last executing test programs: 2.024592405s ago: executing program 3 (id=4): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x7c}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) 1.970906027s ago: executing program 2 (id=3): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x6, 0x0, 0x1c, {[@window={0xe, 0x3}, @timestamp={0x5, 0xa}, @generic={0x0, 0x8, "d58838068b91"}]}}}}}}, 0x4e) 573.173196ms ago: executing program 3 (id=6): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff) accept4$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs, &(0x7f0000000040)=0x6e, 0x800) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r2, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000) 293.758414ms ago: executing program 3 (id=7): r0 = socket$kcm(0x10, 0x2, 0x0) syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, 0x0, 0x800) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0) 293.194421ms ago: executing program 2 (id=8): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x13, 0x0, 0x0, 0x7995}, 0x10022, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) ioctl$USBDEVFS_REAPURB(r1, 0x4004550c, &(0x7f0000000380)) 259.528882ms ago: executing program 0 (id=1): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x300}}, 0x20) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x1ef}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r2, r3, 0x0) io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0xffffffffffffff8a) 0s ago: executing program 2 (id=9): flock(0xffffffffffffffff, 0x2) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019640)=""/102392, 0x18ff8) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000050000008bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f61141400000000004603f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055a2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.94' (ED25519) to the list of known hosts. [ 92.141274][ T1232] cfg80211: failed to load regulatory.db [ 93.437054][ T5828] cgroup: Unknown subsys name 'net' [ 93.664836][ T5828] cgroup: Unknown subsys name 'cpuset' [ 93.719879][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 95.856852][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 100.306171][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 100.309754][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 100.310800][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 100.311022][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 100.322835][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 100.328293][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 100.331238][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 100.335819][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 100.336564][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 100.337116][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 100.468774][ T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 100.470306][ T5853] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 100.472894][ T5853] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 100.480871][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 100.484159][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 100.484871][ T5853] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 100.486629][ T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 100.486847][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 100.489846][ T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 100.506110][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 100.510762][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 100.573614][ T5856] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 100.578946][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 100.610075][ T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 100.616720][ T5851] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 101.490399][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 101.608550][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 102.072807][ T5852] chnl_net:caif_netlink_parms(): no params data found [ 102.081000][ T5849] chnl_net:caif_netlink_parms(): no params data found [ 102.207938][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 102.367025][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.368264][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.368936][ T5845] bridge_slave_0: entered allmulticast mode [ 102.370477][ T5851] Bluetooth: hci0: command tx timeout [ 102.370630][ T5851] Bluetooth: hci1: command tx timeout [ 102.375757][ T5845] bridge_slave_0: entered promiscuous mode [ 102.609303][ T5159] Bluetooth: hci2: command tx timeout [ 102.668022][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.668183][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.668443][ T5845] bridge_slave_1: entered allmulticast mode [ 102.672374][ T5845] bridge_slave_1: entered promiscuous mode [ 102.689239][ T5159] Bluetooth: hci4: command tx timeout [ 102.689448][ T5159] Bluetooth: hci3: command tx timeout [ 102.883871][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.884016][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.884170][ T5846] bridge_slave_0: entered allmulticast mode [ 102.886204][ T5846] bridge_slave_0: entered promiscuous mode [ 103.032107][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.032254][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.032454][ T5846] bridge_slave_1: entered allmulticast mode [ 103.035492][ T5846] bridge_slave_1: entered promiscuous mode [ 103.096499][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.351690][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.816172][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.816522][ T5852] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.817205][ T5852] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.817399][ T5852] bridge_slave_0: entered allmulticast mode [ 103.828987][ T5852] bridge_slave_0: entered promiscuous mode [ 103.833582][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.833742][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.834350][ T5849] bridge_slave_0: entered allmulticast mode [ 103.837514][ T5849] bridge_slave_0: entered promiscuous mode [ 103.987104][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.987406][ T5852] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.987529][ T5852] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.987683][ T5852] bridge_slave_1: entered allmulticast mode [ 103.990964][ T5852] bridge_slave_1: entered promiscuous mode [ 103.992473][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.992632][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.992843][ T5849] bridge_slave_1: entered allmulticast mode [ 103.995931][ T5849] bridge_slave_1: entered promiscuous mode [ 103.998707][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.998882][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.009219][ T5854] bridge_slave_0: entered allmulticast mode [ 104.012848][ T5854] bridge_slave_0: entered promiscuous mode [ 104.033336][ T5845] team0: Port device team_slave_0 added [ 104.270346][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.270470][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.270614][ T5854] bridge_slave_1: entered allmulticast mode [ 104.272576][ T5854] bridge_slave_1: entered promiscuous mode [ 104.277475][ T5845] team0: Port device team_slave_1 added [ 104.450760][ T5851] Bluetooth: hci1: command tx timeout [ 104.450797][ T5851] Bluetooth: hci0: command tx timeout [ 104.689272][ T5159] Bluetooth: hci2: command tx timeout [ 104.714048][ T5846] team0: Port device team_slave_0 added [ 104.721688][ T5852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.736111][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.769467][ T5851] Bluetooth: hci4: command tx timeout [ 104.769575][ T5159] Bluetooth: hci3: command tx timeout [ 104.904106][ T5846] team0: Port device team_slave_1 added [ 104.907276][ T5852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.926421][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.165656][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.167327][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.167345][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.167378][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.405465][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.406759][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.406774][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.406803][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.718195][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.718208][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.718227][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.722607][ T5852] team0: Port device team_slave_0 added [ 105.726078][ T5849] team0: Port device team_slave_0 added [ 105.826469][ T5852] team0: Port device team_slave_1 added [ 105.829764][ T5849] team0: Port device team_slave_1 added [ 105.831845][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.831863][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.831903][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.835236][ T5854] team0: Port device team_slave_0 added [ 106.087343][ T5854] team0: Port device team_slave_1 added [ 106.529382][ T5851] Bluetooth: hci1: command tx timeout [ 106.529493][ T5159] Bluetooth: hci0: command tx timeout [ 106.571722][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.571741][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.571769][ T5852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.574658][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.574690][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.574718][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.590778][ T5845] hsr_slave_0: entered promiscuous mode [ 106.593222][ T5845] hsr_slave_1: entered promiscuous mode [ 106.705938][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.705955][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.705984][ T5852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.707713][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.707726][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.707745][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.774902][ T5159] Bluetooth: hci2: command tx timeout [ 106.850980][ T5159] Bluetooth: hci3: command tx timeout [ 106.851016][ T5159] Bluetooth: hci4: command tx timeout [ 106.883563][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.883580][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.883609][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.009446][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.009462][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.009483][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.022526][ T5846] hsr_slave_0: entered promiscuous mode [ 107.024018][ T5846] hsr_slave_1: entered promiscuous mode [ 107.025632][ T5846] debugfs: 'hsr0' already exists in 'hsr' [ 107.025782][ T5846] Cannot create hsr debugfs directory [ 107.792293][ T5852] hsr_slave_0: entered promiscuous mode [ 107.794354][ T5852] hsr_slave_1: entered promiscuous mode [ 107.795500][ T5852] debugfs: 'hsr0' already exists in 'hsr' [ 107.795546][ T5852] Cannot create hsr debugfs directory [ 107.828189][ T5849] hsr_slave_0: entered promiscuous mode [ 107.835928][ T5849] hsr_slave_1: entered promiscuous mode [ 107.837635][ T5849] debugfs: 'hsr0' already exists in 'hsr' [ 107.837662][ T5849] Cannot create hsr debugfs directory [ 108.043134][ T5854] hsr_slave_0: entered promiscuous mode [ 108.044555][ T5854] hsr_slave_1: entered promiscuous mode [ 108.045307][ T5854] debugfs: 'hsr0' already exists in 'hsr' [ 108.045332][ T5854] Cannot create hsr debugfs directory [ 108.609334][ T5851] Bluetooth: hci0: command tx timeout [ 108.609370][ T5851] Bluetooth: hci1: command tx timeout [ 108.849418][ T5159] Bluetooth: hci2: command tx timeout [ 108.929356][ T5159] Bluetooth: hci4: command tx timeout [ 108.929389][ T5159] Bluetooth: hci3: command tx timeout [ 109.720854][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 109.769945][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 109.818550][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 109.884156][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 110.024912][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 110.109904][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 110.159693][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 110.224348][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 110.405857][ T5852] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.445293][ T5852] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.496780][ T5852] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 110.551748][ T5852] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 110.749419][ T5849] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 110.808353][ T5849] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 110.858573][ T5849] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 110.917789][ T5849] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 111.104789][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 111.155458][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.175309][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 111.227416][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 111.280141][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 111.388576][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.422582][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.466955][ T984] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.467565][ T984] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.552637][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.552917][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.616031][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.672264][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.673437][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.717263][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.771411][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.771680][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.905203][ T5852] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.940454][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.974192][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.974427][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.058869][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.060421][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.161227][ T5849] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.250460][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.254760][ T1464] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.256681][ T1464] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.349157][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.349316][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.452111][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.510006][ T3542] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.510170][ T3542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.603683][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.603844][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.728879][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.943517][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.178661][ T5845] veth0_vlan: entered promiscuous mode [ 113.281051][ T5845] veth1_vlan: entered promiscuous mode [ 113.296169][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.399366][ T5846] veth0_vlan: entered promiscuous mode [ 113.486719][ T5846] veth1_vlan: entered promiscuous mode [ 113.588959][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.616719][ T5845] veth0_macvtap: entered promiscuous mode [ 113.684759][ T5845] veth1_macvtap: entered promiscuous mode [ 113.717630][ T5852] veth0_vlan: entered promiscuous mode [ 113.758277][ T5846] veth0_macvtap: entered promiscuous mode [ 113.787933][ T5852] veth1_vlan: entered promiscuous mode [ 113.820432][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.825957][ T5846] veth1_macvtap: entered promiscuous mode [ 113.862506][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.936840][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.986536][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.031139][ T3616] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.070565][ T3616] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.090439][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.097767][ T3616] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.126140][ T1464] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.213086][ T187] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.218231][ T187] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.245994][ T187] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.247930][ T5852] veth0_macvtap: entered promiscuous mode [ 114.255548][ T187] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.355222][ T5852] veth1_macvtap: entered promiscuous mode [ 114.485558][ T5854] veth0_vlan: entered promiscuous mode [ 114.703324][ T5854] veth1_vlan: entered promiscuous mode [ 114.710727][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.766232][ T3559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.766261][ T3559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.812200][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.908291][ T37] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.925475][ T37] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.925678][ T1464] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.925693][ T1464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.925851][ T5849] veth0_vlan: entered promiscuous mode [ 114.971278][ T37] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.013448][ T37] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.073806][ T1464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.073829][ T1464] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.158365][ T5849] veth1_vlan: entered promiscuous mode [ 115.180838][ T3616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.180861][ T3616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.283204][ T5854] veth0_macvtap: entered promiscuous mode [ 115.372649][ T5854] veth1_macvtap: entered promiscuous mode [ 115.525136][ T3616] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.525158][ T3616] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.555717][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.557193][ T5849] veth0_macvtap: entered promiscuous mode [ 115.700820][ T5849] veth1_macvtap: entered promiscuous mode [ 115.719955][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.751811][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.751836][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.836374][ T984] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.843159][ T984] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.895365][ T5960] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET) [ 115.896221][ T984] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.948953][ T984] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.975203][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.201647][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 117.342017][ T3616] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.438912][ T1464] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.483146][ T5970] netlink: 14 bytes leftover after parsing attributes in process `syz.3.7'. [ 117.550403][ T1464] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.889142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 117.889200][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 118.790688][ T5978] ------------[ cut here ]------------ [ 118.790741][ T5978] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0)(1) [ 118.791335][ T5978] WARNING: CPU: 0 PID: 5978 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x6e6/0xc20 [ 118.791408][ T5978] Modules linked in: [ 118.791512][ T5978] CPU: 0 UID: 0 PID: 5978 Comm: syz.2.9 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 118.791552][ T5978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 118.791587][ T5978] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20 [ 118.791636][ T5978] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 9f 5a ab ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08 [ 118.791669][ T5978] RSP: 0018:ffffc90005326f08 EFLAGS: 00010282 [ 118.791704][ T5978] RAX: 00ef14a1c998c400 RBX: fffffffe00000030 RCX: 0000000000080000 [ 118.791736][ T5978] RDX: ffffc9000efaf000 RSI: 0000000000020b65 RDI: 0000000000020b66 [ 118.791766][ T5978] RBP: 0000000000000030 R08: 0000000000000000 R09: 0000000000000000 [ 118.791793][ T5978] R10: dffffc0000000000 R11: ffffed1017104863 R12: ffff888034488168 [ 118.791826][ T5978] R13: ffff888034488188 R14: ffff8880344881a0 R15: 0000000000000000 [ 118.791859][ T5978] FS: 00007fd36a5f56c0(0000) GS:ffff8881268c1000(0000) knlGS:0000000000000000 [ 118.791895][ T5978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.791924][ T5978] CR2: 0000200000004000 CR3: 0000000021bd4000 CR4: 00000000003526f0 [ 118.791963][ T5978] Call Trace: [ 118.791995][ T5978] [ 118.792098][ T5978] reg_set_min_max+0x264/0x300 [ 118.792154][ T5978] check_cond_jmp_op+0x1625/0x2910 [ 118.792212][ T5978] ? reg_bounds_sanity_check+0x80d/0xc20 [ 118.792265][ T5978] ? __pfx_check_cond_jmp_op+0x10/0x10 [ 118.792318][ T5978] ? __check_reg_arg+0x21f/0x490 [ 118.792365][ T5978] ? do_check+0x2796/0xe520 [ 118.792411][ T5978] do_check+0x6751/0xe520 [ 118.792652][ T5978] ? __pfx_do_check+0x10/0x10 [ 118.792701][ T5978] ? do_check_common+0x41b/0x24f0 [ 118.792750][ T5978] do_check_common+0x1949/0x24f0 [ 118.792833][ T5978] bpf_check+0x17473/0x1d2e0 [ 118.792905][ T5978] ? sched_clock+0x3f/0x60 [ 118.793022][ T5978] ? trace_sched_exit_tp+0x36/0x110 [ 118.793072][ T5978] ? __schedule+0x1709/0x4c20 [ 118.793189][ T5978] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.793276][ T5978] ? __pfx_bpf_check+0x10/0x10 [ 118.793312][ T5978] ? rcu_is_watching+0x15/0xb0 [ 118.793363][ T5978] ? trace_irq_disable+0x37/0x110 [ 118.793406][ T5978] ? preempt_schedule_irq+0xde/0x150 [ 118.793450][ T5978] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 118.793503][ T5978] ? irqentry_exit+0x74/0x90 [ 118.793547][ T5978] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.793629][ T5978] ? bpf_prog_load+0x1292/0x1930 [ 118.793674][ T5978] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 118.793718][ T5978] ? security_bpf_prog_load+0x7f/0x310 [ 118.793768][ T5978] bpf_prog_load+0x1318/0x1930 [ 118.793846][ T5978] ? __pfx_bpf_prog_load+0x10/0x10 [ 118.793931][ T5978] ? __sys_bpf+0x514/0x870 [ 118.793988][ T5978] __sys_bpf+0x528/0x870 [ 118.794033][ T5978] ? __pfx___sys_bpf+0x10/0x10 [ 118.794074][ T5978] ? preempt_schedule_irq+0xde/0x150 [ 118.794288][ T5978] __x64_sys_bpf+0x7c/0x90 [ 118.794353][ T5978] do_syscall_64+0xfa/0x3b0 [ 118.794404][ T5978] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.794444][ T5978] ? asm_sysvec_call_function_single+0x1a/0x20 [ 118.794484][ T5978] ? clear_bhb_loop+0x60/0xb0 [ 118.794528][ T5978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.794569][ T5978] RIP: 0033:0x7fd36c3aebe9 [ 118.794615][ T5978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.794651][ T5978] RSP: 002b:00007fd36a5f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 118.794708][ T5978] RAX: ffffffffffffffda RBX: 00007fd36c5e6090 RCX: 00007fd36c3aebe9 [ 118.794742][ T5978] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 118.794774][ T5978] RBP: 00007fd36c431e19 R08: 0000000000000000 R09: 0000000000000000 [ 118.794802][ T5978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.794834][ T5978] R13: 00007fd36c5e6128 R14: 00007fd36c5e6090 R15: 00007ffd6bb3fa98 [ 118.794909][ T5978] [ 118.794944][ T5978] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 118.794964][ T5978] CPU: 0 UID: 0 PID: 5978 Comm: syz.2.9 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 118.794989][ T5978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 118.795004][ T5978] Call Trace: [ 118.795014][ T5978] [ 118.795025][ T5978] dump_stack_lvl+0x99/0x250 [ 118.795052][ T5978] ? __asan_memcpy+0x40/0x70 [ 118.795069][ T5978] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.795094][ T5978] ? __pfx__printk+0x10/0x10 [ 118.795121][ T5978] vpanic+0x281/0x750 [ 118.795145][ T5978] ? __pfx__printk+0x10/0x10 [ 118.795162][ T5978] ? __pfx_vpanic+0x10/0x10 [ 118.795187][ T5978] ? is_bpf_text_address+0x26/0x2b0 [ 118.795218][ T5978] panic+0xb9/0xc0 [ 118.795247][ T5978] ? __pfx_panic+0x10/0x10 [ 118.795281][ T5978] __warn+0x31b/0x4b0 [ 118.795304][ T5978] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 118.795331][ T5978] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 118.795354][ T5978] report_bug+0x2be/0x4f0 [ 118.795375][ T5978] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 118.795400][ T5978] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 118.795424][ T5978] ? reg_bounds_sanity_check+0x6e8/0xc20 [ 118.795449][ T5978] handle_bug+0x84/0x160 [ 118.795464][ T5978] exc_invalid_op+0x1a/0x50 [ 118.795489][ T5978] asm_exc_invalid_op+0x1a/0x20 [ 118.795504][ T5978] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20 [ 118.795529][ T5978] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 9f 5a ab ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08 [ 118.795542][ T5978] RSP: 0018:ffffc90005326f08 EFLAGS: 00010282 [ 118.795556][ T5978] RAX: 00ef14a1c998c400 RBX: fffffffe00000030 RCX: 0000000000080000 [ 118.795568][ T5978] RDX: ffffc9000efaf000 RSI: 0000000000020b65 RDI: 0000000000020b66 [ 118.795578][ T5978] RBP: 0000000000000030 R08: 0000000000000000 R09: 0000000000000000 [ 118.795588][ T5978] R10: dffffc0000000000 R11: ffffed1017104863 R12: ffff888034488168 [ 118.795599][ T5978] R13: ffff888034488188 R14: ffff8880344881a0 R15: 0000000000000000 [ 118.795640][ T5978] reg_set_min_max+0x264/0x300 [ 118.795670][ T5978] check_cond_jmp_op+0x1625/0x2910 [ 118.795700][ T5978] ? reg_bounds_sanity_check+0x80d/0xc20 [ 118.795728][ T5978] ? __pfx_check_cond_jmp_op+0x10/0x10 [ 118.795756][ T5978] ? __check_reg_arg+0x21f/0x490 [ 118.795780][ T5978] ? do_check+0x2796/0xe520 [ 118.795801][ T5978] do_check+0x6751/0xe520 [ 118.795871][ T5978] ? __pfx_do_check+0x10/0x10 [ 118.795893][ T5978] ? do_check_common+0x41b/0x24f0 [ 118.795917][ T5978] do_check_common+0x1949/0x24f0 [ 118.795949][ T5978] bpf_check+0x17473/0x1d2e0 [ 118.795973][ T5978] ? sched_clock+0x3f/0x60 [ 118.796010][ T5978] ? trace_sched_exit_tp+0x36/0x110 [ 118.796034][ T5978] ? __schedule+0x1709/0x4c20 [ 118.796076][ T5978] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.796107][ T5978] ? __pfx_bpf_check+0x10/0x10 [ 118.796122][ T5978] ? rcu_is_watching+0x15/0xb0 [ 118.796147][ T5978] ? trace_irq_disable+0x37/0x110 [ 118.796168][ T5978] ? preempt_schedule_irq+0xde/0x150 [ 118.796189][ T5978] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 118.796215][ T5978] ? irqentry_exit+0x74/0x90 [ 118.796245][ T5978] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.796274][ T5978] ? bpf_prog_load+0x1292/0x1930 [ 118.796294][ T5978] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 118.796314][ T5978] ? security_bpf_prog_load+0x7f/0x310 [ 118.796338][ T5978] bpf_prog_load+0x1318/0x1930 [ 118.796368][ T5978] ? __pfx_bpf_prog_load+0x10/0x10 [ 118.796402][ T5978] ? __sys_bpf+0x514/0x870 [ 118.796425][ T5978] __sys_bpf+0x528/0x870 [ 118.796447][ T5978] ? __pfx___sys_bpf+0x10/0x10 [ 118.796464][ T5978] ? preempt_schedule_irq+0xde/0x150 [ 118.796506][ T5978] __x64_sys_bpf+0x7c/0x90 [ 118.796524][ T5978] do_syscall_64+0xfa/0x3b0 [ 118.796548][ T5978] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.796563][ T5978] ? asm_sysvec_call_function_single+0x1a/0x20 [ 118.796579][ T5978] ? clear_bhb_loop+0x60/0xb0 [ 118.796598][ T5978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.796613][ T5978] RIP: 0033:0x7fd36c3aebe9 [ 118.796626][ T5978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.796638][ T5978] RSP: 002b:00007fd36a5f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 118.796654][ T5978] RAX: ffffffffffffffda RBX: 00007fd36c5e6090 RCX: 00007fd36c3aebe9 [ 118.796665][ T5978] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 118.796675][ T5978] RBP: 00007fd36c431e19 R08: 0000000000000000 R09: 0000000000000000 [ 118.796684][ T5978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.796693][ T5978] R13: 00007fd36c5e6128 R14: 00007fd36c5e6090 R15: 00007ffd6bb3fa98 [ 118.796716][ T5978] [ 118.797155][ T5978] Kernel Offset: disabled