last executing test programs: 7.032501s ago: executing program 0 (id=1237): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000042000100fffffffffddbdf25020000000400300010000180"], 0x30}, 0x1, 0x0, 0x0, 0x8800}, 0x4040) 7.008958983s ago: executing program 0 (id=1239): syz_open_procfs(0x0, &(0x7f00000006c0)='pagemap\x00') syz_io_uring_setup(0xbdc, 0x0, 0x0, &(0x7f0000000240)) read$msr(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0}) io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x0, 0xb01f, 0x5601}]) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r5, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, ' nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) 6.910081383s ago: executing program 1 (id=1241): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18) io_uring_setup(0x1de0, &(0x7f0000001e00)={0x0, 0x8ec5}) 6.830147201s ago: executing program 1 (id=1242): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) 6.292983746s ago: executing program 3 (id=1244): socket$kcm(0x29, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x15, 0x5, 0x0) getsockopt(r1, 0x200000000114, 0x2712, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007918c0000000000006000000000000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) r4 = creat(&(0x7f0000000180)='./file0\x00', 0x0) close(r4) r5 = socket$inet(0xa, 0x801, 0x84) listen(r5, 0x8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}}) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r7 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001300)=@newtfilter={0x48, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xffe0}, {}, {0xfffb, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0xb18}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x4}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8848}, 0x4040050) sendmmsg(r2, &(0x7f0000000000), 0x400000000000235, 0x0) r8 = getpid() r9 = syz_pidfd_open(r8, 0x0) r10 = pidfd_getfd(r9, r9, 0x0) setns(r10, 0x66020000) umount2(&(0x7f0000000040)='.\x00', 0x2) 2.900689303s ago: executing program 0 (id=1247): r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x4000810) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x7, &(0x7f0000001fc0)={&(0x7f0000001f40)={0x24, 0x0, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x4f}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000045}, 0x5000) sendfile(r3, r3, 0x0, 0x200900) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) syz_extract_tcp_res(&(0x7f0000000580)={0x41424344}, 0x8147, 0x200) syz_extract_tcp_res(&(0x7f00000005c0)={0x41424344}, 0xff, 0x1) syz_emit_ethernet(0x6a, &(0x7f0000000600)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x18, 0x5c, 0x64, 0x0, 0x55, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x44}, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x4e21, 0x4e22, r4, r5, 0x0, 0x0, 0x7, 0x10, 0xfffd, 0x0, 0x4, {[@exp_smc={0xfe, 0x6}]}}, {"a9584fad2efd778020b2854d8d74836df7d1639e4774f6b1e1e0378178f718150ac60cdaeb1f5848841bb4ce"}}}}}}, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000500)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x1, 0x8, 0x4c, 0x65, 0x0, 0x3, 0x6, 0x0, @private=0xa010102, @private=0xa010102, {[@rr={0x7, 0xb, 0x35, [@broadcast, @empty]}]}}, {{0x4e22, 0x4e23, r5, 0x41424344, 0x1, 0x0, 0xb, 0xc2, 0x5, 0x0, 0x9, {[@window={0x3, 0x3}, @generic={0x1, 0x12, "ff9a30062b66ab5f75734e0d07e2adcd"}]}}}}}}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x9}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) socket$nl_route(0x10, 0x3, 0x0) 2.691138064s ago: executing program 1 (id=1250): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18) io_uring_setup(0x1de0, &(0x7f0000001e00)={0x0, 0x8ec5}) 2.535742401s ago: executing program 1 (id=1251): r0 = socket$nl_route(0x10, 0x3, 0x0) add_key$user(&(0x7f0000000340), &(0x7f0000002180)={'syz', 0x0}, &(0x7f00000021c0)='\x00', 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265b", 0x77, 0xffffffffffffffff) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x14, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, 0x0) socket$kcm(0x10, 0x2, 0x0) ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000140)={0x6, 0x0, 0x5, {0x6, 0x80000000, 0x1, 0x80}}) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$sock(r1, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x28048014) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a) sendfile(r1, r2, 0x0, 0xffffffff000) syz_open_dev$sndpcmc(&(0x7f0000000080), 0x7d, 0x400000) 2.490783975s ago: executing program 2 (id=1252): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb02163c, 0x0) pipe2$9p(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070100000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r7}, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) sched_setscheduler(0x0, 0x1, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000480)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x3c, 0x0, @dev, @local, {[@fragment={0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x66}]}}}}}, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)) 2.253404849s ago: executing program 3 (id=1253): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2.103463805s ago: executing program 3 (id=1254): r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/devices\x00', 0x0, 0x0) close_range(r0, r1, 0x0) 1.510651915s ago: executing program 2 (id=1255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000000000)='./bus\x00', 0x3a0cc0a, &(0x7f0000000b00)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000005,map=normal,map=normal,session=0x000000000000000e,overriderockperm,showassoc,nocompress,utf8,map=normal,session=0x0000000000000006,map=acorn,mode=0x0000000000000086,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00', @ANYRESDEC, @ANYBLOB="e21c3011806a2c166ea609cca9f2cd04e4", @ANYRES8, @ANYRESDEC], 0x43, 0xa0e, &(0x7f00000000c0)="$eJzs3U9sXdWdB/DvfbYTj4lCgAyTQUBewgQMZBzbGcJEbCaxnxMz/jOyHYloNCIMSaooVqmgSIAqNZWqroraRdUF3SF10xUSG9hU2bXbbrqoVLHuDnUVddFX3fueYyf287MTxzbh87Gu3/3zu+f8zrv33SNfv/dO+CZrNpvVdI/LF36zncmy+5wd/+rTzz4upx/dyJ705JXii6Q/ST3pTXIoydj43Ox0l4KuJ5eS3EyKJHvTetyQSyl+ln3LyzdT/Kqqt3ThHhvGhjT5Vtvp8w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHajYmx8eHikyNTkzIU36p1VQ4B32lhbLu/LatTv4suu9SZFOaW/f2mo70MHlzc/Wf46mqdbS09XA5KnPx898uSB157orS3tv07Cm/H39mDIm97xvQ8/uv7W4uKVdzts72k3574z3KXONWYm52cnp8+ca9Qn52frp0+dGj5xfmK+PjE51Zi/OL/QmK6PzTXOLMzO1QfHXqyPnD59st4Yujh7Yebc+NBUY2nlq/8+Ojx8qv760P80zszNz86ceH1ofuz85NTU5My5KqbcXMa8Wp6I/z25UF9onJmu169eW7xy8o6M1niqy6CRbi0pg0a7BY0Oj46OjIyOjpx65fQrrw4P9y6v6Em1YvguWbXL7ZM2+x7e8+Jb6JPaBoLKi2N9C6/ecH9q7f4/U5nMTC7kjdTX/BnLeOYym+kO29uW+v9jJxrr1ruy/1/q5Q8tb34qVf//bGvp2U79f4dctu/nvXyYj3I9b2Uxi7mSd+/YuvceSmw2127Vr//Qei52usV3/pxLIzOZzHxmM5npnKnW1Ntr6jmdUzmV4byZ85nIfOqZyGSm0sh8LmY+C2lUZ9RY5tLImSz0tto4mLG8mHpGcjqnczL1NDKUi5nNhczkXMZzpirlaq5Vz/vJdXK8HTSykaDRdYJGy5N77f6/vWIT/T/fUlt9CYd71mz3/3vuWl9bHTo4tl1JAQAAAFvqX3+f/Qcf/92fk748U91jBwAAAB421dv1ni4f+sq5Z1JMTE41hlcHvr/9uQEAAABbo6g+Y1ckGcjh1tzSJ6HWuAkAAAAAfBNV//9/tnwYKOcOp/D3PwAAADxsun/HfteI4njquVFuql9uRV5uR6T6VEExMDE51Rgam516bSTPV98yUH3SYFVpPTmQVB8/eClHWlFHBlqPA8sllnX2l1EjQ6+NpD9H2w0ZfK58eG5wjcjRMvKlvNCKfGEpsj+rIk+WkQDwsDu6Tn+80f7/pRxvRRx/qvr69t6n1uiDh1s96w93qJ0AwLLuY+x0jSj+Y2n4nzX+/i8jenL1cOstBUN5O+9kMZdzvPq0QfWOg3apuVlkudSBFW9DON7lbsDAihFeji/dDzi8b837AQMrBno5vuqOQKfYk2s+d8WWHw0A2B5HV/XD6/T/zWZrbtX9//X//h/wlkIA2FVuj2D/AGfurrNvZ5oKALR17qXX0fMAEwIAAAAAAAAAAAAAAAAAAAAAAAAAAICHwIP8/v9akgc7ssB9zNxIsgvS2OaZv7QP+6pN7fU3djzDFTN7c//l9G/LCBcf/t+eXXyq39vMDl6UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DZF0rPW+lqyN+kdTnJi+7N6cG7sdAI7rLiVW/kg+3c6DwAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh037+/9raT0+0lqV3lpyLMmlJP+70zlupVs7ncDWGig2ucOK7/8vj3maRXpbhz1F39j43Ox0VeLecvtXn372cTndS2JlAWUNdwwu0a6h816PVXsNjF957/r33/leffxsleTZhYmp8elzc/+1HPhk8XlST2taspTvD4r2WXxnyz8vW9q93rKWiare8dX1/stae9+u99hvf965bcuW07i2eGW0rGmh8cbC+9+99sGKoMdzJHluMBm8s6bvlFOHmo6kb716i6+LnxT788tcqo5/mUbRLMpD9GiyJ7V/unpt8crQ2+8sXu6Q04EcTnI56d94TodXH4kl1VlX6ytrHa6Cyl8Hu5S3rkd69jebrRJHOrThseqUGdhUG+qd21Dp8ry323iyQ0ZP5PlNH+nnu9TY9rdmS2up+Lr4U3E+f8yPV4z/USuP/7Fs5NVZxlSRK86Uzm0+ttzy0ZUb3rw7suOrkgfgp/n//Oft419bcf1vH6vtuR6tqPGBvS6KVi/UVs0fvKtHal99OmXZzvNgK6pDnv+cl1fv1yXPl7tcUbbo9X+n4uvik2Iwf80N4/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7X5H0rLW+lhxLciDJo+VyPWluRX21gWIritmgPavW3NjG2neP2u254lZu5YPs39F0AAAAAAAAANgyZ8e/+vSzj8up+n98T/6t+CLpb/2nvzfJgeIXfWPjc7PTXQrqSy4luVnO928uh3K/7FtevlkuHdp8WwCAjflHAAAA///nD22t") 1.352710672s ago: executing program 3 (id=1256): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) 1.193641428s ago: executing program 0 (id=1257): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01010000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000400080003400000000a140000001100"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) 1.192857608s ago: executing program 1 (id=1258): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000100)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x82e00, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x800}}, './file0\x00'}) mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x1) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r3, 0x40045b0a, &(0x7f0000000040)) 1.177256139s ago: executing program 2 (id=1259): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18) io_uring_setup(0x1de0, &(0x7f0000001e00)={0x0, 0x8ec5}) 1.081349589s ago: executing program 3 (id=1260): r0 = socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 1.030636004s ago: executing program 0 (id=1261): bind$rxrpc(0xffffffffffffffff, &(0x7f0000000100)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e22, 0x9, @loopback, 0x3}}, 0x24) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x8000, 0x1000}, 0x20) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 1.024542235s ago: executing program 2 (id=1262): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 920.533976ms ago: executing program 0 (id=1263): r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYRES8=r1, @ANYRES8=r1], 0x0) gettid() r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, &(0x7f0000000000)=""/188, 0xbc) mknod$loop(0x0, 0xfff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast1, @in6=@private1, 0x0, 0x0, 0x4, 0x0, 0xa, 0x20, 0x0, 0x2f}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x800000000002}, {0x0, 0x6}, 0x3, 0x0, 0x1, 0x0, 0x2557fd1c8e1fd222}, {{@in=@multicast1, 0xfffffffd, 0x33}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xd688e01a6efb2b9, 0x0, 0xfd, 0x5, 0x0, 0xfffffffe}}, 0xe8) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r5, 0x303, 0x70bd28, 0x0, {0xa}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="35ab2788d003", @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast=0xe0000001}, {0x4e24, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x1, 0x0, @val=0x80}}}}}}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB="80000000050601080000000000000000070000080900030073797a320010000005000100070000000900030073797a310000000005000100070000000900020073797a320000000005000100070000000900020073797a3100000000090003"], 0x80}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/handlers\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r0, 0x2000) 920.287106ms ago: executing program 2 (id=1264): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb02163c, 0x0) pipe2$9p(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070100000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r7}, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) sched_setscheduler(0x0, 0x1, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000480)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x3c, 0x0, @dev, @local, {[@fragment={0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x66}]}}}}}, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)) 879.45476ms ago: executing program 3 (id=1271): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 448.989894ms ago: executing program 1 (id=1265): r0 = socket$inet_smc(0x2b, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x800000}, 0x18) r5 = socket(0x1d, 0x2, 0x6) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000d0000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000a40003800800014000000000900003801400010076657468305f746f5f62617461647600140001006d6163766c616e3100000000000000002800010076657468310000000000000000000000140001006772653000000000000000000000000014000100776c616e3100000000000000000000001400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e640000000800024000000006c8000000180a0101000b000000000000010000000900010073797a30000000009c0003800800014000000000900003801400010069703665727370616e300000000000001400010076657468305f6d61637674616ff7000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f30000000001400010063616966300000000000000000000000140001006d616373656330000000000000000000140001007465616d5f736c6176655f30000000000900020073797a3000000000140000001000010000000000000000000000000a"], 0x1e0}}, 0x0) futex(0x0, 0x8, 0x1, &(0x7f0000000500), 0x0, 0x2) bind$can_j1939(r5, &(0x7f0000000040)={0x1d, 0x0, 0x8000000000000003}, 0x18) getsockopt$inet_mreqn(r5, 0x0, 0x23, &(0x7f0000000340)={@rand_addr, @remote, 0x0}, &(0x7f0000000400)=0xc) sendmsg$nl_route(r5, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000480)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000006c0004002bbd7000fcdb23b65b4e465c5e4dbf3beedf2500000000", @ANYRES32=r7, @ANYBLOB="c00002008001000008002900ed3b0400"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x4000004) prlimit64(r1, 0x3, &(0x7f00000001c0)={0x6, 0x6400}, &(0x7f0000000280)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) r8 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28}}}]}, 0x58}}, 0x0) ioctl$sock_ifreq(r0, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0x0, @sync=0x0}}) 0s ago: executing program 2 (id=1266): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x8) bind$inet6(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r3, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) kernel console output (not intermixed with test programs): 45][ T5764] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.749000][ T5764] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.757956][ T5764] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.770146][ T5761] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.779304][ T5761] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.788249][ T5761] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.797426][ T5761] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.811129][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.820537][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.830692][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.849493][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.859879][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.870688][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.882986][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.893474][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.909967][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.923010][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.934414][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.944731][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.955216][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.967391][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.978025][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.989066][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.021957][ T5766] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.040716][ T5766] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.049931][ T5766] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.059377][ T5766] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.226446][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.237427][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.283032][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.308590][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.351403][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.365083][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.401452][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.424620][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.454731][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.479643][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.545630][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.553498][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.927723][ T27] audit: type=1326 audit(1768218917.568:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 66.932332][ T5856] veth2: entered promiscuous mode [ 66.960624][ T5858] mmap: syz.0.6 (5858) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 67.011827][ T27] audit: type=1326 audit(1768218917.568:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.089687][ T27] audit: type=1326 audit(1768218917.578:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.130949][ T5864] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8'. [ 67.158995][ T5864] IPVS: Unknown mcast interface: ve [ 67.177981][ T27] audit: type=1326 audit(1768218917.608:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.202710][ T5774] Bluetooth: hci0: command tx timeout [ 67.240958][ T27] audit: type=1326 audit(1768218917.608:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.271017][ T27] audit: type=1326 audit(1768218917.608:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.299029][ T27] audit: type=1326 audit(1768218917.608:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.361294][ T5774] Bluetooth: hci2: command tx timeout [ 67.361848][ T5084] Bluetooth: hci1: command tx timeout [ 67.401437][ T27] audit: type=1326 audit(1768218917.608:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.434740][ T5084] Bluetooth: hci3: command tx timeout [ 67.496433][ T5871] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 67.506922][ T27] audit: type=1326 audit(1768218917.608:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.521231][ T5875] syz.0.14[5875]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 67.572212][ T5875] loop0: detected capacity change from 0 to 512 [ 67.572657][ T5877] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12'. [ 67.587292][ T5875] ======================================================= [ 67.587292][ T5875] WARNING: The mand mount option has been deprecated and [ 67.587292][ T5875] and is ignored by this kernel. Remove the mand [ 67.587292][ T5875] option from the mount to silence this warning. [ 67.587292][ T5875] ======================================================= [ 67.593976][ T27] audit: type=1326 audit(1768218917.608:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.0.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 67.669314][ T5877] Zero length message leads to an empty skb [ 67.676309][ T5877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'. [ 67.691741][ T5875] EXT4-fs: inline encryption not supported [ 67.726385][ T5875] EXT4-fs error (device loop0): ext4_orphan_get:1424: comm syz.0.14: bad orphan inode 15 [ 67.741824][ T5875] ext4_test_bit(bit=14, block=5) = 0 [ 67.749717][ T5875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.795070][ T5875] EXT4-fs error (device loop0): ext4_search_dir:1549: inode #11: block 14: comm syz.0.14: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2, rec_len=255, size=1024 fake=1 [ 67.886704][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.130248][ T5894] loop2: detected capacity change from 0 to 512 [ 68.147780][ T5894] EXT4-fs: Ignoring removed mblk_io_submit option [ 68.165768][ T5894] ext3: Unknown parameter 'fowner' [ 68.364712][ T5900] loop2: detected capacity change from 0 to 512 [ 68.390714][ T5900] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 68.423207][ T5900] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 68.443385][ T5900] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 68.476357][ T5904] netlink: 36 bytes leftover after parsing attributes in process `syz.0.24'. [ 68.498548][ T5904] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.506902][ T5904] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.822267][ T5912] syz.0.28 uses obsolete (PF_INET,SOCK_PACKET) [ 68.958916][ T5916] loop3: detected capacity change from 0 to 512 [ 68.974981][ T5916] EXT4-fs: Ignoring removed orlov option [ 68.992773][ T5916] EXT4-fs: Ignoring removed i_version option [ 69.008156][ T5916] EXT4-fs: Ignoring removed nomblk_io_submit option [ 69.082911][ T5916] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 69.131967][ T5916] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002] [ 69.189670][ T5916] EXT4-fs (loop3): orphan cleanup on readonly fs [ 69.233833][ T5916] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 69.274355][ T5084] Bluetooth: hci0: command tx timeout [ 69.299252][ T5916] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 69.301775][ T5922] lo speed is unknown, defaulting to 1000 [ 69.322665][ T5922] lo speed is unknown, defaulting to 1000 [ 69.344049][ T5922] lo speed is unknown, defaulting to 1000 [ 69.350804][ T5916] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.30: bg 0: block 40: padding at end of block bitmap is not set [ 69.356645][ T5922] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 69.394709][ T5922] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 69.428811][ T5916] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 69.438559][ T5084] Bluetooth: hci1: command tx timeout [ 69.444231][ T5084] Bluetooth: hci2: command tx timeout [ 69.462795][ T5922] lo speed is unknown, defaulting to 1000 [ 69.463263][ T5916] EXT4-fs (loop3): 1 truncate cleaned up [ 69.470636][ T5922] lo speed is unknown, defaulting to 1000 [ 69.485412][ T5922] lo speed is unknown, defaulting to 1000 [ 69.495670][ T5922] lo speed is unknown, defaulting to 1000 [ 69.514704][ T5774] Bluetooth: hci3: command tx timeout [ 69.529665][ T5916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 69.593746][ T5916] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.30: bad symlink. [ 69.706003][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.926983][ T5940] lo speed is unknown, defaulting to 1000 [ 69.932836][ T5940] lo speed is unknown, defaulting to 1000 [ 69.951249][ T5940] lo speed is unknown, defaulting to 1000 [ 69.982984][ T5934] loop2: detected capacity change from 0 to 8192 [ 70.062620][ T5940] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 70.196935][ T5940] lo speed is unknown, defaulting to 1000 [ 70.230108][ T5940] lo speed is unknown, defaulting to 1000 [ 70.256323][ T5940] lo speed is unknown, defaulting to 1000 [ 70.319056][ T5940] lo speed is unknown, defaulting to 1000 [ 70.611698][ T5967] loop3: detected capacity change from 0 to 256 [ 70.636488][ T5972] hugetlbfs: Bad value 'k' for mount option 'nr_inodes' [ 70.636488][ T5972] [ 70.679479][ T5967] FAT-fs (loop3): Directory bread(block 64) failed [ 70.705034][ T5967] FAT-fs (loop3): Directory bread(block 65) failed [ 70.745051][ T5967] FAT-fs (loop3): Directory bread(block 66) failed [ 70.751635][ T5967] FAT-fs (loop3): Directory bread(block 67) failed [ 70.795518][ T5967] FAT-fs (loop3): Directory bread(block 68) failed [ 70.815181][ T5967] FAT-fs (loop3): Directory bread(block 69) failed [ 70.822725][ T5967] FAT-fs (loop3): Directory bread(block 70) failed [ 70.842868][ T5967] FAT-fs (loop3): Directory bread(block 71) failed [ 70.861391][ T5967] FAT-fs (loop3): Directory bread(block 72) failed [ 70.904757][ T5981] siw: device registration error -23 [ 70.907131][ T5967] FAT-fs (loop3): Directory bread(block 73) failed [ 70.927615][ T5979] loop0: detected capacity change from 0 to 1764 [ 71.312163][ T1093] kworker/u4:7: attempt to access beyond end of device [ 71.312163][ T1093] loop3: rw=1, sector=1800, nr_sectors = 800 limit=256 [ 71.331939][ T5996] bridge_slave_0: left allmulticast mode [ 71.339585][ T5990] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.352831][ T5996] bridge_slave_0: left promiscuous mode [ 71.368170][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.401526][ T5996] bridge_slave_1: left allmulticast mode [ 71.407467][ T5996] bridge_slave_1: left promiscuous mode [ 71.417771][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.456010][ T5996] bond0: (slave bond_slave_0): Releasing backup interface [ 71.491128][ T5996] bond0: (slave bond_slave_1): Releasing backup interface [ 71.560401][ T5996] team0: Port device team_slave_0 removed [ 71.601639][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.608684][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.616763][ T5996] team0: Port device team_slave_1 removed [ 71.651786][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.659527][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.680476][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.691843][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.714602][ T6000] netlink: 'syz.0.57': attribute type 10 has an invalid length. [ 71.727890][ T6000] netlink: 40 bytes leftover after parsing attributes in process `syz.0.57'. [ 71.750432][ T6000] batman_adv: batadv0: Adding interface: virt_wifi0 [ 71.764678][ T6000] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.801577][ T6000] batman_adv: batadv0: Interface activated: virt_wifi0 [ 71.816030][ T5996] syz.0.57 (5996) used greatest stack depth: 20520 bytes left [ 71.964335][ T6011] netlink: 60 bytes leftover after parsing attributes in process `syz.0.62'. [ 71.973152][ T6011] IPVS: Unknown mcast interface: ve [ 72.714607][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 72.983294][ T27] kauditd_printk_skb: 54 callbacks suppressed [ 72.983307][ T27] audit: type=1326 audit(1768218923.628:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6021 comm="syz.2.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 73.031844][ T27] audit: type=1326 audit(1768218923.648:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6021 comm="syz.2.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 73.054613][ T27] audit: type=1326 audit(1768218923.648:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.089732][ T27] audit: type=1326 audit(1768218923.648:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.163834][ T27] audit: type=1326 audit(1768218923.648:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.214437][ T27] audit: type=1326 audit(1768218923.648:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.256466][ T27] audit: type=1326 audit(1768218923.648:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.264701][ T6037] netlink: 7 bytes leftover after parsing attributes in process `syz.2.72'. [ 73.297557][ T6035] siw: device registration error -23 [ 73.305732][ T27] audit: type=1326 audit(1768218923.648:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.328480][ T6037] netlink: 7 bytes leftover after parsing attributes in process `syz.2.72'. [ 73.352870][ T27] audit: type=1326 audit(1768218923.648:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.420190][ T27] audit: type=1326 audit(1768218923.648:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 73.529363][ T6045] loop3: detected capacity change from 0 to 512 [ 73.560932][ T6046] netlink: 24 bytes leftover after parsing attributes in process `syz.2.75'. [ 73.564759][ T6045] EXT4-fs: Ignoring removed i_version option [ 73.607912][ T6045] EXT4-fs: Ignoring removed bh option [ 73.656491][ T6045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.728520][ T6045] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.794956][ T6045] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.76: Failed to acquire dquot type 1 [ 73.863634][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.647976][ T6071] loop2: detected capacity change from 0 to 1024 [ 74.665763][ T6071] EXT4-fs: Ignoring removed orlov option [ 74.676577][ T6071] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 74.703218][ T6071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.717672][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 74.724735][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 74.741023][ T9] cfg80211: failed to load regulatory.db [ 74.866244][ T6071] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #12: block 7: comm syz.2.85: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 74.949828][ T6071] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2852: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 74.978553][ T6077] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 74.991886][ T6079] netlink: 96 bytes leftover after parsing attributes in process `syz.1.88'. [ 74.992208][ T6077] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 75.014732][ T6077] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 75.093806][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.178633][ T6084] vlan2: entered allmulticast mode [ 75.299687][ T6066] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.314779][ T6066] bridge0: port 3(bond1) entered blocking state [ 75.335262][ T6066] bridge0: port 3(bond1) entered disabled state [ 75.341687][ T6066] bond1: entered allmulticast mode [ 75.353699][ T6066] bond1: entered promiscuous mode [ 75.361240][ T6066] bridge0: port 3(bond1) entered blocking state [ 75.367662][ T6066] bridge0: port 3(bond1) entered forwarding state [ 75.370956][ T6088] siw: device registration error -23 [ 75.397777][ T6069] lo speed is unknown, defaulting to 1000 [ 75.620835][ T6093] netlink: 24 bytes leftover after parsing attributes in process `syz.2.93'. [ 75.828613][ T6101] netlink: 96 bytes leftover after parsing attributes in process `syz.3.97'. [ 75.941609][ T6105] capability: warning: `syz.3.99' uses deprecated v2 capabilities in a way that may be insecure [ 76.082532][ T6108] siw: device registration error -23 [ 76.130214][ T6109] loop0: detected capacity change from 0 to 1024 [ 76.156577][ T6109] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.165519][ T6109] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.193433][ T6109] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e015c01c, mo2=0002] [ 76.218404][ T6109] System zones: 0-1, 3-36 [ 76.247103][ T1132] bridge0: port 3(bond1) entered disabled state [ 76.278336][ T6109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.389716][ T6116] netlink: 24 bytes leftover after parsing attributes in process `syz.1.103'. [ 76.473693][ T6109] netlink: 28 bytes leftover after parsing attributes in process `syz.0.101'. [ 76.531413][ T6109] infiniband syz: RDMA CMA: cma_listen_on_dev, error -98 [ 76.850867][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.092129][ T6124] netlink: 96 bytes leftover after parsing attributes in process `syz.2.107'. [ 77.484524][ T6132] veth2: entered promiscuous mode [ 77.834773][ T6138] bridge_slave_0: left allmulticast mode [ 77.851143][ T6138] bridge_slave_0: left promiscuous mode [ 77.868284][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.925979][ T6138] bridge_slave_1: left allmulticast mode [ 77.931705][ T6138] bridge_slave_1: left promiscuous mode [ 77.942851][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.964996][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 77.971550][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 77.986376][ T6138] bond0: (slave bond_slave_0): Releasing backup interface [ 78.027952][ T6138] bond0: (slave bond_slave_1): Releasing backup interface [ 78.065660][ T6138] team0: Port device team_slave_0 removed [ 78.094686][ T6138] team0: Port device team_slave_1 removed [ 78.105747][ T6138] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 78.124234][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 78.133164][ T6138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 78.145586][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 78.171622][ T6138] bond1: left allmulticast mode [ 78.179032][ T6138] bond1: left promiscuous mode [ 78.193799][ T6138] bridge0: port 3(bond1) entered disabled state [ 78.213704][ T6143] netlink: 'syz.3.113': attribute type 10 has an invalid length. [ 78.238946][ T6143] netlink: 40 bytes leftover after parsing attributes in process `syz.3.113'. [ 78.256423][ T6143] batman_adv: batadv0: Adding interface: virt_wifi0 [ 78.263058][ T6143] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.292917][ T6143] batman_adv: batadv0: Interface activated: virt_wifi0 [ 78.340280][ T6147] netlink: 96 bytes leftover after parsing attributes in process `syz.2.117'. [ 78.368735][ T6145] vlan2: entered allmulticast mode [ 78.553639][ T6156] siw: device registration error -23 [ 78.662211][ T6160] netlink: 24 bytes leftover after parsing attributes in process `syz.1.123'. [ 78.749909][ T6165] netlink: 96 bytes leftover after parsing attributes in process `syz.3.126'. [ 78.829625][ T6170] loop3: detected capacity change from 0 to 512 [ 78.838911][ T6170] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 78.858413][ T6170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.871380][ T6170] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 78.925900][ T27] kauditd_printk_skb: 110 callbacks suppressed [ 78.925914][ T27] audit: type=1800 audit(1768218929.578:183): pid=6170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.128" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 79.884148][ T6182] syz.1.130 (6182) used greatest stack depth: 16816 bytes left [ 79.994139][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 80.395942][ T6191] netlink: 24 bytes leftover after parsing attributes in process `syz.1.133'. [ 80.555210][ T6190] loop0: detected capacity change from 0 to 8192 [ 80.828659][ T6197] netlink: 96 bytes leftover after parsing attributes in process `syz.2.136'. [ 80.950292][ T6201] loop2: detected capacity change from 0 to 128 [ 80.977877][ T6201] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.995692][ T6201] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.014252][ T6203] netlink: 28 bytes leftover after parsing attributes in process `syz.0.139'. [ 81.049842][ T6203] unsupported nla_type 24929 [ 81.065750][ T5761] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.141628][ T27] audit: type=1326 audit(1768218931.788:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.185974][ T27] audit: type=1326 audit(1768218931.788:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.258668][ T27] audit: type=1326 audit(1768218931.788:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.281560][ T27] audit: type=1326 audit(1768218931.788:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.304037][ T27] audit: type=1326 audit(1768218931.788:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.376103][ T27] audit: type=1326 audit(1768218931.788:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.399080][ T27] audit: type=1326 audit(1768218931.828:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 81.452012][ T27] audit: type=1326 audit(1768218931.828:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6207 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f182d5c2005 code=0x7ffc0000 [ 81.544072][ T27] audit: type=1326 audit(1768218931.838:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 82.503047][ T6219] loop0: detected capacity change from 0 to 8192 [ 82.723273][ T6227] pim6reg: entered allmulticast mode [ 82.874813][ T6227] netlink: 664 bytes leftover after parsing attributes in process `syz.1.149'. [ 82.905426][ T6227] pim6reg: left allmulticast mode [ 83.357394][ T6240] loop2: detected capacity change from 0 to 164 [ 83.420630][ T6240] Unable to read rock-ridge attributes [ 83.439473][ T6240] Unable to read rock-ridge attributes [ 84.120153][ T6243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.156'. [ 84.279886][ T6248] netlink: 24 bytes leftover after parsing attributes in process `syz.2.157'. [ 84.328168][ T6251] netlink: 16 bytes leftover after parsing attributes in process `syz.1.159'. [ 84.347804][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.995878][ T6272] netlink: 16 bytes leftover after parsing attributes in process `syz.0.169'. [ 85.164505][ T6274] lo speed is unknown, defaulting to 1000 [ 85.554704][ T6269] loop3: detected capacity change from 0 to 32768 [ 85.958017][ T27] kauditd_printk_skb: 71 callbacks suppressed [ 85.958030][ T27] audit: type=1326 audit(1768218936.608:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.005486][ T6274] loop0: detected capacity change from 0 to 512 [ 86.014919][ T27] audit: type=1326 audit(1768218936.638:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.037640][ T6274] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 86.073857][ T27] audit: type=1326 audit(1768218936.638:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.096814][ T27] audit: type=1326 audit(1768218936.638:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.098293][ T6274] EXT4-fs (loop0): 1 truncate cleaned up [ 86.127627][ T6274] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.144383][ T27] audit: type=1326 audit(1768218936.638:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.176279][ T27] audit: type=1326 audit(1768218936.638:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.288170][ T27] audit: type=1326 audit(1768218936.638:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.316910][ T27] audit: type=1326 audit(1768218936.638:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.357715][ T27] audit: type=1326 audit(1768218936.638:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.387598][ T27] audit: type=1326 audit(1768218936.638:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.0.170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 86.453013][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.572216][ T6300] netlink: 16 bytes leftover after parsing attributes in process `syz.0.178'. [ 87.104006][ T6319] capability: warning: `syz.2.187' uses 32-bit capabilities (legacy support in use) [ 87.995648][ T6342] loop2: detected capacity change from 0 to 512 [ 88.003740][ T6332] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 88.013141][ T6332] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 88.026997][ T6332] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 88.039640][ T6342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.052329][ T6332] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 88.062641][ T6332] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 88.069783][ T6342] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.084383][ T6332] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 88.095247][ T6342] EXT4-fs error (device loop2): ext4_do_update_inode:5248: inode #2: comm syz.2.197: corrupted inode contents [ 88.109923][ T6332] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 88.118986][ T6342] EXT4-fs error (device loop2): ext4_dirty_inode:6124: inode #2: comm syz.2.197: mark_inode_dirty error [ 88.122246][ T6332] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 88.135489][ T6342] EXT4-fs error (device loop2): ext4_do_update_inode:5248: inode #2: comm syz.2.197: corrupted inode contents [ 88.152624][ T6342] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.197: mark_inode_dirty error [ 88.170615][ T6332] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 88.200051][ T6332] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 88.217652][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.231703][ T6332] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 88.260052][ T6332] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 88.662664][ T6358] netlink: 20 bytes leftover after parsing attributes in process `syz.2.202'. [ 88.730478][ T6360] vlan2: entered allmulticast mode [ 88.737876][ T6360] bridge_slave_0: entered allmulticast mode [ 88.956146][ T6368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'. [ 89.401050][ T6374] lo speed is unknown, defaulting to 1000 [ 89.832777][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 89.933428][ T6379] syz.0.210[6379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.933562][ T6379] syz.0.210[6379] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.074051][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 90.154628][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 90.234735][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 90.308953][ T6388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.215'. [ 90.318060][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 90.354087][ T6388] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 90.387433][ T6388] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 90.488587][ T6388] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 90.496260][ T6388] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 90.609048][ T6397] netlink: 16 bytes leftover after parsing attributes in process `syz.0.218'. [ 91.080351][ T6403] loop0: detected capacity change from 0 to 512 [ 91.275357][ T6417] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.553483][ T161] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.858657][ T6403] EXT4-fs (loop0): too many log groups per flexible block group [ 91.874234][ T6403] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 91.881160][ T6403] EXT4-fs (loop0): mount failed [ 91.923014][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout [ 92.019813][ T6423] netlink: 4 bytes leftover after parsing attributes in process `syz.1.228'. [ 92.090526][ T6403] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 92.153988][ T5774] Bluetooth: hci3: command 0x0c1a tx timeout [ 92.234207][ T5774] Bluetooth: hci2: command 0x0c1a tx timeout [ 92.314044][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout [ 92.352242][ T6430] loop3: detected capacity change from 0 to 512 [ 92.362339][ T6430] ext4: Unknown parameter 'seclabel' [ 92.549353][ T6434] syz.3.234[6434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.549481][ T6434] syz.3.234[6434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.004793][ T27] kauditd_printk_skb: 103 callbacks suppressed [ 93.004807][ T27] audit: type=1326 audit(1768218943.658:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6440 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 93.087414][ T27] audit: type=1326 audit(1768218943.658:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6440 comm="syz.0.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 93.363980][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 93.492430][ T6460] loop3: detected capacity change from 0 to 512 [ 93.524952][ T6460] EXT4-fs: Ignoring removed mblk_io_submit option [ 93.567670][ T6460] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.242: invalid block [ 93.605377][ T6460] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.242: invalid indirect mapped block 4294967295 (level 1) [ 93.628232][ T6460] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.242: invalid indirect mapped block 4294967295 (level 1) [ 93.653418][ T6460] EXT4-fs (loop3): 2 truncates cleaned up [ 93.679929][ T6460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.905042][ T6477] netlink: 24 bytes leftover after parsing attributes in process `syz.1.250'. [ 93.934098][ T6474] netlink: 60 bytes leftover after parsing attributes in process `syz.2.248'. [ 93.997436][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 94.234087][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 94.272687][ T6474] IPVS: Unknown mcast interface: ve [ 94.314057][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 94.341935][ T6482] vlan2: entered allmulticast mode [ 94.346447][ T27] audit: type=1326 audit(1768218944.988:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.404114][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 94.404256][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.446796][ T27] audit: type=1326 audit(1768218945.018:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.523111][ T27] audit: type=1326 audit(1768218945.028:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.579822][ T27] audit: type=1326 audit(1768218945.028:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.637424][ T27] audit: type=1326 audit(1768218945.028:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.684967][ T27] audit: type=1326 audit(1768218945.028:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.758346][ T6489] loop2: detected capacity change from 0 to 8192 [ 94.766771][ T27] audit: type=1326 audit(1768218945.028:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 94.817856][ T27] audit: type=1326 audit(1768218945.028:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 95.027872][ T6495] Bluetooth: hci4: Frame reassembly failed (-84) [ 95.681076][ T6503] netlink: 60 bytes leftover after parsing attributes in process `syz.1.260'. [ 95.712403][ T6503] IPVS: Unknown mcast interface: ve [ 97.124395][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 97.124595][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 97.592472][ T6553] vlan2: entered allmulticast mode [ 98.242847][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 98.980281][ T6573] Bluetooth: hci5: Frame reassembly failed (-84) [ 99.168755][ T3463] Bluetooth: hci5: Frame reassembly failed (-84) [ 99.262272][ T3463] Bluetooth: hci5: Frame reassembly failed (-84) [ 99.485107][ T6578] netlink: 4 bytes leftover after parsing attributes in process `syz.0.292'. [ 99.496533][ T6578] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 99.503700][ T6578] batman_adv: batadv0: Removing interface: virt_wifi0 [ 99.727688][ T27] kauditd_printk_skb: 27 callbacks suppressed [ 99.727700][ T27] audit: type=1326 audit(1768218958.375:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.784009][ T27] audit: type=1326 audit(1768218958.405:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.815405][ T27] audit: type=1326 audit(1768218958.405:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.844241][ T27] audit: type=1326 audit(1768218958.405:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.868955][ T27] audit: type=1326 audit(1768218958.405:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.891580][ T27] audit: type=1326 audit(1768218958.405:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.915707][ T27] audit: type=1326 audit(1768218958.405:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.938613][ T27] audit: type=1326 audit(1768218958.405:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 99.960879][ T27] audit: type=1326 audit(1768218958.405:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.1.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 100.074226][ T5769] Bluetooth: hci4: command 0x1003 tx timeout [ 100.081551][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 101.034110][ T5774] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 101.092503][ T6603] loop0: detected capacity change from 0 to 1024 [ 101.103068][ T6603] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 101.149597][ T6603] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 101.184416][ T6603] EXT4-fs (loop0): orphan cleanup on readonly fs [ 101.204051][ T6603] Quota error (device loop0): v2_read_file_info: Can't read info structure [ 101.227772][ T6603] EXT4-fs warning (device loop0): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 101.262362][ T6603] EXT4-fs (loop0): Cannot turn on quotas: error -5 [ 101.276216][ T6603] EXT4-fs (loop0): 1 truncate cleaned up [ 101.284543][ T6603] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.328464][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.679721][ T6619] lo speed is unknown, defaulting to 1000 [ 101.769902][ T6621] siw: device registration error -23 [ 103.730758][ T6636] netlink: 'syz.0.312': attribute type 13 has an invalid length. [ 104.234021][ T6647] Bluetooth: hci5: Frame reassembly failed (-84) [ 104.387484][ T41] Bluetooth: hci5: Frame reassembly failed (-84) [ 104.500582][ T41] Bluetooth: hci5: Frame reassembly failed (-84) [ 104.590594][ T6637] sctp: failed to load transform for md5: -2 [ 105.272609][ T6636] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.282203][ T6636] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.284183][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 105.293151][ T6636] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.297657][ T5769] Bluetooth: hci4: command 0x1003 tx timeout [ 105.310992][ T6636] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.701414][ T6670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.322'. [ 106.183050][ T6688] netlink: 660 bytes leftover after parsing attributes in process `syz.0.328'. [ 106.314511][ T5084] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 107.366172][ T6709] netlink: 24 bytes leftover after parsing attributes in process `syz.2.337'. [ 107.373798][ T6713] vlan2: entered allmulticast mode [ 107.380349][ T6713] bridge_slave_0: entered allmulticast mode [ 107.877649][ T6727] Bluetooth: hci4: Frame reassembly failed (-84) [ 108.085693][ T41] Bluetooth: hci4: Frame reassembly failed (-84) [ 108.212766][ T41] Bluetooth: hci4: Frame reassembly failed (-84) [ 108.691855][ T6749] netlink: 24 bytes leftover after parsing attributes in process `syz.1.350'. [ 108.807022][ T6756] netlink: 'syz.1.352': attribute type 16 has an invalid length. [ 108.814955][ T6756] netlink: 'syz.1.352': attribute type 17 has an invalid length. [ 109.076193][ T6756] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.083943][ T6756] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.557940][ T6771] loop2: detected capacity change from 0 to 8192 [ 109.616993][ T6756] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.706849][ T6756] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.074348][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 110.081416][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 110.647870][ T6786] (null): rxe_set_mtu: Set mtu to 1024 [ 110.842588][ T6756] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.854115][ T6756] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.863112][ T6756] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.873083][ T6756] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.899116][ T6790] loop2: detected capacity change from 0 to 2048 [ 110.948410][ T6790] loop2: p2 < > p3 < p5 > p4 [ 110.953460][ T6790] loop2: partition table partially beyond EOD, truncated [ 110.964344][ T6790] loop2: p2 start 4278190080 is beyond EOD, truncated [ 110.976049][ T6790] loop2: p4 size 8192 extends beyond EOD, truncated [ 110.985223][ T6790] loop2: p5 size 8192 extends beyond EOD, truncated [ 111.037982][ T6780] lo speed is unknown, defaulting to 1000 [ 111.263685][ T6796] lo speed is unknown, defaulting to 1000 [ 111.323317][ T6786] infiniband !yz!: set down [ 111.329859][ T6786] infiniband !yz!: added team_slave_0 [ 111.380957][ T6786] RDS/IB: !yz!: added [ 111.388093][ T6786] smc: adding ib device !yz! with port count 1 [ 111.396918][ T6786] smc: ib device !yz! port 1 has pnetid [ 111.724151][ T6807] loop2: detected capacity change from 0 to 512 [ 111.733578][ T6807] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 111.752988][ T6807] EXT4-fs (loop2): 1 truncate cleaned up [ 111.760701][ T6807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.826043][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.339277][ T6815] Bluetooth: hci4: Frame reassembly failed (-84) [ 112.469968][ T1132] Bluetooth: hci4: Frame reassembly failed (-84) [ 113.099638][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 113.099651][ T27] audit: type=1326 audit(1768218971.745:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6826 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 113.169426][ T27] audit: type=1326 audit(1768218971.785:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6826 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 113.255449][ T27] audit: type=1326 audit(1768218971.785:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6826 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 113.320487][ T27] audit: type=1326 audit(1768218971.785:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6826 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 113.799316][ T6846] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.231175][ T27] audit: type=1326 audit(1768218972.875:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.1.387" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x0 [ 114.333722][ T6852] netlink: 12 bytes leftover after parsing attributes in process `syz.1.387'. [ 114.343796][ T6852] netlink: 20 bytes leftover after parsing attributes in process `syz.1.387'. [ 114.356795][ T6852] bridge0: port 3(gretap0) entered blocking state [ 114.363564][ T6852] bridge0: port 3(gretap0) entered disabled state [ 114.370764][ T6852] gretap0: entered allmulticast mode [ 114.378150][ T6852] gretap0: entered promiscuous mode [ 114.391232][ T6852] gretap0: left allmulticast mode [ 114.396379][ T6852] gretap0: left promiscuous mode [ 114.402556][ T6852] bridge0: port 3(gretap0) entered disabled state [ 114.404064][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 114.414128][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 114.599010][ T6859] netlink: 36 bytes leftover after parsing attributes in process `syz.2.390'. [ 114.618568][ T6859] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.628400][ T6858] loop0: detected capacity change from 0 to 2048 [ 114.686382][ T6858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.712497][ T27] audit: type=1326 audit(1768218973.355:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.2.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 114.758534][ T27] audit: type=1326 audit(1768218973.355:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.2.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 114.782816][ T27] audit: type=1326 audit(1768218973.355:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.2.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 114.808550][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.810884][ T27] audit: type=1326 audit(1768218973.355:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.2.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 114.840346][ T27] audit: type=1326 audit(1768218973.365:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.2.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 114.866573][ T6869] loop3: detected capacity change from 0 to 512 [ 114.900711][ T6869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.925221][ T6869] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.988701][ T6873] loop0: detected capacity change from 0 to 512 [ 114.996709][ T6873] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 115.020073][ T6873] EXT4-fs (loop0): 1 truncate cleaned up [ 115.036569][ T6873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.116872][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.151211][ T6876] netlink: 28 bytes leftover after parsing attributes in process `syz.1.395'. [ 115.177563][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.305355][ T6882] loop3: detected capacity change from 0 to 512 [ 115.324090][ T6880] netlink: 12 bytes leftover after parsing attributes in process `syz.0.397'. [ 115.338015][ T6882] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 115.363328][ T6882] EXT4-fs (loop3): mount failed [ 115.440936][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.0.397'. [ 115.465423][ T6882] loop3: detected capacity change from 0 to 1024 [ 115.473295][ T6882] ext4: Unknown parameter 'subj_use' [ 115.538379][ T6888] netlink: 16 bytes leftover after parsing attributes in process `syz.1.400'. [ 115.573851][ T6882] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 115.607088][ T6882] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 115.745026][ T6896] netlink: 96 bytes leftover after parsing attributes in process `syz.0.403'. [ 116.060454][ T6908] netlink: 16 bytes leftover after parsing attributes in process `syz.3.409'. [ 116.284365][ T6919] netlink: 96 bytes leftover after parsing attributes in process `syz.0.413'. [ 116.303340][ T6917] loop3: detected capacity change from 0 to 128 [ 116.612265][ T6929] loop3: detected capacity change from 0 to 256 [ 116.644261][ T6929] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 117.120808][ T6933] lo speed is unknown, defaulting to 1000 [ 117.607172][ T6954] loop0: detected capacity change from 0 to 512 [ 117.641812][ T6954] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 117.686352][ T6954] EXT4-fs (loop0): 1 truncate cleaned up [ 117.693604][ T6954] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.928321][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.120343][ T27] kauditd_printk_skb: 48 callbacks suppressed [ 118.120357][ T27] audit: type=1326 audit(1768218976.765:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.133606][ T6972] bond2: entered promiscuous mode [ 118.154554][ T6972] 8021q: adding VLAN 0 to HW filter on device bond2 [ 118.189159][ T27] audit: type=1326 audit(1768218976.765:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.211705][ T27] audit: type=1326 audit(1768218976.765:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.236814][ T27] audit: type=1326 audit(1768218976.765:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.259380][ T27] audit: type=1326 audit(1768218976.825:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.324469][ T27] audit: type=1326 audit(1768218976.825:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.351425][ T6972] bridge1: entered promiscuous mode [ 118.359951][ T27] audit: type=1326 audit(1768218976.825:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f006b78f749 code=0x7ffc0000 [ 118.386268][ T27] audit: type=1326 audit(1768218976.825:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f006b78f783 code=0x7ffc0000 [ 118.412910][ T27] audit: type=1326 audit(1768218976.825:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f006b78f807 code=0x7ffc0000 [ 118.459612][ T27] audit: type=1326 audit(1768218976.825:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6973 comm="syz.1.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f006b746bdd code=0x7ffc0000 [ 118.981159][ T6996] loop3: detected capacity change from 0 to 128 [ 119.419768][ T7009] loop0: detected capacity change from 0 to 512 [ 119.426992][ T7011] __nla_validate_parse: 5 callbacks suppressed [ 119.427007][ T7011] netlink: 12 bytes leftover after parsing attributes in process `syz.3.451'. [ 119.459626][ T7009] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 119.499706][ T7011] bond3: entered promiscuous mode [ 119.524288][ T7011] 8021q: adding VLAN 0 to HW filter on device bond3 [ 119.536529][ T7009] EXT4-fs (loop0): 1 truncate cleaned up [ 119.543206][ T7015] netlink: 20 bytes leftover after parsing attributes in process `syz.2.452'. [ 119.543371][ T7009] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.661654][ T7011] bridge1: entered promiscuous mode [ 119.680724][ T7011] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 119.706910][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.798415][ T7020] netlink: 96 bytes leftover after parsing attributes in process `syz.2.455'. [ 120.235605][ T7037] loop3: detected capacity change from 0 to 512 [ 120.277821][ T7037] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 120.342532][ T7037] EXT4-fs (loop3): 1 truncate cleaned up [ 120.357721][ T7040] loop2: detected capacity change from 0 to 1024 [ 120.367959][ T7037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.422488][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.440769][ T7040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.693376][ T7047] netlink: 96 bytes leftover after parsing attributes in process `syz.3.465'. [ 120.886613][ T7054] netlink: 4 bytes leftover after parsing attributes in process `syz.0.468'. [ 121.501896][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.702929][ T7064] loop0: detected capacity change from 0 to 512 [ 121.740045][ T7064] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 121.796343][ T7064] EXT4-fs (loop0): 1 truncate cleaned up [ 121.803275][ T7064] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.892627][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.904588][ T7074] netlink: 60 bytes leftover after parsing attributes in process `syz.1.476'. [ 121.967059][ T7075] netlink: 96 bytes leftover after parsing attributes in process `syz.2.477'. [ 121.980824][ T7074] netlink: 60 bytes leftover after parsing attributes in process `syz.1.476'. [ 122.199117][ T7074] netlink: 60 bytes leftover after parsing attributes in process `syz.1.476'. [ 122.388730][ T7094] loop0: detected capacity change from 0 to 512 [ 122.399109][ T7094] ext4: Unknown parameter 'smackfsroot' [ 122.505414][ T7100] netlink: 96 bytes leftover after parsing attributes in process `syz.1.488'. [ 122.690045][ T7104] loop3: detected capacity change from 0 to 8192 [ 123.092624][ T7128] tipc: Enabling of bearer rejected, failed to enable media [ 123.429798][ T27] kauditd_printk_skb: 157 callbacks suppressed [ 123.429811][ T27] audit: type=1326 audit(1768218982.075:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7105 comm="syz.0.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 123.480553][ T27] audit: type=1326 audit(1768218982.075:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7105 comm="syz.0.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 123.717545][ T7133] loop2: detected capacity change from 0 to 164 [ 123.750787][ T7133] Unable to read rock-ridge attributes [ 123.762461][ T7133] Unable to read rock-ridge attributes [ 123.835988][ T7135] lo speed is unknown, defaulting to 1000 [ 123.925960][ T7140] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 123.933073][ T7140] batman_adv: batadv0: Removing interface: virt_wifi0 [ 123.966341][ T7140] bond3: (slave bridge1): Releasing backup interface [ 123.976438][ T7140] bridge1: left promiscuous mode [ 125.000110][ T7169] loop3: detected capacity change from 0 to 128 [ 125.018515][ T27] audit: type=1326 audit(1768218983.665:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.040995][ T27] audit: type=1326 audit(1768218983.665:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.063860][ T27] audit: type=1326 audit(1768218983.675:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.086673][ T27] audit: type=1326 audit(1768218983.675:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.115372][ T27] audit: type=1326 audit(1768218983.675:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.115883][ T7148] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 125.138380][ T27] audit: type=1326 audit(1768218983.675:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.168623][ T27] audit: type=1326 audit(1768218983.675:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.215694][ T27] audit: type=1326 audit(1768218983.675:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7168 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 125.568884][ T7182] lo speed is unknown, defaulting to 1000 [ 125.996240][ T7202] __nla_validate_parse: 3 callbacks suppressed [ 125.996256][ T7202] netlink: 4 bytes leftover after parsing attributes in process `syz.0.524'. [ 126.026345][ T7205] loop2: detected capacity change from 0 to 256 [ 126.075404][ T7205] FAT-fs (loop2): Directory bread(block 64) failed [ 126.089584][ T7205] FAT-fs (loop2): Directory bread(block 65) failed [ 126.100419][ T7205] FAT-fs (loop2): Directory bread(block 66) failed [ 126.115759][ T7205] FAT-fs (loop2): Directory bread(block 67) failed [ 126.123773][ T7205] FAT-fs (loop2): Directory bread(block 68) failed [ 126.132158][ T7205] FAT-fs (loop2): Directory bread(block 69) failed [ 126.150997][ T7205] FAT-fs (loop2): Directory bread(block 70) failed [ 126.158824][ T7205] FAT-fs (loop2): Directory bread(block 71) failed [ 126.166129][ T7205] FAT-fs (loop2): Directory bread(block 72) failed [ 126.173175][ T7205] FAT-fs (loop2): Directory bread(block 73) failed [ 126.231484][ T7205] ÿ: attempt to access beyond end of device [ 126.231484][ T7205] loop2: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 126.252657][ T7209] netlink: 'syz.0.526': attribute type 21 has an invalid length. [ 126.268952][ T7205] ÿ: attempt to access beyond end of device [ 126.268952][ T7205] loop2: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 126.570974][ T7220] loop0: detected capacity change from 0 to 512 [ 126.580864][ T7220] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 126.615586][ T7220] EXT4-fs (loop0): 1 truncate cleaned up [ 126.630772][ T7220] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.728737][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.428828][ T7263] syz.3.549[7263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.428951][ T7263] syz.3.549[7263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.561772][ T7268] netlink: 20 bytes leftover after parsing attributes in process `syz.0.547'. [ 127.689863][ T7273] vlan2: entered allmulticast mode [ 127.852297][ T7275] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.883406][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.976590][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 128.370845][ T7281] netlink: 'syz.0.555': attribute type 1 has an invalid length. [ 128.400779][ T7281] 8021q: adding VLAN 0 to HW filter on device bond1 [ 128.412711][ T7286] loop3: detected capacity change from 0 to 1024 [ 128.458554][ T7286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 128.471878][ T7286] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.591372][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 128.668161][ T7281] bond1 (unregistering): Released all slaves [ 128.994941][ T7297] process 'syz.0.562' launched '/dev/fd/6' with NULL argv: empty string added [ 129.031077][ T7297] netlink: 12 bytes leftover after parsing attributes in process `syz.0.562'. [ 129.369619][ T7319] loop0: detected capacity change from 0 to 164 [ 129.392379][ T7319] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 129.424634][ T27] kauditd_printk_skb: 195 callbacks suppressed [ 129.424647][ T27] audit: type=1326 audit(1768218988.075:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.425554][ T7319] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 129.430865][ T27] audit: type=1326 audit(1768218988.075:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.506183][ T7319] Symlink component flag not implemented [ 129.517943][ T7319] Symlink component flag not implemented [ 129.526217][ T7323] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 129.535364][ T7319] Symlink component flag not implemented (7) [ 129.541377][ T7319] Symlink component flag not implemented (116) [ 129.549263][ T27] audit: type=1326 audit(1768218988.195:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.580081][ T27] audit: type=1326 audit(1768218988.225:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.610107][ T27] audit: type=1326 audit(1768218988.225:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.610139][ T7323] rock: directory entry would overflow storage [ 129.639073][ T27] audit: type=1326 audit(1768218988.225:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.662997][ T7323] rock: sig=0x4f50, size=4, remaining=3 [ 129.668722][ T7323] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 129.676857][ T27] audit: type=1326 audit(1768218988.225:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.701560][ T27] audit: type=1326 audit(1768218988.225:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.724262][ T27] audit: type=1326 audit(1768218988.225:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.746941][ T27] audit: type=1326 audit(1768218988.225:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f182d58f749 code=0x7ffc0000 [ 129.915228][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 130.331804][ T7344] syz.0.581: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 130.361574][ T7344] CPU: 0 PID: 7344 Comm: syz.0.581 Not tainted syzkaller #0 [ 130.368918][ T7344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 130.379017][ T7344] Call Trace: [ 130.382343][ T7344] [ 130.385297][ T7344] dump_stack_lvl+0x16c/0x230 [ 130.390024][ T7344] ? show_regs_print_info+0x20/0x20 [ 130.395254][ T7344] ? load_image+0x3b0/0x3b0 [ 130.399795][ T7344] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 130.406234][ T7344] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 130.412774][ T7344] warn_alloc+0x210/0x300 [ 130.417135][ T7344] ? stack_trace_save+0x9c/0xe0 [ 130.422020][ T7344] ? zone_watermark_ok_safe+0x230/0x230 [ 130.427609][ T7344] ? kasan_set_track+0x5f/0x70 [ 130.432388][ T7344] ? kasan_set_track+0x4e/0x70 [ 130.437168][ T7344] ? __kasan_kmalloc+0x8f/0xa0 [ 130.441946][ T7344] ? xsk_init_queue+0xb0/0x110 [ 130.446727][ T7344] ? xsk_setsockopt+0x43c/0x6f0 [ 130.451598][ T7344] ? do_sock_setsockopt+0x175/0x1a0 [ 130.456812][ T7344] ? __x64_sys_setsockopt+0x184/0x200 [ 130.462206][ T7344] __vmalloc_node_range+0x126/0x1320 [ 130.467530][ T7344] ? free_vm_area+0x50/0x50 [ 130.472041][ T7344] vmalloc_user+0x74/0x80 [ 130.476368][ T7344] ? xskq_create+0xbf/0x170 [ 130.480870][ T7344] xskq_create+0xbf/0x170 [ 130.485196][ T7344] xsk_init_queue+0xb0/0x110 [ 130.489784][ T7344] xsk_setsockopt+0x43c/0x6f0 [ 130.494464][ T7344] ? xsk_poll+0x670/0x670 [ 130.498793][ T7344] ? __fget_files+0x28/0x4d0 [ 130.503378][ T7344] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 130.508918][ T7344] ? security_socket_setsockopt+0x7e/0xa0 [ 130.514640][ T7344] ? xsk_poll+0x670/0x670 [ 130.518975][ T7344] do_sock_setsockopt+0x175/0x1a0 [ 130.523999][ T7344] ? __fdget+0x180/0x210 [ 130.528255][ T7344] __x64_sys_setsockopt+0x184/0x200 [ 130.533461][ T7344] do_syscall_64+0x55/0xb0 [ 130.537883][ T7344] ? clear_bhb_loop+0x40/0x90 [ 130.542557][ T7344] ? clear_bhb_loop+0x40/0x90 [ 130.547228][ T7344] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 130.553113][ T7344] RIP: 0033:0x7f182d58f749 [ 130.557536][ T7344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.577141][ T7344] RSP: 002b:00007f182b7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 130.585551][ T7344] RAX: ffffffffffffffda RBX: 00007f182d7e5fa0 RCX: 00007f182d58f749 [ 130.593514][ T7344] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008 [ 130.601477][ T7344] RBP: 00007f182d613f91 R08: 0000000000000004 R09: 0000000000000000 [ 130.609439][ T7344] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.617407][ T7344] R13: 00007f182d7e6038 R14: 00007f182d7e5fa0 R15: 00007ffc27cbe388 [ 130.625403][ T7344] [ 130.635171][ T7344] Mem-Info: [ 130.638329][ T7344] active_anon:4376 inactive_anon:0 isolated_anon:0 [ 130.638329][ T7344] active_file:7377 inactive_file:50148 isolated_file:0 [ 130.638329][ T7344] unevictable:768 dirty:102 writeback:0 [ 130.638329][ T7344] slab_reclaimable:10805 slab_unreclaimable:114677 [ 130.638329][ T7344] mapped:24171 shmem:1382 pagetables:491 [ 130.638329][ T7344] sec_pagetables:0 bounce:0 [ 130.638329][ T7344] kernel_misc_reclaimable:0 [ 130.638329][ T7344] free:1313231 free_pcp:9089 free_cma:0 [ 130.724312][ T7349] lo speed is unknown, defaulting to 1000 [ 130.729161][ T7344] Node 0 active_anon:17404kB inactive_anon:0kB active_file:29508kB inactive_file:200388kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96584kB dirty:408kB writeback:0kB shmem:3992kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11368kB pagetables:1964kB sec_pagetables:0kB all_unreclaimable? no [ 130.801875][ T7344] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 130.846360][ T7344] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 130.884122][ T7344] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 130.900309][ T7344] Node 0 DMA32 free:1316876kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:24060kB inactive_anon:0kB active_file:29508kB inactive_file:199052kB unevictable:1536kB writepending:408kB present:3129332kB managed:2589632kB mlocked:0kB bounce:0kB free_pcp:8212kB local_pcp:7136kB free_cma:0kB [ 131.103973][ T7344] lowmem_reserve[]: 0 0 1 1 1 [ 131.108757][ T7344] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 131.115481][ T5807] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 131.164006][ T7344] lowmem_reserve[]: 0 0 0 0 0 [ 131.169211][ T7344] Node 1 Normal free:3888808kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:27800kB local_pcp:13408kB free_cma:0kB [ 131.332652][ T7355] Bluetooth: hci4: Frame reassembly failed (-84) [ 131.579382][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 131.625616][ T7344] lowmem_reserve[]: 0 0 0 0 0 [ 131.753989][ T7344] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 131.797096][ T7344] Node 0 DMA32: 0*4kB 3*8kB (UE) 226*16kB (M) 469*32kB (M) 117*64kB (UME) 52*128kB (UME) 41*256kB (ME) 21*512kB (M) 6*1024kB (UME) 1*2048kB (M) 300*4096kB (M) = 1291032kB [ 131.853983][ T7344] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 131.873955][ T7344] Node 1 Normal: 208*4kB (UE) 55*8kB (UME) 21*16kB (UME) 51*32kB (UME) 21*64kB (UE) 6*128kB (UME) 0*256kB 1*512kB (M) 0*1024kB 2*2048kB (UE) 947*4096kB (M) = 3888872kB [ 131.912706][ T7344] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 131.932688][ T7344] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 131.943913][ T7344] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 131.963992][ T7344] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 131.983634][ T7344] 63878 total pagecache pages [ 131.991152][ T7344] 0 pages in swap cache [ 131.991383][ T5807] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 132.013974][ T5807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.014516][ T7344] Free swap = 124368kB [ 132.028434][ T7344] Total swap = 124996kB [ 132.032620][ T7344] 2097051 pages RAM [ 132.033967][ T5807] usb 1-1: Product: syz [ 132.040595][ T5807] usb 1-1: Manufacturer: syz [ 132.043932][ T7344] 0 pages HighMem/MovableOnly [ 132.060858][ T7344] 416129 pages reserved [ 132.064159][ T5807] usb 1-1: SerialNumber: syz [ 132.065133][ T7344] 0 pages cma reserved [ 132.328943][ T5807] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 132.368812][ T5807] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 132.384531][ T5807] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 132.397992][ T5807] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 132.409497][ T5807] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 132.428495][ T5807] lan78xx: probe of 1-1:1.0 failed with error -71 [ 132.448068][ T5807] usb 1-1: USB disconnect, device number 2 [ 133.050094][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.331510][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x1 [ 133.352152][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.363682][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.380529][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.396823][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.414025][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.427302][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.441196][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.444039][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 133.474816][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x2 [ 133.505747][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.536685][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.586385][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.626235][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.642585][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.660797][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x2 [ 133.670989][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.691300][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.702669][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.706289][ T7376] lo speed is unknown, defaulting to 1000 [ 133.727406][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.745887][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.761452][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.772618][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.789793][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.800200][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.818441][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.829305][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.859737][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.871701][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.881427][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.892388][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.903279][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.916562][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.928378][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.940052][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.948977][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 133.960195][ T9] hid-generic 0000:0000:FFFFFFFC.0001: unknown main item tag 0x0 [ 134.006157][ T9] hid-generic 0000:0000:FFFFFFFC.0001: hidraw0: HID v8.00 Device [syz0] on syz0 [ 134.202612][ T7381] IPv6: NLM_F_CREATE should be specified when creating new route [ 134.370052][ T7385] netlink: 20 bytes leftover after parsing attributes in process `syz.1.597'. [ 136.161267][ T7410] Bluetooth: hci4: Frame reassembly failed (-84) [ 136.216862][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 136.938324][ T7416] vlan2: entered allmulticast mode [ 137.130596][ T7418] loop0: detected capacity change from 0 to 1024 [ 137.180698][ T7420] netlink: 60 bytes leftover after parsing attributes in process `syz.1.609'. [ 137.212205][ T7420] IPVS: Unknown mcast interface: ve [ 137.226445][ T7418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.268114][ T7418] ext4 filesystem being mounted at /156/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.396579][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.119547][ T11] Bluetooth: hci5: Frame reassembly failed (-84) [ 138.220565][ T11] Bluetooth: hci5: Frame reassembly failed (-84) [ 138.244255][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 138.510114][ T7432] loop3: detected capacity change from 0 to 256 [ 138.566706][ T7432] FAT-fs (loop3): Directory bread(block 64) failed [ 138.573284][ T7432] FAT-fs (loop3): Directory bread(block 65) failed [ 138.599485][ T7432] FAT-fs (loop3): Directory bread(block 66) failed [ 138.617018][ T7432] FAT-fs (loop3): Directory bread(block 67) failed [ 138.623672][ T7432] FAT-fs (loop3): Directory bread(block 68) failed [ 138.646581][ T7432] FAT-fs (loop3): Directory bread(block 69) failed [ 138.663458][ T7432] FAT-fs (loop3): Directory bread(block 70) failed [ 138.680661][ T7432] FAT-fs (loop3): Directory bread(block 71) failed [ 138.694100][ T7432] FAT-fs (loop3): Directory bread(block 72) failed [ 138.710923][ T7432] FAT-fs (loop3): Directory bread(block 73) failed [ 138.807083][ T7432] FAT-fs (loop3): Filesystem has been set read-only [ 138.826027][ T27] kauditd_printk_skb: 85 callbacks suppressed [ 138.826040][ T27] audit: type=1800 audit(1768218997.475:970): pid=7432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.612" name="cpu.stat" dev="loop3" ino=1048599 res=0 errno=0 [ 138.855967][ T7432] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006c61) [ 138.897429][ T27] audit: type=1326 audit(1768218997.545:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 138.954060][ T27] audit: type=1326 audit(1768218997.545:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 138.994032][ T27] audit: type=1326 audit(1768218997.575:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.063994][ T27] audit: type=1326 audit(1768218997.575:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.123983][ T27] audit: type=1326 audit(1768218997.575:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.183741][ T7443] siw: device registration error -23 [ 139.203972][ T27] audit: type=1326 audit(1768218997.575:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.263955][ T27] audit: type=1326 audit(1768218997.575:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.313978][ T27] audit: type=1326 audit(1768218997.575:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 139.355212][ T7448] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 140.004120][ T5774] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 140.494222][ T7466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.627'. [ 140.542410][ T7468] siw: device registration error -23 [ 140.638764][ T7472] lo speed is unknown, defaulting to 1000 [ 141.974188][ T7491] loop2: detected capacity change from 0 to 164 [ 142.008358][ T7491] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 142.067426][ T27] audit: type=1326 audit(1768219000.715:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.2.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 142.068006][ T7491] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 142.125361][ T7491] Symlink component flag not implemented [ 142.131046][ T7491] Symlink component flag not implemented [ 142.174084][ T7491] Symlink component flag not implemented (7) [ 142.174136][ T7496] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 142.180087][ T7491] Symlink component flag not implemented (116) [ 142.217580][ T7496] rock: directory entry would overflow storage [ 142.223788][ T7496] rock: sig=0x4f50, size=4, remaining=3 [ 142.275143][ T7496] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 142.305517][ T7499] siw: device registration error -23 [ 142.532304][ T7505] netlink: 12 bytes leftover after parsing attributes in process `syz.1.642'. [ 142.582183][ T7505] bond1: entered promiscuous mode [ 142.588939][ T7505] 8021q: adding VLAN 0 to HW filter on device bond1 [ 142.641215][ T7513] netlink: 'syz.2.645': attribute type 13 has an invalid length. [ 142.690345][ T7515] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 142.876879][ T7513] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.385622][ T7513] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.396251][ T7513] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.405946][ T7513] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.415933][ T7513] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.613980][ T7522] netlink: 24 bytes leftover after parsing attributes in process `syz.1.648'. [ 143.628377][ T7522] netlink: 32 bytes leftover after parsing attributes in process `syz.1.648'. [ 143.678559][ T7524] siw: device registration error -23 [ 143.684174][ T7527] loop3: detected capacity change from 0 to 512 [ 143.692882][ T7528] netlink: 'syz.2.651': attribute type 12 has an invalid length. [ 143.704883][ T7527] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 143.763541][ T7527] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.650: corrupted xattr entries [ 143.796001][ T7527] EXT4-fs (loop3): 1 orphan inode deleted [ 143.802986][ T7527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.834764][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 143.834777][ T27] audit: type=1326 audit(1768219002.485:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 143.857706][ T7527] EXT4-fs error (device loop3): ext4_lookup:1858: inode #16: comm syz.3.650: iget: bogus i_mode (0) [ 143.884525][ T7538] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 143.923060][ T27] audit: type=1326 audit(1768219002.515:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 143.953527][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.973804][ T27] audit: type=1326 audit(1768219002.515:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 143.996786][ T27] audit: type=1326 audit(1768219002.515:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.020448][ T27] audit: type=1326 audit(1768219002.515:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.045066][ T7540] netlink: 12 bytes leftover after parsing attributes in process `syz.1.656'. [ 144.047637][ T27] audit: type=1326 audit(1768219002.525:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.102535][ T7540] bond2: entered promiscuous mode [ 144.124896][ T27] audit: type=1326 audit(1768219002.535:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.148181][ T27] audit: type=1326 audit(1768219002.535:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.170754][ T27] audit: type=1326 audit(1768219002.535:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.177824][ T7540] 8021q: adding VLAN 0 to HW filter on device bond2 [ 144.196351][ T27] audit: type=1326 audit(1768219002.535:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1b8f749 code=0x7ffc0000 [ 144.227247][ T7545] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 144.272752][ T7545] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 144.272997][ T7551] loop2: detected capacity change from 0 to 512 [ 144.291720][ T7551] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 144.300434][ T7545] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 144.315183][ T7551] EXT4-fs (loop2): invalid journal inode [ 144.320789][ T7549] loop0: detected capacity change from 0 to 512 [ 144.321015][ T7551] EXT4-fs (loop2): can't get journal size [ 144.338236][ T7549] EXT4-fs (loop0): bad block size 8192 [ 144.341339][ T7540] bridge4: entered promiscuous mode [ 144.365903][ T7551] EXT4-fs (loop2): 1 truncate cleaned up [ 144.384220][ T7551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.422081][ T7549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 144.451418][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.077299][ T7577] netlink: 12 bytes leftover after parsing attributes in process `syz.0.670'. [ 145.161260][ T7579] loop3: detected capacity change from 0 to 256 [ 145.183584][ T7579] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 145.499275][ T7579] bridge0: port 1(gretap0) entered blocking state [ 145.513330][ T7579] bridge0: port 1(gretap0) entered disabled state [ 145.520062][ T7579] gretap0: entered allmulticast mode [ 145.527064][ T7579] gretap0: entered promiscuous mode [ 145.533294][ T7579] bridge0: port 1(gretap0) entered blocking state [ 145.539868][ T7579] bridge0: port 1(gretap0) entered forwarding state [ 145.721414][ T7596] siw: device registration error -23 [ 145.957336][ T7610] syzkaller1: entered promiscuous mode [ 145.973062][ T7610] syzkaller1: entered allmulticast mode [ 146.135782][ T7619] loop3: detected capacity change from 0 to 1024 [ 146.146394][ T7619] EXT4-fs: Ignoring removed bh option [ 146.209559][ T7619] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.245454][ T7625] netlink: 72 bytes leftover after parsing attributes in process `syz.1.693'. [ 146.292675][ T7626] siw: device registration error -23 [ 146.403485][ T7619] EXT4-fs error (device loop3): ext4_xattr_block_find:1878: inode #15: comm syz.3.691: corrupted xattr block 113: invalid header [ 146.443946][ T7619] EXT4-fs (loop3): Remounting filesystem read-only [ 146.516411][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.615704][ T5844] kernel write not supported for file bpf-prog (pid: 5844 comm: kworker/1:4) [ 146.674300][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.094337][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.103102][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.111885][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.120739][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.129565][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.138314][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.147099][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.155840][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.164741][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.606562][ T7654] lo speed is unknown, defaulting to 1000 [ 147.674092][ T5844] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 147.875930][ T5844] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 147.894165][ T5844] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 147.895501][ T7659] vlan2: entered promiscuous mode [ 147.913735][ T5844] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 147.923365][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.939725][ T7659] vlan2: entered allmulticast mode [ 147.945280][ T7659] hsr_slave_1: entered allmulticast mode [ 148.019868][ T7659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.703'. [ 148.141768][ T5844] usb 1-1: usb_control_msg returned -32 [ 148.148648][ T5844] usbtmc 1-1:16.0: can't read capabilities [ 148.187412][ T5844] usb 1-1: USB disconnect, device number 3 [ 150.163886][ C1] sched: RT throttling activated [ 151.273816][ T7688] lo speed is unknown, defaulting to 1000 [ 151.631827][ T7698] netlink: 60 bytes leftover after parsing attributes in process `syz.2.716'. [ 151.651045][ T7698] IPVS: Unknown mcast interface: ve [ 152.407001][ T7719] bridge0: port 2(netdevsim0) entered blocking state [ 152.417616][ T7719] bridge0: port 2(netdevsim0) entered disabled state [ 152.430563][ T7719] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 152.457642][ T7719] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 152.469981][ T7719] bridge0: port 2(netdevsim0) entered blocking state [ 152.476897][ T7719] bridge0: port 2(netdevsim0) entered forwarding state [ 152.529777][ T7723] siw: device registration error -23 [ 152.775021][ T7728] netlink: 60 bytes leftover after parsing attributes in process `syz.0.729'. [ 152.797297][ T7728] IPVS: Unknown mcast interface: ve [ 152.914970][ T7733] vlan2: entered allmulticast mode [ 153.244335][ T7742] siw: device registration error -23 [ 153.657123][ T7758] netlink: 60 bytes leftover after parsing attributes in process `syz.0.740'. [ 153.686492][ T7758] IPVS: Unknown mcast interface: ve [ 153.740134][ T7759] lo speed is unknown, defaulting to 1000 [ 155.195920][ T7757] netlink: 36 bytes leftover after parsing attributes in process `syz.1.735'. [ 155.626948][ T7778] siw: device registration error -23 [ 155.766287][ T7786] netlink: 60 bytes leftover after parsing attributes in process `syz.0.750'. [ 155.776664][ T7786] IPVS: Unknown mcast interface: ve [ 156.117254][ T7792] overlayfs: failed to clone upperpath [ 156.520809][ T7799] team0: Mode changed to "random" [ 157.567672][ T7807] siw: device registration error -23 [ 157.755322][ T7812] netlink: 60 bytes leftover after parsing attributes in process `syz.3.759'. [ 157.832508][ T7812] IPVS: Unknown mcast interface: ve [ 158.018950][ T7823] netlink: 96 bytes leftover after parsing attributes in process `syz.1.763'. [ 158.277064][ T7831] netlink: 'syz.2.766': attribute type 21 has an invalid length. [ 158.285163][ T7831] IPv6: NLM_F_CREATE should be specified when creating new route [ 158.388923][ T7837] vlan2: entered allmulticast mode [ 158.418459][ T7840] siw: device registration error -23 [ 158.537226][ T7842] netlink: 60 bytes leftover after parsing attributes in process `syz.2.770'. [ 158.547930][ T7842] IPVS: Unknown mcast interface: ve [ 158.645719][ T7847] netlink: 96 bytes leftover after parsing attributes in process `syz.1.772'. [ 158.724145][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 158.732312][ T5763] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 159.189401][ T7863] netlink: 12 bytes leftover after parsing attributes in process `syz.1.779'. [ 159.210233][ T7861] siw: device registration error -23 [ 159.221420][ T7866] ksmbd: Unknown IPC event: 10, ignore. [ 159.228891][ T7863] bond3: entered promiscuous mode [ 159.246146][ T7863] 8021q: adding VLAN 0 to HW filter on device bond3 [ 161.165834][ T7899] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 162.630084][ T7915] netlink: 12 bytes leftover after parsing attributes in process `syz.1.798'. [ 162.699247][ T7917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.799'. [ 162.714014][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 162.714276][ T5763] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 162.825370][ T7920] siw: device registration error -23 [ 163.003828][ T7934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.805'. [ 163.505367][ T7942] netlink: 24 bytes leftover after parsing attributes in process `syz.2.809'. [ 164.954392][ T7971] netlink: 24 bytes leftover after parsing attributes in process `syz.1.819'. [ 166.404293][ T7996] netlink: 24 bytes leftover after parsing attributes in process `syz.1.828'. [ 166.968864][ T8023] netlink: 24 bytes leftover after parsing attributes in process `syz.0.839'. [ 167.351031][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 169.274251][ T5763] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 169.280905][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 169.705663][ T8100] netlink: 24 bytes leftover after parsing attributes in process `syz.2.849'. [ 169.810960][ T8104] vlan2: entered allmulticast mode [ 171.477746][ T8129] netlink: 'syz.2.859': attribute type 1 has an invalid length. [ 171.793080][ T8129] bond1: entered promiscuous mode [ 171.799649][ T8129] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.923002][ T8130] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.930086][ T8130] bond1: (slave gre1): The slave device specified does not support setting the MAC address [ 171.940127][ T8130] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 171.951887][ T8130] bond1: (slave gre1): making interface the new active one [ 171.959176][ T8130] gre1: entered promiscuous mode [ 171.965575][ T8130] bond1: (slave gre1): Enslaving as an active interface with an up link [ 172.001729][ T8133] netlink: 24 bytes leftover after parsing attributes in process `syz.3.860'. [ 172.099772][ T8137] netlink: 8 bytes leftover after parsing attributes in process `syz.0.861'. [ 172.132348][ T8137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.861'. [ 172.954779][ T8150] block device autoloading is deprecated and will be removed. [ 173.688233][ T161] Bluetooth: hci4: Frame reassembly failed (-84) [ 173.988101][ T8161] netlink: 24 bytes leftover after parsing attributes in process `syz.1.871'. [ 174.640372][ T8186] netlink: 24 bytes leftover after parsing attributes in process `syz.1.881'. [ 175.434024][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 175.440782][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 175.727629][ T8205] netlink: 24 bytes leftover after parsing attributes in process `syz.2.890'. [ 176.358512][ T8227] netlink: 24 bytes leftover after parsing attributes in process `syz.0.900'. [ 176.535965][ T42] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 176.844102][ T42] usb 4-1: Using ep0 maxpacket: 8 [ 176.957556][ T42] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 177.021086][ T42] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 177.047028][ T42] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 177.069466][ T42] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 177.100098][ T42] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 177.137502][ T42] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 177.167600][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.389352][ T42] usb 4-1: GET_CAPABILITIES returned 0 [ 177.397819][ T42] usbtmc 4-1:16.0: can't read capabilities [ 179.343070][ T6645] usb 4-1: USB disconnect, device number 2 [ 181.740332][ T8290] warning: `syz.0.918' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 181.825361][ T8297] fuse: Bad value for 'fd' [ 182.808620][ T8328] nbd0: detected capacity change from 0 to 8589934655 [ 183.389531][ T8341] netlink: 96 bytes leftover after parsing attributes in process `syz.2.943'. [ 183.419033][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.944'. [ 183.449868][ T5774] block nbd0: Receive control failed (result -32) [ 183.525334][ T8346] vlan2: entered allmulticast mode [ 183.833970][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout [ 184.421747][ T8371] netlink: 96 bytes leftover after parsing attributes in process `syz.2.953'. [ 184.780205][ T8383] syz.1.958 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 185.399000][ T8388] netlink: 24 bytes leftover after parsing attributes in process `syz.1.960'. [ 186.693348][ T8400] netlink: 96 bytes leftover after parsing attributes in process `syz.3.964'. [ 187.168041][ T8415] netlink: 24 bytes leftover after parsing attributes in process `syz.2.970'. [ 187.401582][ T8420] overlayfs: failed to clone upperpath [ 187.422298][ T8421] netlink: 16 bytes leftover after parsing attributes in process `syz.2.971'. [ 188.082287][ T8427] netlink: 96 bytes leftover after parsing attributes in process `syz.0.974'. [ 188.316716][ T8437] netlink: 24 bytes leftover after parsing attributes in process `syz.1.979'. [ 188.345956][ T8439] vlan2: entered allmulticast mode [ 188.677834][ T8452] netlink: 96 bytes leftover after parsing attributes in process `syz.0.986'. [ 188.698088][ T8450] netlink: 'syz.2.985': attribute type 1 has an invalid length. [ 188.729945][ T8450] 8021q: adding VLAN 0 to HW filter on device bond2 [ 189.067195][ T8462] netlink: 24 bytes leftover after parsing attributes in process `syz.0.990'. [ 189.126894][ T8450] bond2 (unregistering): Released all slaves [ 189.196354][ T8466] vlan2: entered allmulticast mode [ 190.116745][ T8474] netlink: 96 bytes leftover after parsing attributes in process `syz.2.996'. [ 190.886833][ T8494] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1001'. [ 190.996369][ T8497] vlan2: entered allmulticast mode [ 191.412773][ T8508] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1007'. [ 191.545670][ T8516] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1011'. [ 191.557479][ T8516] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1011'. [ 191.633260][ T8522] netlink: 'syz.3.1014': attribute type 21 has an invalid length. [ 191.642366][ T8522] IPv6: NLM_F_CREATE should be specified when creating new route [ 191.651752][ T8522] netlink: 'syz.3.1014': attribute type 1 has an invalid length. [ 191.902243][ T8537] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1021'. [ 191.912860][ T8537] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1021'. [ 192.483045][ T8557] loop3: detected capacity change from 0 to 512 [ 192.524941][ T8557] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 192.985613][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 193.121090][ T8557] EXT4-fs (loop3): 1 truncate cleaned up [ 193.128021][ T8557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.892727][ T8571] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1032'. [ 193.903519][ T8571] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1032'. [ 194.113603][ T8559] team0 (unregistering): Port device team_slave_0 removed [ 194.122570][ T8559] team0 (unregistering): Port device team_slave_1 removed [ 194.162399][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.441397][ T8579] lo speed is unknown, defaulting to 1000 [ 194.480867][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.882390][ T8597] 9pnet_fd: Insufficient options for proto=fd [ 195.962486][ T8597] siw: device registration error -23 [ 196.297226][ T8602] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1041'. [ 197.613486][ T8633] Bluetooth: hci4: Frame reassembly failed (-84) [ 197.832338][ T1085] Bluetooth: hci4: Frame reassembly failed (-84) [ 197.947136][ T1085] Bluetooth: hci4: Frame reassembly failed (-84) [ 198.196879][ T8637] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1050'. [ 199.241993][ T8649] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1055'. [ 199.252118][ T8649] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1055'. [ 199.416383][ T8658] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1060'. [ 199.425998][ T8658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1060'. [ 199.437482][ T8658] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1060'. [ 199.532454][ T8666] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1062'. [ 199.674085][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 199.681583][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 199.842945][ T8675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1066'. [ 199.916394][ T8677] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1066'. [ 202.031917][ T8692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1071'. [ 202.067305][ T8692] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1071'. [ 203.761290][ T8704] Bluetooth: hci4: Frame reassembly failed (-84) [ 204.572308][ T8720] __nla_validate_parse: 2 callbacks suppressed [ 204.572321][ T8720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1082'. [ 204.588925][ T8720] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1082'. [ 205.540642][ T8731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1086'. [ 205.552703][ T8731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1086'. [ 205.558510][ T55] block nbd0: Dead connection, failed to find a fallback [ 205.570910][ T55] block nbd0: shutting down sockets [ 205.577515][ T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 205.587580][ T55] Buffer I/O error on dev nbd0, logical block 0, async page read [ 205.597345][ T55] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2 [ 205.606567][ T55] Buffer I/O error on dev nbd0, logical block 1, async page read [ 205.614408][ T55] Buffer I/O error on dev nbd0, logical block 2, async page read [ 205.622175][ T55] Buffer I/O error on dev nbd0, logical block 3, async page read [ 205.631734][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.640965][ T96] Buffer I/O error on dev nbd0, logical block 0, async page read [ 205.648886][ T96] Buffer I/O error on dev nbd0, logical block 1, async page read [ 205.663984][ T96] Buffer I/O error on dev nbd0, logical block 2, async page read [ 205.671838][ T96] Buffer I/O error on dev nbd0, logical block 3, async page read [ 205.680002][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.689244][ T96] Buffer I/O error on dev nbd0, logical block 0, async page read [ 205.697421][ T96] Buffer I/O error on dev nbd0, logical block 1, async page read [ 205.705815][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.715538][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.725205][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.734745][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.744158][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 205.753436][ T8727] ldm_validate_partition_table(): Disk read failed. [ 205.760405][ T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 205.771300][ T8727] Dev nbd0: unable to read RDB block 0 [ 205.778931][ T8727] nbd0: unable to read partition table [ 206.099679][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1092'. [ 206.109965][ T8749] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1092'. [ 206.326706][ T5774] Bluetooth: hci4: command 0x1003 tx timeout [ 206.334866][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 207.484254][ T8762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1096'. [ 207.495373][ T8762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1096'. [ 207.992336][ T8778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1103'. [ 208.002152][ T8778] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1103'. [ 208.053501][ T8779] Bluetooth: hci4: Frame reassembly failed (-84) [ 209.555228][ T1132] Bluetooth: hci5: Frame reassembly failed (-84) [ 210.874382][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 211.162257][ T8810] __nla_validate_parse: 4 callbacks suppressed [ 211.162275][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1112'. [ 211.179741][ T8810] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1112'. [ 211.594028][ T5084] Bluetooth: hci5: command 0x1003 tx timeout [ 211.594119][ T5774] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 212.294440][ T8822] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1117'. [ 212.698567][ T8833] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1120'. [ 212.710245][ T8833] IPVS: Unknown mcast interface: ve [ 213.478488][ T8836] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1121'. [ 213.534192][ T8839] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1121'. [ 213.651205][ T8843] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1126'. [ 213.716011][ T8847] vlan2: entered allmulticast mode [ 213.945852][ T8855] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1129'. [ 213.973927][ T8855] IPVS: Unknown mcast interface: ve [ 214.613928][ T8864] Bluetooth: hci4: Frame reassembly failed (-84) [ 214.817722][ T41] Bluetooth: hci4: Frame reassembly failed (-84) [ 215.328609][ T8868] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1134'. [ 215.574508][ T8876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1136'. [ 215.806770][ T8883] vlan2: entered allmulticast mode [ 215.983254][ T8885] IPVS: Unknown mcast interface: ve [ 216.408675][ T8896] __nla_validate_parse: 2 callbacks suppressed [ 216.408691][ T8896] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1143'. [ 216.494848][ T8898] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1144'. [ 216.647257][ T8902] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1146'. [ 216.720848][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 216.877194][ T8906] vlan2: entered allmulticast mode [ 216.908669][ T8909] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1149'. [ 216.917749][ T8909] IPVS: Unknown mcast interface: ve [ 217.677024][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1152'. [ 217.689716][ T8916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1150'. [ 217.710885][ T8916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1150'. [ 217.972753][ T8927] lo speed is unknown, defaulting to 1000 [ 217.986246][ T8929] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1156'. [ 218.512220][ T8935] Bluetooth: hci4: Frame reassembly failed (-84) [ 219.058729][ T41] Bluetooth: hci4: Frame reassembly failed (-84) [ 219.077837][ T8937] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1158'. [ 219.099335][ T8937] IPVS: Unknown mcast interface: ve [ 219.359115][ T8941] 9pnet_virtio: no channels available for device syz [ 220.517672][ T8950] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1163'. [ 220.740564][ T8958] IPVS: Unknown mcast interface: ve [ 220.884300][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 220.892468][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 221.244030][ T6645] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 221.292627][ T8976] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 221.514244][ T6645] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 221.531415][ T6645] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.544126][ T6645] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 221.553697][ T6645] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 221.571683][ T6645] usb 1-1: Manufacturer: syz [ 221.629793][ T6645] usb 1-1: config 0 descriptor?? [ 221.656154][ T8] libceph: connect (1)[c::]:6789 error -101 [ 221.664393][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 221.701397][ T8988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.711757][ T8988] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 221.955535][ T8] libceph: connect (1)[c::]:6789 error -101 [ 221.981881][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 222.035789][ T6645] rc_core: IR keymap rc-hauppauge not found [ 222.045125][ T6645] Registered IR keymap rc-empty [ 222.065817][ T6645] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 222.090704][ T6645] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5 [ 222.157973][ T6645] usb 1-1: USB disconnect, device number 4 [ 222.191548][ T8984] ceph: No mds server is up or the cluster is laggy [ 222.297213][ T8992] __nla_validate_parse: 2 callbacks suppressed [ 222.297229][ T8992] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1176'. [ 222.333555][ T8992] IPVS: Unknown mcast interface: ve [ 222.465417][ T8994] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1177'. [ 223.947684][ T9017] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1186'. [ 223.960649][ T9017] IPVS: Unknown mcast interface: ve [ 224.027042][ T9015] loop0: detected capacity change from 0 to 1764 [ 224.079689][ T9019] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1187'. [ 225.322875][ T9039] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1195'. [ 225.410901][ T9039] IPVS: Unknown mcast interface: ve [ 225.448065][ T9041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1196'. [ 225.511290][ T9043] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1197'. [ 225.623182][ T9051] overlayfs: failed to clone upperpath [ 225.947861][ T9060] Bluetooth: hci4: Frame reassembly failed (-84) [ 226.050293][ T41] Bluetooth: hci4: Frame reassembly failed (-84) [ 226.551511][ T9062] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1206'. [ 226.560783][ T9062] IPVS: Unknown mcast interface: ve [ 227.212782][ T9071] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1209'. [ 227.481540][ T9073] vlan2: entered allmulticast mode [ 227.710327][ T9080] loop3: detected capacity change from 0 to 1764 [ 227.793027][ T9084] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1215'. [ 227.887082][ T3463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.898134][ T3463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.005240][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 228.150705][ T9091] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1217'. [ 228.195549][ T9091] IPVS: Unknown mcast interface: ve [ 228.308348][ T9093] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1218'. [ 228.506891][ T9097] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1219'. [ 228.755806][ T9108] vlan2: entered allmulticast mode [ 228.826704][ T9110] loop3: detected capacity change from 0 to 1764 [ 229.137050][ T9115] Bluetooth: hci4: Frame reassembly failed (-84) [ 229.168211][ T1085] Bluetooth: hci4: Frame reassembly failed (-84) [ 229.767523][ T9117] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1226'. [ 229.777324][ T9117] IPVS: Unknown mcast interface: ve [ 229.898474][ T9119] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1227'. [ 229.950731][ T9122] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1228'. [ 230.519235][ T9142] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1236'. [ 230.528632][ T9142] IPVS: Unknown mcast interface: ve [ 230.537997][ T9144] netlink: 'syz.0.1237': attribute type 1 has an invalid length. [ 230.546140][ T9144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1237'. [ 230.654011][ T9150] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1240'. [ 231.196434][ T5084] Bluetooth: hci4: command 0x1003 tx timeout [ 231.210075][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 234.694374][ T9169] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1246'. [ 234.703374][ T9169] IPVS: Unknown mcast interface: ve [ 234.711577][ T27] kauditd_printk_skb: 151 callbacks suppressed [ 234.711591][ T27] audit: type=1326 audit(234.678:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.773108][ T8] kernel write not supported for file bpf-prog (pid: 8 comm: kworker/0:0) [ 234.843446][ T27] audit: type=1326 audit(234.678:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.874035][ T27] audit: type=1326 audit(234.678:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.908177][ T27] audit: type=1326 audit(234.678:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.930234][ T27] audit: type=1326 audit(234.678:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.968987][ T27] audit: type=1326 audit(234.678:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 234.993202][ T27] audit: type=1326 audit(234.678:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 235.019944][ T9177] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1249'. [ 235.029106][ T27] audit: type=1326 audit(234.678:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 235.072082][ T27] audit: type=1326 audit(234.678:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 235.113957][ T27] audit: type=1326 audit(234.678:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2df3b8f749 code=0x7ffc0000 [ 235.919569][ T9186] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1247'. [ 236.339903][ T9195] vlan2: entered allmulticast mode [ 236.454621][ T9197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1257'. [ 236.483293][ T9197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1257'. [ 236.592813][ T9202] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1260'. [ 236.944458][ T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 237.103949][ T8] usb 1-1: device descriptor read/64, error -71 [ 237.394072][ T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 237.453087][ T9220] bridge0: port 3(netdevsim0) entered blocking state [ 237.461891][ T9220] bridge0: port 3(netdevsim0) entered disabled state [ 237.470234][ T9220] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 237.488200][ T9220] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 237.580374][ T8] usb 1-1: device descriptor read/64, error -71 [ 237.637217][ T9222] ------------[ cut here ]------------ [ 237.643057][ T9222] WARNING: CPU: 1 PID: 9222 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 237.654322][ T9222] Modules linked in: [ 237.658223][ T9222] CPU: 1 PID: 9222 Comm: syz.2.1266 Not tainted syzkaller #0 [ 237.665649][ T9222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 237.675893][ T9222] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 237.683196][ T9222] Code: 48 89 df e8 aa 49 f0 f7 e9 dc fc ff ff e8 b0 d9 98 f7 eb 24 e8 a9 d9 98 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 98 d9 98 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 8a d9 98 f7 48 8b 7c 24 08 4c 8b 7c [ 237.703000][ T9222] RSP: 0018:ffffc9000d126e20 EFLAGS: 00010287 [ 237.709864][ T9222] RAX: ffffffff89eccd6e RBX: 0000000000000001 RCX: 0000000000080000 [ 237.717970][ T9222] RDX: ffffc9000d86a000 RSI: 0000000000006eb3 RDI: 0000000000006eb4 [ 237.726209][ T9222] RBP: dffffc0000000000 R08: ffffffff90d965c7 R09: 1ffffffff21b2cb8 [ 237.734876][ T9222] R10: dffffc0000000000 R11: fffffbfff21b2cb9 R12: 0000000000000001 [ 237.742880][ T9222] R13: ffff88805bd965d9 R14: ffff8880798c2c70 R15: ffff8880798c2ce8 [ 237.751052][ T9222] FS: 00007f0ef294c6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 237.760342][ T9222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.767083][ T9222] CR2: 0000000000000000 CR3: 000000005ab07000 CR4: 00000000003506e0 [ 237.775123][ T9222] Call Trace: [ 237.778417][ T9222] [ 237.781392][ T9222] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 237.787974][ T9222] ieee80211_csa_finalize+0x59a/0xf00 [ 237.793378][ T9222] ? ieee80211_csa_finalize_work+0x140/0x140 [ 237.799649][ T9222] ? cfg80211_ch_switch_started_notify+0x253/0x490 [ 237.806243][ T9222] ieee80211_channel_switch+0xa8a/0xe30 [ 237.811831][ T9222] ? ieee80211_csa_finalize+0xf00/0xf00 [ 237.817465][ T9222] ? mutex_lock_nested+0x20/0x20 [ 237.822426][ T9222] ? ieee80211_get_channel_khz+0x15b/0x8a0 [ 237.828322][ T9222] rdev_channel_switch+0xeb/0x240 [ 237.833941][ T9222] nl80211_channel_switch+0xa07/0x1040 [ 237.839435][ T9222] ? genl_family_rcv_msg_doit+0xb9/0x2f0 [ 237.845164][ T9222] ? nl80211_set_coalesce+0x1310/0x1310 [ 237.850782][ T9222] ? __nla_parse+0x40/0x50 [ 237.855309][ T9222] ? nl80211_pre_doit+0x4f1/0x930 [ 237.860362][ T9222] genl_family_rcv_msg_doit+0x209/0x2f0 [ 237.865976][ T9222] ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0 [ 237.871903][ T9222] ? bpf_lsm_capable+0x9/0x10 [ 237.876714][ T9222] ? security_capable+0x89/0xb0 [ 237.881598][ T9222] genl_rcv_msg+0x60b/0x790 [ 237.886190][ T9222] ? genl_bind+0x360/0x360 [ 237.890714][ T9222] ? nl80211_exit+0x30/0x30 [ 237.895272][ T9222] ? nl80211_set_coalesce+0x1310/0x1310 [ 237.901065][ T9222] ? nl80211_pre_doit+0x930/0x930 [ 237.906202][ T9222] netlink_rcv_skb+0x216/0x480 [ 237.911078][ T9222] ? genl_bind+0x360/0x360 [ 237.915600][ T9222] ? netlink_ack+0x1110/0x1110 [ 237.920403][ T9222] ? __lock_acquire+0x7c80/0x7c80 [ 237.925567][ T9222] ? net_generic+0x1e/0x240 [ 237.930108][ T9222] ? down_read+0x1ac/0x2e0 [ 237.935047][ T9222] genl_rcv+0x28/0x40 [ 237.939048][ T9222] netlink_unicast+0x751/0x8d0 [ 237.943968][ T9222] netlink_sendmsg+0x8c1/0xbe0 [ 237.948758][ T9222] ? netlink_getsockopt+0x580/0x580 [ 237.954052][ T9222] ? aa_sock_msg_perm+0x94/0x150 [ 237.959013][ T9222] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 237.964424][ T9222] ? security_socket_sendmsg+0x80/0xa0 [ 237.969905][ T9222] ? netlink_getsockopt+0x580/0x580 [ 237.975173][ T9222] ____sys_sendmsg+0x5bf/0x950 [ 237.979966][ T9222] ? __asan_memset+0x22/0x40 [ 237.984631][ T9222] ? __sys_sendmsg_sock+0x30/0x30 [ 237.989669][ T9222] ? __import_iovec+0x5f2/0x860 [ 237.994796][ T9222] ? import_iovec+0x73/0xa0 [ 237.999332][ T9222] ___sys_sendmsg+0x220/0x290 [ 238.004240][ T9222] ? __sys_sendmsg+0x270/0x270 [ 238.009083][ T9222] __se_sys_sendmsg+0x1a5/0x270 [ 238.014016][ T9222] ? __x64_sys_sendmsg+0x80/0x80 [ 238.019004][ T9222] ? lockdep_hardirqs_on+0x98/0x150 [ 238.024277][ T9222] do_syscall_64+0x55/0xb0 [ 238.028711][ T9222] ? clear_bhb_loop+0x40/0x90 [ 238.033408][ T9222] ? clear_bhb_loop+0x40/0x90 [ 238.038603][ T9222] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 238.044670][ T9222] RIP: 0033:0x7f0ef1b8f749 [ 238.049123][ T9222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.068941][ T9222] RSP: 002b:00007f0ef294c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.077493][ T9222] RAX: ffffffffffffffda RBX: 00007f0ef1de5fa0 RCX: 00007f0ef1b8f749 [ 238.084352][ T8] usb usb1-port1: attempt power cycle [ 238.085510][ T9222] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004 [ 238.098900][ T9222] RBP: 00007f0ef1c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 238.107148][ T9222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.115207][ T9222] R13: 00007f0ef1de6038 R14: 00007f0ef1de5fa0 R15: 00007ffd4ceb4c58 [ 238.123226][ T9222] [ 238.126318][ T9222] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 238.133613][ T9222] CPU: 1 PID: 9222 Comm: syz.2.1266 Not tainted syzkaller #0 [ 238.140999][ T9222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 238.151071][ T9222] Call Trace: [ 238.154368][ T9222] [ 238.157304][ T9222] dump_stack_lvl+0x16c/0x230 [ 238.162003][ T9222] ? show_regs_print_info+0x20/0x20 [ 238.167217][ T9222] ? load_image+0x3b0/0x3b0 [ 238.171752][ T9222] panic+0x2c0/0x710 [ 238.175672][ T9222] ? bpf_jit_dump+0xd0/0xd0 [ 238.180208][ T9222] __warn+0x2e0/0x470 [ 238.184199][ T9222] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 238.190892][ T9222] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 238.197586][ T9222] report_bug+0x2be/0x4f0 [ 238.201934][ T9222] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 238.208629][ T9222] ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 238.215330][ T9222] ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0 [ 238.222024][ T9222] handle_bug+0xcf/0x120 [ 238.226282][ T9222] exc_invalid_op+0x1a/0x50 [ 238.230798][ T9222] asm_exc_invalid_op+0x1a/0x20 [ 238.235664][ T9222] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 238.242958][ T9222] Code: 48 89 df e8 aa 49 f0 f7 e9 dc fc ff ff e8 b0 d9 98 f7 eb 24 e8 a9 d9 98 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 98 d9 98 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 8a d9 98 f7 48 8b 7c 24 08 4c 8b 7c [ 238.262571][ T9222] RSP: 0018:ffffc9000d126e20 EFLAGS: 00010287 [ 238.268654][ T9222] RAX: ffffffff89eccd6e RBX: 0000000000000001 RCX: 0000000000080000 [ 238.276633][ T9222] RDX: ffffc9000d86a000 RSI: 0000000000006eb3 RDI: 0000000000006eb4 [ 238.284609][ T9222] RBP: dffffc0000000000 R08: ffffffff90d965c7 R09: 1ffffffff21b2cb8 [ 238.292592][ T9222] R10: dffffc0000000000 R11: fffffbfff21b2cb9 R12: 0000000000000001 [ 238.300568][ T9222] R13: ffff88805bd965d9 R14: ffff8880798c2c70 R15: ffff8880798c2ce8 [ 238.308561][ T9222] ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0 [ 238.315192][ T9222] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 238.321711][ T9222] ieee80211_csa_finalize+0x59a/0xf00 [ 238.327104][ T9222] ? ieee80211_csa_finalize_work+0x140/0x140 [ 238.333098][ T9222] ? cfg80211_ch_switch_started_notify+0x253/0x490 [ 238.339622][ T9222] ieee80211_channel_switch+0xa8a/0xe30 [ 238.345195][ T9222] ? ieee80211_csa_finalize+0xf00/0xf00 [ 238.350761][ T9222] ? mutex_lock_nested+0x20/0x20 [ 238.355708][ T9222] ? ieee80211_get_channel_khz+0x15b/0x8a0 [ 238.361531][ T9222] rdev_channel_switch+0xeb/0x240 [ 238.366579][ T9222] nl80211_channel_switch+0xa07/0x1040 [ 238.372057][ T9222] ? genl_family_rcv_msg_doit+0xb9/0x2f0 [ 238.377733][ T9222] ? nl80211_set_coalesce+0x1310/0x1310 [ 238.383332][ T9222] ? __nla_parse+0x40/0x50 [ 238.387770][ T9222] ? nl80211_pre_doit+0x4f1/0x930 [ 238.392813][ T9222] genl_family_rcv_msg_doit+0x209/0x2f0 [ 238.398387][ T9222] ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0 [ 238.404297][ T9222] ? bpf_lsm_capable+0x9/0x10 [ 238.408984][ T9222] ? security_capable+0x89/0xb0 [ 238.413852][ T9222] genl_rcv_msg+0x60b/0x790 [ 238.418370][ T9222] ? genl_bind+0x360/0x360 [ 238.422792][ T9222] ? nl80211_exit+0x30/0x30 [ 238.427301][ T9222] ? nl80211_set_coalesce+0x1310/0x1310 [ 238.432859][ T9222] ? nl80211_pre_doit+0x930/0x930 [ 238.437908][ T9222] netlink_rcv_skb+0x216/0x480 [ 238.442678][ T9222] ? genl_bind+0x360/0x360 [ 238.447103][ T9222] ? netlink_ack+0x1110/0x1110 [ 238.451884][ T9222] ? __lock_acquire+0x7c80/0x7c80 [ 238.456914][ T9222] ? net_generic+0x1e/0x240 [ 238.461433][ T9222] ? down_read+0x1ac/0x2e0 [ 238.465862][ T9222] genl_rcv+0x28/0x40 [ 238.469852][ T9222] netlink_unicast+0x751/0x8d0 [ 238.474641][ T9222] netlink_sendmsg+0x8c1/0xbe0 [ 238.479423][ T9222] ? netlink_getsockopt+0x580/0x580 [ 238.484633][ T9222] ? aa_sock_msg_perm+0x94/0x150 [ 238.489590][ T9222] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 238.494881][ T9222] ? security_socket_sendmsg+0x80/0xa0 [ 238.500349][ T9222] ? netlink_getsockopt+0x580/0x580 [ 238.505560][ T9222] ____sys_sendmsg+0x5bf/0x950 [ 238.510343][ T9222] ? __asan_memset+0x22/0x40 [ 238.514952][ T9222] ? __sys_sendmsg_sock+0x30/0x30 [ 238.519984][ T9222] ? __import_iovec+0x5f2/0x860 [ 238.524856][ T9222] ? import_iovec+0x73/0xa0 [ 238.529377][ T9222] ___sys_sendmsg+0x220/0x290 [ 238.534070][ T9222] ? __sys_sendmsg+0x270/0x270 [ 238.538917][ T9222] __se_sys_sendmsg+0x1a5/0x270 [ 238.543785][ T9222] ? __x64_sys_sendmsg+0x80/0x80 [ 238.548755][ T9222] ? lockdep_hardirqs_on+0x98/0x150 [ 238.553971][ T9222] do_syscall_64+0x55/0xb0 [ 238.558393][ T9222] ? clear_bhb_loop+0x40/0x90 [ 238.563080][ T9222] ? clear_bhb_loop+0x40/0x90 [ 238.567769][ T9222] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 238.573683][ T9222] RIP: 0033:0x7f0ef1b8f749 [ 238.578116][ T9222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.597741][ T9222] RSP: 002b:00007f0ef294c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.606167][ T9222] RAX: ffffffffffffffda RBX: 00007f0ef1de5fa0 RCX: 00007f0ef1b8f749 [ 238.614149][ T9222] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004 [ 238.622129][ T9222] RBP: 00007f0ef1c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 238.630108][ T9222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.638171][ T9222] R13: 00007f0ef1de6038 R14: 00007f0ef1de5fa0 R15: 00007ffd4ceb4c58 [ 238.646170][ T9222] [ 238.649544][ T9222] Kernel Offset: disabled [ 238.653951][ T9222] Rebooting in 86400 seconds..