last executing test programs: 2m5.044872658s ago: executing program 2 (id=27): openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000100)={r0, r0, 0x0, 0x0, 0x0, 0xc2, 0xff, 0x15c2, 0x5886, 0x6, 0x0, 0x8, 'syz1\x00'}) 2m3.603180314s ago: executing program 2 (id=29): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)="168822648973955eb6057effc70710187aea987739", 0x1003, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000001d40)={r0, &(0x7f0000001b80), &(0x7f0000001c40)=""/245}, 0x20) 2m2.271846435s ago: executing program 2 (id=33): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd) keyctl$read(0xb, r3, &(0x7f0000000240)=""/112, 0x349b7f55) socket$packet(0x11, 0x2, 0x300) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r4, 0x10e, 0x5, &(0x7f0000000040)=""/162, &(0x7f0000000100)=0xa2) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func={0x1, 0x0, 0x0, 0x12}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x0, 0x61]}}, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) 1m58.400162521s ago: executing program 2 (id=38): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) openat$udambuf(0xffffffffffffff9c, 0x0, 0x2) r1 = memfd_create(0x0, 0x3) ftruncate(r1, 0xffff) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0xc0086202, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x44004) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x6e45, 0x80, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r2, 0xfff) syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000900)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0xfffc}}}}}}}, 0x0) 1m56.251820696s ago: executing program 2 (id=42): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x5, &(0x7f0000000040)=""/162, &(0x7f0000000100)=0xa2) 1m53.800005534s ago: executing program 2 (id=45): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2a28402, &(0x7f0000000200)={[{@noquota}, {@sb={'sb', 0x3d, 0x7}}, {@grpquota}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@euid_gt}]}, 0xfc, 0x492, &(0x7f00000014c0)="$eJzs3LtvHMUfAPDv7dmOnad/PwiQB2BeIuIRJ86DFDQgkChAQoIi0BnHiUwcgmIjkSjCAaFQokj0iBKJv4AKGgRUSLTQo0gRcpMEkFi0e7vx+c6vs8+5xPf5SBfNzE5uZ3Zm1rMzawfQtYayfyoRWyPityyc5NFb0iJTlu/G7MWxm7MXxyqRpm/8WcmPXZ+9OFbmLf/f1iKyL4lIPq3EngXOO3X+wunRycnKzSI+PH3m/eGp8xeenTgzemr81Ph7I8eOHT508LmjI0darlO6qTltW1bW3R+d3bvrlbeuvDZ2/Mo7P33TU5a1oR7tMhRD865lvSfafbIO21YXrvR0sCC0pBoRWXP15uN/R1RjrvF2xMufdLRwwLpK0zTdvvjhSymwgVWiMaUpAdiQyh/012cHon+dnoPvZNdeqD0AZfW+UXxqR3oiKfL0NjzftlN/sW5y/NJfX0Z+/Td11fUHAG6/77L5zzO1+U/5qR0ZjPvq8m3P14Oz1Ij/RcT/I+KeiLg3InZG5Hnvj4gHWjz/UEO8ef6ZXF1VxVYom/89X+xtzZ//FbO/f9PBahHbFgMxGL2VkxOT4weKa7IvejednJgcWOoc37/06+eLHRsq5n7lJzt/ORcsynG1p2E/68To9OiaKl3n2sf5GuBMff378yNzO1dZaFdE7F7F92fz5omnvt672PHl67+ENuwzpV9FPFlr/0sxr/3n179xf7Js8KMjR4b7Y3L8wHDZK5r9/Mvl1xc7/5rq3wZZ+29u6v9ptS7LYGVuv3b83FTr57j8+2eLPtO00P/fLlOy/t9XeTMP9xVpH45OT587GNFXebU5fWTu28p4mf/a1p0Rjy08/rN7XNbHsvrviYisEz8YEQ9FxMNF2R+JiEcj/4qFzNyIiB9ffPzd1dQ/We7CtkHW/ifmtX809v+G9m89UD39w7erqX9N1v6H89C+ImUl97+VFnAt1w4AAADuFkn+Dnwl2X8rnCT790dsydd2NyeTZ6emnz559oO/T9TelR+M3qRc6aqtB9fWQw8Wa8NlfKQhfqhYN/6iOpDHNxd730DnbKkf//mCY238Z/6odrhwwPrz+1rQvVYx/pd84QG4e/j5D92rhfHvVgEbzEoHdbrO5QBuv4XG/0wHygHcfib10L2Mf+hexj90L+MfutJafq9fYJnATMuXtz+WytN3h9QrD0SSB9KZDhbjn+I1tJVlXr/ylH8tY/nMvcW4uxNacOlA5+5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7fRfAAAA//962Nz/") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1m35.038895065s ago: executing program 32 (id=45): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2a28402, &(0x7f0000000200)={[{@noquota}, {@sb={'sb', 0x3d, 0x7}}, {@grpquota}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@euid_gt}]}, 0xfc, 0x492, &(0x7f00000014c0)="$eJzs3LtvHMUfAPDv7dmOnad/PwiQB2BeIuIRJ86DFDQgkChAQoIi0BnHiUwcgmIjkSjCAaFQokj0iBKJv4AKGgRUSLTQo0gRcpMEkFi0e7vx+c6vs8+5xPf5SBfNzE5uZ3Zm1rMzawfQtYayfyoRWyPityyc5NFb0iJTlu/G7MWxm7MXxyqRpm/8WcmPXZ+9OFbmLf/f1iKyL4lIPq3EngXOO3X+wunRycnKzSI+PH3m/eGp8xeenTgzemr81Ph7I8eOHT508LmjI0darlO6qTltW1bW3R+d3bvrlbeuvDZ2/Mo7P33TU5a1oR7tMhRD865lvSfafbIO21YXrvR0sCC0pBoRWXP15uN/R1RjrvF2xMufdLRwwLpK0zTdvvjhSymwgVWiMaUpAdiQyh/012cHon+dnoPvZNdeqD0AZfW+UXxqR3oiKfL0NjzftlN/sW5y/NJfX0Z+/Td11fUHAG6/77L5zzO1+U/5qR0ZjPvq8m3P14Oz1Ij/RcT/I+KeiLg3InZG5Hnvj4gHWjz/UEO8ef6ZXF1VxVYom/89X+xtzZ//FbO/f9PBahHbFgMxGL2VkxOT4weKa7IvejednJgcWOoc37/06+eLHRsq5n7lJzt/ORcsynG1p2E/68To9OiaKl3n2sf5GuBMff378yNzO1dZaFdE7F7F92fz5omnvt672PHl67+ENuwzpV9FPFlr/0sxr/3n179xf7Js8KMjR4b7Y3L8wHDZK5r9/Mvl1xc7/5rq3wZZ+29u6v9ptS7LYGVuv3b83FTr57j8+2eLPtO00P/fLlOy/t9XeTMP9xVpH45OT587GNFXebU5fWTu28p4mf/a1p0Rjy08/rN7XNbHsvrviYisEz8YEQ9FxMNF2R+JiEcj/4qFzNyIiB9ffPzd1dQ/We7CtkHW/ifmtX809v+G9m89UD39w7erqX9N1v6H89C+ImUl97+VFnAt1w4AAADuFkn+Dnwl2X8rnCT790dsydd2NyeTZ6emnz559oO/T9TelR+M3qRc6aqtB9fWQw8Wa8NlfKQhfqhYN/6iOpDHNxd730DnbKkf//mCY238Z/6odrhwwPrz+1rQvVYx/pd84QG4e/j5D92rhfHvVgEbzEoHdbrO5QBuv4XG/0wHygHcfib10L2Mf+hexj90L+MfutJafq9fYJnATMuXtz+WytN3h9QrD0SSB9KZDhbjn+I1tJVlXr/ylH8tY/nMvcW4uxNacOlA5+5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7fRfAAAA//962Nz/") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 21.016810362s ago: executing program 0 (id=162): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ec0)={0x58, 0xb, 0x6, 0x201, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x30, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x58}}, 0x8000) 18.739616458s ago: executing program 0 (id=165): syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0) syz_emit_ethernet(0x31, &(0x7f0000001a80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x23, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0xf, 0x0, @opaque="edf1df4edc119c"}}}}}, 0x0) 16.751912814s ago: executing program 0 (id=169): r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x1, 0x5) 16.182084354s ago: executing program 3 (id=170): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4]}}, 0x5c) 15.684013234s ago: executing program 4 (id=171): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x6}}}, 0x24}}, 0x2000400c) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040), 0x14, &(0x7f00000000c0)={0x0}, 0x7}, 0x80) recvmmsg(0xffffffffffffffff, &(0x7f0000006180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0x40}], 0x2, 0x5a92f95d32b0e3f2, 0x0) 15.038508782s ago: executing program 3 (id=173): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r5 = inotify_init1(0x0) read(r5, 0x0, 0x0) 14.441754552s ago: executing program 4 (id=174): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x140f, 0x1, 0x70bd2c, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x802) 13.25220607s ago: executing program 4 (id=176): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) connect$packet(r1, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @random="4d74e99b4b5f"}, 0x14) bind$bt_l2cap(r0, 0x0, 0x0) listen(r0, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe20) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x306) ioctl$TUNSETLINK(r3, 0x400454cd, 0x206) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x1) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) 13.199417016s ago: executing program 3 (id=177): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 13.171899298s ago: executing program 0 (id=178): socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x10000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x48b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) semget$private(0x0, 0x7, 0x8) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0) r4 = socket$inet6_dccp(0xa, 0x6, 0x0) r5 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) landlock_add_rule$LANDLOCK_RULE_NET_PORT(r5, 0x2, &(0x7f0000000100)={0x1, 0x209b}, 0x0) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3) bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r7 = getpgrp(0x0) r8 = syz_pidfd_open(r7, 0x0) pidfd_getfd(r8, r6, 0x0) clock_adjtime(0x0, &(0x7f00000002c0)={0x66ba, 0x0, 0x0, 0x1fb, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x4002487, 0x0, 0xea37, 0xfffffffd, 0x4, 0x0, 0x4000000000, 0xb, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x8000000000000000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 11.587161874s ago: executing program 3 (id=179): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @random="618e38850ee1", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0xff, @remote, @local, {[], {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x2}}}}}}}, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[], 0x0) 9.558343968s ago: executing program 1 (id=180): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xf) 8.871498497s ago: executing program 3 (id=181): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb, [{}, {}, {}, {}, {}, {0x0, 0xfffffffd}], 0x0, 0x0, 0x8}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r2, 0x0, 0x20000840) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r3, 0x0, 0x0) sendmsg$nl_route(r3, 0x0, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x0, 0x4}, &(0x7f0000000440)) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x2, 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) listen(r0, 0x200) r6 = socket$netlink(0x10, 0x3, 0x4) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe0064e230000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 6.45696385s ago: executing program 4 (id=182): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff6e, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x11, 0x4, r2, 0x1, 0x7, 0x6, @broadcast}, 0x14) 6.073730831s ago: executing program 1 (id=183): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x6}}}, 0x24}}, 0x2000400c) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040), 0x14, &(0x7f00000000c0)={0x0}, 0x7}, 0x80) recvmmsg(0xffffffffffffffff, &(0x7f0000006180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0x40}], 0x2, 0x5a92f95d32b0e3f2, 0x0) 5.225607469s ago: executing program 0 (id=184): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@gettaction={0x1c, 0x5a, 0xc6b747b6bf1c6b95, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x1c}}, 0x0) 4.400457632s ago: executing program 1 (id=185): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff104300003000128008000100687372002400028008000100", @ANYRES32=r1, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="050006ee020000000500070001"], 0x50}}, 0x0) 4.163306788s ago: executing program 4 (id=186): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x40) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)="35150900dca3", 0x0, 0x0, 0x0, 0x0, 0x0}) 3.515657914s ago: executing program 0 (id=187): r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x1, 0x5) 2.733905033s ago: executing program 1 (id=188): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0) 2.364062065s ago: executing program 4 (id=189): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_io_uring_submit(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYRESOCT, @ANYRES64, @ANYBLOB="44a837b4012918a47d01872e42ba27df6f1d23d06581", @ANYRES16, @ANYRESDEC=r0, @ANYRES32], &(0x7f0000000280)='GPL\x00', 0x9, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) fsopen(0x0, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x4, &(0x7f0000000100)=[{0x81, 0x6, 0x1, 0xe7}, {0x2, 0xcc, 0x5, 0xd}, {0x28b, 0x3, 0x3, 0x80000001}, {0x11c, 0xf, 0x9e, 0xffffffff}]}) r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706b86e65204361707455726527203030303030303430303030"], 0xb8) r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r5, r4, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) 2.249711731s ago: executing program 3 (id=190): syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ppoll(&(0x7f00000000c0)=[{r0, 0x220}], 0x4e, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0) 1.742531536s ago: executing program 1 (id=191): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8000) 0s ago: executing program 1 (id=192): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}}) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY(r5, 0x0, 0x1, &(0x7f00000013c0)=0x2, 0x4) setsockopt$WPAN_SECURITY(r5, 0x0, 0x1, &(0x7f0000000000), 0x4) sendmsg$802154_dgram(r5, &(0x7f0000000140)={&(0x7f0000000040), 0x14, &(0x7f0000000100)={0x0}}, 0x0) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) pread64(r6, 0x0, 0x0, 0x4) kernel console output (not intermixed with test programs): DUID 00:04:72:40:db:4f:40:9f:ee:ae:6f:49:06:52:cc:1b:f9:b4 forked to background, child pid 5437 [ 147.483787][ T5438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.528878][ T5438] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.243' (ED25519) to the list of known hosts. syzkaller login: [ 193.890195][ T5764] cgroup: Unknown subsys name 'net' [ 194.008562][ T5764] cgroup: Unknown subsys name 'cpuset' [ 194.024593][ T5764] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 229.677821][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.684839][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 248.005206][ T5764] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 252.158435][ T5783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 252.166824][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 252.175878][ T5783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 252.183917][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 252.193177][ T5783] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 252.211270][ T5783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 252.226903][ T5786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 252.237189][ T5786] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 252.266106][ T5787] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 252.283036][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 252.306790][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 252.327104][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 252.344078][ T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 252.352949][ T5793] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 252.372432][ T52] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 252.380850][ T5793] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 252.392754][ T5793] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 252.397113][ T5791] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 252.401503][ T52] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 252.411985][ T5791] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 252.423210][ T5791] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 252.438232][ T5791] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 252.447163][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 252.458672][ T5793] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 252.473477][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 253.708723][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 253.962184][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 254.363385][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 254.378608][ T5791] Bluetooth: hci0: command tx timeout [ 254.384315][ T5791] Bluetooth: hci1: command tx timeout [ 254.528700][ T5791] Bluetooth: hci2: command tx timeout [ 254.534414][ T5791] Bluetooth: hci3: command tx timeout [ 254.609141][ T5791] Bluetooth: hci4: command tx timeout [ 254.843694][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.852453][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.860595][ T5784] bridge_slave_0: entered allmulticast mode [ 254.870426][ T5784] bridge_slave_0: entered promiscuous mode [ 254.905570][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 254.985186][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.993105][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.001466][ T5784] bridge_slave_1: entered allmulticast mode [ 255.011235][ T5784] bridge_slave_1: entered promiscuous mode [ 255.020981][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 255.379283][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 255.398317][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.409386][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.417481][ T5780] bridge_slave_0: entered allmulticast mode [ 255.427297][ T5780] bridge_slave_0: entered promiscuous mode [ 255.457996][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 255.538573][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.546614][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.554413][ T5780] bridge_slave_1: entered allmulticast mode [ 255.564231][ T5780] bridge_slave_1: entered promiscuous mode [ 255.740354][ T5784] team0: Port device team_slave_0 added [ 255.849200][ T5784] team0: Port device team_slave_1 added [ 255.923155][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 255.933879][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.942467][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.950424][ T5790] bridge_slave_0: entered allmulticast mode [ 255.960189][ T5790] bridge_slave_0: entered promiscuous mode [ 255.981299][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 255.991249][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.999138][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.007176][ T5790] bridge_slave_1: entered allmulticast mode [ 256.016961][ T5790] bridge_slave_1: entered promiscuous mode [ 256.314661][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.322749][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.330824][ T5789] bridge_slave_0: entered allmulticast mode [ 256.340056][ T5789] bridge_slave_0: entered promiscuous mode [ 256.434525][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 256.441912][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.469220][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 256.478651][ T5791] Bluetooth: hci1: command tx timeout [ 256.483177][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.485352][ T5791] Bluetooth: hci0: command tx timeout [ 256.493182][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.506268][ T5789] bridge_slave_1: entered allmulticast mode [ 256.516069][ T5789] bridge_slave_1: entered promiscuous mode [ 256.566947][ T5780] team0: Port device team_slave_0 added [ 256.584153][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 256.597350][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 256.604542][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.631302][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 256.640611][ T5791] Bluetooth: hci3: command tx timeout [ 256.644181][ T5085] Bluetooth: hci2: command tx timeout [ 256.686111][ T5791] Bluetooth: hci4: command tx timeout [ 256.728546][ T5780] team0: Port device team_slave_1 added [ 256.784530][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.861671][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.869535][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.877560][ T5792] bridge_slave_0: entered allmulticast mode [ 256.887303][ T5792] bridge_slave_0: entered promiscuous mode [ 256.988888][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.043862][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.051836][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.059876][ T5792] bridge_slave_1: entered allmulticast mode [ 257.069293][ T5792] bridge_slave_1: entered promiscuous mode [ 257.122492][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.129853][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.156412][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.174087][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.181554][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.207902][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 257.262666][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.377321][ T5790] team0: Port device team_slave_0 added [ 257.435966][ T5784] hsr_slave_0: entered promiscuous mode [ 257.444914][ T5784] hsr_slave_1: entered promiscuous mode [ 257.464873][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.488641][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.505536][ T5790] team0: Port device team_slave_1 added [ 257.601011][ T5789] team0: Port device team_slave_0 added [ 257.736281][ T5789] team0: Port device team_slave_1 added [ 257.789799][ T5792] team0: Port device team_slave_0 added [ 257.875475][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.882904][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.909379][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.968934][ T5792] team0: Port device team_slave_1 added [ 258.012895][ T5780] hsr_slave_0: entered promiscuous mode [ 258.023180][ T5780] hsr_slave_1: entered promiscuous mode [ 258.031327][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.039289][ T5780] Cannot create hsr debugfs directory [ 258.067044][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.074198][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.100619][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.299494][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.307202][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.333670][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 258.391146][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.398512][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.424950][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 258.477001][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.484227][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.510645][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.526044][ T5791] Bluetooth: hci0: command tx timeout [ 258.531813][ T5085] Bluetooth: hci1: command tx timeout [ 258.545132][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.552444][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.579113][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.686050][ T5791] Bluetooth: hci3: command tx timeout [ 258.691825][ T5085] Bluetooth: hci2: command tx timeout [ 258.769228][ T5085] Bluetooth: hci4: command tx timeout [ 258.840846][ T5790] hsr_slave_0: entered promiscuous mode [ 258.851295][ T5790] hsr_slave_1: entered promiscuous mode [ 258.860296][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.868188][ T5790] Cannot create hsr debugfs directory [ 259.152427][ T5789] hsr_slave_0: entered promiscuous mode [ 259.162724][ T5789] hsr_slave_1: entered promiscuous mode [ 259.171856][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.179756][ T5789] Cannot create hsr debugfs directory [ 259.225022][ T5792] hsr_slave_0: entered promiscuous mode [ 259.235409][ T5792] hsr_slave_1: entered promiscuous mode [ 259.244529][ T5792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.252415][ T5792] Cannot create hsr debugfs directory [ 260.048561][ T5784] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 260.163150][ T5784] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 260.295870][ T5784] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 260.319675][ T5784] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 260.606129][ T5085] Bluetooth: hci0: command tx timeout [ 260.611891][ T5791] Bluetooth: hci1: command tx timeout [ 260.713694][ T5780] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 260.740364][ T5780] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 260.766261][ T5791] Bluetooth: hci2: command tx timeout [ 260.766904][ T5085] Bluetooth: hci3: command tx timeout [ 260.815545][ T5780] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 260.846596][ T5085] Bluetooth: hci4: command tx timeout [ 260.904941][ T5780] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 261.028344][ T5792] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 261.099067][ T5792] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 261.192464][ T5792] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 261.251893][ T5792] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 261.493313][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 261.618153][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.628720][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 261.670922][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 261.697347][ T5789] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 261.747194][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 261.776788][ T5789] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 261.837751][ T5789] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 261.908942][ T5789] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 262.041286][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 262.148096][ T4772] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.156040][ T4772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 262.349152][ T4772] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.357004][ T4772] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.803481][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 262.978118][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.122296][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.147435][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.237521][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.322425][ T3570] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.330301][ T3570] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.404553][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.412475][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.449381][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.539346][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.547249][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.657102][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.664978][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.689081][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.697045][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.722742][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.730638][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.844811][ T5780] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 263.855918][ T5780] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 264.052293][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.244081][ T5790] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 264.254976][ T5790] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 264.499077][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.593040][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.600922][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.794802][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.802709][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.169472][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.183627][ T5789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 265.793066][ T5784] veth0_vlan: entered promiscuous mode [ 265.884902][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.905290][ T5784] veth1_vlan: entered promiscuous mode [ 266.294060][ T5784] veth0_macvtap: entered promiscuous mode [ 266.417668][ T5784] veth1_macvtap: entered promiscuous mode [ 266.455031][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.503895][ T5780] veth0_vlan: entered promiscuous mode [ 266.638394][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.667462][ T5780] veth1_vlan: entered promiscuous mode [ 266.707368][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.775823][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 266.845455][ T5784] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.856743][ T5784] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.866026][ T5784] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.875077][ T5784] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.147605][ T5790] veth0_vlan: entered promiscuous mode [ 267.190841][ T5780] veth0_macvtap: entered promiscuous mode [ 267.279800][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.345699][ T5780] veth1_macvtap: entered promiscuous mode [ 267.383412][ T5790] veth1_vlan: entered promiscuous mode [ 267.515371][ T5792] veth0_vlan: entered promiscuous mode [ 267.627012][ T5792] veth1_vlan: entered promiscuous mode [ 267.663359][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 267.674291][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.690715][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 267.891841][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.903734][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.919493][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.932702][ T5790] veth0_macvtap: entered promiscuous mode [ 268.016839][ T5780] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.026209][ T5780] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.035255][ T5780] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.044710][ T5780] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.070222][ T5790] veth1_macvtap: entered promiscuous mode [ 268.281755][ T5792] veth0_macvtap: entered promiscuous mode [ 268.326896][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.337922][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.348274][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.359172][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.374547][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.450238][ T5792] veth1_macvtap: entered promiscuous mode [ 268.544004][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.555140][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.568442][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.579749][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.595007][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 268.684861][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.696110][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.706431][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.717295][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.727649][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.738617][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.754168][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.786979][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.796302][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.805355][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.814668][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.877030][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.888025][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.898342][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.909421][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.919628][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.932939][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.948811][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 269.189499][ T5792] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.198829][ T5792] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.208432][ T5792] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.217708][ T5792] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.304335][ T5789] veth0_vlan: entered promiscuous mode [ 270.465175][ T5789] veth1_vlan: entered promiscuous mode [ 270.844003][ T5789] veth0_macvtap: entered promiscuous mode [ 270.958499][ T5789] veth1_macvtap: entered promiscuous mode [ 271.210004][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.222321][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.232593][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.243533][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.254833][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.266145][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.276487][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.287337][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.302448][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 271.529508][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.541612][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.552170][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.563064][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.574786][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.586203][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.596395][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.607165][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.624069][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 271.873960][ T5789] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.883618][ T5789] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.893735][ T5789] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.903428][ T5789] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.240685][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.250032][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.523549][ T4231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.533680][ T4231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.887734][ T3570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.896694][ T3570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.219034][ T3570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.227658][ T3570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.410799][ T5784] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 275.859614][ T4162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.867949][ T4162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.316440][ T4162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.324867][ T4162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.604853][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.613601][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.849100][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 276.950325][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 277.052862][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 277.156202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 277.165019][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 277.258358][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 277.360472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 277.460866][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 277.563396][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 277.564992][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 280.048127][ T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 280.057040][ T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 280.881737][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.218109][ T5978] loop2: detected capacity change from 0 to 512 [ 281.272594][ T5978] EXT4-fs: Ignoring removed mblk_io_submit option [ 281.451782][ T5978] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.470421][ T5978] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 281.784741][ T5983] mmap: syz.0.1 (5983) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 282.292886][ T5990] loop1: detected capacity change from 0 to 2048 [ 282.316350][ T5864] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 282.354338][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.470426][ T5990] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 282.526804][ T5864] usb 4-1: Using ep0 maxpacket: 8 [ 282.559253][ T5864] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 282.568965][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.649621][ T5864] usb 4-1: config 0 descriptor?? [ 282.994248][ T5999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12'. [ 283.018424][ T5864] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 283.088810][ T5998] loop2: detected capacity change from 0 to 512 [ 283.142834][ T6001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 283.154944][ T5998] EXT4-fs: Ignoring removed nobh option [ 283.422190][ T4162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 283.430608][ T4162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 283.447710][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 283.456505][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 283.468690][ T5998] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.11: invalid indirect mapped block 256 (level 2) [ 283.572060][ T5998] EXT4-fs (loop2): 2 truncates cleaned up [ 283.580850][ T5998] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.620543][ T5996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 284.316120][ T6006] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 285.432448][ T30] audit: type=1800 audit(1745345433.178:2): pid=6010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.11" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 285.471122][ T5982] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 286.901132][ T6013] loop4: detected capacity change from 0 to 512 [ 286.938844][ T5864] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 286.949479][ T5864] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 286.961173][ T5864] asix 4-1:0.0: probe with driver asix failed with error -71 [ 287.332157][ T6013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.346095][ T6013] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 287.399309][ T5864] usb 4-1: USB disconnect, device number 2 [ 287.563333][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.676674][ T30] audit: type=1800 audit(1745345435.498:3): pid=6013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 288.268833][ T5789] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.114978][ T6033] lo speed is unknown, defaulting to 1000 [ 289.127363][ T6033] lo speed is unknown, defaulting to 1000 [ 289.140897][ T6033] lo speed is unknown, defaulting to 1000 [ 290.333649][ T5864] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 290.626179][ T5864] usb 5-1: Using ep0 maxpacket: 8 [ 290.667932][ T6034] infiniband syz1: set active [ 290.677986][ T6034] infiniband syz1: added syz_tun [ 290.801529][ T5864] usb 5-1: config 0 interface 0 has no altsetting 0 [ 290.808758][ T5864] usb 5-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00 [ 290.818605][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.971924][ T5864] usb 5-1: config 0 descriptor?? [ 291.201026][ T6034] RDS/IB: syz1: added [ 291.205355][ T6034] smc: adding ib device syz1 with port count 1 [ 291.212273][ T6034] smc: ib device syz1 port 1 has pnetid [ 292.037015][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 292.043791][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 294.443586][ T6033] infiniband sz1: set active [ 294.449086][ T6033] infiniband sz1: added lo [ 294.455401][ T1538] lo speed is unknown, defaulting to 1000 [ 294.476701][ T6033] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 294.496815][ T6033] infiniband sz1: Couldn't open port 1 [ 294.578057][ T6033] RDS/IB: sz1: added [ 294.582367][ T6033] smc: adding ib device sz1 with port count 1 [ 294.589627][ T6033] smc: ib device sz1 port 1 has pnetid [ 294.599339][ T6033] lo speed is unknown, defaulting to 1000 [ 294.638536][ T1538] lo speed is unknown, defaulting to 1000 [ 295.367808][ T6033] lo speed is unknown, defaulting to 1000 [ 295.500791][ T6044] loop0: detected capacity change from 0 to 4096 [ 295.597796][ T6044] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 295.789524][ T6052] loop3: detected capacity change from 0 to 512 [ 295.807509][ T6052] EXT4-fs: Ignoring removed oldalloc option [ 295.837283][ T6051] loop1: detected capacity change from 0 to 1024 [ 295.970523][ T6052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002] [ 295.980119][ T6052] System zones: 1-12 [ 296.020811][ T6052] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.25: Parent and EA inode have the same ino 15 [ 296.125501][ T6051] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.274297][ T6044] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 296.358425][ T6051] IPv6: addrconf: prefix option has invalid lifetime [ 296.673494][ T6033] lo speed is unknown, defaulting to 1000 [ 296.737449][ T6052] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 296.751465][ T6052] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.25: Parent and EA inode have the same ino 15 [ 296.778405][ T5864] usbhid 5-1:0.0: can't add hid device: -32 [ 296.785147][ T5864] usbhid 5-1:0.0: probe with driver usbhid failed with error -32 [ 296.831539][ T6051] IPv6: addrconf: prefix option has invalid lifetime [ 297.065776][ T6052] EXT4-fs (loop3): 1 orphan inode deleted [ 297.075322][ T6052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 297.089719][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.098679][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.107569][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.116532][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.130318][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.140402][ T6044] Dead loop on virtual device ip6_vti0, fix it urgently! [ 297.239989][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.679934][ T6033] lo speed is unknown, defaulting to 1000 [ 298.210633][ T6061] loop1: detected capacity change from 0 to 1024 [ 298.513693][ T6061] hfsplus: catalog searching failed [ 298.869884][ T57] hfsplus: b-tree write err: -5, ino 3 [ 298.947267][ T6033] lo speed is unknown, defaulting to 1000 [ 301.368939][ T5843] usb 5-1: USB disconnect, device number 2 [ 302.396785][ T5843] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 302.683439][ T5843] usb 5-1: Using ep0 maxpacket: 8 [ 302.708316][ T5843] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 302.717652][ T5843] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 302.728514][ T5843] usb 5-1: New USB device found, idVendor=05a9, idProduct=2640, bcdDevice=55.12 [ 302.738047][ T5843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.807862][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.029430][ T5843] usb 5-1: config 0 descriptor?? [ 303.149565][ T5843] usb 5-1: Found UVC 0.00 device (05a9:2640) [ 303.157253][ T5843] usb 5-1: No valid video chain found. [ 303.289685][ T5864] usb 5-1: USB disconnect, device number 3 [ 305.486418][ T5791] Bluetooth: hci4: command 0x0405 tx timeout [ 305.832062][ T6102] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 308.888720][ T6114] loop2: detected capacity change from 0 to 512 [ 309.949622][ T6118] loop3: detected capacity change from 0 to 1024 [ 310.063263][ T6118] ======================================================= [ 310.063263][ T6118] WARNING: The mand mount option has been deprecated and [ 310.063263][ T6118] and is ignored by this kernel. Remove the mand [ 310.063263][ T6118] option from the mount to silence this warning. [ 310.063263][ T6118] ======================================================= [ 310.099349][ T6118] EXT4-fs: Ignoring removed mblk_io_submit option [ 310.106757][ T6118] EXT4-fs: Ignoring removed nobh option [ 310.112511][ T6118] EXT4-fs: Ignoring removed bh option [ 310.908871][ T6118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.833475][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.949206][ T6075] sched: DL replenish lagged too much [ 326.404726][ T6144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 328.535901][ T6159] loop1: detected capacity change from 0 to 512 [ 328.626277][ T6159] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 328.816147][ T6159] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.61: invalid indirect mapped block 4294967295 (level 1) [ 328.900447][ T6159] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.61: invalid indirect mapped block 4294967295 (level 1) [ 329.029302][ T6159] EXT4-fs (loop1): 2 truncates cleaned up [ 329.037892][ T6159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.106077][ T5085] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 329.122628][ T5085] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 329.144867][ T5085] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 329.188416][ T5085] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 329.206651][ T5085] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 329.374639][ T6165] lo speed is unknown, defaulting to 1000 [ 330.786243][ T6162] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 331.954230][ T5085] Bluetooth: hci5: command tx timeout [ 333.027585][ T30] audit: type=1800 audit(1745345480.408:4): pid=6171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.61" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 333.694870][ T30] audit: type=1326 audit(1745345481.158:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.718010][ T30] audit: type=1326 audit(1745345481.178:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.740663][ T30] audit: type=1326 audit(1745345481.178:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.763450][ T30] audit: type=1326 audit(1745345481.178:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.789196][ T30] audit: type=1326 audit(1745345481.178:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.812666][ T30] audit: type=1326 audit(1745345481.178:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.835474][ T30] audit: type=1326 audit(1745345481.178:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.858118][ T30] audit: type=1326 audit(1745345481.178:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 333.880725][ T30] audit: type=1326 audit(1745345481.178:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa578e169 code=0x7fc00000 [ 334.503281][ T5786] Bluetooth: hci5: command tx timeout [ 335.509943][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.544583][ T5786] Bluetooth: hci5: command tx timeout [ 338.018193][ T6181] loop1: detected capacity change from 0 to 128 [ 338.153725][ T6181] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 338.197631][ T6183] warning: `syz.4.67' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 338.231435][ T6165] chnl_net:caif_netlink_parms(): no params data found [ 338.265496][ T6181] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 339.012575][ T5786] Bluetooth: hci5: command tx timeout [ 342.195279][ T5780] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 342.459600][ T6196] netlink: 96 bytes leftover after parsing attributes in process `syz.3.71'. [ 343.052548][ T4162] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.161710][ T6165] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.170550][ T6165] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.179521][ T6165] bridge_slave_0: entered allmulticast mode [ 343.193601][ T6165] bridge_slave_0: entered promiscuous mode [ 343.480723][ T4162] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.592539][ T6165] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.600942][ T6165] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.610335][ T6165] bridge_slave_1: entered allmulticast mode [ 343.625806][ T6165] bridge_slave_1: entered promiscuous mode [ 343.859935][ T4162] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.404863][ T4162] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.830386][ T6209] loop1: detected capacity change from 0 to 1024 [ 344.933107][ T6165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.229742][ T6209] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.681819][ T6209] IPv6: addrconf: prefix option has invalid lifetime [ 345.836869][ T6165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.877520][ T4162] bridge_slave_1: left allmulticast mode [ 345.883477][ T4162] bridge_slave_1: left promiscuous mode [ 345.891281][ T4162] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.166544][ T4162] bridge_slave_0: left allmulticast mode [ 346.176618][ T4162] bridge_slave_0: left promiscuous mode [ 346.183423][ T4162] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.132216][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.417684][ T6219] loop0: detected capacity change from 0 to 256 [ 347.526351][ T6219] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 347.539218][ T6219] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 347.650155][ T4162] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.738961][ T6219] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 347.814807][ T4162] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.879205][ T4162] bond0 (unregistering): Released all slaves [ 348.550940][ T5786] Bluetooth: hci4: unexpected event for opcode 0x0c22 [ 348.620407][ T6165] team0: Port device team_slave_0 added [ 348.664436][ T6165] team0: Port device team_slave_1 added [ 349.512143][ T6165] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 349.519974][ T6165] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 349.547673][ T6165] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 350.578320][ T6165] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 350.585746][ T6165] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 350.614702][ T6165] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 351.006786][ T4162] hsr_slave_0: left promiscuous mode [ 351.848814][ T4162] hsr_slave_1: left promiscuous mode [ 351.857555][ T4162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 351.865321][ T4162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 352.879188][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.886279][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 353.878906][ T4162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 353.886908][ T4162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 354.558372][ T4162] veth1_macvtap: left promiscuous mode [ 354.564602][ T4162] veth0_macvtap: left promiscuous mode [ 354.573202][ T4162] veth1_vlan: left promiscuous mode [ 354.579239][ T4162] veth0_vlan: left promiscuous mode [ 356.342150][ T6249] IPv6: addrconf: prefix option has invalid lifetime [ 357.309765][ T4162] team0 (unregistering): Port device team_slave_1 removed [ 357.468455][ T4162] team0 (unregistering): Port device team_slave_0 removed [ 358.513867][ T6165] hsr_slave_0: entered promiscuous mode [ 358.524862][ T6165] hsr_slave_1: entered promiscuous mode [ 359.521958][ T6280] netlink: 12 bytes leftover after parsing attributes in process `syz.0.94'. [ 360.417807][ T6288] netlink: 60 bytes leftover after parsing attributes in process `syz.3.96'. [ 361.706972][ T6287] netlink: 60 bytes leftover after parsing attributes in process `syz.3.96'. [ 362.603180][ T6165] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 362.792303][ T6165] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 362.907989][ T6165] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 363.014965][ T6165] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 363.260681][ T6315] netlink: 4 bytes leftover after parsing attributes in process `syz.4.105'. [ 363.273934][ T6317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.106'. [ 363.899044][ T6321] syz.1.108 uses obsolete (PF_INET,SOCK_PACKET) [ 364.109201][ T6323] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 365.716180][ T6165] 8021q: adding VLAN 0 to HW filter on device bond0 [ 366.731592][ T6165] 8021q: adding VLAN 0 to HW filter on device team0 [ 367.755396][ T3457] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.763351][ T3457] bridge0: port 1(bridge_slave_0) entered forwarding state [ 367.782227][ T3457] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.790088][ T3457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.610015][ T6165] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 374.766318][ T5793] Bluetooth: hci5: command 0x0405 tx timeout [ 375.037512][ T6419] xt_CT: No such helper "snmp" [ 375.893941][ T5793] Bluetooth: hci3: command 0x0406 tx timeout [ 375.900545][ T5786] Bluetooth: hci0: command 0x0406 tx timeout [ 376.037538][ T6443] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 376.930980][ T6165] veth0_vlan: entered promiscuous mode [ 380.509568][ T6165] veth1_vlan: entered promiscuous mode [ 384.154536][ T6165] veth0_macvtap: entered promiscuous mode [ 384.381260][ T6165] veth1_macvtap: entered promiscuous mode [ 384.837271][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.848194][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.858625][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.869500][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.881412][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.892304][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.902585][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.913453][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.929566][ T6165] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 389.299881][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 389.311363][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 389.326026][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 389.337426][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 389.347743][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 389.359406][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 389.370396][ T6165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 389.382148][ T6165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 389.407477][ T6165] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 391.196234][ T6478] loop1: detected capacity change from 0 to 1024 [ 391.273563][ T6478] EXT4-fs: Ignoring removed mblk_io_submit option [ 391.281440][ T6478] EXT4-fs: Ignoring removed nobh option [ 391.287737][ T6478] EXT4-fs: Ignoring removed bh option [ 391.556443][ T6478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.224515][ T5085] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 392.240413][ T5085] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 392.255020][ T5085] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 392.276491][ T5085] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 392.295506][ T5085] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 392.843451][ T6485] lo speed is unknown, defaulting to 1000 [ 392.845880][ T6490] Zero length message leads to an empty skb [ 394.415007][ T5791] Bluetooth: hci1: command tx timeout [ 394.651252][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.457574][ T5791] Bluetooth: hci1: command tx timeout [ 396.633971][ T6485] chnl_net:caif_netlink_parms(): no params data found [ 398.526570][ T5791] Bluetooth: hci1: command tx timeout [ 399.272011][ T6556] loop3: detected capacity change from 0 to 1024 [ 399.352037][ T6556] EXT4-fs: Ignoring removed mblk_io_submit option [ 399.360458][ T6556] EXT4-fs: Ignoring removed nobh option [ 399.366723][ T6556] EXT4-fs: Ignoring removed bh option [ 399.756178][ T6556] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 400.607664][ T5791] Bluetooth: hci1: command tx timeout [ 400.662864][ T6485] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.673047][ T6485] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.681777][ T6485] bridge_slave_0: entered allmulticast mode [ 400.695092][ T6485] bridge_slave_0: entered promiscuous mode [ 400.994068][ T6485] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.004046][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.013312][ T6485] bridge_slave_1: entered allmulticast mode [ 401.023942][ T6485] bridge_slave_1: entered promiscuous mode [ 401.390009][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.496154][ T6485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 401.550116][ T6485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 402.703368][ T4162] bridge_slave_1: left allmulticast mode [ 402.710902][ T4162] bridge_slave_1: left promiscuous mode [ 402.717863][ T4162] bridge0: port 2(bridge_slave_1) entered disabled state [ 403.030726][ T4162] bridge_slave_0: left allmulticast mode [ 403.037344][ T4162] bridge_slave_0: left promiscuous mode [ 403.044071][ T4162] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.639014][ T6580] netlink: 36 bytes leftover after parsing attributes in process `syz.4.167'. [ 404.924836][ T4162] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 405.030709][ T4162] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 405.081786][ T4162] bond0 (unregistering): Released all slaves [ 405.206597][ T6485] team0: Port device team_slave_0 added [ 405.324110][ T6485] team0: Port device team_slave_1 added [ 405.708533][ T6485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 405.716854][ T6485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.743423][ T6485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 406.142258][ T6485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 406.149712][ T6485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 406.176594][ T6485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 406.913197][ T4162] hsr_slave_0: left promiscuous mode [ 406.947886][ T4162] hsr_slave_1: left promiscuous mode [ 406.957077][ T4162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 406.964908][ T4162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 406.987764][ T4162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 406.995475][ T4162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 407.286830][ T4162] veth1_macvtap: left promiscuous mode [ 407.293008][ T4162] veth0_macvtap: left promiscuous mode [ 407.299058][ T4162] veth1_vlan: left promiscuous mode [ 407.306110][ T4162] veth0_vlan: left promiscuous mode [ 409.266293][ T4162] team0 (unregistering): Port device team_slave_1 removed [ 409.320152][ T4162] team0 (unregistering): Port device team_slave_0 removed [ 409.773504][ T6485] hsr_slave_0: entered promiscuous mode [ 409.784065][ T6485] hsr_slave_1: entered promiscuous mode [ 410.594257][ T5085] Bluetooth: hci1: command 0x0405 tx timeout [ 414.018273][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 414.025015][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 415.932370][ T6485] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 415.970972][ T6635] hub 6-0:1.0: USB hub found [ 415.977151][ T6635] hub 6-0:1.0: 1 port detected [ 416.281558][ T6485] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 416.423014][ T6485] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 416.454078][ T6485] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 418.889342][ T6485] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.191204][ T6485] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.310212][ T73] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.318088][ T73] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.594871][ T1538] usb 4-1: new low-speed USB device number 3 using dummy_hcd [ 419.823761][ T1538] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 419.832758][ T1538] usb 4-1: config 0 has no interface number 0 [ 419.839522][ T1538] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 419.851061][ T1538] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 419.864501][ T1538] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 419.874167][ T1538] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.120276][ T1897] bridge0: port 2(bridge_slave_1) entered blocking state [ 420.128399][ T1897] bridge0: port 2(bridge_slave_1) entered forwarding state [ 420.263665][ T6662] ALSA: mixer_oss: invalid index 40000 [ 421.203368][ T1538] usb 4-1: config 0 descriptor?? [ 421.212412][ T6656] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 422.241522][ T1538] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 422.264287][ T1538] usb 4-1: USB disconnect, device number 3 [ 422.373929][ T6668] ===================================================== [ 422.382095][ T6668] BUG: KMSAN: uninit-value in ieee802154_hdr_push+0xd6b/0xe80 [ 422.390364][ T6668] ieee802154_hdr_push+0xd6b/0xe80 [ 422.396029][ T6668] ieee802154_header_create+0x9bc/0xc70 [ 422.401837][ T6668] dgram_sendmsg+0xd91/0x15e0 [ 422.407304][ T6668] ieee802154_sock_sendmsg+0x96/0xd0 [ 422.412879][ T6668] __sock_sendmsg+0x30f/0x380 [ 422.418037][ T6668] ____sys_sendmsg+0x890/0xda0 [ 422.423145][ T6668] ___sys_sendmsg+0x28d/0x3c0 [ 422.428373][ T6668] __x64_sys_sendmsg+0x212/0x3c0 [ 422.433589][ T6668] x64_sys_call+0x2e0f/0x3c80 [ 422.439129][ T6668] do_syscall_64+0xcd/0x1b0 [ 422.443877][ T6668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.450269][ T6668] [ 422.452734][ T6668] Local variable hdr created at: [ 422.458040][ T6668] ieee802154_header_create+0x4e/0xc70 [ 422.465435][ T6668] dgram_sendmsg+0xd91/0x15e0 [ 422.470775][ T6668] [ 422.473262][ T6668] CPU: 1 UID: 0 PID: 6668 Comm: syz.1.192 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(undef) [ 422.485828][ T6668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 422.496324][ T6668] ===================================================== [ 422.503406][ T6668] Disabling lock debugging due to kernel taint [ 422.509916][ T6668] Kernel panic - not syncing: kmsan.panic set ... [ 422.516588][ T6668] CPU: 1 UID: 0 PID: 6668 Comm: syz.1.192 Tainted: G B 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(undef) [ 422.530608][ T6668] Tainted: [B]=BAD_PAGE [ 422.534952][ T6668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 422.545275][ T6668] Call Trace: [ 422.548719][ T6668] [ 422.551823][ T6668] dump_stack_lvl+0x216/0x2d0 [ 422.556787][ T6668] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 422.562882][ T6668] dump_stack+0x1e/0x24 [ 422.567312][ T6668] panic+0x4e5/0xcf0 [ 422.571498][ T6668] ? __pfx_kmsan_save_stack_with_flags+0x10/0x10 [ 422.578262][ T6668] kmsan_report+0x2ca/0x2d0 [ 422.582988][ T6668] ? __msan_memcpy+0x108/0x1c0 [ 422.588064][ T6668] ? ___sys_sendmsg+0x28d/0x3c0 [ 422.593241][ T6668] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.599554][ T6668] ? __msan_warning+0x95/0x120 [ 422.604627][ T6668] ? ieee802154_hdr_push+0xd6b/0xe80 [ 422.610182][ T6668] ? ieee802154_header_create+0x9bc/0xc70 [ 422.616142][ T6668] ? dgram_sendmsg+0xd91/0x15e0 [ 422.621222][ T6668] ? ieee802154_sock_sendmsg+0x96/0xd0 [ 422.626936][ T6668] ? __sock_sendmsg+0x30f/0x380 [ 422.632078][ T6668] ? ____sys_sendmsg+0x890/0xda0 [ 422.637272][ T6668] ? ___sys_sendmsg+0x28d/0x3c0 [ 422.642384][ T6668] ? __x64_sys_sendmsg+0x212/0x3c0 [ 422.647768][ T6668] ? x64_sys_call+0x2e0f/0x3c80 [ 422.652961][ T6668] ? do_syscall_64+0xcd/0x1b0 [ 422.657881][ T6668] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.664217][ T6668] ? dgram_sendmsg+0xd91/0x15e0 [ 422.669432][ T6668] ? ieee802154_sock_sendmsg+0x96/0xd0 [ 422.675149][ T6668] ? __sock_sendmsg+0x30f/0x380 [ 422.680224][ T6668] ? ____sys_sendmsg+0x890/0xda0 [ 422.685352][ T6668] ? ___sys_sendmsg+0x28d/0x3c0 [ 422.690461][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.695882][ T6668] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 422.701940][ T6668] ? ieee802154_hdr_push+0x49/0xe80 [ 422.707389][ T6668] ? filter_irq_stacks+0x60/0x1b0 [ 422.712622][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.718075][ T6668] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 422.724652][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.730073][ T6668] ? kmsan_internal_memmove_metadata+0x17b/0x230 [ 422.736719][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.742167][ T6668] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 422.748292][ T6668] __msan_warning+0x95/0x120 [ 422.753124][ T6668] ieee802154_hdr_push+0xd6b/0xe80 [ 422.758587][ T6668] ? __msan_memcpy+0x108/0x1c0 [ 422.763669][ T6668] ieee802154_header_create+0x9bc/0xc70 [ 422.769491][ T6668] ? __pfx_ieee802154_header_create+0x10/0x10 [ 422.775792][ T6668] dgram_sendmsg+0xd91/0x15e0 [ 422.780744][ T6668] ? __pfx_dgram_sendmsg+0x10/0x10 [ 422.786076][ T6668] ieee802154_sock_sendmsg+0x96/0xd0 [ 422.791756][ T6668] ? __pfx_ieee802154_sock_sendmsg+0x10/0x10 [ 422.798004][ T6668] ? __pfx_ieee802154_sock_sendmsg+0x10/0x10 [ 422.804243][ T6668] __sock_sendmsg+0x30f/0x380 [ 422.809193][ T6668] ____sys_sendmsg+0x890/0xda0 [ 422.814245][ T6668] ___sys_sendmsg+0x28d/0x3c0 [ 422.819182][ T6668] ? __rcu_read_unlock+0x7b/0xe0 [ 422.824381][ T6668] ? __fget_files+0x443/0x520 [ 422.829445][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.834929][ T6668] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 422.841000][ T6668] __x64_sys_sendmsg+0x212/0x3c0 [ 422.846210][ T6668] ? kmsan_get_metadata+0x13e/0x1c0 [ 422.851635][ T6668] x64_sys_call+0x2e0f/0x3c80 [ 422.856596][ T6668] do_syscall_64+0xcd/0x1b0 [ 422.861359][ T6668] ? clear_bhb_loop+0x25/0x80 [ 422.866271][ T6668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.872412][ T6668] RIP: 0033:0x7fb4af38e169 [ 422.876998][ T6668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.896850][ T6668] RSP: 002b:00007fb4b01ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 422.905615][ T6668] RAX: ffffffffffffffda RBX: 00007fb4af5b6080 RCX: 00007fb4af38e169 [ 422.913801][ T6668] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000007 [ 422.921952][ T6668] RBP: 00007fb4af410a68 R08: 0000000000000000 R09: 0000000000000000 [ 422.930117][ T6668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.938258][ T6668] R13: 0000000000000000 R14: 00007fb4af5b6080 R15: 00007ffd5d56ba78 [ 422.946436][ T6668] [ 422.949988][ T6668] Kernel Offset: disabled [ 422.954418][ T6668] Rebooting in 86400 seconds..