last executing test programs: 3.619093997s ago: executing program 2 (id=295): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)=ANY=[@ANYBLOB="0206020002"], 0x10}}, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) syz_emit_ethernet(0x1c2, &(0x7f0000000780)=ANY=[@ANYBLOB="0180c200000eaaaaaaaaaaaa8100470086dd66d1aed001883a01ff020000000000000000401016743a86000000000001000000000000000000000000000000008a0300000000000007180000000004050100e60000000000000006000000000000000000000000002f0004000000000008898a99cd8447a0767afa48c381c557c388991569c9cdf35d329b6cba65e44941084fc77702e2df9df9720553726c2558bce15ac3a7c0f6563ac910db741fb55b8e6a94f34e467a92b37fd22bb1b37d2ee2c3b258a8df9c8dcf2b8702cc636f6dab8453a5eeed587d4812ecc50764b3c8b83afa3635d032b397cbcadf425323bd259ef2db2c7ae237f2fc040101050200050106000000000000c910fe880000000000000000000000000101c910fc0200000000000002020f040009000000000000000750000000001252648607000000000000000700000000000000060000000000000000000100000000000900000000000000e66fc31900000000010000000100f3090000000000000000ad030000000000000000000000006c00ddf3630000002f000329680000003200063865000000840090780001ca0eff01000000000000000000000000000100"/456], 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5) sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r7) r8 = socket$unix(0x1, 0x5, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x4, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x7fffc, {0x0, 0x0, 0x0, r10, {}, {0x6, 0xb}, {0x9, 0x6}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x7f, 0x60000000, 0x2}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c0e9}, 0x4008000) r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r5) sendmsg$BATADV_CMD_GET_HARDIF(r5, &(0x7f00000005c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x1c, r11, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000) ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r14, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x1ff, 0x1, 0x8004}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001780)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r14, {0x10}, {0xffff}, {0x2, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0xf, 0x4, 0x4, 0x8, 0xd20b, 0x2, 0xe48c, 0xe16, 0xb, 0x102, 0x5, 0x7ad5785a, 0x0, 0x7, 0x4, 0x2, 0x7, 0x7c, 0x7, 0x3, 0x7, 0x9, 0x8, 0x9a6, 0x3518, 0x8, 0x0, 0x6, 0x0, 0x5, 0xfffffffd, 0x7, 0x1, 0xc, 0x200019, 0x6, 0x3, 0x4, 0x6, 0x3, 0x8, 0xb, 0xd5aa, 0xfff, 0x8, 0x4, 0xfffffffe, 0xfff, 0xffff, 0x3, 0xb, 0x1, 0x7, 0x101, 0x6, 0x75a, 0x0, 0x5, 0x3, 0x400, 0xfffffff7, 0x6, 0xfffffffd, 0xfffffe00, 0x6, 0x7fffffff, 0xe, 0x4, 0x1, 0x4a, 0x3, 0x5, 0x5, 0x2, 0x0, 0x4, 0x3, 0x8, 0x4, 0x2, 0x10, 0x2, 0x4, 0x10000000, 0x6, 0x80000001, 0x3b, 0x8, 0x2, 0x9, 0x800, 0x1, 0x8001, 0xa, 0x2a, 0xffffffff, 0x0, 0x401, 0x8, 0xffffffff, 0x1, 0xa479, 0x7, 0x2, 0x6, 0x8a8, 0x7, 0x2, 0x8, 0x8, 0x4, 0x2, 0x40, 0xba5, 0x7, 0x74a3ae00, 0x9, 0x200, 0x7fec, 0x5, 0xffffffff, 0x478, 0x8001, 0x8000001, 0x2, 0x9, 0x8f69, 0xe, 0x4b4, 0x2, 0x2, 0x4, 0x8000, 0x5, 0x6, 0xe26, 0xffffffff, 0x4, 0x8, 0xea98f1e, 0x900000, 0x5, 0xd, 0x8, 0xdc3d, 0x8, 0x9, 0x5, 0x81, 0x9, 0x6, 0x1, 0x400, 0x1, 0xfffffffd, 0x13bd0de8, 0xae2, 0xb0e, 0x4, 0x5, 0x40, 0x5, 0x1, 0x8, 0x3, 0x9e1b, 0x7f, 0xe40e, 0xc4, 0xa, 0x152, 0x9d, 0x7ff, 0x0, 0x8, 0x8, 0xc0, 0x1, 0x52e9, 0x1ff, 0x83c, 0x8, 0x2, 0x6, 0x7bfe, 0x8, 0xd8a, 0x765, 0x6, 0xe247, 0x3, 0x801fe, 0x8, 0xe, 0x7, 0x5, 0x7, 0x7, 0x0, 0x9, 0x44, 0x7, 0x3, 0x54d, 0x6fd2, 0x6, 0x3, 0x7, 0x9, 0x1, 0xffffffff, 0x7fff, 0xfff, 0xd7, 0xb90, 0x6, 0xaec, 0x9, 0xfffffffb, 0xe, 0x407, 0xffff, 0x1, 0x1, 0x6, 0x2, 0xffffffff, 0x2, 0x200, 0x6, 0x1, 0x49f, 0x6, 0x0, 0x1000, 0x8000, 0x4, 0x4, 0xfffffff8, 0x9, 0x3, 0x7, 0x1, 0x6, 0xdee, 0x3, 0x9, 0x6, 0xfffffffa, 0x8, 0x8, 0x3, 0x9, 0x5, 0x1]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x20008091}, 0x4000000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0) 2.38357658s ago: executing program 2 (id=305): r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x1ff, 0xa401) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f0000000500)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000006c0)={0x40, 0xf, 0x4, 0xff81, 0x0, 0x800005, 0x0}) 2.191396157s ago: executing program 2 (id=308): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)}, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) recvmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x100, 0x0) 2.118962551s ago: executing program 2 (id=309): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mm_migrate_pages_start\x00', r0}, 0x18) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) 1.90885444s ago: executing program 2 (id=314): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff) r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6075ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x4, r3, r2, r3, 0x0) keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0) 1.908646959s ago: executing program 3 (id=315): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x2, 0x3, 0x0, 0x3, 0x2, 0x0, 0x700}, 0x10}, 0x1, 0x7}, 0x0) 1.791374455s ago: executing program 0 (id=316): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x18) set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000e00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) 1.719241357s ago: executing program 3 (id=318): r0 = socket$packet(0x11, 0x3, 0x300) bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, 0x0, 0x1, 0x8, 0x6, @broadcast}, 0x14) 1.639468751s ago: executing program 2 (id=319): r0 = socket(0x2b, 0x80801, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330) 1.639210181s ago: executing program 0 (id=320): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r8) socket(0x2, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102}}}], 0x20}}], 0x1, 0x0) 1.549545355s ago: executing program 3 (id=321): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) shmat(0x0, &(0x7f0000001000/0x3000)=nil, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$kcm(0x29, 0x2, 0x0) sendmmsg$inet(r2, 0x0, 0x0, 0x20048000) close(r2) shmctl$SHM_STAT(0x0, 0xd, 0x0) 1.544257925s ago: executing program 1 (id=322): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002080)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) mount$9p_rdma(0x0, &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=r']) 1.327348974s ago: executing program 1 (id=323): r0 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0x297a, 0x40, 0x80003, 0x6}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x9}, 0x18) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000480), 0x66) 1.326992004s ago: executing program 3 (id=324): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='mm_migrate_pages_start\x00', r1}, 0x18) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) 1.259558507s ago: executing program 1 (id=325): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10) 1.2025146s ago: executing program 0 (id=326): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x2, 0x3, 0x0, 0x3, 0xb, 0x0, 0x700, 0x0, [@sadb_key={0x4, 0x9, 0xa8, 0x0, "53bb467d04f14562c5f463273ef4a720564f485af2"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x1000, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x6, 0xd}]}, 0x58}, 0x1, 0x7}, 0x0) 1.105712243s ago: executing program 1 (id=327): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) syz_io_uring_setup(0x2c0d, &(0x7f0000000400)={0x0, 0xc890, 0x4000, 0x2}, 0x0, 0x0) 1.104612833s ago: executing program 3 (id=328): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0) 982.586229ms ago: executing program 1 (id=329): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000000)={[{@grpjquota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@grpquota}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000001200)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree\x00', r1}, 0x18) creat(&(0x7f0000000080)='./file0\x00', 0xc7) 981.779339ms ago: executing program 0 (id=330): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}], 0x2}, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) recvmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x100, 0x0) 794.549337ms ago: executing program 0 (id=331): socket(0x1e, 0x4, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = syz_io_uring_setup(0x24fe, &(0x7f0000000300)={0x0, 0xf36e, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/120, 0x78}], 0x1) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xffffffff}, 0x50) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@map=r3, 0x4, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='='], 0x38}}, 0x4000080) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6, 0x0, 0x1}) io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0) 547.118197ms ago: executing program 3 (id=332): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) syz_emit_ethernet(0x4a, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0010a6", 0x14, 0x4, 0x0, @empty, @mcast2, {[], "223427d5c9a46b9fa14172170a013589317d2af3"}}}}}, 0x0) keyctl$describe(0x6, 0x0, &(0x7f0000000240)=""/91, 0x5b) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfddb}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffe3a) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000740), 0x0, 0x46c, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIKIo6KEeY7ItodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJttNrFmk4nd3w82+74z7+48T+br3ffdDaBrDWV/kogdEfFbRAw0qksbDDWerl05N3n9yrnJJBYWXv8zydtdvXJusmxavm57URlOI9KPkmIjS82eOXtiol6vnS7qo3Mn3x6dPXP2iXdPThyvHa+dGj9y5PChsaefGn+yI3lmeV3d98HM/r0vvnnxlcmjF9/66Zss3h3F+uY8OmUoS/yvhVzrukc7vbGK7WwqJ70VBsIt6YmIbHf15ef/QPTEjZ03EC98WGlwwLrK7k1b2q+eXwBuY0lUHQFQjfJGn33+LR8b1PXYFC4/2/gAlOV9rXg01vRGWrTpa/l820lDEXF0/u8vskes0zgEAECzTyY/fzl7fv/61y9lfY+BxTVp3JM//57/3VXMoQxGxJ0RsTsi7oqIPRFxd0Te9t6IuG+N8dzc/0kvrfEtV5T1/54p5raW9v/K3l8M9hS1nXn+fcmx6XrtYPE/GY6+LVl9bIVtfPf8r5+2W9fc/8se2fbLvmARx6XelgG6qYm5ibxT2gGXL0Ts610u/2RxJiCJiL0Rse/W3npXWZh+7Kv97Rqtnv8KOjDPtPBllt58lv98tORfSprnJ6dvmp8c3Rr12sHR8qi42c+/fPxau+2vKf8OuFxrPDft/9Ymg0nzfO1sZ7f/H4//tD95I59n7i+WvTcxN3d6LKI/yS9nS5eP33htWS/bZ8f/8IHlz//dxWuy/O+PiOwgfiAiHoyIh4rYH46IRyLiwAo5/vjc6vlHWtH+vxAxtez1b/H4b9n/t17oOfHDt+22/+/2/+G8NFwsya9/q1gunOxy0RrgWv53AAAA8H+R5t+BT9KRxXKajow0vsO/J+5I6zOzc48fm3nn1FTju/KD0ZeWI10DxXhofbpeG0vmi3dsjI+OF2PF5XjpoWLc+LOebXl9ZHKmPlVx7tDttrc5/zN/9FQdHbDOti27dLx/wwMBKtA6j54urZ5/NVwM4Hbl99rQvVY5/9ONigPYeO7/0L2WO//Pt9TNBcDtyf0fupfzH7pU+n3VEQAVcv+HrrSW3/WvY2Hr5gijmsJm3Sl5IaIspJsiHoV1KlR9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwIAAP//2wzmew==") ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) r7 = getpid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x70bd27, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_PID={0x8, 0x1c, r7}]}, 0x24}, 0x1, 0x10000000}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000"], 0x50) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0x7}, 0x18) syz_usbip_server_init(0x2) 149.202024ms ago: executing program 0 (id=333): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0xfffe, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x1}, 0x865) setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000240), 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) semtimedop(0x0, 0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x400c840) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xffff, 0xffff}, {0x5, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 0s ago: executing program 1 (id=334): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_emit_ethernet(0x12, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x200, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, r1, 0x903, 0x650c0}}, 0x20}, 0x1, 0x0, 0x0, 0x20040000}, 0x4008040) setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, 0x0, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0xfffffffffffffdca, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r1, {0x10, 0x4}, {}, {0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x24060050}, 0x8000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.60' (ED25519) to the list of known hosts. syzkaller login: [ 74.138144][ T5772] cgroup: Unknown subsys name 'net' [ 74.273447][ T5772] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.909715][ T5772] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.303072][ T5796] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.312127][ T5796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.320527][ T5796] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.333774][ T5796] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.340845][ T5795] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.343317][ T5794] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.349318][ T5796] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.356822][ T5795] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.364371][ T5796] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.372741][ T5795] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.378103][ T5796] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.385711][ T5795] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.396023][ T5796] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.398766][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.411886][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.413049][ T5795] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.427240][ T5798] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.434772][ T5798] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 78.442373][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.449956][ T5796] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 78.457853][ T5798] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.465468][ T5796] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.473027][ T5798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.500434][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.085274][ T5783] chnl_net:caif_netlink_parms(): no params data found [ 79.096394][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 79.121999][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 79.165705][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 79.369529][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.376899][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.385550][ T5783] bridge_slave_0: entered allmulticast mode [ 79.392729][ T5783] bridge_slave_0: entered promiscuous mode [ 79.406593][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.413758][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.421171][ T5784] bridge_slave_0: entered allmulticast mode [ 79.428363][ T5784] bridge_slave_0: entered promiscuous mode [ 79.437209][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.444422][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.451624][ T5784] bridge_slave_1: entered allmulticast mode [ 79.459423][ T5784] bridge_slave_1: entered promiscuous mode [ 79.490681][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.498013][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.505319][ T5783] bridge_slave_1: entered allmulticast mode [ 79.512400][ T5783] bridge_slave_1: entered promiscuous mode [ 79.544345][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.551567][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.559187][ T5786] bridge_slave_0: entered allmulticast mode [ 79.567159][ T5786] bridge_slave_0: entered promiscuous mode [ 79.626661][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.633836][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.641557][ T5786] bridge_slave_1: entered allmulticast mode [ 79.649385][ T5786] bridge_slave_1: entered promiscuous mode [ 79.659802][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.672029][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.681419][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.688700][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.696226][ T5785] bridge_slave_0: entered allmulticast mode [ 79.703359][ T5785] bridge_slave_0: entered promiscuous mode [ 79.715319][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.750094][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.757511][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.764897][ T5785] bridge_slave_1: entered allmulticast mode [ 79.771956][ T5785] bridge_slave_1: entered promiscuous mode [ 79.781425][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.856635][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.869421][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.882131][ T5783] team0: Port device team_slave_0 added [ 79.904887][ T5784] team0: Port device team_slave_0 added [ 79.914041][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.944524][ T5783] team0: Port device team_slave_1 added [ 79.952179][ T5784] team0: Port device team_slave_1 added [ 79.960339][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.036422][ T5786] team0: Port device team_slave_0 added [ 80.045591][ T5786] team0: Port device team_slave_1 added [ 80.065305][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.072323][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.098888][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.136544][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.143700][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.169826][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.182523][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.189905][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.217049][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.237778][ T5785] team0: Port device team_slave_0 added [ 80.272643][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.284623][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.314238][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.327750][ T5785] team0: Port device team_slave_1 added [ 80.351467][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.358597][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.385118][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.443946][ T5784] hsr_slave_0: entered promiscuous mode [ 80.450666][ T5784] hsr_slave_1: entered promiscuous mode [ 80.461725][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.469249][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.495494][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.507340][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.515380][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.520560][ T5790] Bluetooth: hci0: command tx timeout [ 80.541702][ T5798] Bluetooth: hci1: command tx timeout [ 80.542082][ T51] Bluetooth: hci2: command tx timeout [ 80.559323][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.588505][ T5783] hsr_slave_0: entered promiscuous mode [ 80.595606][ T5783] hsr_slave_1: entered promiscuous mode [ 80.596971][ T5790] Bluetooth: hci3: command tx timeout [ 80.607567][ T5783] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.616173][ T5783] Cannot create hsr debugfs directory [ 80.647689][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.654958][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.682745][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.776895][ T5785] hsr_slave_0: entered promiscuous mode [ 80.783461][ T5785] hsr_slave_1: entered promiscuous mode [ 80.790181][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.799133][ T5785] Cannot create hsr debugfs directory [ 80.863599][ T5786] hsr_slave_0: entered promiscuous mode [ 80.871221][ T5786] hsr_slave_1: entered promiscuous mode [ 80.877844][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.885605][ T5786] Cannot create hsr debugfs directory [ 81.232887][ T5784] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.252379][ T5784] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.267193][ T5784] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.278448][ T5784] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.387573][ T5783] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.408099][ T5783] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.420934][ T5783] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.439727][ T5783] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.531300][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.542343][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.561387][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.572815][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.671935][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.682231][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.702691][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.713516][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.754005][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.819647][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.861031][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.875937][ T5783] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.890266][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.897706][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.931013][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.938215][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.950038][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.957221][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.992415][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.999653][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.110687][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.176819][ T5783] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.221532][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.251022][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.270704][ T1125] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.277986][ T1125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.338289][ T1125] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.345546][ T1125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.380948][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.441639][ T2930] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.448895][ T2930] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.495310][ T2930] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.502561][ T2930] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.595010][ T5790] Bluetooth: hci0: command tx timeout [ 82.600099][ T51] Bluetooth: hci2: command tx timeout [ 82.600526][ T5790] Bluetooth: hci1: command tx timeout [ 82.675704][ T5790] Bluetooth: hci3: command tx timeout [ 82.756848][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.918225][ T5784] veth0_vlan: entered promiscuous mode [ 82.938489][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.974073][ T5784] veth1_vlan: entered promiscuous mode [ 83.047137][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.138909][ T5783] veth0_vlan: entered promiscuous mode [ 83.152650][ T5784] veth0_macvtap: entered promiscuous mode [ 83.169378][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.189721][ T5785] veth0_vlan: entered promiscuous mode [ 83.201087][ T5783] veth1_vlan: entered promiscuous mode [ 83.212094][ T5784] veth1_macvtap: entered promiscuous mode [ 83.233858][ T5785] veth1_vlan: entered promiscuous mode [ 83.255090][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.288294][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.319094][ T5784] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.329388][ T5784] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.338605][ T5784] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.348827][ T5784] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.411397][ T5786] veth0_vlan: entered promiscuous mode [ 83.423937][ T5783] veth0_macvtap: entered promiscuous mode [ 83.435190][ T5785] veth0_macvtap: entered promiscuous mode [ 83.459868][ T5786] veth1_vlan: entered promiscuous mode [ 83.468974][ T5783] veth1_macvtap: entered promiscuous mode [ 83.493690][ T5785] veth1_macvtap: entered promiscuous mode [ 83.540234][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.551884][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.563946][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.588793][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.599628][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.612626][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.643976][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.657599][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.667661][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.669050][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.686517][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.695676][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.731748][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.743134][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.753712][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.764626][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.776806][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.787942][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.798874][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.811680][ T5783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.822400][ T5783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.834036][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.876626][ T5783] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.886050][ T5783] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.895008][ T5783] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.903778][ T5783] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.926452][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.939342][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.950022][ T5786] veth0_macvtap: entered promiscuous mode [ 83.975321][ T5786] veth1_macvtap: entered promiscuous mode [ 84.098730][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.118191][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.129014][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.139760][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.149905][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.160590][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.172227][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.185810][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.196775][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.200918][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.208094][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.226774][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.227042][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.244605][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.256748][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.269739][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.348289][ T5786] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.368892][ T5786] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.380341][ T5786] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.384337][ T5874] syz.0.1[5874]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 84.389346][ T5786] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.442594][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.446278][ T5874] loop0: detected capacity change from 0 to 2048 [ 84.457353][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.467152][ T5874] EXT4-fs: quotafile must be on filesystem root [ 84.501327][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.517521][ T5802] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 84.533121][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.642699][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.676596][ T5798] Bluetooth: hci1: command tx timeout [ 84.676611][ T51] Bluetooth: hci0: command tx timeout [ 84.688206][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.689184][ T5790] Bluetooth: hci2: command tx timeout [ 84.754538][ T5790] Bluetooth: hci3: command tx timeout [ 84.861999][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.899154][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.966015][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.003242][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.263804][ T28] audit: type=1326 audit(1764534935.561:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.294761][ T28] audit: type=1326 audit(1764534935.561:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.327884][ T28] audit: type=1326 audit(1764534935.571:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.349730][ T5883] loop2: detected capacity change from 0 to 1024 [ 85.377176][ T5883] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 85.424760][ T5883] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 85.448748][ T28] audit: type=1326 audit(1764534935.571:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.473423][ T5883] JBD2: no valid journal superblock found [ 85.510671][ T5883] EXT4-fs (loop2): Could not load journal inode [ 85.549099][ T28] audit: type=1326 audit(1764534935.571:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.624064][ T28] audit: type=1326 audit(1764534935.571:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.660426][ T28] audit: type=1326 audit(1764534935.571:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.712154][ T28] audit: type=1326 audit(1764534935.581:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.743510][ T28] audit: type=1326 audit(1764534935.581:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 85.779074][ T28] audit: type=1326 audit(1764534935.581:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 86.757308][ T5790] Bluetooth: hci2: command tx timeout [ 86.757982][ T5798] Bluetooth: hci1: command tx timeout [ 86.764806][ T5790] Bluetooth: hci0: command tx timeout [ 86.835097][ T5790] Bluetooth: hci3: command tx timeout [ 90.388272][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 90.388288][ T28] audit: type=1326 audit(1764534940.691:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 90.424647][ T28] audit: type=1326 audit(1764534940.691:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 90.469633][ T28] audit: type=1326 audit(1764534940.701:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 90.514394][ T28] audit: type=1326 audit(1764534940.811:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 90.542608][ T28] audit: type=1326 audit(1764534940.811:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.2.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 90.711508][ T5963] loop2: detected capacity change from 0 to 1024 [ 90.732697][ T5963] EXT4-fs: Ignoring removed orlov option [ 90.825601][ T5963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.892685][ T28] audit: type=1800 audit(1764534941.191:52): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.34" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 90.941676][ T28] audit: type=1804 audit(1764534941.191:53): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.34" name="/newroot/10/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 90.999302][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.807914][ T5993] loop2: detected capacity change from 0 to 512 [ 91.820934][ T5993] ======================================================= [ 91.820934][ T5993] WARNING: The mand mount option has been deprecated and [ 91.820934][ T5993] and is ignored by this kernel. Remove the mand [ 91.820934][ T5993] option from the mount to silence this warning. [ 91.820934][ T5993] ======================================================= [ 91.877131][ T5993] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 91.894684][ T5993] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 91.920425][ T5993] EXT4-fs (loop2): orphan cleanup on readonly fs [ 91.954404][ T5993] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 91.988920][ T5993] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 92.013975][ T5993] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 92.077679][ T5993] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.43: bg 0: block 40: padding at end of block bitmap is not set [ 92.111919][ T5993] EXT4-fs (loop2): Remounting filesystem read-only [ 92.132557][ T5993] EXT4-fs (loop2): 1 truncate cleaned up [ 92.141493][ T5993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 92.222332][ T786] cfg80211: failed to load regulatory.db [ 92.282024][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.463012][ T5999] loop0: detected capacity change from 0 to 2048 [ 92.558038][ T5999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 92.777562][ T6009] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 92.849785][ T6009] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 60 with max blocks 4 with error 28 [ 92.875924][ T6009] EXT4-fs (loop0): This should not happen!! Data will be lost [ 92.875924][ T6009] [ 92.911270][ T6009] EXT4-fs (loop0): Total free blocks count 0 [ 92.926391][ T6009] EXT4-fs (loop0): Free/Dirty block details [ 92.932521][ T6009] EXT4-fs (loop0): free_blocks=2415919104 [ 92.953811][ T6009] EXT4-fs (loop0): dirty_blocks=80 [ 92.967122][ T6009] EXT4-fs (loop0): Block reservation details [ 92.973245][ T6009] EXT4-fs (loop0): i_reserved_data_blocks=5 [ 94.853773][ T5998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.45'. [ 94.882469][ T6017] bridge_slave_0: left allmulticast mode [ 94.890534][ T6017] bridge_slave_0: left promiscuous mode [ 94.903491][ T6017] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.919610][ T12] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 94.937517][ T6017] bridge_slave_1: left allmulticast mode [ 94.943258][ T6017] bridge_slave_1: left promiscuous mode [ 94.965476][ T6017] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.009676][ T6017] bond0: (slave bond_slave_0): Releasing backup interface [ 95.043755][ T6021] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 95.106208][ T6017] bond0: (slave bond_slave_1): Releasing backup interface [ 95.209756][ T6017] team0: Port device team_slave_0 removed [ 95.244122][ T6017] team0: Port device team_slave_1 removed [ 95.272788][ T6017] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.305434][ T6017] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.339653][ T6017] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.348767][ T6017] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.368435][ T6018] netlink: 'syz.2.50': attribute type 10 has an invalid length. [ 95.380229][ T6018] netlink: 40 bytes leftover after parsing attributes in process `syz.2.50'. [ 95.431102][ T6018] batman_adv: batadv0: Adding interface: virt_wifi0 [ 95.445248][ T6018] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.506056][ T6018] batman_adv: batadv0: Interface activated: virt_wifi0 [ 95.724531][ T6043] loop0: detected capacity change from 0 to 512 [ 95.781143][ T6043] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 95.913814][ T6048] netlink: 4 bytes leftover after parsing attributes in process `syz.2.59'. [ 96.022667][ T6048] loop2: detected capacity change from 0 to 2048 [ 96.052413][ T6051] syz.3.61[6051] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.052559][ T6051] syz.3.61[6051] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.082347][ T6048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 96.151976][ T28] audit: type=1326 audit(1764534946.441:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.226143][ T28] audit: type=1326 audit(1764534946.441:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.254009][ T28] audit: type=1326 audit(1764534946.441:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.331114][ T28] audit: type=1326 audit(1764534946.441:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.371537][ T6061] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 96.404800][ T28] audit: type=1326 audit(1764534946.441:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.417795][ T6061] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 280 with error 28 [ 96.509259][ T6061] EXT4-fs (loop2): This should not happen!! Data will be lost [ 96.509259][ T6061] [ 96.516794][ T28] audit: type=1326 audit(1764534946.441:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.541764][ T6061] EXT4-fs (loop2): Total free blocks count 0 [ 96.541791][ T6061] EXT4-fs (loop2): Free/Dirty block details [ 96.541807][ T6061] EXT4-fs (loop2): free_blocks=2415919104 [ 96.541834][ T6061] EXT4-fs (loop2): dirty_blocks=288 [ 96.541849][ T6061] EXT4-fs (loop2): Block reservation details [ 96.541862][ T6061] EXT4-fs (loop2): i_reserved_data_blocks=18 [ 96.610300][ T28] audit: type=1326 audit(1764534946.441:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.694449][ T28] audit: type=1326 audit(1764534946.441:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.776601][ T28] audit: type=1326 audit(1764534946.441:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.823834][ T28] audit: type=1326 audit(1764534946.441:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2f78f749 code=0x7ffc0000 [ 96.985824][ T31] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 97.502944][ T6094] serio: Serial port ptm0 [ 100.116420][ T6105] pimreg: entered allmulticast mode [ 100.122196][ T6106] pimreg: left allmulticast mode [ 100.149986][ T6109] netlink: 24 bytes leftover after parsing attributes in process `syz.2.75'. [ 100.384644][ T6119] Zero length message leads to an empty skb [ 100.456764][ T6122] loop1: detected capacity change from 0 to 512 [ 100.464362][ T6122] EXT4-fs: Ignoring removed orlov option [ 100.474605][ T6122] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 100.485913][ T6122] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 100.496093][ T6122] EXT4-fs (loop1): group descriptors corrupted! [ 100.541403][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.3.78'. [ 100.571735][ T6123] loop3: detected capacity change from 0 to 2048 [ 100.693844][ T6123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 100.965118][ T6123] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 101.055062][ T6123] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 248 with error 28 [ 101.073662][ T6123] EXT4-fs (loop3): This should not happen!! Data will be lost [ 101.073662][ T6123] [ 101.112709][ T6123] EXT4-fs (loop3): Total free blocks count 0 [ 101.120066][ T6123] EXT4-fs (loop3): Free/Dirty block details [ 101.129887][ T6123] EXT4-fs (loop3): free_blocks=2415919104 [ 101.139461][ T6123] EXT4-fs (loop3): dirty_blocks=256 [ 101.152294][ T6123] EXT4-fs (loop3): Block reservation details [ 101.166871][ T6123] EXT4-fs (loop3): i_reserved_data_blocks=16 [ 101.464918][ T12] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 103.073213][ T6169] loop1: detected capacity change from 0 to 256 [ 103.143939][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 103.143956][ T28] audit: type=1800 audit(1764534953.441:89): pid=6169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.97" name="bus" dev="loop1" ino=1048592 res=0 errno=0 [ 103.206813][ T28] audit: type=1804 audit(1764534953.491:90): pid=6169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.97" name="/newroot/20/bus/bus" dev="loop1" ino=1048592 res=1 errno=0 [ 103.432300][ T6172] loop1: detected capacity change from 0 to 2048 [ 103.439772][ T6171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.98'. [ 103.526776][ T6162] Falling back ldisc for ttyS3. [ 103.566419][ T6172] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 103.791901][ T6172] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 103.870376][ T6184] serio: Serial port ttyS3 [ 103.912799][ T6172] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 374 with error 28 [ 103.940648][ T6172] EXT4-fs (loop1): This should not happen!! Data will be lost [ 103.940648][ T6172] [ 103.963455][ T6172] EXT4-fs (loop1): Total free blocks count 0 [ 103.973380][ T6172] EXT4-fs (loop1): Free/Dirty block details [ 103.986498][ T6172] EXT4-fs (loop1): free_blocks=2415919104 [ 103.992332][ T6172] EXT4-fs (loop1): dirty_blocks=384 [ 103.998738][ T6172] EXT4-fs (loop1): Block reservation details [ 104.022283][ T6172] EXT4-fs (loop1): i_reserved_data_blocks=24 [ 104.404771][ T59] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 105.152427][ T28] audit: type=1326 audit(1764534955.451:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.226150][ T28] audit: type=1326 audit(1764534955.481:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.260351][ T28] audit: type=1326 audit(1764534955.481:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.304395][ T28] audit: type=1326 audit(1764534955.491:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.360496][ T28] audit: type=1326 audit(1764534955.491:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.408215][ T28] audit: type=1326 audit(1764534955.491:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.431978][ T28] audit: type=1326 audit(1764534955.491:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 105.477727][ T28] audit: type=1326 audit(1764534955.491:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 106.325695][ T6248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.130'. [ 106.395307][ T6248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.130'. [ 106.853422][ T6271] syz.3.137 uses obsolete (PF_INET,SOCK_PACKET) [ 106.988424][ T6278] usb usb3: usbfs: process 6278 (syz.3.137) did not claim interface 0 before use [ 108.335744][ T6286] loop1: detected capacity change from 0 to 1024 [ 108.343548][ T6286] EXT4-fs: Ignoring removed nomblk_io_submit option [ 108.419075][ T6286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.623945][ T6286] netlink: 'syz.1.142': attribute type 30 has an invalid length. [ 108.651055][ T6286] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 108.660587][ T6286] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 108.669518][ T6286] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 108.678473][ T6286] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 108.712506][ T6286] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 108.721801][ T6286] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 108.730786][ T6286] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 108.739784][ T6286] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 108.933590][ T6295] syz.0.145 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 108.985931][ T6295] netlink: 'syz.0.145': attribute type 12 has an invalid length. [ 109.004075][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.128604][ T6303] ip6tnl0: entered promiscuous mode [ 109.135462][ T6303] ip6tnl0: entered allmulticast mode [ 109.535187][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 109.535202][ T28] audit: type=1326 audit(1764534959.841:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 109.538342][ T6314] loop0: detected capacity change from 0 to 1024 [ 109.542053][ T28] audit: type=1326 audit(1764534959.841:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 109.586893][ T6307] loop1: detected capacity change from 0 to 8192 [ 109.719230][ T28] audit: type=1326 audit(1764534959.901:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 109.743716][ T6314] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.782640][ T28] audit: type=1326 audit(1764534959.901:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 109.838879][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.545594][ T28] audit: type=1326 audit(1764534960.841:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6335 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 110.604434][ T28] audit: type=1326 audit(1764534960.841:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6335 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 110.705918][ T28] audit: type=1326 audit(1764534960.841:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6335 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 110.772672][ T6342] syz.1.167[6342] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 110.772816][ T6342] syz.1.167[6342] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 110.782715][ T28] audit: type=1326 audit(1764534960.841:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6335 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f945858f749 code=0x7ffc0000 [ 110.852189][ T28] audit: type=1326 audit(1764534960.911:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 110.878416][ T28] audit: type=1326 audit(1764534960.911:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 111.367810][ T6357] netlink: 'syz.2.174': attribute type 29 has an invalid length. [ 111.423607][ T6362] netlink: 12 bytes leftover after parsing attributes in process `syz.1.176'. [ 111.475945][ T6365] netlink: 28 bytes leftover after parsing attributes in process `syz.2.174'. [ 113.823564][ T6357] netlink: 'syz.2.174': attribute type 29 has an invalid length. [ 113.832299][ T6370] tipc: Started in network mode [ 113.843883][ T6370] tipc: Node identity ac14140f, cluster identity 4711 [ 113.852782][ T6370] tipc: New replicast peer: 255.255.255.255 [ 113.869472][ T6370] tipc: Enabled bearer , priority 10 [ 114.623425][ T6412] atomic_op ffff88801e3f4198 conn xmit_atomic 0000000000000000 [ 115.363072][ T28] kauditd_printk_skb: 56 callbacks suppressed [ 115.363089][ T28] audit: type=1326 audit(1764534965.661:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.401092][ T28] audit: type=1326 audit(1764534965.661:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.423620][ T28] audit: type=1326 audit(1764534965.661:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.446047][ T28] audit: type=1326 audit(1764534965.661:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.469731][ T28] audit: type=1326 audit(1764534965.661:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.492510][ T28] audit: type=1326 audit(1764534965.661:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 115.514936][ T28] audit: type=1326 audit(1764534965.661:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6421 comm="syz.2.200" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x0 [ 117.004332][ T5872] tipc: Node number set to 2886997007 [ 117.274385][ T6443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.210'. [ 117.337671][ T6443] : entered promiscuous mode [ 118.756126][ T28] audit: type=1326 audit(1764534969.061:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6460 comm="syz.2.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 118.821482][ T28] audit: type=1326 audit(1764534969.061:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6460 comm="syz.2.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 118.862712][ T28] audit: type=1326 audit(1764534969.061:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6460 comm="syz.2.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 118.940052][ T6465] program syz.3.216 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 119.802233][ T6487] mmap: syz.0.225 (6487) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 119.927200][ T6489] loop0: detected capacity change from 0 to 256 [ 119.936471][ T6489] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 122.115922][ T6517] netlink: 12 bytes leftover after parsing attributes in process `syz.0.235'. [ 123.319626][ T6517] : entered promiscuous mode [ 123.548358][ T6524] netlink: 12 bytes leftover after parsing attributes in process `syz.3.238'. [ 124.547653][ T6530] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 124.557353][ T6530] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 124.580789][ T6530] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 124.601870][ T6530] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.611561][ T6530] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.622034][ T6530] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.637603][ T6530] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.644659][ T6530] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.661600][ T6530] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 124.678555][ T6530] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.687752][ T6530] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.703220][ T6530] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 125.099094][ T6566] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 125.179293][ T6571] loop2: detected capacity change from 0 to 2048 [ 125.283196][ T6572] loop0: detected capacity change from 0 to 764 [ 125.312449][ T6571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.444498][ T6572] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 125.499042][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.550471][ T6572] Symlink component flag not implemented [ 125.660638][ T6572] Symlink component flag not implemented (7) [ 125.770864][ T6589] lo speed is unknown, defaulting to 1000 [ 125.780447][ T6589] lo speed is unknown, defaulting to 1000 [ 125.830619][ T6589] lo speed is unknown, defaulting to 1000 [ 125.871575][ T6589] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 125.879594][ T5790] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.907075][ T6592] loop1: detected capacity change from 0 to 1024 [ 125.935067][ T6589] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 125.963291][ T6592] EXT4-fs: Ignoring removed orlov option [ 126.028902][ T6592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.155253][ T6589] lo speed is unknown, defaulting to 1000 [ 126.234795][ T6589] lo speed is unknown, defaulting to 1000 [ 126.243433][ T6589] lo speed is unknown, defaulting to 1000 [ 126.252526][ T6589] lo speed is unknown, defaulting to 1000 [ 126.539133][ T6600] netlink: 'syz.0.266': attribute type 1 has an invalid length. [ 126.552822][ T6600] netlink: 'syz.0.266': attribute type 2 has an invalid length. [ 126.557823][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.267'. [ 126.561702][ T6600] netlink: 16 bytes leftover after parsing attributes in process `syz.0.266'. [ 126.588572][ T6604] netlink: 32 bytes leftover after parsing attributes in process `syz.2.267'. [ 126.674987][ T5790] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.681131][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.702388][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.754782][ T5790] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.285792][ T28] kauditd_printk_skb: 42 callbacks suppressed [ 127.285809][ T28] audit: type=1326 audit(1764534977.581:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.342087][ T28] audit: type=1326 audit(1764534977.581:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.369205][ T28] audit: type=1326 audit(1764534977.581:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.484676][ T28] audit: type=1326 audit(1764534977.581:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.519517][ T28] audit: type=1326 audit(1764534977.581:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.548195][ T28] audit: type=1326 audit(1764534977.581:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.576223][ T28] audit: type=1326 audit(1764534977.581:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.580478][ T6630] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.650017][ T28] audit: type=1326 audit(1764534977.581:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.675683][ T6637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.282'. [ 127.721250][ T28] audit: type=1326 audit(1764534977.581:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.751616][ T28] audit: type=1326 audit(1764534977.581:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40e98f749 code=0x7ffc0000 [ 127.842945][ T6630] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.954516][ T5790] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.081425][ T6630] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.256990][ T6630] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.505146][ T6630] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.557473][ T6630] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.609377][ T6630] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.666244][ T6630] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.754831][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.762158][ T5790] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.834591][ T5790] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.845148][ T6662] tipc: Started in network mode [ 128.850110][ T6662] tipc: Node identity ea63cd838fd6, cluster identity 4711 [ 128.902827][ T6662] tipc: Enabled bearer , priority 0 [ 128.931146][ T6671] syzkaller0: entered promiscuous mode [ 128.951721][ T6671] syzkaller0: entered allmulticast mode [ 129.008588][ T6666] bridge_slave_0: left allmulticast mode [ 129.028953][ T6666] bridge_slave_0: left promiscuous mode [ 129.038641][ T6666] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.053099][ T6666] bridge_slave_1: left allmulticast mode [ 129.067336][ T6666] bridge_slave_1: left promiscuous mode [ 129.081065][ T6666] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.098101][ T6666] bond0: (slave bond_slave_0): Releasing backup interface [ 129.135958][ T6666] bond0: (slave bond_slave_1): Releasing backup interface [ 129.198581][ T6666] team0: Port device team_slave_0 removed [ 129.253294][ T6666] team0: Port device team_slave_1 removed [ 129.265387][ T6666] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.283675][ T6666] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.303650][ T6666] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.315351][ T6666] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.354678][ T6672] netlink: 'syz.0.298': attribute type 10 has an invalid length. [ 129.362490][ T6672] netlink: 40 bytes leftover after parsing attributes in process `syz.0.298'. [ 129.397641][ T6672] batman_adv: batadv0: Adding interface: virt_wifi0 [ 129.412261][ T6672] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.451448][ T6672] batman_adv: batadv0: Interface activated: virt_wifi0 [ 129.520589][ T6677] netlink: 'syz.3.300': attribute type 7 has an invalid length. [ 129.529928][ T6677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.300'. [ 129.559435][ T6678] tipc: Resetting bearer [ 129.600084][ T6662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.295'. [ 129.614564][ T6662] netem: change failed [ 129.647017][ T6661] tipc: Resetting bearer [ 129.723064][ T6661] tipc: Disabling bearer [ 130.034464][ T5790] Bluetooth: hci0: command 0x0c1a tx timeout [ 130.833764][ T6725] 9pnet: Could not find request transport: r [ 130.840462][ T5798] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.846833][ T5790] Bluetooth: hci2: command 0x0c1a tx timeout [ 130.914334][ T5790] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.432433][ T6745] loop1: detected capacity change from 0 to 2048 [ 131.493621][ T6745] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.653636][ T6745] EXT4-fs error (device loop1): ext4_find_extent:936: inode #2: comm syz.1.329: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 131.694708][ T6722] syz.2.319: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 131.703386][ T6745] EXT4-fs (loop1): Remounting filesystem read-only [ 131.730510][ T6722] CPU: 1 PID: 6722 Comm: syz.2.319 Not tainted syzkaller #0 [ 131.737969][ T6722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 131.748072][ T6722] Call Trace: [ 131.751377][ T6722] [ 131.754338][ T6722] dump_stack_lvl+0x16c/0x230 [ 131.759065][ T6722] ? show_regs_print_info+0x20/0x20 [ 131.764292][ T6722] ? load_image+0x3b0/0x3b0 [ 131.768830][ T6722] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 131.775288][ T6722] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 131.781820][ T6722] warn_alloc+0x210/0x300 [ 131.786185][ T6722] ? zone_watermark_ok_safe+0x230/0x230 [ 131.791767][ T6722] ? _raw_spin_unlock+0x28/0x40 [ 131.796649][ T6722] __vmalloc_node_range+0x662/0x1320 [ 131.801956][ T6722] ? __asan_memset+0x22/0x40 [ 131.806592][ T6722] ? free_vm_area+0x50/0x50 [ 131.811115][ T6722] ? kvmalloc_node+0x70/0x180 [ 131.815816][ T6722] ? rcu_is_watching+0x15/0xb0 [ 131.820612][ T6722] ? kvmalloc_node+0x70/0x180 [ 131.825310][ T6722] ? trace_kmalloc+0x1f/0xa0 [ 131.829937][ T6722] kvmalloc_node+0x13f/0x180 [ 131.834563][ T6722] ? translate_table+0x19c/0x2020 [ 131.839628][ T6722] translate_table+0x19c/0x2020 [ 131.844570][ T6722] ? ip6t_register_table+0x7b0/0x7b0 [ 131.849899][ T6722] ? __might_fault+0xaa/0x120 [ 131.854617][ T6722] ? __lock_acquire+0x7c80/0x7c80 [ 131.859797][ T6722] ? __virt_addr_valid+0x18c/0x540 [ 131.865061][ T6722] ? __might_fault+0xaa/0x120 [ 131.869772][ T6722] ? __might_fault+0xc6/0x120 [ 131.874523][ T6722] ? __might_fault+0xaa/0x120 [ 131.879258][ T6722] do_ip6t_set_ctl+0x969/0xcd0 [ 131.884074][ T6722] ? ip6t_unregister_table_exit+0x230/0x230 [ 131.890002][ T6722] ? __lock_acquire+0x7c80/0x7c80 [ 131.895308][ T6722] ? rcu_is_watching+0x15/0xb0 [ 131.900100][ T6722] ? trace_contention_end+0x39/0xe0 [ 131.905340][ T6722] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 131.911003][ T6722] ? mutex_unlock+0x10/0x10 [ 131.915529][ T6722] ? __might_sleep+0xe0/0xe0 [ 131.920142][ T6722] ? mutex_lock_nested+0x20/0x20 [ 131.925133][ T6722] nf_setsockopt+0x263/0x280 [ 131.929746][ T6722] ? sock_common_recvmsg+0x1b0/0x1b0 [ 131.935063][ T6722] smc_setsockopt+0x229/0xab0 [ 131.939786][ T6722] ? smc_shutdown+0x9b0/0x9b0 [ 131.944500][ T6722] ? __fget_files+0x28/0x4d0 [ 131.949133][ T6722] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 131.954706][ T6722] ? security_socket_setsockopt+0x7e/0xa0 [ 131.960443][ T6722] ? smc_shutdown+0x9b0/0x9b0 [ 131.965165][ T6722] do_sock_setsockopt+0x175/0x1a0 [ 131.970227][ T6722] ? __fdget+0x180/0x210 [ 131.974502][ T6722] __x64_sys_setsockopt+0x184/0x200 [ 131.979737][ T6722] do_syscall_64+0x55/0xb0 [ 131.984200][ T6722] ? clear_bhb_loop+0x40/0x90 [ 131.989021][ T6722] ? clear_bhb_loop+0x40/0x90 [ 131.993734][ T6722] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 131.999652][ T6722] RIP: 0033:0x7fc40e98f749 [ 132.004115][ T6722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.023754][ T6722] RSP: 002b:00007fc40f839038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 132.032189][ T6722] RAX: ffffffffffffffda RBX: 00007fc40ebe5fa0 RCX: 00007fc40e98f749 [ 132.040181][ T6722] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 132.048173][ T6722] RBP: 00007fc40ea13f91 R08: 0000000000000330 R09: 0000000000000000 [ 132.056166][ T6722] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.064184][ T6722] R13: 00007fc40ebe6038 R14: 00007fc40ebe5fa0 R15: 00007ffe2b09ead8 [ 132.072200][ T6722] [ 132.076099][ T6722] Mem-Info: [ 132.079761][ T6722] active_anon:5659 inactive_anon:0 isolated_anon:0 [ 132.079761][ T6722] active_file:1216 inactive_file:39893 isolated_file:0 [ 132.079761][ T6722] unevictable:768 dirty:61 writeback:0 [ 132.079761][ T6722] slab_reclaimable:9981 slab_unreclaimable:90807 [ 132.079761][ T6722] mapped:24324 shmem:1611 pagetables:519 [ 132.079761][ T6722] sec_pagetables:0 bounce:0 [ 132.079761][ T6722] kernel_misc_reclaimable:0 [ 132.079761][ T6722] free:1345853 free_pcp:12201 free_cma:0 [ 132.125578][ T6722] Node 0 active_anon:22636kB inactive_anon:0kB active_file:4864kB inactive_file:159368kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97296kB dirty:244kB writeback:0kB shmem:4908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11288kB pagetables:2076kB sec_pagetables:0kB all_unreclaimable? no [ 132.160242][ T6722] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 132.198868][ T6722] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 132.226446][ T6722] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 132.232300][ T6722] Node 0 DMA32 free:1470880kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:22548kB inactive_anon:0kB active_file:4864kB inactive_file:158084kB unevictable:1536kB writepending:244kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:29716kB local_pcp:14824kB free_cma:0kB [ 132.277311][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.285284][ T6722] lowmem_reserve[]: 0 0 1 1 1 [ 132.291180][ T6722] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 132.319639][ T6722] lowmem_reserve[]: 0 0 0 0 0 [ 132.324631][ T6722] Node 1 Normal free:3899216kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18368kB local_pcp:9984kB free_cma:0kB [ 132.365010][ T6757] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.373843][ T6757] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.382939][ T6757] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.392030][ T6757] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.392091][ T6722] lowmem_reserve[]: 0 0 0 0 0 [ 132.432166][ T6722] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 132.462070][ T6757] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.471523][ T6757] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.480938][ T6757] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.484430][ T6722] Node 0 DMA32: 2*4kB (UE) 2*8kB (ME) 67*16kB (UME) 55*32kB (ME) 21*64kB (ME) 13*128kB (UME) [ 132.489981][ T6757] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.530281][ T6755] loop3: detected capacity change from 0 to 512 [ 132.539172][ T6722] 14*256kB (UM) 9*512kB (M) 10*1024kB (UME) 2*2048kB (ME) 352*4096kB (M) = 1470184kB [ 132.557865][ T6722] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 132.571544][ T6722] Node 1 Normal: 226*4kB (UM) 51*8kB (UME) 47*16kB (UME) 58*32kB (UME) 18*64kB (UME) 11*128kB (UME) 2*256kB (UM) 2*512kB (UE) 2*1024kB (UE) 1*2048kB (E) 949*4096kB (M) = 3899216kB [ 132.596341][ T6722] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 132.610042][ T6722] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 132.613991][ T6755] ------------[ cut here ]------------ [ 132.619744][ T6722] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 132.625434][ T6755] EA inode 11 i_nlink=2 [ 132.635145][ T6722] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 132.649168][ T6722] 42764 total pagecache pages [ 132.655357][ T6722] 0 pages in swap cache [ 132.659704][ T6722] Free swap = 124996kB [ 132.663905][ T6722] Total swap = 124996kB [ 132.668222][ T6722] 2097051 pages RAM [ 132.672234][ T6722] 0 pages HighMem/MovableOnly [ 132.677067][ T6755] WARNING: CPU: 1 PID: 6755 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.677107][ T6722] 416138 pages reserved [ 132.677123][ T6755] Modules linked in: [ 132.687395][ T6722] 0 pages cma reserved [ 132.691613][ T6755] [ 132.691625][ T6755] CPU: 1 PID: 6755 Comm: syz.3.332 Not tainted syzkaller #0 [ 132.709449][ T6755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 132.719917][ T6755] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 132.726612][ T6755] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 132.746536][ T6755] RSP: 0018:ffffc900031672e0 EFLAGS: 00010246 [ 132.752761][ T6755] RAX: 3dbd768194aa9a00 RBX: 0000000000000002 RCX: 0000000000080000 [ 132.761761][ T6755] RDX: ffffc9000c609000 RSI: 0000000000045ad1 RDI: 0000000000045ad2 [ 132.770268][ T6755] RBP: ffffc900031673d0 R08: ffffc90003166ee7 R09: 1ffff9200062cddc [ 132.778380][ T6755] R10: dffffc0000000000 R11: fffff5200062cddd R12: dffffc0000000000 [ 132.786462][ T6755] R13: ffff88805f9736a8 R14: ffff88805f9734b0 R15: ffff88805f973500 [ 132.794545][ T6755] FS: 00007f527d3f66c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 132.803644][ T6755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.810332][ T6755] CR2: 00007fe6b0db2000 CR3: 0000000077d27000 CR4: 00000000003506e0 [ 132.818403][ T6755] Call Trace: [ 132.821743][ T6755] [ 132.825316][ T6755] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 132.831036][ T6755] ? __ext4_journal_ensure_credits+0x30/0x450 [ 132.837234][ T6755] ext4_xattr_inode_dec_ref_all+0xa2b/0xf90 [ 132.843310][ T6755] ? ext4_xattr_delete_inode+0xc00/0xc00 [ 132.849077][ T6755] ? __ext4_journal_ensure_credits+0x450/0x450 [ 132.856423][ T6755] ext4_xattr_delete_inode+0xa45/0xc00 [ 132.862081][ T6755] ? ext4_reserve_inode_write+0x248/0x2a0 [ 132.868640][ T6755] ? ext4_expand_extra_isize_ea+0x19e0/0x19e0 [ 132.874951][ T6755] ext4_evict_inode+0xaa3/0xea0 [ 132.879877][ T6755] ? _raw_spin_unlock+0x28/0x40 [ 132.884848][ T6755] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.890821][ T6755] ? do_raw_spin_unlock+0x121/0x230 [ 132.896168][ T6755] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 132.902197][ T6755] evict+0x486/0x870 [ 132.906215][ T6755] ? __lock_acquire+0x7c80/0x7c80 [ 132.911323][ T6755] ? proc_nr_inodes+0x230/0x230 [ 132.916393][ T6755] ? do_raw_spin_unlock+0x121/0x230 [ 132.921667][ T6755] ? _raw_spin_unlock+0x28/0x40 [ 132.926649][ T6755] ? iput+0x70a/0x920 [ 132.930789][ T6755] ext4_orphan_cleanup+0xbd4/0x1400 [ 132.936619][ T6755] ? ext4_orphan_del+0xba0/0xba0 [ 132.941650][ T6755] ? ext4_register_li_request+0x183/0x940 [ 132.947518][ T6755] ? errseq_check_and_advance+0x66/0x120 [ 132.953222][ T6755] ext4_fill_super+0x5de4/0x66c0 [ 132.958752][ T6755] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 132.965211][ T6755] ? __might_sleep+0xe0/0xe0 [ 132.969866][ T6755] ? read_lock_is_recursive+0x20/0x20 [ 132.975371][ T6755] ? snprintf+0xdb/0x120 [ 132.979776][ T6755] ? vscnprintf+0x80/0x80 [ 132.984225][ T6755] ? down_write+0x162/0x1f0 [ 132.988785][ T6755] ? down_read_killable+0x340/0x340 [ 132.994037][ T6755] ? setup_bdev_super+0x56b/0x660 [ 132.999421][ T6755] get_tree_bdev+0x3e4/0x510 [ 133.004075][ T6755] ? vfs_parse_fs_string+0x160/0x160 [ 133.009674][ T6755] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 133.016041][ T6755] ? setup_bdev_super+0x660/0x660 [ 133.021130][ T6755] ? apparmor_capable+0x137/0x1a0 [ 133.026299][ T6755] ? bpf_lsm_capable+0x9/0x10 [ 133.031130][ T6755] ? security_capable+0x89/0xb0 [ 133.036083][ T6755] vfs_get_tree+0x8c/0x280 [ 133.040578][ T6755] do_new_mount+0x24b/0xa40 [ 133.045212][ T6755] __se_sys_mount+0x2da/0x3c0 [ 133.049955][ T6755] ? __x64_sys_mount+0xc0/0xc0 [ 133.054838][ T6755] ? lockdep_hardirqs_on+0x98/0x150 [ 133.060622][ T6755] ? __x64_sys_mount+0x20/0xc0 [ 133.065589][ T6755] do_syscall_64+0x55/0xb0 [ 133.070079][ T6755] ? clear_bhb_loop+0x40/0x90 [ 133.074873][ T6755] ? clear_bhb_loop+0x40/0x90 [ 133.079658][ T6755] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 133.085667][ T6755] RIP: 0033:0x7f527f190eea [ 133.090137][ T6755] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.109844][ T6755] RSP: 002b:00007f527d3f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 133.118372][ T6755] RAX: ffffffffffffffda RBX: 00007f527d3f5ef0 RCX: 00007f527f190eea [ 133.126531][ T6755] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f527d3f5eb0 [ 133.134769][ T6755] RBP: 0000200000000180 R08: 00007f527d3f5ef0 R09: 0000000000800700 [ 133.142808][ T6755] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 133.150906][ T6755] R13: 00007f527d3f5eb0 R14: 000000000000046c R15: 0000200000000740 [ 133.159435][ T6755] [ 133.162957][ T6755] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 133.170290][ T6755] CPU: 1 PID: 6755 Comm: syz.3.332 Not tainted syzkaller #0 [ 133.170879][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.171072][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.190119][ T6755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 133.200282][ T6755] Call Trace: [ 133.203577][ T6755] [ 133.206533][ T6755] dump_stack_lvl+0x16c/0x230 [ 133.211249][ T6755] ? show_regs_print_info+0x20/0x20 [ 133.216504][ T6755] ? load_image+0x3b0/0x3b0 [ 133.221079][ T6755] panic+0x2c0/0x710 [ 133.225009][ T6755] ? bpf_jit_dump+0xd0/0xd0 [ 133.229548][ T6755] __warn+0x2e0/0x470 [ 133.233542][ T6755] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 133.239556][ T6755] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 133.245571][ T6755] report_bug+0x2be/0x4f0 [ 133.249924][ T6755] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 133.255930][ T6755] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 133.261934][ T6755] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 133.268034][ T6755] handle_bug+0xcf/0x120 [ 133.272440][ T6755] exc_invalid_op+0x1a/0x50 [ 133.277007][ T6755] asm_exc_invalid_op+0x1a/0x20 [ 133.281895][ T6755] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 133.288523][ T6755] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 133.308172][ T6755] RSP: 0018:ffffc900031672e0 EFLAGS: 00010246 [ 133.314271][ T6755] RAX: 3dbd768194aa9a00 RBX: 0000000000000002 RCX: 0000000000080000 [ 133.322257][ T6755] RDX: ffffc9000c609000 RSI: 0000000000045ad1 RDI: 0000000000045ad2 [ 133.330334][ T6755] RBP: ffffc900031673d0 R08: ffffc90003166ee7 R09: 1ffff9200062cddc [ 133.338323][ T6755] R10: dffffc0000000000 R11: fffff5200062cddd R12: dffffc0000000000 [ 133.346328][ T6755] R13: ffff88805f9736a8 R14: ffff88805f9734b0 R15: ffff88805f973500 [ 133.354367][ T6755] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 133.360155][ T6755] ? __ext4_journal_ensure_credits+0x30/0x450 [ 133.366515][ T6755] ext4_xattr_inode_dec_ref_all+0xa2b/0xf90 [ 133.372456][ T6755] ? ext4_xattr_delete_inode+0xc00/0xc00 [ 133.378124][ T6755] ? __ext4_journal_ensure_credits+0x450/0x450 [ 133.384404][ T6755] ext4_xattr_delete_inode+0xa45/0xc00 [ 133.389895][ T6755] ? ext4_reserve_inode_write+0x248/0x2a0 [ 133.395641][ T6755] ? ext4_expand_extra_isize_ea+0x19e0/0x19e0 [ 133.401739][ T6755] ext4_evict_inode+0xaa3/0xea0 [ 133.406610][ T6755] ? _raw_spin_unlock+0x28/0x40 [ 133.411592][ T6755] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 133.417510][ T6755] ? do_raw_spin_unlock+0x121/0x230 [ 133.422732][ T6755] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 133.428652][ T6755] evict+0x486/0x870 [ 133.432565][ T6755] ? __lock_acquire+0x7c80/0x7c80 [ 133.437610][ T6755] ? proc_nr_inodes+0x230/0x230 [ 133.442477][ T6755] ? do_raw_spin_unlock+0x121/0x230 [ 133.447784][ T6755] ? _raw_spin_unlock+0x28/0x40 [ 133.452663][ T6755] ? iput+0x70a/0x920 [ 133.456674][ T6755] ext4_orphan_cleanup+0xbd4/0x1400 [ 133.461908][ T6755] ? ext4_orphan_del+0xba0/0xba0 [ 133.466873][ T6755] ? ext4_register_li_request+0x183/0x940 [ 133.472626][ T6755] ? errseq_check_and_advance+0x66/0x120 [ 133.478292][ T6755] ext4_fill_super+0x5de4/0x66c0 [ 133.483288][ T6755] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 133.489570][ T6755] ? __might_sleep+0xe0/0xe0 [ 133.494188][ T6755] ? read_lock_is_recursive+0x20/0x20 [ 133.499585][ T6755] ? snprintf+0xdb/0x120 [ 133.503848][ T6755] ? vscnprintf+0x80/0x80 [ 133.508201][ T6755] ? down_write+0x162/0x1f0 [ 133.512726][ T6755] ? down_read_killable+0x340/0x340 [ 133.517946][ T6755] ? setup_bdev_super+0x56b/0x660 [ 133.523003][ T6755] get_tree_bdev+0x3e4/0x510 [ 133.527614][ T6755] ? vfs_parse_fs_string+0x160/0x160 [ 133.532919][ T6755] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 133.539266][ T6755] ? setup_bdev_super+0x660/0x660 [ 133.544307][ T6755] ? apparmor_capable+0x137/0x1a0 [ 133.549347][ T6755] ? bpf_lsm_capable+0x9/0x10 [ 133.554046][ T6755] ? security_capable+0x89/0xb0 [ 133.558918][ T6755] vfs_get_tree+0x8c/0x280 [ 133.563382][ T6755] do_new_mount+0x24b/0xa40 [ 133.567943][ T6755] __se_sys_mount+0x2da/0x3c0 [ 133.572761][ T6755] ? __x64_sys_mount+0xc0/0xc0 [ 133.577584][ T6755] ? lockdep_hardirqs_on+0x98/0x150 [ 133.582816][ T6755] ? __x64_sys_mount+0x20/0xc0 [ 133.587614][ T6755] do_syscall_64+0x55/0xb0 [ 133.592059][ T6755] ? clear_bhb_loop+0x40/0x90 [ 133.596751][ T6755] ? clear_bhb_loop+0x40/0x90 [ 133.601448][ T6755] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 133.607370][ T6755] RIP: 0033:0x7f527f190eea [ 133.611804][ T6755] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.631535][ T6755] RSP: 002b:00007f527d3f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 133.640059][ T6755] RAX: ffffffffffffffda RBX: 00007f527d3f5ef0 RCX: 00007f527f190eea [ 133.648159][ T6755] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f527d3f5eb0 [ 133.656174][ T6755] RBP: 0000200000000180 R08: 00007f527d3f5ef0 R09: 0000000000800700 [ 133.664167][ T6755] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 133.672166][ T6755] R13: 00007f527d3f5eb0 R14: 000000000000046c R15: 0000200000000740 [ 133.680604][ T6755] [ 133.683927][ T6755] Kernel Offset: disabled [ 133.688439][ T6755] Rebooting in 86400 seconds..