22b4365084d97e7659bcb54741a04b14036c4c73b7e844becfeeb3263cbe7f9da271983bfe547a0e08463055efd2"}, {0xbd, 0x4e00, "579ff1fd5ce2e857fa5e6d8c981e06bbe2590b0d349c16ce5e03cd1cfa33ef73cf340f31278008de8e653a733b10dafadfdd0a6cbb272105aacf4da72e0145ab82bd39bafc8774783a5f80db3692e19e778dccede7202636f3140c10b9f1efd0f321623daa6aaaeca7b786f936c206c1d0f85d4b75b846ea8c25710e0f7ec8bacf22ddc34ca316f8bca4bbee79c8032548883e2502916067289820d31fe1765169f8db719dd9f1e143aa4d75baaaf0d58b3fc2271b302ce4b8f907b047"}, {0xf1, 0x4e00, "e3717bc68dc2a9b0c4eaa4016691fdc5babb6d56b8a5d68b2a5805dd4146367b51ced1e23b94d3e27ea13733cbbe845413088543465a5bdf8aa7103c31a7333f9ad59ab9d3593150f826be289bb6790a5409ec1575de0e75801e304153f9562a25e7f8efad4d5b465bb5e2e1607c038fbfb5188b91c4300df2929f8dce9084661ecb0314fab7632bb57b33af4db31bc4d6912bbcf85fb53d9afe798cf47c82beeae8764fb2a22287eef31e3a0ddf2e1cd227415ecbb81d3a29318458e83dcf4a6402f604f9e54da69762e8f1b955d452c0f2cffa4202f7490627bdbc31967395c4ba81ac76ac12f0aa6ca5650c80bb1635"}, {0x139, 0x4e00, "8ace76acf8cb465f88c4ad44855ec40689ca5f57a0f5e1e32b9d82e2c10de639feebee8d8adfbbefcf0ae99f715fb53b9f751e8504ce79d3328d482dab578d8129de07af11d6d4f50912801574270fc22e5d6451854ea969db9e1d157bc6ba4dde8405a4cf6d9cdb93fdf3d4c6136ebf1099fb5bb167fe75ae8c7aaac077660609108d9d552ef564e94f02779e5c4a60b2e3342f501f2b70021da21d1f7d2202fe9480a54d706435dfd91b75832818db480d38f86b052413833ea144f383834fb9f0e5f2c13a3541cea1ec063672864bc1fbc98f6bf793f917c929420d63c02006535167af8f20ba9a7fd57d2c89f6ca77708366a898f2c377110c52876f9396d248e4bf78b51efd6f8c0a565d1e23ce2377752e33f20109654995a6a1d0d37c4c745685c8af045face56da5c0855a894ff7a79348795884f2"}]}) 29.961204477s ago: executing program 1 (id=1361): syz_emit_ethernet(0x2f3, &(0x7f0000000000)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x2bd, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x1700, 0x0, 0x0, [{0x0, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000000000026000400"}, {0x18}, {0x1, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x22, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743474671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "fc07876d4ec1876d4e6fa3ce2dfdb43a6f021659ff5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x0, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) 29.913379381s ago: executing program 1 (id=1362): close(0x3) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x17ff, 0x4) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a", 0x23}], 0x1}, 0x40) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084) 29.260646496s ago: executing program 0 (id=1363): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) write$tun(r0, 0x0, 0xfdef) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r1, 0x0, 0xc, 0x0, 0x0) setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f0000000000)=0x1ff, 0x4) getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000300)=""/19, &(0x7f0000000340)=0x13) socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x800, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r4, &(0x7f0000000040)='FROZEN\x00', 0x7) mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff) mkdirat$cgroup(r3, &(0x7f0000000100)='syz0\x00', 0x1ff) sendfile(r4, r4, 0x0, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x58, 0x10, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x21d62}, [@IFLA_IFNAME={0x14, 0x3, 'team0\x00'}, @IFLA_MTU={0x8, 0x4, 0xd4}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_NODE_GUID={0x14, 0xa, {0xfffffe01}}]}]}]}, 0xb4}}, 0x20084084) r6 = socket(0x15, 0x5, 0x0) getsockopt(r6, 0x200000000114, 0x2713, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002) 28.768359172s ago: executing program 1 (id=1366): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x7, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) close(0x3) r2 = socket(0x2, 0x80805, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000"], 0x30}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r5}, 0x8) 28.586784863s ago: executing program 1 (id=1367): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x4, 0x7ff, 0x4}}}}]}, 0x44}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x24, 0x2c, 0xf3f, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x300}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041004}, 0x0) 28.386462265s ago: executing program 1 (id=1369): sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000600)="447df50ce4033a7b5ad00b83244c00b711803e7cca2504a2600da98efff9e7d67f87b17ffd582b04d632ebd866f28678899ae0d6306cd39420b7b7f78deaaf2908c2a5726f2c50c9eb720e93d3e5b49fae5ab325f9ef326cf8bad0db853cbb8235b0c803c417ede8f7b85eaad8aea5b2fe9813fee217a97a980d39d7a1efef815bf2bfe6823e664dc7dcd285d91c9e4ab6ee36a00b300ffd69f9eb85d6f8c7b5c176084bccbdea", 0xa7}, {&(0x7f00000006c0)="080c0434", 0x4}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d55be18cac95a1aa093479596c3613670aaf2a3b1edc465bedfdb5156035719c0baa8bb8bf2a825ec04f424dda801fea000f41edc43511e9c8bf89656071e91ae4c356d6a9ca608af6b83cc9f3d9ae37c2bfab2e5708062c659e44272215dba2195d826f9fd", 0x87}, {&(0x7f0000000880)="a1755527af3bc7c4671ac86bf0a2338efb5db19ac572af50ea485d175761731e22c55a759161b4a9abe65d440c", 0x2d}], 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="ac1414bb0000000000000000140000000000000000000000020000000600000000000000d8000000000000000000000007000000072b52000000000a0101020a010100ac14141b640101020a010102ac1414bbac14143ee000000200000000071731ac14143cac1e0101e0000002ac1414aaffffffff442cdf11ac1e010100000005ffffffff00000002ac1414bb00000006ffffffff000000000000000000000003441435230a01010200000001ffffffff00000007444477937f00000100000007ac1e000100000008ac14143200000005e0000002000000f77f00000100000200ac1414bb00000401ac1414aa0000e7a6ac1414aa000000b6010014000000000000000000000002000000020000000000000014"], 0x1a0}, 0x41) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33050910"], 0xd) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 28.158974797s ago: executing program 0 (id=1370): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8a", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socket$unix(0x1, 0x1, 0x0) 28.044164343s ago: executing program 2 (id=1372): syz_emit_ethernet(0x355, &(0x7f0000000000)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x31f, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x1700, 0x0, 0x0, [{0x0, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000000000026000400"}, {0x18, 0xc, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d"}, {0x1, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x22, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743474671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "fc07876d4ec1876d4e6fa3ce2dfdb43a6f021659ff5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x0, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) 27.613917701s ago: executing program 0 (id=1374): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000700000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) 27.572188968s ago: executing program 2 (id=1375): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x2f00020b, 0xd, 0x0, &(0x7f00000007c0)="63eced8e46dc3f0adf33c9f7b9", 0x0, 0x7d15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000005c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aae", 0xb) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r3, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x1, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x1004) sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x10) r4 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002440)=[{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="57cd4e", 0x3}, {&(0x7f0000000580)="3222f0476ed4765dc271a2c4fc02", 0xe}], 0x2, &(0x7f0000001a40)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4000801}], 0x1, 0x40) recvmmsg(r4, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}, 0xffffff0b}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000028c0)=""/4096, 0x1000}], 0x1}, 0xf}], 0x2, 0x2101, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r5}, 0x4) r6 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x88, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syz_tun\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'hsr0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bond\x00'}}]}, 0x88}, 0x1, 0x0, 0x0, 0x48845}, 0xc000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2a, 0x63, &(0x7f0000000080)="5fab413d270cec0465f5fc3f6da4cae37472246135260602e30ec7dc16531b8d0bb99da3dc71504f2176", &(0x7f00000003c0)=""/99, 0x5, 0x0, 0xd4, 0x85, &(0x7f0000000440)="5ae2bb912e49a234ba239fc69950ee7c06cf06fcdffe9a605d42aad4404830fd4ce0fe4bc5499f59528b69eaf04fa334fbe5e0beb95e2fd2b3c199eace71e075a9d5184c34c2f7a7b3a1ece9a4568f9b72cb8e0f4a65a1f0cdfe77586d32064da9e3185148d9431b610b558c094f28185e3187660483528fdcb5a8ae90534537aa1037a34730e02afc2c2c455978ecb0ad06f87fec2b214184ff07c9500cca477061d86a1431c6e5f307d8aeee58cf5928a8fb218d805435663ed681d39f98f7a9dae2def68ad04c413d12e5bd06bf81198841f0", &(0x7f0000000540)="2f4c3e58e889f32f1bb7278987b83562bd5903f37c2239c15ed8c4b48e9d8e6f43efd6306dabbb596e328aa06632c43a7b9e05d89f32957c47bb97f7cfbf4f5cef3c78b318856f1ce78466e4376ace142367efa489f0c8d1ef00cbae898d81cd2e01b9da31a420fb74045e18ff6476e2f6136982a9c59bbadc53b5628cc656f62abfa14fc3", 0x0, 0x0, 0x7f}, 0x50) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_DELLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bdad, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$phonet(0x23, 0x2, 0x1) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="2d6e657420a6e2572a25"], 0x5) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)="e8700e444d50a969ff", 0x9}], 0x1}], 0x1, 0x40800) connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@abs={0xa}, 0x6e) unshare(0x26020480) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x0, 0x3, r8}, 0x38) 26.990092442s ago: executing program 4 (id=1378): bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES16], 0x50) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x38) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x2c, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @empty, 0xef4}, @in={0x2, 0x4, @multicast1}]}, &(0x7f0000000180)=0x10) r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000084) connect$bt_rfcomm(r0, &(0x7f0000005dc0)={0x1f, @none, 0x15}, 0xa) 26.842598089s ago: executing program 4 (id=1379): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x4, 0x7ff, 0x4}}}}]}, 0x44}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x34, 0x2c, 0xf3f, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20041004}, 0x0) 26.6745703s ago: executing program 1 (id=1380): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) write$tun(r0, 0x0, 0xfdef) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r1, 0x0, 0xc, 0x0, 0x0) setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f0000000000)=0x1ff, 0x4) getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000300)=""/19, &(0x7f0000000340)=0x13) socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x800, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r4, &(0x7f0000000040)='FROZEN\x00', 0x7) mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff) mkdirat$cgroup(r3, &(0x7f0000000100)='syz0\x00', 0x1ff) sendfile(r4, r4, 0x0, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x58, 0x10, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x21d62}, [@IFLA_IFNAME={0x14, 0x3, 'team0\x00'}, @IFLA_MTU={0x8, 0x4, 0xd4}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_NODE_GUID={0x14, 0xa, {0xfffffe01}}]}]}]}, 0xb4}}, 0x20084084) r6 = socket(0x15, 0x5, 0x0) getsockopt(r6, 0x200000000114, 0x2713, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002) 26.634577089s ago: executing program 2 (id=1381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000300)={0x1, 0x12c, @pic={0x80, 0x5, 0xfc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}}) 26.12697123s ago: executing program 4 (id=1383): syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x2a, 0xc2}}}}}}, 0x0) 24.691503498s ago: executing program 0 (id=1384): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x48c, 0x0, 0x7fffffffffffffff}]}) 24.690516341s ago: executing program 4 (id=1386): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000006000000020000002c0084802800018008000100666962001c0002800800024000000001080001400000000008000340000000110900010073797a3000000000090002"], 0x80}}, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f907864010100000000002480655800000000000000001000080000"], 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c4004"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 23.981015544s ago: executing program 4 (id=1387): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0) bind$bt_hci(r0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) 21.618805391s ago: executing program 4 (id=1390): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a98000000060a0b040000000000000000020000026c00048018000180080001006f7366000c000280080001400000000424000180090001006d6574610000000014000280080002400000000308000340000000042c0001800a0001006c696d69740000001c0002800c00014000000000000000640c00024000000000000000010900010073797a3000000000090002007379"], 0xc0}}, 0x0) 17.662698877s ago: executing program 3 (id=1391): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)}], 0x1) 17.069504982s ago: executing program 3 (id=1392): close(0x3) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x17ff, 0x4) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a", 0x23}], 0x1}, 0x40) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084) 16.922751215s ago: executing program 3 (id=1393): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x4, 0x7ff, 0x4}}}}]}, 0x44}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x34, 0x2c, 0xf3f, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20041004}, 0x0) 16.742813994s ago: executing program 3 (id=1394): r0 = socket$inet(0x2, 0x3, 0xa) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000400002000000400004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a300000000014000180"], 0xc8}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1c00000000000000000000000700000086"], 0x20}}], 0x1, 0x24000004) 16.200535459s ago: executing program 3 (id=1395): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8a", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) 15.518813077s ago: executing program 3 (id=1396): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000700000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) 10.26901091s ago: executing program 32 (id=1380): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) write$tun(r0, 0x0, 0xfdef) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r1, 0x0, 0xc, 0x0, 0x0) setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f0000000000)=0x1ff, 0x4) getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000300)=""/19, &(0x7f0000000340)=0x13) socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x800, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r4, &(0x7f0000000040)='FROZEN\x00', 0x7) mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff) mkdirat$cgroup(r3, &(0x7f0000000100)='syz0\x00', 0x1ff) sendfile(r4, r4, 0x0, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x58, 0x10, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x21d62}, [@IFLA_IFNAME={0x14, 0x3, 'team0\x00'}, @IFLA_MTU={0x8, 0x4, 0xd4}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_NODE_GUID={0x14, 0xa, {0xfffffe01}}]}]}]}, 0xb4}}, 0x20084084) r6 = socket(0x15, 0x5, 0x0) getsockopt(r6, 0x200000000114, 0x2713, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002) 9.55122441s ago: executing program 33 (id=1381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000300)={0x1, 0x12c, @pic={0x80, 0x5, 0xfc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}}) 9.232469432s ago: executing program 34 (id=1384): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x48c, 0x0, 0x7fffffffffffffff}]}) 4.936524703s ago: executing program 35 (id=1390): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a98000000060a0b040000000000000000020000026c00048018000180080001006f7366000c000280080001400000000424000180090001006d6574610000000014000280080002400000000308000340000000042c0001800a0001006c696d69740000001c0002800c00014000000000000000640c00024000000000000000010900010073797a3000000000090002007379"], 0xc0}}, 0x0) 0s ago: executing program 36 (id=1396): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000700000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.168' (ED25519) to the list of known hosts. [ 70.873031][ T5585] cgroup: Unknown subsys name 'net' [ 71.092542][ T5585] cgroup: Unknown subsys name 'cpuset' [ 71.158413][ T5585] cgroup: Unknown subsys name 'rlimit' [ 71.360099][ T1332] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.365648][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 Setting up swapspace version 1, size = 127995904 bytes [ 72.791037][ T5585] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 75.102256][ T5611] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.113684][ T5611] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 75.130781][ T5611] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.136751][ T5611] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.148259][ T5617] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.153851][ T5617] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.159900][ T5617] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.181502][ T5611] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.187815][ T5617] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 75.195167][ T5611] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.195936][ T5611] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.198047][ T5617] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.198286][ T5617] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 75.198314][ T5611] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.200650][ T5617] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.205106][ T5616] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.217038][ T5616] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.221734][ T4913] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.222496][ T4913] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.223117][ T4913] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.227675][ T5608] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.247894][ T5618] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 75.252734][ T5615] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.308668][ T5615] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 75.317973][ T5615] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.349416][ T5615] Bluetooth: hci1: command tx timeout [ 77.349846][ T5618] Bluetooth: hci4: command tx timeout [ 77.437860][ T5618] Bluetooth: hci0: command tx timeout [ 77.508820][ T5618] Bluetooth: hci3: command tx timeout [ 77.508844][ T5615] Bluetooth: hci2: command tx timeout [ 77.535543][ T5601] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.536196][ T5601] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.536300][ T5601] bridge_slave_0: entered allmulticast mode [ 77.537684][ T5601] bridge_slave_0: entered promiscuous mode [ 77.595198][ T5601] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.595283][ T5601] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.595543][ T5601] bridge_slave_1: entered allmulticast mode [ 77.596805][ T5601] bridge_slave_1: entered promiscuous mode [ 77.597605][ T5599] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.597961][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.598450][ T5599] bridge_slave_0: entered allmulticast mode [ 77.600789][ T5599] bridge_slave_0: entered promiscuous mode [ 77.621401][ T5600] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.621508][ T5600] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.621962][ T5600] bridge_slave_0: entered allmulticast mode [ 77.624421][ T5600] bridge_slave_0: entered promiscuous mode [ 77.626706][ T5597] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.626818][ T5597] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.626966][ T5597] bridge_slave_0: entered allmulticast mode [ 77.630173][ T5597] bridge_slave_0: entered promiscuous mode [ 77.655343][ T5599] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.655451][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.655582][ T5599] bridge_slave_1: entered allmulticast mode [ 77.658459][ T5599] bridge_slave_1: entered promiscuous mode [ 77.682600][ T5600] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.682707][ T5600] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.682854][ T5600] bridge_slave_1: entered allmulticast mode [ 77.686505][ T5600] bridge_slave_1: entered promiscuous mode [ 77.688168][ T5597] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.688283][ T5597] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.688420][ T5597] bridge_slave_1: entered allmulticast mode [ 77.692276][ T5597] bridge_slave_1: entered promiscuous mode [ 77.801076][ T5598] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.801173][ T5598] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.801273][ T5598] bridge_slave_0: entered allmulticast mode [ 77.802618][ T5598] bridge_slave_0: entered promiscuous mode [ 77.843230][ T5601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.860563][ T5598] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.860703][ T5598] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.860847][ T5598] bridge_slave_1: entered allmulticast mode [ 77.863073][ T5598] bridge_slave_1: entered promiscuous mode [ 77.899239][ T5601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.902189][ T5599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.920156][ T5600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.939226][ T5597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.954439][ T5599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.973442][ T5600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.975306][ T5597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.006814][ T5598] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.209938][ T5601] team0: Port device team_slave_0 added [ 78.227168][ T5598] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.256868][ T5601] team0: Port device team_slave_1 added [ 78.259387][ T5599] team0: Port device team_slave_0 added [ 78.276977][ T5600] team0: Port device team_slave_0 added [ 78.279599][ T5597] team0: Port device team_slave_0 added [ 78.297639][ T5599] team0: Port device team_slave_1 added [ 78.313214][ T5600] team0: Port device team_slave_1 added [ 78.314733][ T5597] team0: Port device team_slave_1 added [ 78.341793][ T5598] team0: Port device team_slave_0 added [ 78.366655][ T5601] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.366664][ T5601] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.366676][ T5601] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.393695][ T5598] team0: Port device team_slave_1 added [ 78.438799][ T5601] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.438813][ T5601] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.438833][ T5601] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.441647][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.441658][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.441687][ T5599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.465400][ T5600] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.465414][ T5600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.465438][ T5600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.468131][ T5597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.468144][ T5597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.468166][ T5597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.485182][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.485202][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.485225][ T5599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.505155][ T5600] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.505169][ T5600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.505192][ T5600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.506827][ T5597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.506839][ T5597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.506862][ T5597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.540944][ T5598] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.540960][ T5598] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.540982][ T5598] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.562902][ T5598] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.562918][ T5598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.562942][ T5598] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.689846][ T5601] hsr_slave_0: entered promiscuous mode [ 78.691738][ T5601] hsr_slave_1: entered promiscuous mode [ 78.770380][ T5600] hsr_slave_0: entered promiscuous mode [ 78.771537][ T5600] hsr_slave_1: entered promiscuous mode [ 78.772481][ T5600] debugfs: 'hsr0' already exists in 'hsr' [ 78.772596][ T5600] Cannot create hsr debugfs directory [ 78.782487][ T5599] hsr_slave_0: entered promiscuous mode [ 78.783625][ T5599] hsr_slave_1: entered promiscuous mode [ 78.784452][ T5599] debugfs: 'hsr0' already exists in 'hsr' [ 78.784472][ T5599] Cannot create hsr debugfs directory [ 78.814558][ T5597] hsr_slave_0: entered promiscuous mode [ 78.815816][ T5597] hsr_slave_1: entered promiscuous mode [ 78.816614][ T5597] debugfs: 'hsr0' already exists in 'hsr' [ 78.816633][ T5597] Cannot create hsr debugfs directory [ 78.871723][ T5598] hsr_slave_0: entered promiscuous mode [ 78.872864][ T5598] hsr_slave_1: entered promiscuous mode [ 78.873672][ T5598] debugfs: 'hsr0' already exists in 'hsr' [ 78.873692][ T5598] Cannot create hsr debugfs directory [ 79.428955][ T5618] Bluetooth: hci1: command tx timeout [ 79.429037][ T5615] Bluetooth: hci4: command tx timeout [ 79.517799][ T5615] Bluetooth: hci0: command tx timeout [ 79.587932][ T5615] Bluetooth: hci3: command tx timeout [ 79.587961][ T5615] Bluetooth: hci2: command tx timeout [ 79.864918][ T5601] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.900927][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 79.917440][ T5601] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.956155][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 79.975772][ T5601] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.011606][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.025779][ T5601] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.052633][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.182176][ T5600] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.223330][ T5600] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.228440][ T5600] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.270106][ T5600] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.298509][ T5600] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.331818][ T5600] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.353659][ T5600] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.392617][ T5600] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.524561][ T5597] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.573706][ T5597] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.576645][ T5597] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.623259][ T5597] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.632039][ T5597] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.671002][ T5597] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.706278][ T5597] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.732537][ T5597] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.855604][ T5598] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.881739][ T5598] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.896012][ T5598] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.920315][ T5598] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.924935][ T5598] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.951009][ T5598] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.986954][ T5598] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.021605][ T5598] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.105385][ T5601] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.167033][ T5599] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 81.191543][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.203751][ T5599] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 81.244295][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.256217][ T5599] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 81.281615][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.287633][ T5599] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 81.323750][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.341810][ T5601] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.385472][ T1232] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.385810][ T1232] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.408793][ T5600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.451313][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.451407][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.507861][ T5618] Bluetooth: hci4: command tx timeout [ 81.507887][ T5618] Bluetooth: hci1: command tx timeout [ 81.529106][ T5600] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.563313][ T66] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.563431][ T66] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.569874][ T5597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.588978][ T5615] Bluetooth: hci0: command tx timeout [ 81.633667][ T819] cfg80211: failed to load regulatory.db [ 81.668106][ T5615] Bluetooth: hci2: command tx timeout [ 81.668135][ T5615] Bluetooth: hci3: command tx timeout [ 81.671060][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.672678][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.774885][ T5597] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.812794][ T5598] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.836477][ T4269] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.837080][ T4269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.912475][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.912654][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.990664][ T5598] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.056249][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.056448][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.116105][ T5599] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.155483][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.155683][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.291514][ T5599] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.423672][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.423880][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.517194][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.517285][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.139770][ T5601] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.493949][ T5600] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.576734][ T5601] veth0_vlan: entered promiscuous mode [ 83.587932][ T5618] Bluetooth: hci1: command tx timeout [ 83.587959][ T5618] Bluetooth: hci4: command tx timeout [ 83.661675][ T5601] veth1_vlan: entered promiscuous mode [ 83.667952][ T5615] Bluetooth: hci0: command tx timeout [ 83.706439][ T5597] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.749301][ T5615] Bluetooth: hci3: command tx timeout [ 83.749321][ T5618] Bluetooth: hci2: command tx timeout [ 83.816202][ T5600] veth0_vlan: entered promiscuous mode [ 83.884817][ T5601] veth0_macvtap: entered promiscuous mode [ 83.897611][ T5600] veth1_vlan: entered promiscuous mode [ 83.917261][ T5601] veth1_macvtap: entered promiscuous mode [ 83.964731][ T5599] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.017671][ T5597] veth0_vlan: entered promiscuous mode [ 84.031932][ T5598] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.054177][ T5601] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.077612][ T5597] veth1_vlan: entered promiscuous mode [ 84.085298][ T5601] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.130743][ T5600] veth0_macvtap: entered promiscuous mode [ 84.142462][ T55] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.180490][ T55] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.184493][ T55] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.207571][ T5600] veth1_macvtap: entered promiscuous mode [ 84.221531][ T55] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.406339][ T5600] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.574113][ T5600] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.574950][ T5597] veth0_macvtap: entered promiscuous mode [ 84.587441][ T5598] veth0_vlan: entered promiscuous mode [ 84.629258][ T5597] veth1_macvtap: entered promiscuous mode [ 84.661812][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.665756][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.692357][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.706036][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.720720][ T5598] veth1_vlan: entered promiscuous mode [ 84.734238][ T4269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.734261][ T4269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.845503][ T5597] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.845997][ T5599] veth0_vlan: entered promiscuous mode [ 84.961974][ T5597] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.098000][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.098018][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.125733][ T5599] veth1_vlan: entered promiscuous mode [ 85.137906][ T55] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.151553][ T55] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.210305][ T55] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.213664][ T55] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.226907][ T3334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.226922][ T3334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.318403][ T5598] veth0_macvtap: entered promiscuous mode [ 85.388796][ T5598] veth1_macvtap: entered promiscuous mode [ 85.604115][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.604133][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.903190][ T5598] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.916563][ T5599] veth0_macvtap: entered promiscuous mode [ 85.941845][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.941863][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.995895][ T5598] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.997076][ T5599] veth1_macvtap: entered promiscuous mode [ 86.083320][ T55] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.083949][ T55] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.084406][ T55] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.084439][ T55] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.312450][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.312469][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.315462][ T5804] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7'. [ 86.345572][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.494859][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.683775][ T55] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.732158][ T55] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.734421][ T55] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.813127][ T55] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.815510][ T5810] syzkaller1: entered promiscuous mode [ 86.815531][ T5810] syzkaller1: entered allmulticast mode [ 87.101733][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.101753][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.166900][ T5817] team0: entered promiscuous mode [ 87.166914][ T5817] team_slave_0: entered promiscuous mode [ 87.167005][ T5817] team_slave_1: entered promiscuous mode [ 87.168796][ T5817] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 87.355644][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.355661][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.773325][ T5819] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9'. [ 87.980158][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.980177][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.343871][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.343891][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.911998][ T5875] netlink: 64 bytes leftover after parsing attributes in process `syz.0.18'. [ 90.012374][ T5878] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.300802][ T5886] syzkaller0: entered promiscuous mode [ 90.300826][ T5886] syzkaller0: entered allmulticast mode [ 90.729290][ T5891] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 91.466856][ T5908] netlink: 'syz.1.30': attribute type 4 has an invalid length. [ 91.524434][ T5914] netlink: 'syz.1.30': attribute type 4 has an invalid length. [ 91.524678][ T5914] Zero length message leads to an empty skb [ 91.751934][ T5908] tipc: Started in network mode [ 91.751962][ T5908] tipc: Node identity ac14140f, cluster identity 4711 [ 91.752732][ T5908] tipc: New replicast peer: 255.255.255.255 [ 91.861674][ T5908] tipc: Enabled bearer , priority 10 [ 92.040258][ T5926] netlink: 28 bytes leftover after parsing attributes in process `syz.4.35'. [ 92.147280][ T5927] syzkaller0: entered promiscuous mode [ 92.147304][ T5927] syzkaller0: entered allmulticast mode [ 92.804500][ T43] tipc: Node number set to 2886997007 [ 93.109809][ T5952] syz.4.44 uses obsolete (PF_INET,SOCK_PACKET) [ 93.502684][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.695481][ T5955] bridge_slave_0 (unregistering): left allmulticast mode [ 93.695511][ T5955] bridge_slave_0 (unregistering): left promiscuous mode [ 93.695588][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.850978][ T5971] netlink: 'syz.2.51': attribute type 4 has an invalid length. [ 93.851490][ T5975] netlink: 'syz.2.51': attribute type 4 has an invalid length. [ 93.851916][ T5978] tipc: Started in network mode [ 93.851939][ T5978] tipc: Node identity ac14140f, cluster identity 4711 [ 93.852200][ T5978] tipc: New replicast peer: 255.255.255.255 [ 93.871372][ T5978] tipc: Enabled bearer , priority 10 [ 94.219439][ T5989] netlink: 36 bytes leftover after parsing attributes in process `syz.0.53'. [ 94.533764][ T5998] netlink: 16 bytes leftover after parsing attributes in process `syz.0.61'. [ 94.547675][ T5995] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 94.575112][ T6000] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.63'. [ 95.087392][ T6015] netlink: 12 bytes leftover after parsing attributes in process `syz.0.68'. [ 95.181178][ T6002] team0: entered promiscuous mode [ 95.181200][ T6002] team_slave_0: entered promiscuous mode [ 95.181360][ T6002] team_slave_1: entered promiscuous mode [ 95.185758][ T6002] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 95.186160][ T31] tipc: Node number set to 2886997007 [ 95.720119][ T6037] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.76'. [ 95.809052][ T6029] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.75'. [ 96.551833][ T6060] syz_tun: entered allmulticast mode [ 96.701109][ T6066] netlink: 60 bytes leftover after parsing attributes in process `syz.0.86'. [ 97.024324][ T6064] team0: entered promiscuous mode [ 97.024339][ T6064] team_slave_0: entered promiscuous mode [ 97.024425][ T6064] team_slave_1: entered promiscuous mode [ 97.026707][ T6064] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 97.172806][ T6077] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.89'. [ 97.215723][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 97.251920][ T6078] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.317836][ T6080] netlink: 'syz.1.90': attribute type 10 has an invalid length. [ 97.369311][ T6083] netlink: 'syz.1.90': attribute type 10 has an invalid length. [ 97.411279][ T6078] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.904913][ T6080] dummy0: entered promiscuous mode [ 97.907305][ T6080] team0: Failed to send options change via netlink (err -105) [ 97.907325][ T6080] team0: Port device dummy0 added [ 97.930816][ T6083] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 97.931465][ T6083] dummy0: left promiscuous mode [ 97.968545][ T6083] team0: Failed to send options change via netlink (err -105) [ 97.968704][ T6083] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 97.975474][ T6083] team0: Port device dummy0 removed [ 97.987027][ T6083] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 97.987378][ T6095] syz_tun: entered allmulticast mode [ 98.205463][ T6109] netlink: 68 bytes leftover after parsing attributes in process `syz.1.98'. [ 99.054093][ T6138] netlink: 24 bytes leftover after parsing attributes in process `syz.0.104'. [ 99.356995][ T6140] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.439117][ T6140] bridge_slave_0 (unregistering): left allmulticast mode [ 99.439147][ T6140] bridge_slave_0 (unregistering): left promiscuous mode [ 99.439242][ T6140] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.445128][ T6147] netlink: 68 bytes leftover after parsing attributes in process `syz.0.109'. [ 99.526122][ T6150] netlink: 20 bytes leftover after parsing attributes in process `syz.4.110'. [ 99.999192][ T6159] Driver unsupported XDP return value 0 on prog (id 9) dev N/A, expect packet loss! [ 100.316957][ T6172] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.117'. [ 100.568020][ T6178] netlink: 24 bytes leftover after parsing attributes in process `syz.0.118'. [ 101.121804][ T6186] syzkaller0: entered promiscuous mode [ 101.121828][ T6186] syzkaller0: entered allmulticast mode [ 103.220459][ T6247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.146'. [ 103.220585][ T6247] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.465065][ T6247] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.639870][ T6251] netlink: 'syz.2.148': attribute type 4 has an invalid length. [ 103.644671][ T6254] netlink: 'syz.2.148': attribute type 4 has an invalid length. [ 103.715794][ T6255] tipc: Enabling of bearer rejected, already enabled [ 105.466581][ T6324] netlink: 'syz.1.176': attribute type 1 has an invalid length. [ 105.583393][ T6326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.176'. [ 105.754503][ T6324] bond1: entered promiscuous mode [ 105.756269][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.178'. [ 105.765019][ T6324] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.770474][ T6326] bond1: entered allmulticast mode [ 105.842857][ T6324] netlink: 28 bytes leftover after parsing attributes in process `syz.1.176'. [ 106.158194][ T6351] syz_tun: entered allmulticast mode [ 106.621324][ T6370] netlink: 68 bytes leftover after parsing attributes in process `syz.2.194'. [ 107.246475][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.200'. [ 107.449085][ T6403] netlink: 68 bytes leftover after parsing attributes in process `syz.4.206'. [ 108.344645][ T6435] netlink: 24 bytes leftover after parsing attributes in process `syz.4.218'. [ 108.601372][ T6443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.220'. [ 108.704146][ T6446] netlink: 356 bytes leftover after parsing attributes in process `syz.4.221'. [ 109.065388][ T6458] netlink: 20 bytes leftover after parsing attributes in process `syz.1.226'. [ 109.292773][ T6458] netlink: 20 bytes leftover after parsing attributes in process `syz.1.226'. [ 109.391501][ T6469] netlink: 24 bytes leftover after parsing attributes in process `syz.4.232'. [ 109.441723][ T6471] netlink: 356 bytes leftover after parsing attributes in process `syz.2.233'. [ 110.339263][ T6504] netlink: 256 bytes leftover after parsing attributes in process `syz.3.244'. [ 110.964416][ T6527] netlink: 'syz.2.253': attribute type 4 has an invalid length. [ 110.965323][ T6527] netlink: 'syz.2.253': attribute type 4 has an invalid length. [ 110.975132][ T6527] tipc: Enabling of bearer rejected, already enabled [ 111.217039][ T6538] netlink: 256 bytes leftover after parsing attributes in process `syz.2.257'. [ 111.966577][ T6560] netlink: 'syz.3.265': attribute type 4 has an invalid length. [ 111.995384][ T6560] netlink: 'syz.3.265': attribute type 4 has an invalid length. [ 112.015457][ T6560] tipc: Started in network mode [ 112.015492][ T6560] tipc: Node identity ac14140f, cluster identity 4711 [ 112.015777][ T6560] tipc: New replicast peer: 255.255.255.255 [ 112.038418][ T6560] tipc: Enabled bearer , priority 10 [ 112.117065][ T6567] netlink: 256 bytes leftover after parsing attributes in process `syz.3.268'. [ 113.219955][ T5713] tipc: Node number set to 2886997007 [ 113.443480][ T819] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 113.688151][ T819] usb 5-1: Using ep0 maxpacket: 32 [ 113.756116][ T819] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 113.756145][ T819] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.854865][ T819] usb 5-1: config 0 descriptor?? [ 114.176241][ T819] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 114.560136][ T6620] tipc: Started in network mode [ 114.560156][ T6620] tipc: Node identity da76c643170e, cluster identity 4711 [ 114.582862][ T6620] tipc: Enabled bearer , priority 0 [ 114.584279][ T6620] syzkaller0: entered promiscuous mode [ 114.584301][ T6620] syzkaller0: entered allmulticast mode [ 114.613255][ T6628] __nla_validate_parse: 3 callbacks suppressed [ 114.613272][ T6628] netlink: 256 bytes leftover after parsing attributes in process `syz.3.290'. [ 114.613285][ T6628] netlink: 80 bytes leftover after parsing attributes in process `syz.3.290'. [ 114.772475][ T6620] tipc: Resetting bearer [ 114.831893][ T6617] tipc: Resetting bearer [ 115.009898][ T6617] tipc: Disabling bearer [ 115.633667][ T6652] netlink: 388 bytes leftover after parsing attributes in process `syz.1.298'. [ 115.856436][ T6660] netlink: 256 bytes leftover after parsing attributes in process `syz.1.301'. [ 115.856461][ T6660] netlink: 80 bytes leftover after parsing attributes in process `syz.1.301'. [ 115.991133][ T6664] netlink: 'syz.0.303': attribute type 4 has an invalid length. [ 115.994568][ T6664] netlink: 'syz.0.303': attribute type 4 has an invalid length. [ 116.013238][ T6664] tipc: New replicast peer: 255.255.255.255 [ 116.016037][ T6664] tipc: Enabled bearer , priority 10 [ 116.522877][ T6683] netlink: 388 bytes leftover after parsing attributes in process `syz.3.311'. [ 116.752770][ T6690] netlink: 256 bytes leftover after parsing attributes in process `syz.3.314'. [ 116.752790][ T6690] netlink: 72 bytes leftover after parsing attributes in process `syz.3.314'. [ 117.054160][ T819] gspca_vc032x: reg_r err -32 [ 117.054171][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054176][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054181][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054184][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054189][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054192][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054196][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054200][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054204][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054209][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054212][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054217][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054220][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054224][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054228][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054232][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054235][ T819] gspca_vc032x: I2c Bus Busy Wait 00 [ 117.054239][ T819] gspca_vc032x: Unknown sensor... [ 117.054303][ T819] vc032x 5-1:0.0: probe with driver vc032x failed with error -22 [ 117.242386][ T819] usb 5-1: USB disconnect, device number 2 [ 117.461366][ T5736] tipc: Node number set to 3447244355 [ 117.980320][ T6721] netlink: 256 bytes leftover after parsing attributes in process `syz.3.325'. [ 117.980352][ T6721] netlink: 72 bytes leftover after parsing attributes in process `syz.3.325'. [ 118.803483][ T6747] netlink: 'syz.2.339': attribute type 30 has an invalid length. [ 118.909061][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 118.942204][ T1410] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.942520][ T1410] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.942558][ T1410] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.942590][ T1410] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.942809][ T6747] netlink: 'syz.2.339': attribute type 30 has an invalid length. [ 119.077806][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 119.083856][ T9] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 119.083883][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.174515][ T9] usb 1-1: config 0 descriptor?? [ 119.275662][ T9] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 119.864886][ T6770] __nla_validate_parse: 5 callbacks suppressed [ 119.864904][ T6770] netlink: 16 bytes leftover after parsing attributes in process `syz.3.348'. [ 119.864925][ T6770] netlink: 40 bytes leftover after parsing attributes in process `syz.3.348'. [ 121.043831][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.1.360'. [ 121.103032][ T6813] netlink: 16 bytes leftover after parsing attributes in process `syz.1.360'. [ 121.369693][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.361'. [ 121.369727][ T6815] netlink: 'syz.1.361': attribute type 30 has an invalid length. [ 121.459673][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.361'. [ 121.459704][ T6815] netlink: 'syz.1.361': attribute type 30 has an invalid length. [ 121.653385][ T2743] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.711446][ T6823] vlan2: entered promiscuous mode [ 121.711468][ T6823] bridge0: entered promiscuous mode [ 122.111541][ T2743] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.135149][ T2743] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.135250][ T2743] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.275903][ T9] gspca_vc032x: reg_r err -32 [ 122.275920][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275929][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275936][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275944][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275951][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275958][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275965][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275972][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275980][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275988][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.275996][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276003][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276011][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276018][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276025][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276033][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276041][ T9] gspca_vc032x: I2c Bus Busy Wait 00 [ 122.276048][ T9] gspca_vc032x: Unknown sensor... [ 122.276122][ T9] vc032x 1-1:0.0: probe with driver vc032x failed with error -22 [ 122.452183][ T9] usb 1-1: USB disconnect, device number 2 [ 122.797878][ T819] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 122.958042][ T819] usb 3-1: Using ep0 maxpacket: 8 [ 122.966272][ T819] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 122.966317][ T819] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 122.966338][ T819] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.049940][ T819] usb 3-1: config 0 descriptor?? [ 123.331241][ T819] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 124.275401][ T6888] syz_tun: entered allmulticast mode [ 124.555711][ T6915] bridge_slave_1: left allmulticast mode [ 124.555740][ T6915] bridge_slave_1: left promiscuous mode [ 124.574817][ T6915] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.742229][ T6915] bond0: (slave bond_slave_0): Releasing backup interface [ 124.818838][ T6915] bond0: (slave bond_slave_1): Releasing backup interface [ 124.905365][ T6915] team0: Port device team_slave_0 removed [ 124.952435][ T6915] team0: Port device team_slave_1 removed [ 124.953444][ T6915] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.953468][ T6915] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.981054][ T6915] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 125.040106][ T6920] team0: Mode changed to "activebackup" [ 125.177598][ T6932] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.396'. [ 125.178605][ T6932] netlink: Unknown conntrack attr (0) [ 125.605504][ T9] usb 3-1: USB disconnect, device number 2 [ 126.772354][ T6973] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.407'. [ 126.772482][ T6973] netlink: Unknown conntrack attr (0) [ 127.132119][ T6977] syz_tun: entered allmulticast mode [ 127.145467][ T6988] netlink: 16 bytes leftover after parsing attributes in process `syz.3.413'. [ 128.405317][ T7021] netlink: 16 bytes leftover after parsing attributes in process `syz.4.425'. [ 129.044397][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.065103][ T7046] netlink: 24 bytes leftover after parsing attributes in process `syz.3.434'. [ 129.105000][ T7044] bridge_slave_0 (unregistering): left allmulticast mode [ 129.105040][ T7044] bridge_slave_0 (unregistering): left promiscuous mode [ 129.105120][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.941559][ T7102] syzkaller0: entered promiscuous mode [ 130.954165][ T7102] syzkaller0: entered allmulticast mode [ 130.958003][ T7123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.455'. [ 130.958020][ T7123] netlink: 24 bytes leftover after parsing attributes in process `syz.1.455'. [ 130.958248][ T7123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.455'. [ 130.958261][ T7123] netlink: 24 bytes leftover after parsing attributes in process `syz.1.455'. [ 131.792247][ T7155] netlink: 16 bytes leftover after parsing attributes in process `syz.1.468'. [ 132.802014][ T1332] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.802072][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.402192][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.469'. [ 142.402212][ T7157] netlink: 24 bytes leftover after parsing attributes in process `syz.1.469'. [ 142.402551][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.469'. [ 142.402566][ T7157] netlink: 24 bytes leftover after parsing attributes in process `syz.1.469'. [ 142.814699][ T7187] netlink: 8 bytes leftover after parsing attributes in process `syz.1.479'. [ 143.517099][ T7210] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 145.245905][ T7161] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 145.514164][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.494'. [ 145.538517][ T7222] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 146.027588][ T7240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.502'. [ 146.138756][ T7248] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.504'. [ 146.139004][ T7248] netlink: Unknown conntrack attr (0) [ 146.344936][ T7247] team0: entered promiscuous mode [ 146.345915][ T7247] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 146.494760][ T7268] netlink: 4 bytes leftover after parsing attributes in process `syz.0.509'. [ 146.950703][ T7283] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 147.080009][ T7272] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 147.080045][ T7272] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 147.080083][ T7272] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 147.248150][ T7296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.517'. [ 147.300456][ T7272] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 147.307387][ T7272] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 147.385900][ T7297] ieee802154 phy0 wpan0: encryption failed: -22 [ 147.538672][ T7303] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 148.027513][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.3.524'. [ 148.283197][ T7316] tipc: Enabled bearer , priority 0 [ 148.283980][ T7316] syzkaller0: entered promiscuous mode [ 148.284001][ T7316] syzkaller0: entered allmulticast mode [ 148.304778][ T7316] tipc: Resetting bearer [ 148.348037][ T7315] tipc: Resetting bearer [ 148.563268][ T7315] tipc: Disabling bearer [ 148.584487][ T7326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.530'. [ 148.617638][ T7328] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.532'. [ 148.629412][ T7328] netlink: Unknown conntrack attr (0) [ 148.817233][ T7334] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 149.449600][ T7358] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.543'. [ 149.449731][ T7358] netlink: Unknown conntrack attr (0) [ 149.972583][ T7342] syz.3.535 (7342) used greatest stack depth: 18520 bytes left [ 150.325261][ T7387] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.556'. [ 150.328073][ T7387] netlink: Unknown conntrack attr (0) [ 150.868265][ T5615] Bluetooth: hci0: command 0x0405 tx timeout [ 151.189187][ T7422] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.569'. [ 151.189310][ T7422] netlink: Unknown conntrack attr (0) [ 151.598666][ T7448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.575'. [ 152.145914][ T7463] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.582'. [ 152.146041][ T7463] netlink: Unknown conntrack attr (0) [ 152.167453][ T7468] tipc: Enabling of bearer rejected, already enabled [ 152.565860][ T5618] Bluetooth: hci0: link tx timeout [ 152.565996][ T5618] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 152.671135][ T7490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.592'. [ 153.078608][ T7504] tipc: Enabling of bearer rejected, already enabled [ 153.303518][ T7508] siw: device registration error -23 [ 153.566442][ T7511] smbdirect: ib_dev[syz1] removed [ 153.632535][ T5618] Bluetooth: hci0: link tx timeout [ 153.632553][ T5618] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 154.075582][ T7532] netlink: 4 bytes leftover after parsing attributes in process `syz.4.610'. [ 154.075704][ T7532] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.223045][ T7532] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.527690][ T7539] tipc: Enabling of bearer rejected, already enabled [ 154.534098][ T7547] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.617'. [ 154.534223][ T7547] netlink: Unknown conntrack attr (0) [ 154.631345][ T5618] Bluetooth: hci0: command 0x0405 tx timeout [ 154.978595][ T7561] tipc: Enabled bearer , priority 0 [ 154.979485][ T7561] syzkaller0: entered promiscuous mode [ 154.979506][ T7561] syzkaller0: entered allmulticast mode [ 155.040434][ T7560] tipc: Resetting bearer [ 155.160416][ T7560] tipc: Disabling bearer [ 155.318417][ T7566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.624'. [ 155.318438][ T7566] netlink: 24 bytes leftover after parsing attributes in process `syz.2.624'. [ 155.318654][ T7566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.624'. [ 155.318668][ T7566] netlink: 24 bytes leftover after parsing attributes in process `syz.2.624'. [ 156.073502][ T7595] team0: entered promiscuous mode [ 156.073523][ T7595] team_slave_0: entered promiscuous mode [ 156.073670][ T7595] team_slave_1: entered promiscuous mode [ 156.074685][ T7595] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 156.204211][ T7602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.640'. [ 156.204233][ T7602] netlink: 24 bytes leftover after parsing attributes in process `syz.0.640'. [ 156.204469][ T7602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.640'. [ 156.204484][ T7602] netlink: 24 bytes leftover after parsing attributes in process `syz.0.640'. [ 156.363060][ T7604] tipc: Enabled bearer , priority 0 [ 156.368519][ T7604] syzkaller0: entered promiscuous mode [ 156.368542][ T7604] syzkaller0: entered allmulticast mode [ 156.418123][ T7603] tipc: Resetting bearer [ 156.602457][ T7603] tipc: Disabling bearer [ 156.653965][ T5615] Bluetooth: hci0: unexpected event for opcode 0x1009 [ 156.794737][ T7625] netlink: 'syz.0.649': attribute type 1 has an invalid length. [ 157.524834][ T7635] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 158.607590][ T7666] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 160.079250][ T7702] tipc: Enabling of bearer rejected, already enabled [ 160.351656][ T7708] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 160.767971][ T7724] __nla_validate_parse: 1 callbacks suppressed [ 160.767988][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.684'. [ 161.862822][ T7751] tipc: Enabling of bearer rejected, already enabled [ 161.866190][ T7755] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 162.967576][ T7792] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 165.562536][ T7778] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 166.247639][ T7853] netlink: 'syz.3.731': attribute type 1 has an invalid length. [ 166.247658][ T7853] netlink: 224 bytes leftover after parsing attributes in process `syz.3.731'. [ 166.405803][ T7858] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 166.798138][ T7863] tipc: Enabling of bearer rejected, already enabled [ 167.253564][ T7892] netlink: 'syz.3.745': attribute type 1 has an invalid length. [ 167.253584][ T7892] netlink: 224 bytes leftover after parsing attributes in process `syz.3.745'. [ 167.344396][ T7895] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 168.246890][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.762'. [ 168.424876][ T2677] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.425133][ T2677] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.425169][ T2677] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.425200][ T2677] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.425250][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.762'. [ 169.375971][ T7978] netlink: 'syz.1.778': attribute type 10 has an invalid length. [ 169.436023][ T7984] netlink: 'syz.1.778': attribute type 10 has an invalid length. [ 169.460303][ T7978] bond0: (slave dummy0): Releasing backup interface [ 169.539728][ T7978] dummy0: entered promiscuous mode [ 169.544683][ T7978] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 169.544853][ T7978] team0: Failed to send options change via netlink (err -105) [ 169.544869][ T7978] team0: Port device dummy0 added [ 169.560509][ T7984] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 169.570346][ T7984] dummy0: left promiscuous mode [ 169.618176][ T7984] team0: Failed to send options change via netlink (err -105) [ 169.618418][ T7984] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 169.626560][ T7984] team0: Port device dummy0 removed [ 169.659087][ T7984] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 169.975089][ T8003] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.790'. [ 169.975179][ T8003] netlink: Unknown conntrack attr (0) [ 170.099764][ T8008] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 170.099786][ T8008] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 170.099805][ T8008] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 170.106664][ T8008] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 170.506562][ T7904] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 170.547926][ T7996] netlink: 'syz.1.787': attribute type 1 has an invalid length. [ 170.547946][ T7996] netlink: 224 bytes leftover after parsing attributes in process `syz.1.787'. [ 171.103859][ T8017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.795'. [ 171.103915][ T8030] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.801'. [ 171.104021][ T8030] netlink: Unknown conntrack attr (0) [ 171.141547][ T8017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.795'. [ 171.303472][ T8034] netlink: 100 bytes leftover after parsing attributes in process `syz.3.804'. [ 171.372734][ T8038] netlink: 24 bytes leftover after parsing attributes in process `syz.0.803'. [ 171.805332][ T8060] netlink: 24 bytes leftover after parsing attributes in process `syz.4.812'. [ 172.327465][ T8077] netlink: 24 bytes leftover after parsing attributes in process `syz.2.821'. [ 172.624151][ T8083] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 173.412375][ T8115] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 173.412402][ T8115] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 173.549837][ T8122] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'. [ 173.551011][ T8122] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'. [ 173.685378][ T8127] netlink: 'syz.4.842': attribute type 10 has an invalid length. [ 173.737191][ T8131] netlink: 'syz.4.842': attribute type 10 has an invalid length. [ 173.864857][ T8112] syzkaller0: entered promiscuous mode [ 173.864883][ T8112] syzkaller0: entered allmulticast mode [ 174.013638][ T8127] dummy0: entered promiscuous mode [ 174.019334][ T8127] team0: Failed to send options change via netlink (err -105) [ 174.019362][ T8127] team0: Port device dummy0 added [ 174.022023][ T8131] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 174.023482][ T8131] dummy0: left promiscuous mode [ 174.071202][ T8131] team0: Failed to send options change via netlink (err -105) [ 174.071526][ T8131] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 174.077266][ T8131] team0: Port device dummy0 removed [ 174.121708][ T8131] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 174.319384][ T8146] netlink: 'syz.4.850': attribute type 1 has an invalid length. [ 174.319402][ T8146] netlink: 224 bytes leftover after parsing attributes in process `syz.4.850'. [ 185.257166][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.854'. [ 185.257187][ T8158] netlink: 4 bytes leftover after parsing attributes in process `syz.4.854'. [ 185.257383][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.854'. [ 185.257398][ T8158] netlink: 4 bytes leftover after parsing attributes in process `syz.4.854'. [ 185.506661][ T8186] netlink: 'syz.4.862': attribute type 1 has an invalid length. [ 185.506679][ T8186] netlink: 224 bytes leftover after parsing attributes in process `syz.4.862'. [ 185.919854][ T8198] netlink: 276 bytes leftover after parsing attributes in process `syz.3.867'. [ 186.225499][ T8206] tipc: Enabling of bearer rejected, already enabled [ 186.497313][ T8219] netlink: 'syz.4.875': attribute type 1 has an invalid length. [ 186.497333][ T8219] netlink: 224 bytes leftover after parsing attributes in process `syz.4.875'. [ 186.916334][ T8231] netlink: 'syz.1.880': attribute type 10 has an invalid length. [ 186.968979][ T8236] netlink: 'syz.1.880': attribute type 10 has an invalid length. [ 186.986226][ T8231] bond0: (slave dummy0): Releasing backup interface [ 187.041372][ T8231] dummy0: entered promiscuous mode [ 187.042328][ T8231] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 187.042497][ T8231] team0: Failed to send options change via netlink (err -105) [ 187.042512][ T8231] team0: Port device dummy0 added [ 187.083353][ T8236] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 187.087068][ T8236] dummy0: left promiscuous mode [ 187.128570][ T8236] team0: Failed to send options change via netlink (err -105) [ 187.128801][ T8236] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 187.160245][ T8236] team0: Port device dummy0 removed [ 187.170639][ T8236] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 187.435983][ T8249] ip6gretap0: entered promiscuous mode [ 187.464881][ T8249] vlan2: entered promiscuous mode [ 187.601946][ T8258] netlink: 'syz.4.887': attribute type 1 has an invalid length. [ 187.623042][ T8257] netlink: 'syz.1.888': attribute type 1 has an invalid length. [ 187.623061][ T8257] netlink: 224 bytes leftover after parsing attributes in process `syz.1.888'. [ 187.623312][ T8260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.889'. [ 187.837690][ T8262] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 187.837807][ T8262] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 187.844707][ T8262] bond1: (slave vcan1): making interface the new active one [ 187.845457][ T8262] bond1: (slave vcan1): Enslaving as an active interface with an up link [ 187.907911][ T8265] 8021q: adding VLAN 0 to HW filter on device bond1 [ 187.998884][ T8269] syzkaller0: entered promiscuous mode [ 187.998909][ T8269] syzkaller0: entered allmulticast mode [ 188.100070][ T8279] netlink: 'syz.4.896': attribute type 10 has an invalid length. [ 188.138811][ T8279] bond0: (slave dummy0): Releasing backup interface [ 188.162621][ T8285] netlink: 'syz.4.896': attribute type 10 has an invalid length. [ 188.275659][ T8279] dummy0: entered promiscuous mode [ 188.276242][ T8279] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 188.276351][ T8279] team0: Failed to send options change via netlink (err -105) [ 188.276359][ T8279] team0: Port device dummy0 added [ 188.283827][ T8285] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 188.284349][ T8285] dummy0: left promiscuous mode [ 188.307812][ T8289] netlink: 16 bytes leftover after parsing attributes in process `syz.2.897'. [ 188.329496][ T8285] team0: Failed to send options change via netlink (err -105) [ 188.329722][ T8285] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 188.341505][ T8285] team0: Port device dummy0 removed [ 188.360554][ T8285] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 188.736762][ T8302] netlink: 'syz.3.901': attribute type 1 has an invalid length. [ 189.106492][ T8315] netlink: 'syz.4.906': attribute type 1 has an invalid length. [ 189.158561][ T8315] bond1: (slave vcan2): The slave device specified does not support setting the MAC address [ 189.287561][ T8315] bond1: (slave vcan2): Enslaving as a backup interface with an up link [ 190.459621][ T8364] __nla_validate_parse: 9 callbacks suppressed [ 190.459649][ T8364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'. [ 190.459662][ T8364] netlink: 24 bytes leftover after parsing attributes in process `syz.3.921'. [ 190.460794][ T8364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'. [ 190.460812][ T8364] netlink: 24 bytes leftover after parsing attributes in process `syz.3.921'. [ 190.461651][ T8366] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'. [ 190.461743][ T8366] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 190.638296][ T8366] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 191.156028][ T8388] validate_nla: 1 callbacks suppressed [ 191.156046][ T8388] netlink: 'syz.0.927': attribute type 1 has an invalid length. [ 191.304665][ T8398] netlink: 16 bytes leftover after parsing attributes in process `syz.3.930'. [ 191.391933][ T8391] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 191.394784][ T8391] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 191.408740][ T8391] bond1: (slave vcan1): making interface the new active one [ 191.411091][ T8391] bond1: (slave vcan1): Enslaving as an active interface with an up link [ 191.441923][ T8397] bond1: (slave vcan2): The slave device specified does not support setting the MAC address [ 191.449780][ T8397] bond1: (slave vcan2): Enslaving as a backup interface with an up link [ 192.291951][ T8424] netlink: 4 bytes leftover after parsing attributes in process `syz.3.937'. [ 192.479063][ T8434] netlink: 'syz.2.940': attribute type 4 has an invalid length. [ 192.482962][ T8434] tipc: Enabling of bearer rejected, already enabled [ 192.767927][ T8444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.945'. [ 193.153924][ T8458] ip6gretap0: entered promiscuous mode [ 193.154031][ T8458] vlan2: entered promiscuous mode [ 193.288060][ T8462] netlink: 'syz.1.951': attribute type 4 has an invalid length. [ 194.236571][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.177822][ T5713] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 195.327856][ T5713] usb 1-1: Using ep0 maxpacket: 8 [ 195.330319][ T5713] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 195.330357][ T5713] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 195.330369][ T5713] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.342356][ T5713] usb 1-1: config 0 descriptor?? [ 195.595433][ T5713] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 195.668079][ T5615] Bluetooth: hci0: command 0x0405 tx timeout [ 195.963654][ T8451] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 196.152801][ T8501] netlink: 'syz.3.965': attribute type 1 has an invalid length. [ 196.909400][ T8522] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 197.407572][ T8543] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 199.026266][ T9] usb 1-1: USB disconnect, device number 3 [ 199.264698][ T8556] netlink: 48 bytes leftover after parsing attributes in process `syz.0.983'. [ 199.811362][ T8561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.984'. [ 200.155906][ T8532] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 200.521648][ T5608] Bluetooth: hci2: unexpected event for opcode 0x1009 [ 200.594414][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.995'. [ 200.610985][ T8587] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.731684][ T8587] 8021q: adding VLAN 0 to HW filter on device bond1 [ 201.601205][ T5608] Bluetooth: hci4: command 0x0406 tx timeout [ 201.601336][ T5608] Bluetooth: hci3: command 0x0406 tx timeout [ 201.750744][ T5613] Bluetooth: hci1: command 0x0406 tx timeout [ 202.695340][ T8606] netlink: 'syz.4.1000': attribute type 4 has an invalid length. [ 202.729930][ T8606] tipc: Started in network mode [ 202.729959][ T8606] tipc: Node identity ac14140f, cluster identity 4711 [ 202.730265][ T8606] tipc: New replicast peer: 255.255.255.255 [ 202.730938][ T8606] tipc: Enabled bearer , priority 10 [ 202.929635][ T8609] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 203.044117][ T8614] netlink: 'syz.3.1002': attribute type 1 has an invalid length. [ 203.254729][ T8627] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1006'. [ 203.286471][ T8625] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 203.487037][ T8633] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1007'. [ 203.487060][ T8633] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1007'. [ 203.518158][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1009'. [ 203.622191][ T8635] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.813093][ T8648] netlink: 'syz.2.1014': attribute type 4 has an invalid length. [ 203.830941][ T8648] netlink: 'syz.2.1014': attribute type 4 has an invalid length. [ 203.855995][ T8648] tipc: Enabling of bearer rejected, already enabled [ 203.865570][ T9] tipc: Node number set to 2886997007 [ 204.054841][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1015'. [ 204.087044][ T59] Bluetooth: hci0: unexpected event for opcode 0x1009 [ 204.168655][ T8662] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 204.681527][ T8676] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1024'. [ 204.681550][ T8676] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1024'. [ 204.754834][ T59] Bluetooth: hci1: unexpected event for opcode 0x1009 [ 204.843794][ T8683] netlink: 'syz.1.1028': attribute type 4 has an invalid length. [ 204.851420][ T8683] netlink: 'syz.1.1028': attribute type 4 has an invalid length. [ 204.907493][ T8683] tipc: Enabling of bearer rejected, already enabled [ 204.914801][ T8686] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1029'. [ 204.984079][ T8686] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.371730][ T8692] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 205.569097][ T8701] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1035'. [ 205.569227][ T8701] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 205.599686][ T8706] netlink: 'syz.1.1037': attribute type 10 has an invalid length. [ 205.677363][ T8701] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.935013][ T8718] netlink: 'syz.3.1041': attribute type 4 has an invalid length. [ 205.936002][ T8718] netlink: 'syz.3.1041': attribute type 4 has an invalid length. [ 206.080658][ T59] Bluetooth: hci0: unexpected event for opcode 0x1009 [ 206.124792][ T8725] netlink: 'syz.3.1044': attribute type 1 has an invalid length. [ 206.268011][ T8728] bond2: (slave vcan2): The slave device specified does not support setting the MAC address [ 206.268044][ T8728] bond2: (slave vcan2): Setting fail_over_mac to active for active-backup mode [ 206.314877][ T8728] bond2: (slave vcan2): making interface the new active one [ 206.315716][ T8728] bond2: (slave vcan2): Enslaving as an active interface with an up link [ 206.497620][ T59] Bluetooth: hci4: unexpected event for opcode 0x1009 [ 206.885357][ T8754] bond2: (slave vcan2): The slave device specified does not support setting the MAC address [ 206.885381][ T8754] bond2: (slave vcan2): Setting fail_over_mac to active for active-backup mode [ 206.896008][ T8754] bond2: (slave vcan2): making interface the new active one [ 206.896757][ T8754] bond2: (slave vcan2): Enslaving as an active interface with an up link [ 206.935727][ T8752] 8021q: adding VLAN 0 to HW filter on device bond2 [ 207.561775][ T8774] bond1: (slave vcan3): The slave device specified does not support setting the MAC address [ 207.577191][ T8774] bond1: (slave vcan3): Enslaving as a backup interface with an up link [ 207.855082][ T8786] validate_nla: 7 callbacks suppressed [ 207.855101][ T8786] netlink: 'syz.3.1063': attribute type 10 has an invalid length. [ 207.965685][ T8786] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 208.052789][ T8792] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1067'. [ 208.158600][ T8788] bond1: entered allmulticast mode [ 208.159120][ T8788] 8021q: adding VLAN 0 to HW filter on device bond1 [ 208.255083][ T8790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1066'. [ 208.279963][ T8788] bond1: (slave ip6gretap1): making interface the new active one [ 208.279982][ T8788] ip6gretap1: entered allmulticast mode [ 208.285846][ T8788] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 209.221114][ T8824] vlan2: entered promiscuous mode [ 209.430563][ T8827] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1081'. [ 209.618106][ T8832] netlink: 'syz.2.1083': attribute type 1 has an invalid length. [ 209.839954][ T8841] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1087'. [ 209.888585][ T8837] bond1: left allmulticast mode [ 209.888607][ T8837] ip6gretap1: left allmulticast mode [ 210.201813][ T8846] bond2: (slave vcan3): The slave device specified does not support setting the MAC address [ 210.236092][ T8846] bond2: (slave vcan3): Enslaving as a backup interface with an up link [ 210.444439][ T8856] netlink: 'syz.1.1093': attribute type 1 has an invalid length. [ 210.765236][ T8858] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1095'. [ 210.935727][ T8871] bridge0: port 3(syz_tun) entered blocking state [ 210.936823][ T8871] bridge0: port 3(syz_tun) entered disabled state [ 210.953888][ T8873] netlink: 'syz.3.1101': attribute type 1 has an invalid length. [ 210.953907][ T8873] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1101'. [ 211.014921][ T8871] syz_tun: entered promiscuous mode [ 211.015726][ T8871] bridge0: port 3(syz_tun) entered blocking state [ 211.015862][ T8871] bridge0: port 3(syz_tun) entered forwarding state [ 211.144590][ T8880] netlink: 'syz.3.1103': attribute type 1 has an invalid length. [ 211.166840][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 211.187433][ T8880] bond2: (slave vcan4): The slave device specified does not support setting the MAC address [ 211.227689][ T8880] bond2: (slave vcan4): Enslaving as a backup interface with an up link [ 211.264554][ T8882] bond2: (slave vcan5): The slave device specified does not support setting the MAC address [ 211.296785][ T8882] bond2: (slave vcan5): Enslaving as a backup interface with an up link [ 211.480857][ T8889] ip6gretap0: entered promiscuous mode [ 211.481696][ T8889] vlan2: entered promiscuous mode [ 211.516229][ T8891] netlink: 'syz.3.1106': attribute type 1 has an invalid length. [ 211.709285][ T8896] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1109'. [ 211.827851][ T5603] Bluetooth: hci4: command 0x0406 tx timeout [ 211.914044][ T8900] misc userio: Begin command sent, but we're already running [ 211.966247][ T8904] netlink: 'syz.4.1113': attribute type 1 has an invalid length. [ 211.966266][ T8904] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1113'. [ 211.972802][ T8902] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 212.266852][ T8916] netlink: 'syz.0.1117': attribute type 1 has an invalid length. [ 212.283314][ T8915] netlink: 'syz.4.1118': attribute type 4 has an invalid length. [ 212.294415][ T8918] netlink: 'syz.2.1120': attribute type 1 has an invalid length. [ 212.326479][ T8916] bond1: (slave vcan4): The slave device specified does not support setting the MAC address [ 212.371650][ T8916] bond1: (slave vcan4): Enslaving as a backup interface with an up link [ 212.408568][ T8922] bond1: (slave vcan5): The slave device specified does not support setting the MAC address [ 212.437669][ T8922] bond1: (slave vcan5): Enslaving as a backup interface with an up link [ 212.438005][ T8915] tipc: Enabling of bearer rejected, already enabled [ 212.444785][ T8923] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1121'. [ 212.566563][ T8928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1124'. [ 212.716386][ T8929] ip6gretap0: entered promiscuous mode [ 212.725566][ T8929] vlan2: entered promiscuous mode [ 212.858408][ T8936] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 213.061262][ T8949] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 213.063599][ T8951] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1133'. [ 213.219298][ T8954] bond2: (slave vcan4): The slave device specified does not support setting the MAC address [ 213.233883][ T8954] bond2: (slave vcan4): Enslaving as a backup interface with an up link [ 213.281931][ T8954] bond2: (slave vcan5): The slave device specified does not support setting the MAC address [ 213.323320][ T8954] bond2: (slave vcan5): Enslaving as a backup interface with an up link [ 213.654262][ T8965] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 213.832753][ T8971] ip6gretap0: entered promiscuous mode [ 213.833275][ T8971] vlan2: entered promiscuous mode [ 213.910060][ T5603] Bluetooth: hci2: unexpected event for opcode 0x1009 [ 213.979574][ T8975] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1144'. [ 214.312567][ T8986] syzkaller0: entered promiscuous mode [ 214.312590][ T8986] syzkaller0: entered allmulticast mode [ 214.396120][ T8990] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1151'. [ 214.982163][ T36] audit: type=1326 audit(1777722518.602:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9005 comm="syz.1.1158" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f470f92cdd9 code=0x0 [ 215.117002][ T9009] vlan2: entered promiscuous mode [ 215.616677][ T9027] syzkaller0: entered promiscuous mode [ 215.616693][ T9027] syzkaller0: entered allmulticast mode [ 215.813262][ T5603] Bluetooth: hci4: unexpected event for opcode 0x1009 [ 216.203166][ T9048] validate_nla: 1 callbacks suppressed [ 216.203184][ T9048] netlink: 'syz.2.1171': attribute type 1 has an invalid length. [ 216.391181][ T9052] syzkaller0: entered promiscuous mode [ 216.391204][ T9052] syzkaller0: entered allmulticast mode [ 216.632929][ T9064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1179'. [ 216.801446][ T9058] vlan2: entered promiscuous mode [ 216.832565][ T9066] netlink: 'syz.3.1180': attribute type 10 has an invalid length. [ 217.083882][ T9074] netlink: 'syz.0.1184': attribute type 1 has an invalid length. [ 217.384902][ T9088] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 217.467280][ T5603] Bluetooth: hci2: unexpected event for opcode 0x1009 [ 217.702173][ T9101] netlink: 'syz.0.1193': attribute type 10 has an invalid length. [ 217.717621][ T9101] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 217.784061][ T9104] misc userio: No port type given on /dev/userio [ 217.803168][ T9104] misc userio: No port type given on /dev/userio [ 217.860480][ T9105] vlan2: entered promiscuous mode [ 217.899181][ T9109] netlink: 'syz.3.1197': attribute type 1 has an invalid length. [ 217.984562][ T9111] 8021q: adding VLAN 0 to HW filter on device bond2 [ 218.170900][ T9116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1199'. [ 218.711678][ T9131] syz.2.1205 (9131) used greatest stack depth: 18016 bytes left [ 219.049045][ T9150] vlan2: entered promiscuous mode [ 219.553412][ T5603] Bluetooth: hci2: unexpected event for opcode 0x1009 [ 220.132349][ T9185] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1228'. [ 220.533623][ T9197] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 220.757484][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1236'. [ 221.036344][ T9215] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1241'. [ 221.291196][ T5603] Bluetooth: hci4: unexpected event for opcode 0x1009 [ 221.323669][ T9227] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.1245'. [ 221.323740][ T9227] netlink: ct family unspecified [ 221.442827][ T5603] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 221.577115][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 222.205157][ T9252] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1254'. [ 222.818933][ T9276] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 223.059602][ T9282] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1267'. [ 223.119608][ T5603] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 223.230941][ T36] audit: type=1326 audit(1777722526.842:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9291 comm="syz.0.1272" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7701d6cdd9 code=0x0 [ 223.251038][ T5603] Bluetooth: hci4: unexpected event for opcode 0x1009 [ 223.426295][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 223.623182][ T9307] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 223.736405][ T9309] vlan2: entered promiscuous mode [ 224.246806][ T9318] netlink: 'syz.0.1282': attribute type 10 has an invalid length. [ 224.294237][ T5603] Bluetooth: hci4: SCO packet for unknown connection handle 200 [ 224.670014][ T9335] bridge0: port 1(syz_tun) entered blocking state [ 224.670101][ T9335] bridge0: port 1(syz_tun) entered disabled state [ 224.685991][ T9335] syz_tun: entered promiscuous mode [ 224.704002][ T9335] bridge0: port 1(syz_tun) entered blocking state [ 224.704106][ T9335] bridge0: port 1(syz_tun) entered forwarding state [ 224.746852][ T9333] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 224.847087][ T9341] netlink: 'syz.0.1292': attribute type 4 has an invalid length. [ 224.852478][ T9341] netlink: 'syz.0.1292': attribute type 4 has an invalid length. [ 224.886925][ T9343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1289'. [ 225.057474][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 225.236108][ T9352] netlink: 'syz.0.1295': attribute type 10 has an invalid length. [ 225.236650][ T9353] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1294'. [ 225.400044][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1298'. [ 225.757628][ T5603] Bluetooth: hci4: unexpected event for opcode 0x1009 [ 225.915868][ T9373] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 226.115160][ T9380] syzkaller0: entered promiscuous mode [ 226.155900][ T9384] netlink: 'syz.1.1309': attribute type 10 has an invalid length. [ 226.469628][ T9388] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1310'. [ 226.525972][ T9390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1312'. [ 226.891562][ T9407] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 226.936415][ T5603] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 226.969558][ T9405] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 227.019581][ T9414] netlink: 'syz.0.1321': attribute type 10 has an invalid length. [ 227.027858][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 227.240489][ T9424] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1324'. [ 227.325028][ T9422] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.421581][ T9422] bridge_slave_0 (unregistering): left allmulticast mode [ 227.421614][ T9422] bridge_slave_0 (unregistering): left promiscuous mode [ 227.423532][ T9422] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.542546][ T5603] Bluetooth: hci1: unexpected event for opcode 0x1009 [ 227.844196][ T9444] netlink: 'syz.2.1333': attribute type 10 has an invalid length. [ 227.954580][ T9444] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 228.083154][ T9450] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 228.856337][ T9471] siw: device registration error -23 [ 228.856805][ T9477] netlink: 'syz.2.1347': attribute type 10 has an invalid length. [ 228.893024][ T9475] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 228.918242][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 229.199196][ T9490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1352'. [ 230.048519][ T5727] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 230.277652][ T5727] usb 3-1: Using ep0 maxpacket: 8 [ 230.282133][ T5727] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 230.282177][ T5727] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 230.282199][ T5727] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.381280][ T5727] usb 3-1: config 0 descriptor?? [ 230.607624][ T5727] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 230.971818][ T9510] netlink: 'syz.1.1362': attribute type 10 has an invalid length. [ 231.492252][ T9500] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.736243][ T9516] siw: device registration error -23 [ 231.803553][ T9500] bridge_slave_0 (unregistering): left allmulticast mode [ 231.803584][ T9500] bridge_slave_0 (unregistering): left promiscuous mode [ 231.803669][ T9500] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.952996][ T9515] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 232.545199][ T5603] Bluetooth: hci3: unexpected event for opcode 0x1009 [ 232.839042][ T5727] usb 3-1: USB disconnect, device number 3 [ 233.519465][ T9544] netlink: 'syz.3.1376': attribute type 10 has an invalid length. [ 233.584674][ T9543] siw: device registration error -23 [ 233.634475][ T9540] vlan2: entered promiscuous mode [ 234.588004][ T9558] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 236.382973][ T9568] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.1386'. [ 236.383143][ T9568] netlink: ct family unspecified [ 238.124165][ T5603] Bluetooth: hci2: SCO packet for unknown connection handle 200 [ 243.813405][ T9588] netlink: 'syz.3.1392': attribute type 10 has an invalid length. [ 245.460799][ T9598] vlan2: entered promiscuous mode [ 255.113505][ T59] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 255.849007][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.086190][ T5615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 256.111169][ T5615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 256.251658][ T5615] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 256.308872][ T5615] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 256.310239][ T5615] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 256.311008][ T5615] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 257.017016][ T5608] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 258.306723][ T4913] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 258.371358][ T4913] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 258.452156][ T4913] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 258.478767][ T4913] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 258.483303][ T4913] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 258.575370][ T5608] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 258.577686][ T5608] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 258.615979][ T5608] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 258.637581][ T5608] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 258.704054][ T59] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 258.884838][ T4913] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 258.908208][ T4913] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 259.095034][ T4913] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 259.152079][ T4913] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 265.040424][ T4913] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 265.083841][ T4913] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 265.096973][ T4913] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 265.119813][ T4913] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 265.120701][ T4913] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 317.228332][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.186035][ T5608] Bluetooth: hci8: command tx timeout [ 322.195066][ T5615] Bluetooth: hci5: command tx timeout [ 322.921809][ T4913] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 323.016566][ T4913] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 323.025925][ T4913] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 323.037438][ T4913] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 323.048539][ T4913] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 323.497141][ T5613] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 323.548393][ T5613] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 323.549655][ T5613] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 323.574103][ T5613] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 323.574827][ T5613] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 324.334972][ T4913] Bluetooth: hci5: command tx timeout [ 324.335122][ T4913] Bluetooth: hci8: command tx timeout [ 324.335233][ T4913] Bluetooth: hci9: command tx timeout [ 324.335401][ T4913] Bluetooth: hci7: command tx timeout [ 324.335559][ T4913] Bluetooth: hci6: command tx timeout [ 325.216321][ T5613] Bluetooth: hci10: command tx timeout [ 326.135749][ T5618] Bluetooth: hci11: command tx timeout [ 326.467916][ T59] Bluetooth: hci6: command tx timeout [ 326.467948][ T59] Bluetooth: hci9: command tx timeout [ 326.467966][ T59] Bluetooth: hci5: command tx timeout [ 326.473729][ T5615] Bluetooth: hci7: command tx timeout [ 326.629275][ T5615] Bluetooth: hci8: command tx timeout [ 327.141746][ T5613] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 327.261045][ T5613] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 327.263364][ T5613] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 327.362654][ T5613] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 327.363485][ T5613] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 327.518601][ T5613] Bluetooth: hci10: command tx timeout [ 328.130408][ T4913] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 328.173376][ T4913] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 328.360779][ T4913] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 328.422997][ T4913] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 328.425867][ T4913] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 328.547957][ T5615] Bluetooth: hci5: command tx timeout [ 328.547986][ T5615] Bluetooth: hci9: command tx timeout [ 328.548003][ T5615] Bluetooth: hci6: command tx timeout [ 328.561729][ T4913] Bluetooth: hci7: command tx timeout [ 328.707835][ T5615] Bluetooth: hci8: command tx timeout [ 329.689480][ T4913] Bluetooth: hci10: command tx timeout [ 329.707799][ T5615] Bluetooth: hci12: command tx timeout [ 329.747971][ T5615] Bluetooth: hci11: command tx timeout [ 329.765778][ T5608] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 329.766892][ T5608] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 330.009150][ T5608] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 330.011178][ T5608] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 330.012061][ T5608] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 330.745055][ T5618] Bluetooth: hci7: command tx timeout [ 330.792326][ T5613] Bluetooth: hci9: command tx timeout [ 331.196300][ T5613] Bluetooth: hci6: command tx timeout [ 331.759695][ T5613] Bluetooth: hci12: command tx timeout [ 331.760940][ T5618] Bluetooth: hci10: command tx timeout [ 331.828054][ T5618] Bluetooth: hci11: command tx timeout [ 332.150594][ T5618] Bluetooth: hci13: command tx timeout [ 332.923390][ T5618] Bluetooth: hci14: command tx timeout [ 333.908306][ T5618] Bluetooth: hci11: command tx timeout [ 334.237882][ T5618] Bluetooth: hci13: command tx timeout [ 335.027962][ T5618] Bluetooth: hci12: command tx timeout [ 335.188793][ T5618] Bluetooth: hci14: command tx timeout [ 336.307898][ T5618] Bluetooth: hci13: command tx timeout [ 337.111489][ T5613] Bluetooth: hci12: command tx timeout [ 337.268684][ T5613] Bluetooth: hci14: command tx timeout [ 338.983463][ T5613] Bluetooth: hci13: command tx timeout [ 342.705890][ T5613] Bluetooth: hci14: command tx timeout [ 379.332021][ T5613] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 379.399288][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.426461][ T5613] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 379.437260][ T5613] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 379.476606][ T5613] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 379.485052][ T5613] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 381.431347][ T5603] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 381.473963][ T5603] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 381.475173][ T5603] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 381.565223][ T5603] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 381.581619][ T5603] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 383.875409][ T5603] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 383.875835][ T5603] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 383.876206][ T5603] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 383.877291][ T5603] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 383.913434][ T5603] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 384.087619][ T5608] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 384.133501][ T5608] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 384.137469][ T5608] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 384.212108][ T5615] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 384.292327][ T5615] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 384.293246][ T5615] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 384.317539][ T5615] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 384.342268][ T5615] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 384.411431][ T5618] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 384.416713][ T5618] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 387.476399][ T4913] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 387.521808][ T4913] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 387.525841][ T4913] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 387.554895][ T4913] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 387.555855][ T4913] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 418.827488][ T9553] bridge0: port 3(syz_tun) entered disabled state [ 465.273360][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 471.619967][ T9553] syz_tun (unregistering): left allmulticast mode [ 471.620078][ T9553] bridge0: port 3(syz_tun) entered disabled state [ 472.300211][ T9713] Bluetooth: hci11: command tx timeout [ 473.670600][ T9735] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 473.780636][ T9735] Bluetooth: hci12: command tx timeout [ 473.785708][ T9735] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 473.840003][ T9736] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 473.853133][ T9736] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 473.886050][ T9736] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 474.028866][ T9736] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 474.029015][ T9736] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 474.029872][ T9736] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 474.054760][ T9736] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 474.059838][ T9736] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 474.311020][ T9738] Bluetooth: hci10: command 0x0406 tx timeout [ 474.311052][ T9738] Bluetooth: hci13: command tx timeout [ 474.311070][ T9738] Bluetooth: hci14: command tx timeout [ 474.519747][ T9735] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 474.541415][ T9735] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 474.563618][ T9735] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 474.566286][ T9735] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 474.570200][ T9735] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 475.323537][ T9737] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 475.364956][ T9737] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 475.451467][ T9737] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 475.508716][ T9737] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 475.509582][ T9737] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 475.697173][ T9738] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 475.830397][ T9738] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 475.833594][ T9738] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 475.834876][ T9738] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 475.836505][ T9738] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 532.201245][ T37] INFO: task kworker/u8:8:1232 blocked for more than 173 seconds. [ 532.201276][ T37] Not tainted syzkaller #0 [ 532.201293][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.201302][ T37] task:kworker/u8:8 state:D stack:20312 pid:1232 tgid:1232 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 532.201371][ T37] Workqueue: events_unbound linkwatch_event [ 532.201416][ T37] Call Trace: [ 532.201422][ T37] [ 532.201435][ T37] __schedule+0x1681/0x54c0 [ 532.201488][ T37] ? __pfx___schedule+0x10/0x10 [ 532.201523][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.201544][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.201588][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.201619][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.201648][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.201685][ T37] ? linkwatch_event+0xe/0x60 [ 532.201724][ T37] ? linkwatch_event+0xe/0x60 [ 532.201747][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.201775][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.201799][ T37] linkwatch_event+0xe/0x60 [ 532.201823][ T37] process_scheduled_works+0xb5d/0x1860 [ 532.201875][ T37] ? __pfx_process_scheduled_works+0x10/0x10 [ 532.201903][ T37] ? assign_work+0x3d5/0x5e0 [ 532.201929][ T37] worker_thread+0xa53/0xfc0 [ 532.201977][ T37] kthread+0x388/0x470 [ 532.202004][ T37] ? __pfx_worker_thread+0x10/0x10 [ 532.202024][ T37] ? __pfx_kthread+0x10/0x10 [ 532.202050][ T37] ret_from_fork+0x514/0xb70 [ 532.202076][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 532.202098][ T37] ? __switch_to+0xc79/0x1410 [ 532.202131][ T37] ? __pfx_kthread+0x10/0x10 [ 532.202158][ T37] ret_from_fork_asm+0x1a/0x30 [ 532.202199][ T37] [ 532.202211][ T37] INFO: task kworker/u8:10:1410 blocked for more than 173 seconds. [ 532.202225][ T37] Not tainted syzkaller #0 [ 532.202234][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.202242][ T37] task:kworker/u8:10 state:D stack:20744 pid:1410 tgid:1410 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 532.202302][ T37] Workqueue: ipv6_addrconf addrconf_verify_work [ 532.202328][ T37] Call Trace: [ 532.202333][ T37] [ 532.202345][ T37] __schedule+0x1681/0x54c0 [ 532.202363][ T37] ? kvfree_rcu_bulk+0xe5/0x1b0 [ 532.202420][ T37] ? __pfx___schedule+0x10/0x10 [ 532.202453][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.202472][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.202518][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.202548][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.202577][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.202623][ T37] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 532.202649][ T37] ? addrconf_verify_work+0x19/0x30 [ 532.202672][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.202698][ T37] ? addrconf_verify_work+0x19/0x30 [ 532.202727][ T37] addrconf_verify_work+0x19/0x30 [ 532.202751][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.202770][ T37] process_scheduled_works+0xb5d/0x1860 [ 532.202822][ T37] ? __pfx_process_scheduled_works+0x10/0x10 [ 532.202849][ T37] ? assign_work+0x3d5/0x5e0 [ 532.202875][ T37] worker_thread+0xa53/0xfc0 [ 532.202923][ T37] kthread+0x388/0x470 [ 532.202949][ T37] ? __pfx_worker_thread+0x10/0x10 [ 532.202968][ T37] ? __pfx_kthread+0x10/0x10 [ 532.202996][ T37] ret_from_fork+0x514/0xb70 [ 532.203020][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 532.203042][ T37] ? __switch_to+0xc79/0x1410 [ 532.203088][ T37] ? __pfx_kthread+0x10/0x10 [ 532.203115][ T37] ret_from_fork_asm+0x1a/0x30 [ 532.203177][ T37] [ 532.203296][ T37] INFO: task kworker/1:6:5727 blocked for more than 173 seconds. [ 532.203310][ T37] Not tainted syzkaller #0 [ 532.203319][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.203327][ T37] task:kworker/1:6 state:D stack:22536 pid:5727 tgid:5727 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 532.203383][ T37] Workqueue: events netdev_rx_mode_work [ 532.203410][ T37] Call Trace: [ 532.203416][ T37] [ 532.203427][ T37] __schedule+0x1681/0x54c0 [ 532.203477][ T37] ? __pfx___schedule+0x10/0x10 [ 532.203512][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.203531][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.203576][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.203605][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.203633][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.203680][ T37] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 532.203706][ T37] ? netdev_rx_mode_work+0x1c/0x450 [ 532.203731][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.203757][ T37] ? netdev_rx_mode_work+0x1c/0x450 [ 532.203782][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.203805][ T37] netdev_rx_mode_work+0x1c/0x450 [ 532.203829][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.203849][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.203872][ T37] process_scheduled_works+0xb5d/0x1860 [ 532.203923][ T37] ? __pfx_process_scheduled_works+0x10/0x10 [ 532.203951][ T37] ? assign_work+0x3d5/0x5e0 [ 532.203976][ T37] worker_thread+0xa53/0xfc0 [ 532.204024][ T37] kthread+0x388/0x470 [ 532.204051][ T37] ? __pfx_worker_thread+0x10/0x10 [ 532.204070][ T37] ? __pfx_kthread+0x10/0x10 [ 532.204098][ T37] ret_from_fork+0x514/0xb70 [ 532.204122][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 532.204144][ T37] ? __switch_to+0xc79/0x1410 [ 532.204176][ T37] ? __pfx_kthread+0x10/0x10 [ 532.204203][ T37] ret_from_fork_asm+0x1a/0x30 [ 532.204244][ T37] [ 532.204260][ T37] INFO: task kworker/0:8:9511 blocked for more than 173 seconds. [ 532.204273][ T37] Not tainted syzkaller #0 [ 532.204288][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.204296][ T37] task:kworker/0:8 state:D stack:21720 pid:9511 tgid:9511 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 532.204350][ T37] Workqueue: events switchdev_deferred_process_work [ 532.204373][ T37] Call Trace: [ 532.204379][ T37] [ 532.204390][ T37] __schedule+0x1681/0x54c0 [ 532.204440][ T37] ? __pfx___schedule+0x10/0x10 [ 532.204474][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.204493][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.204537][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.204567][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.204595][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.204632][ T37] ? switchdev_deferred_process_work+0xe/0x20 [ 532.204667][ T37] ? switchdev_deferred_process_work+0xe/0x20 [ 532.204689][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.204717][ T37] ? process_scheduled_works+0xa70/0x1860 [ 532.204739][ T37] switchdev_deferred_process_work+0xe/0x20 [ 532.204761][ T37] process_scheduled_works+0xb5d/0x1860 [ 532.204813][ T37] ? __pfx_process_scheduled_works+0x10/0x10 [ 532.204840][ T37] ? assign_work+0x3d5/0x5e0 [ 532.204866][ T37] worker_thread+0xa53/0xfc0 [ 532.204913][ T37] kthread+0x388/0x470 [ 532.204940][ T37] ? __pfx_worker_thread+0x10/0x10 [ 532.204960][ T37] ? __pfx_kthread+0x10/0x10 [ 532.204987][ T37] ret_from_fork+0x514/0xb70 [ 532.205012][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 532.205033][ T37] ? __switch_to+0xc79/0x1410 [ 532.205065][ T37] ? __pfx_kthread+0x10/0x10 [ 532.205092][ T37] ret_from_fork_asm+0x1a/0x30 [ 532.205133][ T37] [ 532.205141][ T37] INFO: task syz.1.1380:9552 blocked for more than 173 seconds. [ 532.205154][ T37] Not tainted syzkaller #0 [ 532.205163][ T37] Blocked by coredump. [ 532.205169][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.205176][ T37] task:syz.1.1380 state:D stack:24824 pid:9552 tgid:9552 ppid:5600 task_flags:0x40044c flags:0x00080003 [ 532.205233][ T37] Call Trace: [ 532.205238][ T37] [ 532.205249][ T37] __schedule+0x1681/0x54c0 [ 532.205306][ T37] ? __pfx___schedule+0x10/0x10 [ 532.205340][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.205359][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.205404][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.205434][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.205462][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.205506][ T37] ? tun_chr_close+0x41/0x1c0 [ 532.205533][ T37] ? tun_chr_close+0x41/0x1c0 [ 532.205552][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.205581][ T37] ? __pfx_tun_chr_close+0x10/0x10 [ 532.205602][ T37] tun_chr_close+0x41/0x1c0 [ 532.205624][ T37] __fput+0x461/0xa70 [ 532.205665][ T37] task_work_run+0x1d9/0x270 [ 532.205696][ T37] ? __pfx_task_work_run+0x10/0x10 [ 532.205724][ T37] ? do_exit+0x70a/0x22c0 [ 532.205749][ T37] ? kmem_cache_free+0x187/0x6c0 [ 532.205770][ T37] ? put_net+0x191/0x260 [ 532.205789][ T37] ? do_exit+0x70a/0x22c0 [ 532.205818][ T37] do_exit+0x70f/0x22c0 [ 532.205847][ T37] ? _raw_spin_unlock_irqrestore+0x30/0x80 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 532.205872][ T37] ? __pfx_do_exit+0x10/0x10 [ 532.205896][ T37] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 532.205923][ T37] ? reacquire_held_locks+0x104/0x190 [ 532.205953][ T37] ? rt_spin_lock+0x1e0/0x400 [ 532.205991][ T37] do_group_exit+0x21b/0x2d0 [ 532.206019][ T37] ? rt_spin_unlock+0x160/0x200 [ 532.206049][ T37] get_signal+0x125c/0x1310 [ 532.206089][ T37] arch_do_signal_or_restart+0xbc/0x830 [ 532.206124][ T37] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 532.206171][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.206194][ T37] exit_to_user_mode_loop+0x86/0x480 [ 532.206218][ T37] ? rcu_is_watching+0x15/0xb0 [ 532.206248][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.206269][ T37] do_syscall_64+0x33e/0xf80 [ 532.206296][ T37] ? trace_irq_disable+0x3b/0x140 [ 532.206320][ T37] ? clear_bhb_loop+0x40/0x90 [ 532.206344][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.206369][ T37] RIP: 0033:0x7f470f92cdd9 [ 532.206387][ T37] RSP: 002b:00007ffe649c3738 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 532.206406][ T37] RAX: 0000000000000000 RBX: 00007f470fba7da0 RCX: 00007f470f92cdd9 [ 532.206419][ T37] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 532.206430][ T37] RBP: 00007f470fba7da0 R08: 0000000000000006 R09: 0000000000000000 [ 532.206442][ T37] R10: 00007f470fba7cb0 R11: 0000000000000246 R12: 00000000000395bc [ 532.206455][ T37] R13: 00007f470fba618c R14: 00000000000393cc R15: 00007f470fba6180 [ 532.206485][ T37] [ 532.206500][ T37] INFO: task syz-executor:9634 blocked for more than 173 seconds. [ 532.206514][ T37] Not tainted syzkaller #0 [ 532.206523][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.206530][ T37] task:syz-executor state:D stack:25752 pid:9634 tgid:9634 ppid:1 task_flags:0x400140 flags:0x00080002 [ 532.206587][ T37] Call Trace: [ 532.206593][ T37] [ 532.206604][ T37] __schedule+0x1681/0x54c0 [ 532.206622][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.206659][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.206703][ T37] ? __pfx___schedule+0x10/0x10 [ 532.206738][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.206757][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.206801][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.206832][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.206860][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.206898][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.206923][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.206949][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.206968][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.207000][ T37] rtnl_newlink+0x883/0x1bb0 [ 532.207032][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.207053][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207085][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207113][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207143][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207171][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.207203][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.207230][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.207271][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207309][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.207338][ T37] ? __kernel_text_address+0xd/0x30 [ 532.207366][ T37] ? unwind_get_return_address+0x4d/0x90 [ 532.207390][ T37] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 532.207413][ T37] ? arch_stack_walk+0xfb/0x150 [ 532.207445][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.207480][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.207500][ T37] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 532.207519][ T37] ? kasan_save_track+0x3e/0x80 [ 532.207538][ T37] ? kmem_cache_alloc_node_noprof+0x22a/0x6e0 [ 532.207561][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.207581][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.207603][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.207641][ T37] netlink_rcv_skb+0x232/0x4b0 [ 532.207666][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.207689][ T37] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 532.230958][ T1332] ieee802154 phy1 wpan1: encryption failed: -22 [ 532.420699][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.420733][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.420762][ T37] netlink_unicast+0x780/0x920 [ 532.420795][ T37] netlink_sendmsg+0x813/0xb40 [ 532.420828][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.420860][ T37] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 532.420880][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.420904][ T37] __sys_sendto+0x67f/0x710 [ 532.420933][ T37] ? __pfx___sys_sendto+0x10/0x10 [ 532.420981][ T37] ? fput_close_sync+0x11f/0x240 [ 532.421011][ T37] ? __pfx_fput_close_sync+0x10/0x10 [ 532.421049][ T37] __x64_sys_sendto+0xde/0x100 [ 532.421072][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.421094][ T37] do_syscall_64+0x15f/0xf80 [ 532.421116][ T37] ? trace_irq_disable+0x3b/0x140 [ 532.421139][ T37] ? clear_bhb_loop+0x40/0x90 [ 532.421163][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.421183][ T37] RIP: 0033:0x7f1e5333d60e [ 532.421201][ T37] RSP: 002b:00007ffd647ddd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 532.421221][ T37] RAX: ffffffffffffffda RBX: 0000555564167500 RCX: 00007f1e5333d60e [ 532.421246][ T37] RDX: 000000000000002c RSI: 00007f1e54124670 RDI: 0000000000000003 [ 532.421258][ T37] RBP: 0000000000000001 R08: 00007ffd647dde14 R09: 000000000000000c [ 532.421271][ T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 532.421282][ T37] R13: 0000000000000000 R14: 00007f1e54124670 R15: 0000000000000000 [ 532.421312][ T37] [ 532.421325][ T37] INFO: task syz-executor:9640 blocked for more than 173 seconds. [ 532.421340][ T37] Not tainted syzkaller #0 [ 532.421349][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.421357][ T37] task:syz-executor state:D stack:25752 pid:9640 tgid:9640 ppid:1 task_flags:0x400140 flags:0x00080002 [ 532.421416][ T37] Call Trace: [ 532.421423][ T37] [ 532.421434][ T37] __schedule+0x1681/0x54c0 [ 532.421454][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.421491][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.421536][ T37] ? __pfx___schedule+0x10/0x10 [ 532.421571][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.421591][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.421636][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.421667][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.421695][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.421734][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.421760][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.421786][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.421803][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.421836][ T37] rtnl_newlink+0x883/0x1bb0 [ 532.421869][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.421889][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.421922][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.421950][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.421985][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.422018][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.422045][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.524005][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.524051][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.524083][ T37] ? __kernel_text_address+0xd/0x30 [ 532.524111][ T37] ? unwind_get_return_address+0x4d/0x90 [ 532.524138][ T37] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 532.524161][ T37] ? arch_stack_walk+0xfb/0x150 [ 532.524194][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.524230][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.524250][ T37] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 532.524270][ T37] ? kasan_save_track+0x3e/0x80 [ 532.524289][ T37] ? kmem_cache_alloc_node_noprof+0x22a/0x6e0 [ 532.524314][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.524334][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.524356][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.524395][ T37] netlink_rcv_skb+0x232/0x4b0 [ 532.524420][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.524443][ T37] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 532.524478][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.524508][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.524537][ T37] netlink_unicast+0x780/0x920 [ 532.524567][ T37] netlink_sendmsg+0x813/0xb40 [ 532.524601][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.524632][ T37] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 532.524653][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.524677][ T37] __sys_sendto+0x67f/0x710 [ 532.524706][ T37] ? __pfx___sys_sendto+0x10/0x10 [ 532.524753][ T37] ? fput_close_sync+0x11f/0x240 [ 532.524784][ T37] ? __pfx_fput_close_sync+0x10/0x10 [ 532.524822][ T37] __x64_sys_sendto+0xde/0x100 [ 532.524846][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.524867][ T37] do_syscall_64+0x15f/0xf80 [ 532.524889][ T37] ? trace_irq_disable+0x3b/0x140 [ 532.524913][ T37] ? clear_bhb_loop+0x40/0x90 [ 532.524937][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.524957][ T37] RIP: 0033:0x7f8bacafd60e [ 532.524975][ T37] RSP: 002b:00007ffcec55d3a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 532.524996][ T37] RAX: ffffffffffffffda RBX: 0000555560f6e500 RCX: 00007f8bacafd60e [ 532.525010][ T37] RDX: 000000000000002c RSI: 00007f8bad8e4670 RDI: 0000000000000003 [ 532.525022][ T37] RBP: 0000000000000001 R08: 00007ffcec55d424 R09: 000000000000000c [ 532.525034][ T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 532.525046][ T37] R13: 0000000000000000 R14: 00007f8bad8e4670 R15: 0000000000000000 [ 532.525075][ T37] [ 532.525087][ T37] INFO: task syz-executor:9646 blocked for more than 173 seconds. [ 532.525103][ T37] Not tainted syzkaller #0 [ 532.525112][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.525120][ T37] task:syz-executor state:D stack:25752 pid:9646 tgid:9646 ppid:1 task_flags:0x400140 flags:0x00080002 [ 532.525181][ T37] Call Trace: [ 532.525188][ T37] [ 532.525199][ T37] __schedule+0x1681/0x54c0 [ 532.525218][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.525256][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.525301][ T37] ? __pfx___schedule+0x10/0x10 [ 532.525335][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.525355][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.525402][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.677750][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.677791][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.677831][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.677858][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.677884][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.677903][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.677936][ T37] rtnl_newlink+0x883/0x1bb0 [ 532.677955][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.677993][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.678013][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.678046][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.678074][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.678109][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.678141][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.678169][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.678212][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.678243][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.678273][ T37] ? __kernel_text_address+0xd/0x30 [ 532.678301][ T37] ? unwind_get_return_address+0x4d/0x90 [ 532.678325][ T37] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 532.678349][ T37] ? arch_stack_walk+0xfb/0x150 [ 532.678382][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.678417][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.678437][ T37] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 532.678456][ T37] ? kasan_save_track+0x3e/0x80 [ 532.678481][ T37] ? kmem_cache_alloc_node_noprof+0x22a/0x6e0 [ 532.678506][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.678526][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.678548][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.678587][ T37] netlink_rcv_skb+0x232/0x4b0 [ 532.678612][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.678634][ T37] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 532.678669][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.678692][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.678721][ T37] netlink_unicast+0x780/0x920 [ 532.678752][ T37] netlink_sendmsg+0x813/0xb40 [ 532.678785][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.678816][ T37] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 532.678837][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.678862][ T37] __sys_sendto+0x67f/0x710 [ 532.678890][ T37] ? __pfx___sys_sendto+0x10/0x10 [ 532.678937][ T37] ? fput_close_sync+0x11f/0x240 [ 532.678967][ T37] ? __pfx_fput_close_sync+0x10/0x10 [ 532.679006][ [ 532.679006][ T37] __x64_sys_sendto+0xde/0x100 [ 532.679029][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.679051][ T37] do_syscall_64+0x15f/0xf80 [ 532.679073][ T37] ? trace_irq_disable+0x3b/0x140 [ 532.679096][ T37] ? clear_bhb_loop+0x40/0x90 [ 532.679120][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.679140][ T37] RIP: 0033:0x7f03d23fd60e [ 532.679158][ T37] RSP: 002b:00007ffea407ba38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 532.867848][ T37] RAX: ffffffffffffffda RBX: 000055558a7bc500 RCX: 00007f03d23fd60e [ 532.867865][ T37] RDX: 000000000000002c RSI: 00007f03d31e4670 RDI: 0000000000000003 [ 532.867878][ T37] RBP: 0000000000000001 R08: 00007ffea407bab4 R09: 000000000000000c [ 532.867890][ T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 532.867901][ T37] R13: 0000000000000000 R14: 00007f03d31e4670 R15: 0000000000000000 [ 532.867932][ T37] [ 532.867945][ T37] INFO: task syz-executor:9650 blocked for more than 174 seconds. [ 532.867960][ T37] Not tainted syzkaller #0 [ 532.867969][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.867977][ T37] task:syz-executor state:D stack:25752 pid:9650 tgid:9650 ppid:1 task_flags:0x400140 flags:0x00080002 [ 532.868037][ T37] Call Trace: [ 532.868044][ T37] [ 532.868055][ T37] __schedule+0x1681/0x54c0 [ 532.868079][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.868119][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.868164][ T37] ? __pfx___schedule+0x10/0x10 [ 532.868197][ T37] rt_mutex_schedule+0x76/0xf0 [ 532.868218][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 532.868263][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 532.868293][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 532.868323][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 532.868361][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.868388][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.868414][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 532.868440][ T37] mutex_lock_nested+0x168/0x1d0 [ 532.868473][ T37] rtnl_newlink+0x883/0x1bb0 [ 532.868492][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.868529][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.868550][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.868582][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.868610][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.868644][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.868677][ T37] ? unwind_next_frame+0xa6/0x2550 [ 532.868704][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 532.868744][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.868777][ T37] ? kernel_text_address+0xa5/0xe0 [ 532.868807][ T37] ? __kernel_text_address+0xd/0x30 [ 532.868834][ T37] ? unwind_get_return_address+0x4d/0x90 [ 532.868859][ T37] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 532.868882][ T37] ? arch_stack_walk+0xfb/0x150 [ 532.868914][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.868949][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 532.868969][ T37] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 532.868988][ T37] ? kasan_save_track+0x3e/0x80 [ 532.869007][ T37] ? kmem_cache_alloc_node_noprof+0x22a/0x6e0 [ 532.869031][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 532.869051][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.869073][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 532.869111][ T37] netlink_rcv_skb+0x232/0x4b0 [ 532.869136][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 532.869158][ T37] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 532.869207][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.869230][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 532.869257][ T37] netlink_unicast+0x780/0x920 [ 533.022825][ T37] netlink_sendmsg+0x813/0xb40 [ 533.022869][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 533.022902][ T37] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 533.022924][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 533.022948][ T37] __sys_sendto+0x67f/0x710 [ 533.022977][ T37] ? __pfx___sys_sendto+0x10/0x10 [ 533.023024][ T37] ? fput_close_sync+0x11f/0x240 [ 533.023053][ T37] ? __pfx_fput_close_sync+0x10/0x10 [ 533.023092][ T37] __x64_sys_sendto+0xde/0x100 [ 533.023115][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.023137][ T37] do_syscall_64+0x15f/0xf80 [ 533.023159][ T37] ? trace_irq_disable+0x3b/0x140 [ 533.023181][ T37] ? clear_bhb_loop+0x40/0x90 [ 533.023206][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.023227][ T37] RIP: 0033:0x7ff3b2d7d60e [ 533.023244][ T37] RSP: 002b:00007fffc41d4b78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 533.023264][ T37] RAX: ffffffffffffffda RBX: 0000555567ec6500 RCX: 00007ff3b2d7d60e [ 533.023279][ T37] RDX: 000000000000002c RSI: 00007ff3b3b64670 RDI: 0000000000000003 [ 533.023291][ T37] RBP: 0000000000000001 R08: 00007fffc41d4bf4 R09: 000000000000000c [ 533.023302][ T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 533.023313][ T37] R13: 0000000000000000 R14: 00007ff3b3b64670 R15: 0000000000000000 [ 533.023342][ T37] [ 533.023355][ T37] INFO: task syz-executor:9652 blocked for more than 174 seconds. [ 533.023369][ T37] Not tainted syzkaller #0 [ 533.023378][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 533.023386][ T37] task:syz-executor state:D stack:25752 pid:9652 tgid:9652 ppid:1 task_flags:0x400140 flags:0x00080002 [ 533.023453][ T37] Call Trace: [ 533.023459][ T37] [ 533.023470][ T37] __schedule+0x1681/0x54c0 [ 533.023489][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 533.023526][ T37] ? kernel_text_address+0xa5/0xe0 [ 533.023571][ T37] ? __pfx___schedule+0x10/0x10 [ 533.023604][ T37] rt_mutex_schedule+0x76/0xf0 [ 533.023624][ T37] rt_mutex_slowlock_block+0x508/0x680 [ 533.023670][ T37] rt_mutex_slowlock+0x2dc/0x780 [ 533.023701][ T37] ? rt_mutex_slowlock+0x1fd/0x780 [ 533.023729][ T37] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 533.023768][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 533.023795][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 533.023820][ T37] ? rtnl_newlink+0x883/0x1bb0 [ 533.023838][ T37] mutex_lock_nested+0x168/0x1d0 [ 533.023870][ T37] rtnl_newlink+0x883/0x1bb0 [ 533.023904][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 533.023924][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.023958][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.023986][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.024016][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.024044][ T37] ? unwind_next_frame+0xa6/0x2550 [ 533.024076][ T37] ? unwind_next_frame+0xa6/0x2550 [ 533.024104][ T37] ? is_bpf_text_address+0x26/0x2b0 [ 533.024144][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.024176][ T37] ? kernel_text_address+0xa5/0xe0 [ 533.024206][ T37] ? __kernel_text_address+0xd/0x30 [ 533.024234][ T37] ? unwind_get_return_address+0x4d/0x90 [ 533.150798][ T37] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 533.150834][ T37] ? arch_stack_walk+0xfb/0x150 [ 533.150867][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 533.150905][ T37] ? __pfx_rtnl_newlink+0x10/0x10 [ 533.150926][ T37] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 533.150946][ T37] ? kasan_save_track+0x3e/0x80 [ 533.150965][ T37] ? kmem_cache_alloc_node_noprof+0x22a/0x6e0 [ 533.150990][ T37] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 533.151010][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 533.151032][ T37] ? __lock_acquire+0x6b5/0x2cf0 [ 533.151070][ T37] netlink_rcv_skb+0x232/0x4b0 [ 533.151095][ T37] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 533.151118][ T37] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 533.151153][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 533.151176][ T37] ? netlink_deliver_tap+0x2e/0x1b0 [ 533.151205][ T37] netlink_unicast+0x780/0x920 [ 533.151236][ T37] netlink_sendmsg+0x813/0xb40 [ 533.151269][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 533.151300][ T37] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 533.151321][ T37] ? __pfx_netlink_sendmsg+0x10/0x10 [ 533.151346][ T37] __sys_sendto+0x67f/0x710 [ 533.151374][ T37] ? __pfx___sys_sendto+0x10/0x10 [ 533.151427][ T37] ? fput_close_sync+0x11f/0x240 [ 533.151458][ T37] ? __pfx_fput_close_sync+0x10/0x10 [ 533.151497][ T37] __x64_sys_sendto+0xde/0x100 [ 533.151520][ T37] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.151542][ T37] do_syscall_64+0x15f/0xf80 [ 533.151564][ T37] ? trace_irq_disable+0x3b/0x140 [ 533.151587][ T37] ? clear_bhb_loop+0x40/0x90 [ 533.151611][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.151631][ T37] RIP: 0033:0x7f9a9c1fd60e [ 533.151650][ T37] RSP: 002b:00007ffcf1d6a098 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 533.151671][ T37] RAX: ffffffffffffffda RBX: 0000555570e6a500 RCX: 00007f9a9c1fd60e [ 533.151685][ T37] RDX: 000000000000002c RSI: 00007f9a9cfe4670 RDI: 0000000000000003 [ 533.151698][ T37] RBP: 0000000000000001 R08: 00007ffcf1d6a114 R09: 000000000000000c [ 533.151711][ T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 533.151722][ T37] R13: 0000000000000000 R14: 00007f9a9cfe4670 R15: 0000000000000000 [ 533.151751][ T37] [ 533.151760][ T37] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 533.151805][ T37] [ 533.151805][ T37] Showing all locks held in the system: [ 533.151814][ T37] 4 locks held by kworker/0:0/9: [ 533.151830][ T37] 2 locks held by kworker/0:1/10: [ 533.151841][ T37] 5 locks held by kworker/u8:1/13: [ 533.151852][ T37] 1 lock held by kworker/R-mm_pe/14: [ 533.151862][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xc4d/0x1130 [ 533.151913][ T37] 3 locks held by pr/legacy/17: [ 533.151925][ T37] 4 locks held by kworker/1:0/31: [ 533.151936][ T37] #0: ffff88803aa33138 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.151986][ T37] #1: ffffc90000a5fc40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.152045][ T37] #2: ffff8880615016b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0 [ 533.152095][ T37] #3: ffff888036953940 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0 [ 533.152143][ T37] 1 lock held by khungtaskd/37: [ 533.152152][ T37] #0: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 533.267805][ T37] 4 locks held by kworker/1:1/43: [ 533.267822][ T37] #0: ffff88803e56e138 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.267882][ T37] #1: ffffc90000b57c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.267944][ T37] #2: ffff888060e116b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0 [ 533.267993][ T37] #3: ffff8880625bee88 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0 [ 533.268042][ T37] 9 locks held by kworker/u8:3/55: [ 533.268054][ T37] 5 locks held by kworker/u9:0/59: [ 533.268064][ T37] #0: ffff888064408938 ((wq_completion)hci11){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.268110][ T37] #1: ffffc9000125fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.268155][ T37] #2: ffff888034958f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400 [ 533.268201][ T37] #3: ffff8880349580b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190 [ 533.268252][ T37] #4: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340 [ 533.268305][ T37] 7 locks held by kworker/u8:4/66: [ 533.268316][ T37] 7 locks held by kworker/u8:5/67: [ 533.268330][ T37] 4 locks held by kworker/u8:6/208: [ 533.268340][ T37] #0: ffff888034459138 ((wq_completion)wg-kex-wg2#9){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.268399][ T37] #1: ffffc90003c57c40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.268446][ T37] #2: ffff8880257c16b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x12f/0x830 [ 533.268494][ T37] #3: ffff8880625b8ea0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x140/0x830 [ 533.268547][ T37] 3 locks held by kworker/u8:8/1232: [ 533.268557][ T37] #0: ffff88801a074138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.268602][ T37] #1: ffffc9000637fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.268647][ T37] #2: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 533.268698][ T37] 13 locks held by kworker/u8:9/1368: [ 533.268709][ T37] 3 locks held by kworker/u8:10/1410: [ 533.268720][ T37] #0: ffff88803337f938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.268766][ T37] #1: ffffc9000698fc40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.268813][ T37] #2: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 533.268862][ T37] 3 locks held by kworker/0:2/1662: [ 533.268881][ T37] 4 locks held by kworker/u8:11/2677: [ 533.268894][ T37] 7 locks held by kworker/u8:12/2743: [ 533.268909][ T37] 3 locks held by kworker/u8:13/3334: [ 533.268921][ T37] 4 locks held by kworker/u8:15/4269: [ 533.268931][ T37] #0: ffff88803445d138 ((wq_completion)wg-kex-wg2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.268977][ T37] #1: ffffc90010d4fc40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.269023][ T37] #2: ffff88803bc316b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x12f/0x830 [ 533.269070][ T37] #3: ffff888036954e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x140/0x830 [ 533.269117][ T37] 5 locks held by kworker/u9:1/4913: [ 533.269128][ T37] #0: ffff88803e29a938 ((wq_completion)hci14){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.269172][ T37] #1: ffffc90010d7fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.269218][ T37] #2: ffff888025324f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400 [ 533.443799][ T37] #3: ffff8880253240b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190 [ 533.443855][ T37] #4: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340 [ 533.443909][ T37] 2 locks held by klogd/4952: [ 533.443921][ T37] 2 locks held by dhcpcd/5258: [ 533.443933][ T37] 2 locks held by getty/5352: [ 533.443943][ T37] #0: ffff8880338a00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 533.443991][ T37] #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0 [ 533.444044][ T37] 4 locks held by syz-executor/5585: [ 533.444055][ T37] 4 locks held by kworker/u9:2/5603: [ 533.444065][ T37] #0: ffff8880643a6938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.444116][ T37] #1: ffffc90005027c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.444162][ T37] #2: ffff88803c7ac0b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa5/0x16b0 [ 533.444214][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 533.444264][ T37] 5 locks held by kworker/0:3/5604: [ 533.444276][ T37] 4 locks held by kworker/u9:3/5608: [ 533.444286][ T37] #0: ffff888039644138 ((wq_completion)hci16#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.444337][ T37] #1: ffffc90005077c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.444382][ T37] #2: ffff88803b9c40b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa5/0x16b0 [ 533.444440][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 533.444490][ T37] 4 locks held by kworker/u9:5/5613: [ 533.444501][ T37] #0: ffff88802b9d7138 ((wq_completion)hci3#3){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.444550][ T37] #1: ffffc900050b7c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.444596][ T37] #2: ffff88801af640b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa5/0x16b0 [ 533.444647][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 533.444696][ T37] 4 locks held by kworker/u9:6/5615: [ 533.444707][ T37] #0: ffff88806537c938 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.444756][ T37] #1: ffffc900050d7c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.444802][ T37] #2: ffff88803b9c00b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa5/0x16b0 [ 533.444853][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 533.444901][ T37] 5 locks held by kworker/u9:7/5616: [ 533.444912][ T37] #0: ffff88802a84f138 ((wq_completion)hci12){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.444958][ T37] #1: ffffc900050e7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.445004][ T37] #2: ffff88804d090f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400 [ 533.445049][ T37] #3: ffff88804d0900b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190 [ 533.445098][ T37] #4: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340 [ 533.445150][ T37] 4 locks held by kworker/u9:9/5618: [ 533.445161][ T37] #0: ffff88806306d138 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.624228][ T37] #1: ffffc90005107c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.624278][ T37] #2: ffff888035fb40b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa5/0x16b0 [ 533.624331][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140 [ 533.624384][ T37] 1 lock held by kworker/R-wg-cr/5680: [ 533.624395][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624444][ T37] 1 lock held by kworker/R-wg-cr/5683: [ 533.624454][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624509][ T37] 1 lock held by kworker/R-wg-cr/5684: [ 533.624520][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624567][ T37] 1 lock held by kworker/R-wg-cr/5685: [ 533.624578][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624624][ T37] 1 lock held by kworker/R-wg-cr/5687: [ 533.624635][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xc4d/0x1130 [ 533.624683][ T37] 1 lock held by kworker/R-wg-cr/5688: [ 533.624695][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624741][ T37] 1 lock held by kworker/R-wg-cr/5689: [ 533.624753][ T37] 2 locks held by kworker/R-wg-cr/5691: [ 533.624764][ T37] 1 lock held by kworker/R-wg-cr/5692: [ 533.624774][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xc4d/0x1130 [ 533.624824][ T37] 1 lock held by kworker/R-wg-cr/5693: [ 533.624834][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624882][ T37] 1 lock held by kworker/R-wg-cr/5694: [ 533.624892][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0 [ 533.624940][ T37] 5 locks held by napi/wg0-0/5698: [ 533.624954][ T37] 2 locks held by kworker/1:4/5712: [ 533.624965][ T37] 11 locks held by kworker/1:5/5713: [ 533.624976][ T37] #0: ffff8880341add38 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.625026][ T37] #1: ffffc90005b87c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.625087][ T37] #2: ffff888036950ea0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0 [ 533.625135][ T37] #3: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.625180][ T37] #4: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x271/0xc60 [ 533.625222][ T37] #5: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: ip6_input+0x23/0x270 [ 533.625275][ T37] #6: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: NF_HOOK+0x9e/0x3c0 [ 533.625326][ T37] #7: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: ip6_output+0x126/0x550 [ 533.625372][ T37] #8: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.625417][ T37] #9: ffffffff8dfc81a0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2b3/0x3900 [ 533.625475][ T37] #10: ffff8880b893d6d0 (&list->lock#5){+.+.}-{3:3}, at: enqueue_to_backlog+0x16f/0xcb0 [ 533.625534][ T37] 3 locks held by kworker/1:6/5727: [ 533.625545][ T37] #0: ffff88801a037938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.720904][ T37] #1: ffffc90005cc7c40 (rx_mode_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.720965][ T37] #2: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: netdev_rx_mode_work+0x1c/0x450 [ 533.721020][ T37] 4 locks held by kworker/0:4/5734: [ 533.721032][ T37] 4 locks held by kworker/0:5/5735: [ 533.721044][ T37] 4 locks held by kworker/0:6/5736: [ 533.721054][ T37] 3 locks held by kworker/0:7/5739: [ 533.721066][ T37] 12 locks held by kworker/u8:16/5854: [ 533.721077][ T37] #0: ffff88803a86b138 ((wq_completion)wg-kex-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.721128][ T37] #1: ffffc900061efc40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.721177][ T37] #2: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721223][ T37] #3: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721268][ T37] #4: ffff888036954238 (&peer->endpoint_lock){++..}-{3:3}, at: wg_socket_send_skb_to_peer+0x6e/0x200 [ 533.721321][ T37] #5: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: rt_read_lock+0x277/0x4b0 [ 533.721374][ T37] #6: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721419][ T37] #7: ffffffff8dfc81a0 (rcu_read_lock_bh){....}-{1:3}, at: send6+0x255/0x910 [ 533.721474][ T37] #8: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: ip6_output+0x126/0x550 [ 533.721522][ T37] #9: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721566][ T37] #10: ffffffff8dfc81a0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2b3/0x3900 [ 533.721617][ T37] #11: ffff8880b893d6d0 (&list->lock#5){+.+.}-{3:3}, at: enqueue_to_backlog+0x16f/0xcb0 [ 533.721674][ T37] 12 locks held by kworker/u8:17/5857: [ 533.721686][ T37] #0: ffff888061519938 ((wq_completion)wg-kex-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.721735][ T37] #1: ffffc9000620fc40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.721783][ T37] #2: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721826][ T37] #3: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.721872][ T37] #4: ffff888036950248 (&peer->endpoint_lock){++..}-{3:3}, at: wg_socket_send_skb_to_peer+0x6e/0x200 [ 533.721923][ T37] #5: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: rt_read_lock+0x277/0x4b0 [ 533.721974][ T37] #6: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.722019][ T37] #7: ffffffff8dfc81a0 (rcu_read_lock_bh){....}-{1:3}, at: send6+0x255/0x910 [ 533.722067][ T37] #8: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: ip6_output+0x126/0x550 [ 533.722113][ T37] #9: ffffffff8de5f340 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 533.722157][ T37] #10: ffffffff8dfc81a0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2b3/0x3900 [ 533.722207][ T37] #11: ffff8880b893d6d0 (&list->lock#5){+.+.}-{3:3}, at: enqueue_to_backlog+0x16f/0xcb0 [ 533.722266][ T37] 1 lock held by kworker/R-bond1/8767: [ 533.722277][ T37] #0: ffffffff8de67ed8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xc4d/0x1130 [ 533.897744][ T37] 3 locks held by kworker/0:8/9511: [ 533.897760][ T37] #0: ffff88801a037938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.897817][ T37] #1: ffffc90007c3fc40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.897864][ T37] #2: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 533.897913][ T37] 4 locks held by kworker/0:9/9512: [ 533.897925][ T37] 1 lock held by syz.1.1380/9552: [ 533.897935][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 533.897982][ T37] 1 lock held by syz.2.1381/9553: [ 533.897992][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 533.898037][ T37] 1 lock held by syz.0.1384/9565: [ 533.898047][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 533.898093][ T37] 1 lock held by syz.4.1390/9578: [ 533.898103][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 533.898148][ T37] 4 locks held by syz.3.1396/9598: [ 533.898159][ T37] #0: ffff888044d48f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 533.898206][ T37] #1: ffff888044d480b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 533.898259][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 533.898314][ T37] #3: ffff88805f25bb70 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x92/0x570 [ 533.898372][ T37] 3 locks held by syz-executor/9602: [ 533.898382][ T37] #0: ffff888025cacf80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 533.898430][ T37] #1: ffff888025cac0b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 533.898487][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 533.898541][ T37] 3 locks held by syz-executor/9605: [ 533.898552][ T37] #0: ffff88803d0b8f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 533.898598][ T37] #1: ffff88803d0b80b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 533.898649][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 533.898704][ T37] 3 locks held by syz-executor/9606: [ 533.898715][ T37] #0: ffff888072880f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 533.898762][ T37] #1: ffff8880728800b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 533.898812][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 533.898866][ T37] 3 locks held by syz-executor/9613: [ 533.898877][ T37] #0: ffff888033a20f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 533.898924][ T37] #1: ffff888033a200b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 533.898974][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 533.899028][ T37] 4 locks held by kworker/1:7/9622: [ 533.899039][ T37] #0: ffff88803aa30538 ((wq_completion)wg-kex-wg2#10){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 533.899090][ T37] #1: ffffc9000665fc40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 533.899150][ T37] #2: ffff8880257c16b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0 [ 534.057912][ T37] #3: ffff8880625b8ea0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0 [ 534.057964][ T37] 3 locks held by syz-executor/9623: [ 534.057975][ T37] #0: ffff88803570cf80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0 [ 534.058025][ T37] #1: ffff88803570c0b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 534.058077][ T37] #2: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 534.058132][ T37] 1 lock held by syz-executor/9634: [ 534.058143][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 534.058190][ T37] 1 lock held by syz-executor/9640: [ 534.058200][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 534.058245][ T37] 9 locks held by kworker/0:10/9644: [ 534.058257][ T37] 1 lock held by syz-executor/9646: [ 534.058267][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 534.058311][ T37] 1 lock held by syz-executor/9650: [ 534.058322][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 534.058366][ T37] 1 lock held by syz-executor/9652: [ 534.058377][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 534.058422][ T37] 4 locks held by kworker/1:9/9673: [ 534.058439][ T37] #0: ffff88803e56c938 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.058491][ T37] #1: ffffc900066ffc40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.058553][ T37] #2: ffff88803bc316b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0 [ 534.058601][ T37] #3: ffff888036954e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0 [ 534.058649][ T37] 1 lock held by syz-executor/9679: [ 534.058661][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.058707][ T37] 1 lock held by syz-executor/9684: [ 534.058719][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.058764][ T37] 1 lock held by syz-executor/9691: [ 534.058775][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.058820][ T37] 1 lock held by syz-executor/9692: [ 534.058830][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.058876][ T37] 1 lock held by syz-executor/9703: [ 534.058887][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.058933][ T37] 4 locks held by kworker/1:10/9707: [ 534.058943][ T37] #0: ffff88803aa33938 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.058993][ T37] #1: ffffc900050a7c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.059055][ T37] #2: ffff888060e1d6b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0 [ 534.059103][ T37] #3: ffff888062d863e0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0 [ 534.059151][ T37] 4 locks held by kworker/u8:0/9708: [ 534.059162][ T37] #0: ffff88802dd8c138 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.059213][ T37] #1: ffffc90003097c40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.059276][ T37] #2: ffff888060e116b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x12f/0x830 [ 534.448907][ T37] #3: ffff8880625bee88 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x140/0x830 [ 534.448960][ T37] 5 locks held by kworker/u9:4/9711: [ 534.448971][ T37] #0: ffff888063812138 ((wq_completion)hci13){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.449020][ T37] #1: ffffc900031c7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.449075][ T37] #2: ffff888079410f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400 [ 534.449122][ T37] #3: ffff8880794100b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190 [ 534.449172][ T37] #4: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340 [ 534.449223][ T37] 5 locks held by kworker/u9:8/9712: [ 534.449233][ T37] #0: ffff8880339ed138 ((wq_completion)hci10){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.449277][ T37] #1: ffffc90002fffc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.449324][ T37] #2: ffff88808c6d0f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400 [ 534.449368][ T37] #3: ffff88808c6d00b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190 [ 534.449420][ T37] #4: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340 [ 534.449471][ T37] 4 locks held by kworker/u9:10/9713: [ 534.449481][ T37] #0: ffff8880348cb138 ((wq_completion)hci2#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.449531][ T37] #1: ffffc90003037c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.449577][ T37] #2: ffff888086c8c0b0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950 [ 534.449623][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950 [ 534.449670][ T37] 4 locks held by kworker/u9:11/9716: [ 534.449681][ T37] #0: ffff8880348c8938 ((wq_completion)hci1#3){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.449729][ T37] #1: ffffc900015afc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.449775][ T37] #2: ffff8880870100b0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950 [ 534.449821][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950 [ 534.449868][ T37] 1 lock held by dhcpcd/9718: [ 534.449878][ T37] #0: ffff88804193e7f8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.449936][ T37] 1 lock held by dhcpcd/9721: [ 534.449946][ T37] #0: ffff888062adeeb8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.450000][ T37] 1 lock held by dhcpcd/9722: [ 534.450011][ T37] #0: ffff888062adb8b8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.450075][ T37] 1 lock held by dhcpcd/9723: [ 534.450086][ T37] #0: ffff888062adc638 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.450143][ T37] 1 lock held by dhcpcd/9725: [ 534.450153][ T37] #0: ffff888062ade138 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.450209][ T37] 1 lock held by dhcpcd/9726: [ 534.450219][ T37] #0: ffff888034db0978 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 534.450273][ T37] 1 lock held by syz-executor/9727: [ 534.450284][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.450331][ T37] 1 lock held by syz-executor/9728: [ 534.450342][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.610707][ T37] 1 lock held by syz-executor/9730: [ 534.610723][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.610780][ T37] 4 locks held by kworker/u9:12/9734: [ 534.610791][ T37] #0: ffff8880672c9138 ((wq_completion)hci18#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.610843][ T37] #1: ffffc90003eb7c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.610888][ T37] #2: ffff888086e500b0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950 [ 534.610937][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950 [ 534.610984][ T37] 4 locks held by kworker/u9:13/9735: [ 534.611003][ T37] #0: ffff888064380138 ((wq_completion)hci20#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.611052][ T37] #1: ffffc90003ec7c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.611097][ T37] #2: ffff88807bf640b0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950 [ 534.611143][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950 [ 534.611191][ T37] 4 locks held by kworker/u9:15/9737: [ 534.611202][ T37] #0: ffff8880371ce138 ((wq_completion)hci19#2){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.611255][ T37] #1: ffffc90003f17c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.611302][ T37] #2: ffff888081c000b0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950 [ 534.611348][ T37] #3: ffffffff8f4d6e38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950 [ 534.611395][ T37] 1 lock held by syz-executor/9744: [ 534.611405][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.611451][ T37] 1 lock held by syz-executor/9749: [ 534.611461][ T37] #0: ffffffff8f356b38 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 534.611506][ T37] 4 locks held by kworker/0:11/9753: [ 534.611516][ T37] #0: ffff8880341add38 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 [ 534.611566][ T37] #1: ffffc90003e77c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ((typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))))((unsigned long)((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))) + (((__per_cpu_offset[(cpu)]))))); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 [ 534.611625][ T37] #2: ffff8880417c16b8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x22d/0xbc0 [ 534.611673][ T37] #3: ffff888036950ea0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x83c/0xbc0 [ 534.611721][ T37] 1 lock held by kworker/0:12/9756: [ 534.611734][ T37] [ 534.611738][ T37] ============================================= [ 534.611738][ T37] [ 534.611766][ T37] NMI backtrace for cpu 1 [ 534.611792][ T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 534.611813][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 534.611825][ T37] Call Trace: [ 534.611833][ T37] [ 534.611841][ T37] dump_stack_lvl+0xe8/0x150 [ 534.611865][ T37] nmi_cpu_backtrace+0x274/0x2d0 [ 534.611894][ T37] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 534.611918][ T37] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 534.611948][ T37] sys_info+0x135/0x170 [ 534.611972][ T37] watchdog+0xfd3/0x1030 [ 534.612006][ T37] ? watchdog+0x1c9/0x1030 [ 534.612032][ T37] kthread+0x388/0x470 [ 534.612058][ T37] ? __pfx_watchdog+0x10/0x10 [ 534.612078][ T37] ? __pfx_kthread+0x10/0x10 [ 534.612104][ T37] ret_from_fork+0x514/0xb70 [ 534.612129][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 534.612156][ T37] ? __switch_to+0xc79/0x1410 [ 534.612187][ T37] ? __pfx_kthread+0x10/0x10 [ 534.612213][ T37] ret_from_fork_asm+0x1a/0x30 [ 534.612251][ T37] [ 534.612273][ T37] Sending NMI from CPU 1 to CPUs 0: [ 534.612301][ C0] NMI backtrace for cpu 0 [ 534.612318][ C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 534.612357][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 534.612378][ C0] RIP: 0010:lock_release+0x0/0x3c0 [ 534.612411][ C0] Code: be 00 00 50 00 e9 70 fe ff ff 41 be 2f 00 00 00 e9 0e ff ff ff 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 30 49 89 f5 49 [ 534.612426][ C0] RSP: 0018:ffffc90000157a00 EFLAGS: 00000096 [ 534.612441][ C0] RAX: 0000000000000002 RBX: 0000000000000246 RCX: ffffffff9975b303 [ 534.612453][ C0] RDX: 0000000000000001 RSI: ffffffff8b1ea6fa RDI: ffff8880411003c0 [ 534.612465][ C0] RBP: ffffc90000157ae0 R08: ffff8880411003ff R09: 1ffff1100822007f [ 534.612478][ C0] R10: dffffc0000000000 R11: ffffed1008220080 R12: 1ffff9200002af4d [ 534.612491][ C0] R13: 0000000000000246 R14: ffff8880411003a8 R15: ffffc90000157a60 [ 534.612504][ C0] FS: 0000000000000000(0000) GS:ffff888126179000(0000) knlGS:0000000000000000 [ 534.612518][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 534.612530][ C0] CR2: 0000556577409060 CR3: 000000003c018000 CR4: 00000000003526f0 [ 534.612545][ C0] Call Trace: [ 534.612551][ C0] [ 534.612557][ C0] _raw_spin_unlock_irqrestore+0x1b/0x80 [ 534.612579][ C0] rt_spin_lock+0x17a/0x400 [ 534.612605][ C0] ? __pfx_rt_spin_lock+0x10/0x10 [ 534.612630][ C0] ? do_raw_spin_lock+0x12b/0x2f0 [ 534.612650][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 534.612669][ C0] ? __pfx_advance_sched+0x10/0x10 [ 534.612692][ C0] advance_sched+0xba/0xc20 [ 534.612719][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 534.612738][ C0] ? __pfx_advance_sched+0x10/0x10 [ 534.612760][ C0] __hrtimer_run_queues+0x405/0xb10 [ 534.612786][ C0] hrtimer_run_softirq+0x18f/0x260 [ 534.612807][ C0] handle_softirqs+0x1de/0x6d0 [ 534.612831][ C0] ? smpboot_thread_fn+0x4d/0xa50 [ 534.612852][ C0] run_ktimerd+0x69/0x100 [ 534.612872][ C0] smpboot_thread_fn+0x541/0xa50 [ 534.612893][ C0] ? smpboot_thread_fn+0x4d/0xa50 [ 534.612917][ C0] kthread+0x388/0x470 [ 534.612940][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 534.612960][ C0] ? __pfx_kthread+0x10/0x10 [ 534.612983][ C0] ret_from_fork+0x514/0xb70 [ 534.613003][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 534.613022][ C0] ? __switch_to+0xc79/0x1410 [ 534.613049][ C0] ? __pfx_kthread+0x10/0x10 [ 534.613072][ C0] ret_from_fork_asm+0x1a/0x30 [ 534.613101][ C0] [ 534.839706][ T37] Kernel panic - not syncing: hung_task: blocked tasks [ 534.839728][ T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 534.839750][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 534.839762][ T37] Call Trace: [ 534.839770][ T37] [ 534.839779][ T37] vpanic+0x56c/0xa60 [ 534.839809][ T37] ? __pfx___schedule+0x10/0x10 [ 534.839830][ T37] ? __pfx_vpanic+0x10/0x10 [ 534.839883][ T37] panic+0xc5/0xd0 [ 534.839905][ T37] ? __pfx_panic+0x10/0x10 [ 534.839929][ T37] ? preempt_schedule_thunk+0x16/0x30 [ 534.839963][ T37] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 534.840002][ T37] watchdog+0x102c/0x1030 [ 534.840032][ T37] ? watchdog+0x1c9/0x1030 [ 534.840058][ T37] kthread+0x388/0x470 [ 534.840085][ T37] ? __pfx_watchdog+0x10/0x10 [ 534.840104][ T37] ? __pfx_kthread+0x10/0x10 [ 534.840131][ T37] ret_from_fork+0x514/0xb70 [ 534.840155][ T37] ? __pfx_ret_from_fork+0x10/0x10 [ 534.840177][ T37] ? __switch_to+0xc79/0x1410 [ 534.840208][ T37] ? __pfx_kthread+0x10/0x10 [ 534.840233][ T37] ret_from_fork_asm+0x1a/0x30 [ 534.840272][ T37] [ 534.840661][ T37] Kernel Offset: disabled