last executing test programs: 3.022419512s ago: executing program 1 (id=2170): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setscheduler(0x0, 0x2, 0x0) unshare(0x8040600) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) sched_setscheduler(0x0, 0x5, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_create1(0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='uid_map\x00') preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000380)=""/106, 0xbe}], 0x1, 0x40fb, 0x9) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)=ANY=[@ANYRESDEC=r2, @ANYRES32, @ANYBLOB="0000000000000000e4ad4026f0bfd31414d0e39f07595a420cacc0565f6233a18e9461b6d0a8603db189221ffc1ca98a202dac618506cbd9f7ca2dc7d00f62655d615c1b6943d23bffff1a944ccb3d0a541993a10b07d1ccfe00b497aac8ebd197d24d7f84fbfce574ae05d4ff4ade1f98e348f28069d931756126e799c9e8f217fec8666fc2aface71aa0f4200b39054dcfe75db006447523e686b949a3b35d2f5a58b9db2b79edd978800fdc94f531e866cba48af50b626b97a7a7eb9b8827c5de5f50c01ae36eb469d9c31e91697d27ec7fad8a3a72c10e210ae1b720afdf44def7b2f364788ed45f2bad0e848ba3", @ANYRES32, @ANYBLOB="f08e95a08f045dd7175ea1b5d7294fe1d63572e2757fbef7301a76e23bb7fedc58b053e9118cceb295935632a1430220ea661963afcf445be2b98b71015a7fd98ef26d02b8c7ea6709a646ab2e72e879a347a45a75cf58a66e7182a6215b92ba3f", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0xfffffffffffff001}, 0x18) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x80004a, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r6, 0x408c5333, &(0x7f0000000580)={0x0, 0x1, 0x0, 'queue0\x00'}) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x1e, &(0x7f00000000c0)=0x9cc, 0x4) setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, 0x0, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xc, 0x8009, 0x0, 0x9}) 2.749951117s ago: executing program 1 (id=2174): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000001980)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001940)={&(0x7f0000001900)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0xd, 0x5, @l2={'ib', 0x3a, 'caif0\x00'}}}}}, 0x34}, 0x1, 0x0, 0x0, 0x4004}, 0x80) 2.663780488s ago: executing program 1 (id=2176): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0xa, r3}, 0x10) bind$xdp(r0, &(0x7f0000000180)={0x2c, 0x1, r3, 0x0, r1}, 0x10) 2.464755552s ago: executing program 1 (id=2179): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) syz_clone(0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x10, 0x3, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 2.000457341s ago: executing program 3 (id=2183): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000140)=0xb, 0x4) syz_emit_ethernet(0x45, &(0x7f0000000000)={@link_local={0x3}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3f, 0x37, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @loopback}, "001863718e9bf7"}}}}}, 0x0) 1.965225052s ago: executing program 3 (id=2185): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x80, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x45, 0xe, {{{}, {}, @broadcast, @device_a, @random="8e742f592bf6"}, 0x0, @default, 0x1, @void, @void, @void, @val={0x4, 0x6, {0x7f, 0x1, 0x7}}, @void, @val={0x5, 0x3, {0xeb, 0x3a, 0xb0}}, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x8, 0x9, 0x11, 0x979}}}}, @NL80211_ATTR_IE_PROBE_RESP={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0x6, 0x80, [@supported_rates]}], @chandef_params, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7}]}, 0x80}}, 0xc010) 1.594594139s ago: executing program 3 (id=2189): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a0034000202020202020000"], 0x44}}, 0x0) 1.373871604s ago: executing program 3 (id=2191): pipe(&(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10) write(r0, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c) pipe(0x0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0xffffffffffff8000, 0x0) close(0xffffffffffffffff) 1.090893499s ago: executing program 2 (id=2193): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000140)=0xb, 0x4) syz_emit_ethernet(0x45, &(0x7f0000000000)={@link_local={0x3}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3f, 0x37, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @loopback}, "001863718e9bf7"}}}}}, 0x0) 948.308092ms ago: executing program 0 (id=2195): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fddbdf252c00000008000300", @ANYRES32=r2], 0x28}}, 0x4004) 947.504122ms ago: executing program 2 (id=2196): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002440)=@bridge_setlink={0x38, 0x13, 0xa2f, 0x70bd2b, 0x25cfdbfd, {0x7, 0x0, 0x68, r1, 0x16258}, [@IFLA_LINKINFO={0x18, 0x1a, 0x0, 0x1, @vlan={{0x9}, {0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20}, 0x50) 809.255874ms ago: executing program 0 (id=2197): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075a, 0x3}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x10) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 744.506636ms ago: executing program 2 (id=2198): socket(0x10, 0x3, 0x0) socket(0x2b, 0x80801, 0x1) socket$inet6(0xa, 0x80003, 0xff) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.swap.events\x00', 0x275a, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6(0xa, 0x5, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x5, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d6163767461700014000280080005", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xfff2}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) 633.716818ms ago: executing program 0 (id=2199): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a0034000202020202020000"], 0x44}}, 0x0) 593.229729ms ago: executing program 2 (id=2200): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0xa, r3}, 0x10) bind$xdp(r0, &(0x7f0000000180)={0x2c, 0x1, r3, 0x0, r1}, 0x10) 454.072781ms ago: executing program 0 (id=2201): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_KEY(r1, 0x0, 0x8010) 360.501573ms ago: executing program 3 (id=2202): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setscheduler(0x0, 0x2, 0x0) unshare(0x8040600) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) sched_setscheduler(0x0, 0x5, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) epoll_create1(0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='uid_map\x00') preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000380)=""/106, 0xbe}], 0x1, 0x40fb, 0x9) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)=ANY=[@ANYRESDEC=r2, @ANYRES32, @ANYBLOB="0000000000000000e4ad4026f0bfd31414d0e39f07595a420cacc0565f6233a18e9461b6d0a8603db189221ffc1ca98a202dac618506cbd9f7ca2dc7d00f62655d615c1b6943d23bffff1a944ccb3d0a541993a10b07d1ccfe00b497aac8ebd197d24d7f84fbfce574ae05d4ff4ade1f98e348f28069d931756126e799c9e8f217fec8666fc2aface71aa0f4200b39054dcfe75db006447523e686b949a3b35d2f5a58b9db2b79edd978800fdc94f531e866cba48af50b626b97a7a7eb9b8827c5de5f50c01ae36eb469d9c31e91697d27ec7fad8a3a72c10e210ae1b720afdf44def7b2f364788ed45f2bad0e848ba3", @ANYRES32, @ANYBLOB="f08e95a08f045dd7175ea1b5d7294fe1d63572e2757fbef7301a76e23bb7fedc58b053e9118cceb295935632a1430220ea661963afcf445be2b98b71015a7fd98ef26d02b8c7ea6709a646ab2e72e879a347a45a75cf58a66e7182a6215b92ba3f", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0xfffffffffffff001}, 0x18) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x80004a, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r6, 0x408c5333, &(0x7f0000000580)={0x0, 0x1, 0x0, 'queue0\x00'}) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x1e, &(0x7f00000000c0)=0x9cc, 0x4) setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, 0x0, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xc, 0x8009, 0x0, 0x9}) 327.539054ms ago: executing program 0 (id=2203): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000018c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, 0x0, 0x80) 323.811274ms ago: executing program 1 (id=2204): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fcdbdf254f00000008000300", @ANYRES32=r2, @ANYBLOB="10007a"], 0x2c}}, 0x8000) 244.249326ms ago: executing program 2 (id=2205): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000140)=0xb, 0x4) syz_emit_ethernet(0x45, &(0x7f0000000000)={@link_local={0x3}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3f, 0x37, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @loopback}, "001863718e9bf7"}}}}}, 0x0) 170.822627ms ago: executing program 0 (id=2206): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba9432}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="14"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40)=[{{&(0x7f0000000300)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4040) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 20.09894ms ago: executing program 1 (id=2207): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 218.53µs ago: executing program 2 (id=2208): socket(0x10, 0x3, 0x0) socket(0x2b, 0x80801, 0x1) socket$inet6(0xa, 0x80003, 0xff) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.swap.events\x00', 0x275a, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6(0xa, 0x5, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x5, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d6163767461700014000280080005", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xfff2}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) 0s ago: executing program 3 (id=2209): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a0034000202020202020000"], 0x44}}, 0x0) kernel console output (not intermixed with test programs): 252, 0x80417272 (sector = 1) [ 180.583784][ T7749] team0: Port device dummy0 added [ 180.767083][ T1093] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 181.582429][ T7780] ipvlan2: entered promiscuous mode [ 181.602420][ T7780] bridge0: port 3(ipvlan2) entered blocking state [ 181.609548][ T7780] bridge0: port 3(ipvlan2) entered disabled state [ 181.629446][ T7780] ipvlan2: entered allmulticast mode [ 181.639348][ T7780] bridge0: entered allmulticast mode [ 181.657135][ T7780] ipvlan2: left allmulticast mode [ 181.670143][ T7780] bridge0: left allmulticast mode [ 182.412207][ T7784] lo speed is unknown, defaulting to 1000 [ 182.716237][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 182.716252][ T28] audit: type=1326 audit(1757693410.314:750): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 182.745177][ C1] vkms_vblank_simulate: vblank timer overrun [ 182.780274][ T7820] pim6reg: entered allmulticast mode [ 182.786079][ T28] audit: type=1326 audit(1757693410.344:751): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 182.802134][ T7824] ipvlan2: entered promiscuous mode [ 182.822504][ T7824] bridge0: port 3(ipvlan2) entered blocking state [ 182.830616][ T7824] bridge0: port 3(ipvlan2) entered disabled state [ 182.839703][ T28] audit: type=1326 audit(1757693410.344:752): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 182.844672][ T7824] ipvlan2: entered allmulticast mode [ 182.862286][ C1] vkms_vblank_simulate: vblank timer overrun [ 182.879549][ T7824] bridge0: entered allmulticast mode [ 182.880176][ T28] audit: type=1326 audit(1757693410.344:753): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 182.890144][ T7824] ipvlan2: left allmulticast mode [ 182.919629][ T7824] bridge0: left allmulticast mode [ 182.951671][ T28] audit: type=1326 audit(1757693410.344:754): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 182.988767][ T28] audit: type=1326 audit(1757693410.344:755): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 183.020934][ T28] audit: type=1326 audit(1757693410.344:756): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 183.052303][ T28] audit: type=1326 audit(1757693410.354:757): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 183.082051][ T28] audit: type=1326 audit(1757693410.354:758): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 183.116279][ T28] audit: type=1326 audit(1757693410.354:759): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7819 comm="syz.2.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 183.144153][ T7820] pim6reg: left allmulticast mode [ 183.438083][ T7837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.782'. [ 183.625851][ T7844] usb usb5: usbfs: process 7844 (syz.3.784) did not claim interface 0 before use [ 183.958672][ T7827] lo speed is unknown, defaulting to 1000 [ 184.370794][ T7861] ipvlan2: entered promiscuous mode [ 184.386928][ T7861] bridge0: port 3(ipvlan2) entered blocking state [ 184.393745][ T7861] bridge0: port 3(ipvlan2) entered disabled state [ 184.402443][ T7861] ipvlan2: entered allmulticast mode [ 184.412179][ T7861] bridge0: entered allmulticast mode [ 184.421458][ T7861] ipvlan2: left allmulticast mode [ 184.432328][ T7861] bridge0: left allmulticast mode [ 184.912978][ T7859] lo speed is unknown, defaulting to 1000 [ 185.708090][ T7882] netlink: 'syz.1.801': attribute type 10 has an invalid length. [ 185.719496][ T7882] bond0: (slave dummy0): Releasing backup interface [ 185.756192][ T7882] team0: Port device dummy0 added [ 187.391460][ T7932] loop3: detected capacity change from 0 to 512 [ 187.418318][ T7932] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 187.472962][ T7932] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 187.537708][ T7932] System zones: 0-2, 18-18, 34-34 [ 187.609264][ T7932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.658713][ T7932] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.733839][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.847527][ T7922] lo speed is unknown, defaulting to 1000 [ 188.312630][ T7950] loop3: detected capacity change from 0 to 1024 [ 188.462998][ T7950] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.555239][ T7950] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 188.995792][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.076890][ T7954] netlink: 'syz.1.826': attribute type 4 has an invalid length. [ 189.151314][ T7958] netlink: 'syz.1.826': attribute type 4 has an invalid length. [ 189.410087][ T7967] loop3: detected capacity change from 0 to 1764 [ 189.808363][ T7978] netlink: 4 bytes leftover after parsing attributes in process `syz.2.831'. [ 190.665265][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.838'. [ 190.710600][ T28] kauditd_printk_skb: 42 callbacks suppressed [ 190.710617][ T28] audit: type=1326 audit(1757693418.304:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7984 comm="syz.2.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 190.796636][ T28] audit: type=1326 audit(1757693418.334:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7984 comm="syz.2.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 190.864322][ T28] audit: type=1326 audit(1757693418.334:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7984 comm="syz.2.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 191.154912][ T28] audit: type=1326 audit(1757693418.754:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7998 comm="syz.0.845" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x0 [ 191.814117][ T8018] lo speed is unknown, defaulting to 1000 [ 192.653268][ T8040] loop3: detected capacity change from 0 to 1024 [ 192.775333][ T8040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.929528][ T8040] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 193.261426][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.365602][ T8046] netlink: 'syz.0.863': attribute type 4 has an invalid length. [ 193.474343][ T8051] netlink: 'syz.0.863': attribute type 4 has an invalid length. [ 193.573441][ T965] lo speed is unknown, defaulting to 1000 [ 193.582052][ T5834] lo speed is unknown, defaulting to 1000 [ 193.801914][ T8058] netlink: 'syz.2.867': attribute type 10 has an invalid length. [ 193.842913][ T8058] team0: Device hsr_slave_0 failed to register rx_handler [ 194.416907][ T8057] lo speed is unknown, defaulting to 1000 [ 194.698861][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.705553][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.832425][ T8083] netlink: 16 bytes leftover after parsing attributes in process `syz.2.879'. [ 194.869336][ T8083] team0: No ports can be present during mode change [ 194.898757][ T8083] vlan0: entered promiscuous mode [ 194.922838][ T8083] team0: Port device vlan0 added [ 194.949959][ T8088] tipc: Enabled bearer , priority 0 [ 195.352300][ T3500] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 195.474894][ T8110] loop3: detected capacity change from 0 to 8192 [ 195.528999][ T8110] loop3: p2 p3 p4 [ 195.540395][ T8110] loop3: p2 size 327551 extends beyond EOD, truncated [ 195.551600][ T8110] loop3: p3 size 16776960 extends beyond EOD, truncated [ 195.560847][ T8110] loop3: p4 size 3599499392 extends beyond EOD, truncated [ 195.931931][ T5804] udevd[5804]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 195.941071][ T6305] udevd[6305]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 195.945017][ T5794] udevd[5794]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 198.854130][ T8170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.913'. [ 198.959391][ T28] audit: type=1326 audit(1757693426.554:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 199.004372][ T28] audit: type=1326 audit(1757693426.554:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 199.083536][ T28] audit: type=1326 audit(1757693426.554:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 199.160640][ T8173] loop3: detected capacity change from 0 to 8192 [ 199.205655][ T8173] loop3: p2 p3 p4 [ 199.225499][ T8173] loop3: p2 size 327551 extends beyond EOD, truncated [ 199.244720][ T8173] loop3: p3 size 16776960 extends beyond EOD, truncated [ 199.254394][ T8173] loop3: p4 size 3599499392 extends beyond EOD, truncated [ 200.354789][ T28] audit: type=1326 audit(1757693427.944:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8193 comm="syz.3.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 200.478899][ T28] audit: type=1326 audit(1757693427.944:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8193 comm="syz.3.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 200.498750][ T6305] udevd[6305]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 200.503080][ T28] audit: type=1326 audit(1757693427.974:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8193 comm="syz.3.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 200.536789][ T5804] udevd[5804]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 200.550379][ T5794] udevd[5794]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 200.570694][ T28] audit: type=1326 audit(1757693427.974:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8193 comm="syz.3.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 200.948849][ T8212] 9pnet_fd: Insufficient options for proto=fd [ 200.955023][ T8214] loop3: detected capacity change from 0 to 512 [ 200.965099][ T8214] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 200.994363][ T8214] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 201.002880][ T8214] EXT4-fs (loop3): orphan cleanup on readonly fs [ 201.009588][ T8214] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.932: bad orphan inode 267 [ 201.049617][ T8214] EXT4-fs (loop3): Remounting filesystem read-only [ 201.105636][ T8214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 201.230746][ T8214] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.932: dx entry: limit 0 != root limit 125 [ 201.273249][ T8214] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.932: Corrupt directory, running e2fsck is recommended [ 201.363190][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 201.380312][ T8227] sd 0:0:1:0: device reset [ 201.387246][ T28] audit: type=1326 audit(1757693428.984:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.0.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 201.411974][ T28] audit: type=1326 audit(1757693429.004:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.0.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 201.460163][ T28] audit: type=1326 audit(1757693429.004:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8224 comm="syz.0.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 201.521794][ T8229] syz.3.939[8229] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.521940][ T8229] syz.3.939[8229] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.734532][ T8235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.943'. [ 202.276918][ T8252] sd 0:0:1:0: device reset [ 203.471618][ T8266] loop3: detected capacity change from 0 to 512 [ 203.577454][ T8266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.593126][ T8266] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 203.755123][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.002029][ T8277] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 204.045485][ T8277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.961'. [ 204.111440][ T8277] bond_slave_0: entered promiscuous mode [ 204.118501][ T8277] bond_slave_1: entered promiscuous mode [ 204.141562][ T8282] sd 0:0:1:0: device reset [ 204.146921][ T8277] macvtap1: entered promiscuous mode [ 204.162535][ T8277] bond0: entered promiscuous mode [ 204.178730][ T8277] macvtap1: entered allmulticast mode [ 204.198418][ T8277] bond0: entered allmulticast mode [ 204.214375][ T8277] bond_slave_0: entered allmulticast mode [ 204.230454][ T8277] bond_slave_1: entered allmulticast mode [ 204.246151][ T8277] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 204.303766][ T8284] bond0: left allmulticast mode [ 204.321130][ T8284] bond_slave_0: left allmulticast mode [ 204.344587][ T8284] bond_slave_1: left allmulticast mode [ 204.365811][ T8284] bond0: left promiscuous mode [ 204.390765][ T8284] bond_slave_0: left promiscuous mode [ 204.396457][ T8284] bond_slave_1: left promiscuous mode [ 204.825863][ T8300] loop3: detected capacity change from 0 to 1024 [ 205.132189][ T8300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.193708][ T8300] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 205.414442][ T28] kauditd_printk_skb: 26 callbacks suppressed [ 205.414467][ T28] audit: type=1326 audit(1757693432.904:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.557086][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.565309][ T28] audit: type=1326 audit(1757693433.004:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.604553][ T28] audit: type=1326 audit(1757693433.194:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.695047][ T28] audit: type=1326 audit(1757693433.194:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.763923][ T28] audit: type=1326 audit(1757693433.194:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.0.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.854667][ T28] audit: type=1326 audit(1757693433.394:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8306 comm="syz.0.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.904361][ T28] audit: type=1326 audit(1757693433.394:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8306 comm="syz.0.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 205.962169][ T28] audit: type=1326 audit(1757693433.404:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8306 comm="syz.0.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 206.025198][ T28] audit: type=1326 audit(1757693433.404:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8306 comm="syz.0.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 206.084392][ T28] audit: type=1326 audit(1757693433.404:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8306 comm="syz.0.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 206.166378][ T8321] netlink: 4 bytes leftover after parsing attributes in process `syz.2.980'. [ 206.190467][ T8321] netlink: 4 bytes leftover after parsing attributes in process `syz.2.980'. [ 209.633800][ T8362] loop3: detected capacity change from 0 to 1024 [ 209.914142][ T8363] lo speed is unknown, defaulting to 1000 [ 210.049823][ T8364] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 210.168603][ T8362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.220410][ T8360] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 210.502858][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.523437][ T8371] netlink: 4 bytes leftover after parsing attributes in process `syz.1.998'. [ 211.331610][ T8388] loop3: detected capacity change from 0 to 512 [ 211.351767][ T8388] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 211.402855][ T8388] EXT4-fs (loop3): 1 truncate cleaned up [ 211.591164][ T8388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.791648][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.231377][ T5791] Bluetooth: hci1: command 0x0406 tx timeout [ 212.264745][ T5791] Bluetooth: hci2: command 0x0406 tx timeout [ 212.271273][ T5791] Bluetooth: hci3: command 0x0406 tx timeout [ 212.289683][ T5791] Bluetooth: hci0: command 0x0406 tx timeout [ 212.853739][ T8410] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1011'. [ 212.865262][ T8410] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1011'. [ 214.280356][ T8409] lo speed is unknown, defaulting to 1000 [ 214.312180][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 214.312195][ T28] audit: type=1326 audit(1757693441.904:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 214.434368][ T28] audit: type=1326 audit(1757693441.944:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 214.490332][ T28] audit: type=1326 audit(1757693441.944:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 215.755106][ T8438] netlink: 'syz.2.1024': attribute type 4 has an invalid length. [ 215.817586][ T8438] netlink: 'syz.2.1024': attribute type 4 has an invalid length. [ 216.015558][ T28] audit: type=1326 audit(1757693443.614:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8445 comm="syz.2.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 216.076427][ T28] audit: type=1326 audit(1757693443.634:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8445 comm="syz.2.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 216.142350][ T28] audit: type=1326 audit(1757693443.634:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8445 comm="syz.2.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 216.202655][ T28] audit: type=1326 audit(1757693443.634:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8445 comm="syz.2.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 216.760516][ T8471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1042'. [ 216.774966][ T6211] page_pool_release_retry() stalled pool shutdown 1 inflight 60 sec [ 217.269881][ T8471] erspan0: entered promiscuous mode [ 217.434789][ T8471] macvtap1: entered promiscuous mode [ 217.440488][ T8471] macvtap1: entered allmulticast mode [ 217.480432][ T8471] erspan0: entered allmulticast mode [ 217.601889][ T8473] erspan0: left allmulticast mode [ 217.618065][ T8473] erspan0: left promiscuous mode [ 217.859167][ T28] audit: type=1326 audit(1757693445.454:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8480 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 217.915530][ T28] audit: type=1326 audit(1757693445.454:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8480 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 217.979611][ T28] audit: type=1326 audit(1757693445.454:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8480 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 218.720349][ T8504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1046'. [ 218.768326][ T8504] erspan0: entered promiscuous mode [ 218.773839][ T8504] macvtap1: entered promiscuous mode [ 218.791416][ T8504] macvtap1: entered allmulticast mode [ 218.802223][ T8504] erspan0: entered allmulticast mode [ 218.813001][ T8507] erspan0: left allmulticast mode [ 218.829360][ T8507] erspan0: left promiscuous mode [ 219.648726][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 219.648741][ T28] audit: type=1326 audit(1757693447.244:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 219.800300][ T28] audit: type=1326 audit(1757693447.284:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 219.915484][ T28] audit: type=1326 audit(1757693447.284:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 219.987010][ T8525] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1054'. [ 220.009634][ T8525] 0{X: renamed from gretap0 (while UP) [ 220.028056][ T8525] 0{X: entered allmulticast mode [ 220.034169][ T8525] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 220.047206][ T28] audit: type=1326 audit(1757693447.644:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 220.090015][ T28] audit: type=1326 audit(1757693447.684:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 220.138738][ T28] audit: type=1326 audit(1757693447.734:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc3db8eba9 code=0x0 [ 220.193924][ T28] audit: type=1326 audit(1757693447.784:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 220.287549][ T28] audit: type=1326 audit(1757693447.784:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 220.321136][ T28] audit: type=1326 audit(1757693447.784:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 220.404832][ T28] audit: type=1326 audit(1757693447.784:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8522 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 223.184704][ T8594] loop3: detected capacity change from 0 to 1024 [ 223.328309][ T8594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.473454][ T8594] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 223.883203][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.218250][ T8610] lo speed is unknown, defaulting to 1000 [ 225.362464][ T8618] loop3: detected capacity change from 0 to 512 [ 225.384480][ T8618] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 225.438525][ T8618] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 225.447187][ T8618] EXT4-fs (loop3): orphan cleanup on readonly fs [ 225.453586][ T8618] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1084: bad orphan inode 267 [ 225.474291][ T8618] EXT4-fs (loop3): Remounting filesystem read-only [ 225.482733][ T8618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 225.535470][ T8618] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.1084: dx entry: limit 0 != root limit 125 [ 225.564353][ T8618] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1084: Corrupt directory, running e2fsck is recommended [ 225.635983][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 227.066512][ T8629] loop3: detected capacity change from 0 to 1024 [ 227.300525][ T8629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.637779][ T8628] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 227.873509][ T8635] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1086'. [ 227.882852][ T8635] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1086'. [ 227.903679][ T8635] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1086'. [ 227.916859][ T8635] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1086'. [ 228.737823][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 228.737838][ T28] audit: type=1326 audit(1757693456.334:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.1.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 228.849905][ T28] audit: type=1326 audit(1757693456.364:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.1.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 228.943153][ T28] audit: type=1326 audit(1757693456.364:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.1.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 228.981826][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.032227][ T28] audit: type=1326 audit(1757693456.364:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.1.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 229.585136][ T8655] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1097'. [ 230.103161][ T28] audit: type=1326 audit(1757693457.694:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8666 comm="syz.2.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 230.175730][ T28] audit: type=1326 audit(1757693457.694:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8666 comm="syz.2.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 230.213156][ T28] audit: type=1326 audit(1757693457.694:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8666 comm="syz.2.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 230.244820][ T28] audit: type=1326 audit(1757693457.694:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8666 comm="syz.2.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 230.268416][ T28] audit: type=1326 audit(1757693457.694:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8666 comm="syz.2.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 231.164395][ T8682] lo speed is unknown, defaulting to 1000 [ 231.222806][ T8684] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 232.397027][ T28] audit: type=1326 audit(1757693459.994:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.1.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 232.555318][ T8702] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1114'. [ 233.073526][ T8715] syz.1.1119[8715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.073669][ T8715] syz.1.1119[8715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.097156][ T8692] syz.0.1110: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 233.139557][ T8698] lo speed is unknown, defaulting to 1000 [ 233.181491][ T8692] ,cpuset=syz0,mems_allowed=0-1 [ 233.212139][ T8692] CPU: 1 PID: 8692 Comm: syz.0.1110 Not tainted syzkaller #0 [ 233.219598][ T8692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 233.229704][ T8692] Call Trace: [ 233.233012][ T8692] [ 233.235980][ T8692] dump_stack_lvl+0x16c/0x230 [ 233.240707][ T8692] ? show_regs_print_info+0x20/0x20 [ 233.245962][ T8692] ? load_image+0x3b0/0x3b0 [ 233.250511][ T8692] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 233.256964][ T8692] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 233.263509][ T8692] warn_alloc+0x210/0x300 [ 233.267907][ T8692] ? zone_watermark_ok_safe+0x230/0x230 [ 233.273532][ T8692] ? _raw_spin_unlock+0x28/0x40 [ 233.278441][ T8692] __vmalloc_node_range+0x662/0x1320 [ 233.283804][ T8692] ? __alloc_pages+0xa1/0x460 [ 233.288549][ T8692] ? free_vm_area+0x50/0x50 [ 233.293125][ T8692] ? packet_set_ring+0x712/0x2380 [ 233.298210][ T8692] vzalloc+0x79/0x90 [ 233.302168][ T8692] ? packet_set_ring+0x712/0x2380 [ 233.307275][ T8692] packet_set_ring+0x712/0x2380 [ 233.312212][ T8692] ? packet_mmap+0x4e0/0x4e0 [ 233.316855][ T8692] ? __lock_acquire+0x7c80/0x7c80 [ 233.321924][ T8692] ? __local_bh_enable_ip+0x12e/0x1c0 [ 233.327347][ T8692] ? lockdep_hardirqs_on+0x98/0x150 [ 233.332696][ T8692] ? __might_fault+0xaa/0x120 [ 233.337417][ T8692] ? __might_fault+0xc6/0x120 [ 233.342126][ T8692] ? __might_fault+0xaa/0x120 [ 233.346869][ T8692] ? _copy_from_user+0xa5/0xe0 [ 233.351686][ T8692] packet_setsockopt+0xc58/0x12a0 [ 233.356760][ T8692] ? packet_ioctl+0x340/0x340 [ 233.361508][ T8692] ? aa_sk_perm+0x7fc/0x930 [ 233.366080][ T8692] ? aa_af_perm+0x2b0/0x2b0 [ 233.370643][ T8692] ? __fget_files+0x28/0x4d0 [ 233.375414][ T8692] ? aa_sock_opt_perm+0x74/0x100 [ 233.380418][ T8692] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 233.385979][ T8692] ? security_socket_setsockopt+0x7e/0xa0 [ 233.392078][ T8692] ? packet_ioctl+0x340/0x340 [ 233.396810][ T8692] do_sock_setsockopt+0x175/0x1a0 [ 233.401889][ T8692] ? __fdget+0x180/0x210 [ 233.406162][ T8692] __x64_sys_setsockopt+0x184/0x200 [ 233.411431][ T8692] do_syscall_64+0x55/0xb0 [ 233.415897][ T8692] ? clear_bhb_loop+0x40/0x90 [ 233.420637][ T8692] ? clear_bhb_loop+0x40/0x90 [ 233.425345][ T8692] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 233.431304][ T8692] RIP: 0033:0x7fbc3db8eba9 [ 233.435775][ T8692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.455410][ T8692] RSP: 002b:00007fbc3e977038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 233.463858][ T8692] RAX: ffffffffffffffda RBX: 00007fbc3ddd5fa0 RCX: 00007fbc3db8eba9 [ 233.471859][ T8692] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000007 [ 233.479858][ T8692] RBP: 00007fbc3dc11e19 R08: 000000000000001c R09: 0000000000000000 [ 233.487849][ T8692] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 233.495860][ T8692] R13: 00007fbc3ddd6038 R14: 00007fbc3ddd5fa0 R15: 00007ffe47cc5d58 [ 233.503976][ T8692] [ 233.507185][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.527367][ T8692] Mem-Info: [ 233.530561][ T8692] active_anon:8060 inactive_anon:0 isolated_anon:0 [ 233.530561][ T8692] active_file:1198 inactive_file:39914 isolated_file:0 [ 233.530561][ T8692] unevictable:768 dirty:38 writeback:0 [ 233.530561][ T8692] slab_reclaimable:10780 slab_unreclaimable:92673 [ 233.530561][ T8692] mapped:29429 shmem:4378 pagetables:607 [ 233.530561][ T8692] sec_pagetables:0 bounce:0 [ 233.530561][ T8692] kernel_misc_reclaimable:0 [ 233.530561][ T8692] free:1346377 free_pcp:11010 free_cma:0 [ 233.575750][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.591672][ T8692] Node 0 active_anon:35240kB inactive_anon:0kB active_file:4792kB inactive_file:159452kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120716kB dirty:148kB writeback:0kB shmem:18976kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11440kB pagetables:2428kB sec_pagetables:0kB all_unreclaimable? no [ 233.624113][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.640997][ T8692] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 233.671682][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.684767][ T8692] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 233.711935][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.727564][ T8692] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 233.733619][ T8692] Node 0 DMA32 free:1466724kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:42196kB inactive_anon:0kB active_file:4792kB inactive_file:158132kB unevictable:1536kB writepending:148kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:24044kB local_pcp:17436kB free_cma:0kB [ 233.764576][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.780178][ T8692] lowmem_reserve[]: 0 0 1 1 1 [ 233.785696][ T8692] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 233.813039][ C1] vkms_vblank_simulate: vblank timer overrun [ 233.821512][ T8692] lowmem_reserve[]: 0 0 0 0 0 [ 233.827299][ T8692] Node 1 Normal free:3893336kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19840kB local_pcp:9536kB free_cma:0kB [ 233.856888][ C1] vkms_vblank_simulate: vblank timer overrun [ 234.671445][ T8692] lowmem_reserve[]: 0 0 0 0 0 [ 234.714323][ T8692] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 234.911245][ T8692] Node 0 DMA32: 22*4kB (UM) 18*8kB (UM) 14*16kB (ME) 58*32kB (UME) 48*64kB (ME) 6*128kB (ME) 1*256kB (M) 9*512kB (UME) 12*1024kB (UM) 4*2048kB (UM) 352*4096kB (UM) = 1473288kB [ 234.981451][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 234.981466][ T28] audit: type=1326 audit(1757693462.574:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8727 comm="syz.3.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 235.010046][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.030160][ T8692] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 235.066857][ T28] audit: type=1326 audit(1757693462.604:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8727 comm="syz.3.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 235.104363][ T8692] Node 1 Normal: 240*4kB (UME) 55*8kB (UME) 36*16kB (UME) 101*32kB (UME) 36*64kB (UE) 4*128kB (UM) 1*256kB (E) 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 947*4096kB (M) = 3893336kB [ 235.155734][ T28] audit: type=1326 audit(1757693462.614:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8727 comm="syz.3.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 235.194978][ T8692] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 235.211557][ T28] audit: type=1326 audit(1757693462.614:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8727 comm="syz.3.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 235.235390][ T8692] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 235.258045][ T8692] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 235.304398][ T28] audit: type=1326 audit(1757693462.614:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8727 comm="syz.3.1123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 235.326785][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.339142][ T8692] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 235.375931][ T8692] 42469 total pagecache pages [ 235.380701][ T8692] 0 pages in swap cache [ 235.387874][ T28] audit: type=1326 audit(1757693462.844:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.2.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 235.397064][ T8692] Free swap = 124472kB [ 235.440868][ T8692] Total swap = 124996kB [ 235.449455][ T28] audit: type=1326 audit(1757693462.844:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.2.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 235.454813][ T8692] 2097051 pages RAM [ 235.471963][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.496011][ T8692] 0 pages HighMem/MovableOnly [ 235.500857][ T8692] 416139 pages reserved [ 235.505442][ T8692] 0 pages cma reserved [ 235.547516][ T28] audit: type=1326 audit(1757693462.844:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.2.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 235.704266][ T28] audit: type=1326 audit(1757693462.854:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.2.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 235.749956][ T28] audit: type=1326 audit(1757693462.854:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.2.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 235.772304][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.800854][ T8748] loop3: detected capacity change from 0 to 512 [ 235.810033][ T8748] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 237.574548][ T8752] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 237.657617][ T8748] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 237.818613][ T8748] EXT4-fs (loop3): orphan cleanup on readonly fs [ 237.945886][ T8748] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1133: bad orphan inode 267 [ 237.991053][ T8748] EXT4-fs (loop3): Remounting filesystem read-only [ 238.018795][ T8748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 238.024370][ T8749] lo speed is unknown, defaulting to 1000 [ 238.063012][ T8748] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.1133: dx entry: limit 0 != root limit 125 [ 238.075037][ T8748] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1133: Corrupt directory, running e2fsck is recommended [ 238.208191][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 238.730221][ T8773] loop9: detected capacity change from 0 to 7 [ 238.747210][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.756466][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.774481][ T8769] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1139'. [ 238.788992][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.798243][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.806916][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.816215][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.827552][ T8772] team0: Port device dummy0 removed [ 238.836068][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.845302][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.868172][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.877407][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.885717][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.894915][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.898755][ T8772] bridge_slave_0: left allmulticast mode [ 238.908735][ T8772] bridge_slave_0: left promiscuous mode [ 238.910242][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.923525][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.934301][ T8773] ldm_validate_partition_table(): Disk read failed. [ 238.936061][ T8772] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.943033][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.957232][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.968781][ T8772] bridge_slave_1: left allmulticast mode [ 238.970608][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.979362][ T8772] bridge_slave_1: left promiscuous mode [ 238.983659][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.984004][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 238.990329][ T8772] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.997145][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 238.997754][ T8773] Dev loop9: unable to read RDB block 0 [ 239.030776][ T8773] loop9: unable to read partition table [ 239.037065][ T8773] loop9: partition table beyond EOD, truncated [ 239.043748][ T8773] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 239.043748][ T8773] ) failed (rc=-5) [ 239.061116][ T8772] bond0: (slave bond_slave_0): Releasing backup interface [ 239.082366][ T8772] bond0: (slave bond_slave_1): Releasing backup interface [ 239.147265][ T8772] team0: Port device team_slave_0 removed [ 239.175676][ T8772] team0: Port device team_slave_1 removed [ 239.190701][ T8772] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 239.199328][ T8772] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 239.212090][ T8772] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.220641][ T8772] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.248221][ T8772] team0: Port device vlan0 removed [ 239.306642][ T8769] team0: Mode changed to "activebackup" [ 239.341811][ T6988] tipc: Resetting bearer [ 240.679699][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 240.679718][ T28] audit: type=1326 audit(1757693468.244:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.2.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 240.784710][ T28] audit: type=1326 audit(1757693468.244:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.2.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 240.815623][ T8794] vlan2: entered allmulticast mode [ 240.932074][ T28] audit: type=1326 audit(1757693468.524:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 241.008364][ T28] audit: type=1326 audit(1757693468.554:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 241.053099][ T28] audit: type=1326 audit(1757693468.554:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 241.081985][ T28] audit: type=1326 audit(1757693468.554:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.0.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 241.432610][ T28] audit: type=1326 audit(1757693468.584:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.2.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 241.811093][ T28] audit: type=1326 audit(1757693468.584:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.2.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 241.866760][ T28] audit: type=1326 audit(1757693468.584:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.2.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 241.925647][ T28] audit: type=1326 audit(1757693468.594:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.2.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 241.964266][ T8810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1155'. [ 241.988699][ T8810] bond_slave_0: entered promiscuous mode [ 241.994568][ T8810] bond_slave_1: entered promiscuous mode [ 242.009442][ T8810] macvtap2: entered promiscuous mode [ 242.016877][ T8810] bond0: entered promiscuous mode [ 242.031379][ T8810] macvtap2: entered allmulticast mode [ 242.037463][ T8810] bond0: entered allmulticast mode [ 242.042716][ T8810] bond_slave_0: entered allmulticast mode [ 242.055023][ T8810] bond_slave_1: entered allmulticast mode [ 242.062696][ T8810] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 244.362107][ T8837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1164'. [ 244.419834][ T8837] macvtap2: entered promiscuous mode [ 244.431557][ T8837] bond0: entered promiscuous mode [ 244.437121][ T8837] macvtap2: entered allmulticast mode [ 244.442911][ T8837] bond0: entered allmulticast mode [ 244.457937][ T8837] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 244.500820][ T8846] bridge_slave_0: left allmulticast mode [ 244.510622][ T8846] bridge_slave_0: left promiscuous mode [ 244.523249][ T8846] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.548436][ T8845] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1168'. [ 244.570663][ T8846] bridge_slave_1: left allmulticast mode [ 244.585800][ T8846] bridge_slave_1: left promiscuous mode [ 244.600346][ T8846] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.625949][ T8846] bond0: (slave bond_slave_0): Releasing backup interface [ 244.642647][ T8846] bond_slave_0: left allmulticast mode [ 244.648572][ T8846] bond_slave_0: left promiscuous mode [ 244.673362][ T8846] bond0: (slave bond_slave_1): Releasing backup interface [ 244.683673][ T8846] bond_slave_1: left allmulticast mode [ 244.689513][ T8846] bond_slave_1: left promiscuous mode [ 245.215816][ T8846] infiniband syz!: set down [ 245.379120][ T8846] team0: Port device team_slave_0 removed [ 245.428049][ T8846] team0: Port device team_slave_1 removed [ 245.481168][ T8846] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.498526][ T8846] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.513368][ T8846] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.531628][ T8846] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.955642][ T8845] team0: Mode changed to "activebackup" [ 246.138840][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 246.138856][ T28] audit: type=1326 audit(1757693473.734:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8859 comm="syz.2.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 246.259396][ T28] audit: type=1326 audit(1757693473.764:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8859 comm="syz.2.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 246.351962][ T28] audit: type=1326 audit(1757693473.764:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8859 comm="syz.2.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 246.447699][ T28] audit: type=1326 audit(1757693473.764:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8859 comm="syz.2.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 247.625041][ T28] audit: type=1326 audit(1757693475.174:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.692220][ T28] audit: type=1326 audit(1757693475.174:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.715059][ T28] audit: type=1326 audit(1757693475.194:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.739421][ T28] audit: type=1326 audit(1757693475.194:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.763608][ T28] audit: type=1326 audit(1757693475.204:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.786315][ T28] audit: type=1326 audit(1757693475.204:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 247.842052][ T8877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1178'. [ 247.881143][ T8877] bond_slave_0: entered promiscuous mode [ 247.887039][ T8877] bond_slave_1: entered promiscuous mode [ 247.910745][ T8877] macvtap1: entered promiscuous mode [ 247.918663][ T8877] bond0: entered promiscuous mode [ 247.928157][ T8877] macvtap1: entered allmulticast mode [ 247.940085][ T8877] bond0: entered allmulticast mode [ 247.945985][ T8877] bond_slave_0: entered allmulticast mode [ 247.955288][ T8877] bond_slave_1: entered allmulticast mode [ 247.965654][ T8877] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 249.395927][ T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 249.574373][ T9] usb 2-1: device descriptor read/64, error -71 [ 250.105950][ T9] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 250.354464][ T9] usb 2-1: device descriptor read/64, error -71 [ 250.503838][ T9] usb usb2-port1: attempt power cycle [ 252.057554][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 252.057570][ T28] audit: type=1326 audit(1757693479.654:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 252.198434][ T28] audit: type=1326 audit(1757693479.654:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 252.229132][ T28] audit: type=1326 audit(1757693479.654:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 254.562505][ T8944] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 254.654810][ T8943] lo speed is unknown, defaulting to 1000 [ 254.728162][ T8947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1199'. [ 254.737271][ T8947] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1199'. [ 254.748108][ T8947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1199'. [ 254.757295][ T8947] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1199'. [ 255.153913][ T28] audit: type=1326 audit(1757693482.744:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8951 comm="syz.3.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 255.252226][ T28] audit: type=1326 audit(1757693482.774:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8951 comm="syz.3.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 255.360235][ T28] audit: type=1326 audit(1757693482.774:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8951 comm="syz.3.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 256.750204][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.756678][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.058509][ T28] audit: type=1326 audit(1757693484.654:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8965 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.121934][ T28] audit: type=1326 audit(1757693484.674:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8965 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.174736][ T28] audit: type=1326 audit(1757693484.684:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8965 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.212744][ T28] audit: type=1326 audit(1757693484.684:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8965 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.536695][ T28] audit: type=1326 audit(1757693485.124:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.3.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.559173][ C1] vkms_vblank_simulate: vblank timer overrun [ 257.630432][ T28] audit: type=1326 audit(1757693485.124:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.3.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.667832][ T28] audit: type=1326 audit(1757693485.164:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.3.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 257.701989][ T28] audit: type=1326 audit(1757693485.164:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.3.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 258.708862][ T8991] lo speed is unknown, defaulting to 1000 [ 259.238072][ T8994] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1217'. [ 259.247192][ T8994] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1217'. [ 259.256852][ T8994] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1217'. [ 259.266026][ T8994] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1217'. [ 261.590322][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1224'. [ 262.665561][ T9017] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 262.697317][ T9016] lo speed is unknown, defaulting to 1000 [ 265.029405][ T9048] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1235'. [ 265.283755][ T9053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1233'. [ 265.293053][ T9053] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1233'. [ 265.305387][ T9053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1233'. [ 265.317217][ T9053] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1233'. [ 267.783007][ T9056] lo speed is unknown, defaulting to 1000 [ 268.663588][ T9085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1247'. [ 269.180631][ T9089] lo speed is unknown, defaulting to 1000 [ 269.220426][ T9091] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 269.339875][ T9095] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1248'. [ 269.358326][ T9095] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1248'. [ 269.369385][ T9095] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1248'. [ 269.379177][ T9095] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1248'. [ 272.613265][ T9113] lo speed is unknown, defaulting to 1000 [ 272.807374][ T9122] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1257'. [ 274.657480][ T9145] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1264'. [ 274.671456][ T9145] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1264'. [ 274.778402][ T9145] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1264'. [ 274.812895][ T9145] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1264'. [ 275.515509][ T9146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1268'. [ 277.293103][ T9162] lo speed is unknown, defaulting to 1000 [ 281.216364][ T9218] lo speed is unknown, defaulting to 1000 [ 282.660751][ T9244] usb usb8: usbfs: process 9244 (syz.2.1305) did not claim interface 0 before use [ 283.761425][ T9249] lo speed is unknown, defaulting to 1000 [ 284.844456][ T9275] team0: Port device dummy0 removed [ 284.908937][ T9275] bridge_slave_0: left allmulticast mode [ 284.938926][ T9275] bridge_slave_0: left promiscuous mode [ 284.955996][ T9275] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.982973][ T9275] bridge_slave_1: left allmulticast mode [ 284.988903][ T9275] bridge_slave_1: left promiscuous mode [ 284.994828][ T9275] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.042272][ T9275] bond0: (slave bond_slave_0): Releasing backup interface [ 285.089995][ T9275] bond0: (slave bond_slave_1): Releasing backup interface [ 285.166858][ T9275] team0: Port device team_slave_0 removed [ 285.211696][ T9275] team0: Port device team_slave_1 removed [ 285.244969][ T9275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.252596][ T9275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.268307][ T9275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.276432][ T9275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.452811][ T9275] syz.1.1310 (9275) used greatest stack depth: 19912 bytes left [ 285.901691][ T28] audit: type=1326 audit(1757693513.494:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 285.924157][ C0] vkms_vblank_simulate: vblank timer overrun [ 286.025592][ T28] audit: type=1326 audit(1757693513.494:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 286.074285][ T28] audit: type=1326 audit(1757693513.494:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 286.122317][ T28] audit: type=1326 audit(1757693513.494:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 287.685365][ T9339] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 287.752370][ T9338] lo speed is unknown, defaulting to 1000 [ 289.150766][ T28] audit: type=1326 audit(1757693516.744:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9390 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 289.326162][ T28] audit: type=1326 audit(1757693516.744:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9390 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 289.350964][ T28] audit: type=1326 audit(1757693516.774:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9390 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 289.374240][ T28] audit: type=1326 audit(1757693516.774:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9390 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 289.397151][ T28] audit: type=1326 audit(1757693516.774:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9390 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 291.099862][ T9426] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 291.681968][ T28] audit: type=1326 audit(1757693519.274:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 291.777536][ T28] audit: type=1326 audit(1757693519.274:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 291.836712][ T28] audit: type=1326 audit(1757693519.314:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 291.956641][ T28] audit: type=1326 audit(1757693519.314:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 292.965561][ T28] audit: type=1326 audit(1757693519.314:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 292.988004][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.149292][ T28] audit: type=1326 audit(1757693519.314:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 293.174487][ T28] audit: type=1326 audit(1757693519.314:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 293.198249][ T28] audit: type=1326 audit(1757693519.324:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 293.220530][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.227646][ T28] audit: type=1326 audit(1757693519.324:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9432 comm="syz.1.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 293.287878][ T9407] tipc: Resetting bearer [ 293.753145][ T9407] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.762399][ T9407] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.771569][ T9407] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.783580][ T9407] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.969877][ T9407] bond0: left allmulticast mode [ 293.975213][ T9407] bond0: left promiscuous mode [ 293.987447][ T9429] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1352'. [ 293.996561][ T9429] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1352'. [ 294.006004][ T9429] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1352'. [ 294.015541][ T9429] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1352'. [ 294.144066][ T9438] kthread_run failed with err -4 [ 294.466788][ T9425] lo speed is unknown, defaulting to 1000 [ 294.780006][ T28] audit: type=1326 audit(1757693522.354:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 295.413648][ T9485] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1365'. [ 295.422967][ T9485] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1365'. [ 295.434640][ T9485] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1365'. [ 295.445065][ T9485] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1365'. [ 297.294997][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 297.295013][ T28] audit: type=1326 audit(1757693524.894:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9489 comm="syz.2.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.408627][ T28] audit: type=1326 audit(1757693524.924:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9489 comm="syz.2.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.481966][ T28] audit: type=1326 audit(1757693524.924:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9489 comm="syz.2.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.529865][ T9495] 9pnet_fd: Insufficient options for proto=fd [ 297.568815][ T28] audit: type=1326 audit(1757693524.924:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9489 comm="syz.2.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.830366][ T28] audit: type=1326 audit(1757693525.394:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.882540][ T28] audit: type=1326 audit(1757693525.394:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.906966][ T28] audit: type=1326 audit(1757693525.394:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.929338][ C1] vkms_vblank_simulate: vblank timer overrun [ 297.935993][ T28] audit: type=1326 audit(1757693525.404:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 297.958353][ C1] vkms_vblank_simulate: vblank timer overrun [ 298.167325][ T28] audit: type=1326 audit(1757693525.414:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 298.620960][ T28] audit: type=1326 audit(1757693525.414:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9502 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 298.643387][ C1] vkms_vblank_simulate: vblank timer overrun [ 298.954874][ T9518] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1382'. [ 300.141483][ T9526] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 300.224463][ T9525] lo speed is unknown, defaulting to 1000 [ 300.293178][ T9527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1379'. [ 300.302477][ T9527] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1379'. [ 300.312160][ T9527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1379'. [ 300.321387][ T9527] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1379'. [ 300.779927][ T9533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1385'. [ 302.020366][ T9565] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 304.590711][ T9613] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1404'. [ 304.699626][ T9617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1406'. [ 305.669487][ T9626] lo speed is unknown, defaulting to 1000 [ 307.095912][ T9646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1415'. [ 307.618758][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 307.618776][ T28] audit: type=1326 audit(1757693535.194:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 307.647612][ C1] vkms_vblank_simulate: vblank timer overrun [ 307.676474][ T28] audit: type=1326 audit(1757693535.194:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 307.785133][ T28] audit: type=1326 audit(1757693535.194:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 307.899302][ T28] audit: type=1326 audit(1757693535.194:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 307.966566][ T9664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1424'. [ 307.985285][ T28] audit: type=1326 audit(1757693535.194:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 308.286443][ T28] audit: type=1326 audit(1757693535.194:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 308.650319][ T28] audit: type=1326 audit(1757693535.194:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 308.764487][ T28] audit: type=1326 audit(1757693535.194:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 308.851832][ T9671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1425'. [ 308.877141][ T28] audit: type=1326 audit(1757693535.204:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2d6a98ebe3 code=0x7ffc0000 [ 308.899586][ T28] audit: type=1326 audit(1757693535.204:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d6a98d65f code=0x7ffc0000 [ 310.308594][ T9688] lo speed is unknown, defaulting to 1000 [ 312.011821][ T9708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1437'. [ 312.320173][ T9712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1436'. [ 312.329395][ T9712] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1436'. [ 312.341882][ T9712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1436'. [ 312.351750][ T9712] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1436'. [ 313.145527][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1439'. [ 313.966567][ T9682] lo speed is unknown, defaulting to 1000 [ 315.738244][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1450'. [ 316.827080][ T9762] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 317.196652][ T9761] lo speed is unknown, defaulting to 1000 [ 317.580154][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.590648][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.359514][ T28] kauditd_printk_skb: 51 callbacks suppressed [ 320.359530][ T28] audit: type=1326 audit(1757693547.954:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 320.444357][ T28] audit: type=1326 audit(1757693547.984:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 320.521781][ T28] audit: type=1326 audit(1757693547.994:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 320.544363][ C1] vkms_vblank_simulate: vblank timer overrun [ 320.824389][ T28] audit: type=1326 audit(1757693547.994:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 321.691056][ T9833] lo speed is unknown, defaulting to 1000 [ 321.820447][ T9834] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 322.169655][ T28] audit: type=1326 audit(1757693547.994:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 322.225842][ T28] audit: type=1326 audit(1757693547.994:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 322.248965][ T28] audit: type=1326 audit(1757693547.994:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 322.282221][ T28] audit: type=1326 audit(1757693547.994:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 322.324384][ T28] audit: type=1326 audit(1757693547.994:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 322.366249][ T28] audit: type=1326 audit(1757693547.994:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9820 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 323.207829][ T9862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1494'. [ 327.306991][ T9892] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 327.680108][ T9890] lo speed is unknown, defaulting to 1000 [ 328.754947][ T27] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 329.075402][ T27] usb 3-1: Invalid ep0 maxpacket: 32 [ 329.316578][ T27] usb 3-1: new low-speed USB device number 3 using dummy_hcd [ 330.524307][ T27] usb 3-1: Invalid ep0 maxpacket: 32 [ 330.534464][ T27] usb usb3-port1: attempt power cycle [ 330.856137][ T9936] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1522'. [ 330.931224][ T9938] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 330.954590][ T27] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 330.998177][ T27] usb 3-1: Invalid ep0 maxpacket: 32 [ 332.132672][ T9947] lo speed is unknown, defaulting to 1000 [ 332.159640][ T27] usb 3-1: new low-speed USB device number 5 using dummy_hcd [ 332.526577][ T27] usb 3-1: device not accepting address 5, error -71 [ 332.550666][ T27] usb usb3-port1: unable to enumerate USB device [ 334.042442][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 334.042461][ T28] audit: type=1326 audit(1757693561.624:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 334.119928][ T28] audit: type=1326 audit(1757693561.674:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 334.148767][ T28] audit: type=1326 audit(1757693561.674:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 334.180445][ T28] audit: type=1326 audit(1757693561.674:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa2baf8d510 code=0x7ffc0000 [ 334.284475][ T28] audit: type=1326 audit(1757693561.674:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa2baf903d7 code=0x7ffc0000 [ 334.306874][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.364257][ T28] audit: type=1326 audit(1757693561.674:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 334.386572][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.444661][ T28] audit: type=1326 audit(1757693561.674:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa2baf903d7 code=0x7ffc0000 [ 334.512791][ T28] audit: type=1326 audit(1757693561.684:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa2baf8d80a code=0x7ffc0000 [ 334.574425][ T28] audit: type=1326 audit(1757693561.684:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 334.641330][ T28] audit: type=1326 audit(1757693561.684:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fa2baf8eba9 code=0x7ffc0000 [ 335.251515][T10001] lo speed is unknown, defaulting to 1000 [ 336.545344][T10023] syz.2.1554[10023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 336.545487][T10023] syz.2.1554[10023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 337.688671][T10037] unsupported nla_type 52263 [ 337.709417][T10033] syz.2.1558: attempt to access beyond end of device [ 337.709417][T10033] loop5: rw=0, sector=0, nr_sectors = 1 limit=0 [ 337.785502][T10033] FAT-fs (loop5): unable to read boot sector [ 338.678233][T10043] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1562'. [ 338.729523][T10043] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1562'. [ 339.411109][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 339.411129][ T28] audit: type=1107 audit(1757693567.004:1206): pid=10059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 339.469051][T10054] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1566'. [ 340.114896][T10071] lo speed is unknown, defaulting to 1000 [ 340.969237][T10082] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1573'. [ 340.978672][T10082] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1573'. [ 341.349287][ T28] audit: type=1326 audit(1757693568.944:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.410313][ T28] audit: type=1326 audit(1757693568.944:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.444394][ T28] audit: type=1326 audit(1757693568.944:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.473871][ T28] audit: type=1326 audit(1757693568.944:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.558567][ T28] audit: type=1326 audit(1757693568.944:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.653527][ T28] audit: type=1326 audit(1757693568.954:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.681205][ T28] audit: type=1326 audit(1757693568.954:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.709499][ T28] audit: type=1326 audit(1757693568.954:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 341.732869][ T28] audit: type=1326 audit(1757693568.954:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 342.055092][T10108] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1585'. [ 342.191262][T10108] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1585'. [ 342.836470][T10121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1586'. [ 342.845770][T10121] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1586'. [ 342.856581][T10121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1586'. [ 343.629249][T10128] IPv6: NLM_F_CREATE should be specified when creating new route [ 345.615415][T10140] lo speed is unknown, defaulting to 1000 [ 345.682634][T10141] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 345.768758][T10145] __nla_validate_parse: 1 callbacks suppressed [ 345.768776][T10145] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1597'. [ 345.814724][T10145] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1597'. [ 345.841318][T10147] autofs4:pid:10147:autofs_fill_super: called with bogus options [ 346.243462][T10165] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1605'. [ 346.356969][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 346.356984][ T28] audit: type=1326 audit(1757693573.954:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 346.385671][ C0] vkms_vblank_simulate: vblank timer overrun [ 346.555010][ T28] audit: type=1326 audit(1757693573.984:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 346.582291][ T28] audit: type=1326 audit(1757693573.994:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 346.618944][ T28] audit: type=1326 audit(1757693573.994:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 346.748867][ T28] audit: type=1326 audit(1757693573.994:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.482910][ T28] audit: type=1326 audit(1757693573.994:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.505849][ T28] audit: type=1326 audit(1757693573.994:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.553121][T10176] autofs4:pid:10176:autofs_fill_super: called with bogus options [ 347.559610][ T28] audit: type=1326 audit(1757693573.994:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.583542][ C0] vkms_vblank_simulate: vblank timer overrun [ 347.593984][T10178] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1610'. [ 347.620631][ T28] audit: type=1326 audit(1757693573.994:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.644458][ T28] audit: type=1326 audit(1757693573.994:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.1.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 347.666906][ C0] vkms_vblank_simulate: vblank timer overrun [ 349.474548][T10199] lo speed is unknown, defaulting to 1000 [ 350.279465][T10206] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1620'. [ 350.615194][T10212] autofs4:pid:10212:autofs_fill_super: called with bogus options [ 352.683924][T10237] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1629'. [ 352.697156][T10237] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1629'. [ 352.706978][T10237] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1629'. [ 352.717443][T10237] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1629'. [ 353.684476][T10248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1636'. [ 354.102600][T10250] veth0: entered promiscuous mode [ 354.657439][T10255] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 354.905199][T10250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1637'. [ 355.339955][T10254] lo speed is unknown, defaulting to 1000 [ 356.218221][T10270] netlink: 'syz.1.1641': attribute type 4 has an invalid length. [ 356.248502][T10272] syz.3.1642[10272] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.248738][T10272] syz.3.1642[10272] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.305110][T10272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1642'. [ 357.055576][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 357.055592][ T28] audit: type=1326 audit(1757693584.654:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 357.084582][ C0] vkms_vblank_simulate: vblank timer overrun [ 357.484012][ T28] audit: type=1326 audit(1757693584.744:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 357.752604][ T28] audit: type=1326 audit(1757693584.744:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 357.869213][ T28] audit: type=1326 audit(1757693584.744:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 357.957311][ T28] audit: type=1326 audit(1757693585.144:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10299 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f05acfc1465 code=0x7ffc0000 [ 357.985353][ T28] audit: type=1326 audit(1757693585.144:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 358.016020][ T28] audit: type=1326 audit(1757693585.264:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 358.039689][ T28] audit: type=1326 audit(1757693585.294:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 358.102857][ T28] audit: type=1326 audit(1757693585.294:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 358.361681][ T28] audit: type=1326 audit(1757693585.294:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 358.615755][T10310] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1655'. [ 358.627342][T10310] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1655'. [ 358.637080][T10310] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1655'. [ 358.646414][T10310] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1655'. [ 359.754441][T10351] lo speed is unknown, defaulting to 1000 [ 360.794112][T10379] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1674'. [ 360.803463][T10379] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1674'. [ 360.812921][T10379] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1674'. [ 360.822129][T10379] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1674'. [ 360.936523][T10393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1680'. [ 362.197203][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 362.197234][ T28] audit: type=1326 audit(1757693589.794:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.245532][ T28] audit: type=1326 audit(1757693589.794:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.305109][ T28] audit: type=1326 audit(1757693589.794:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.362068][ T28] audit: type=1326 audit(1757693589.794:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.405828][ T28] audit: type=1326 audit(1757693589.794:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.501914][ T28] audit: type=1326 audit(1757693589.794:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.605960][ T28] audit: type=1326 audit(1757693589.794:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.719027][ T28] audit: type=1326 audit(1757693589.794:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 362.750237][ T28] audit: type=1326 audit(1757693589.904:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 362.852589][ T28] audit: type=1326 audit(1757693589.904:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 363.073018][T10434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1697'. [ 363.134223][T10434] macvtap3: entered promiscuous mode [ 363.182431][T10434] macvtap3: entered allmulticast mode [ 363.219985][T10434] 8021q: adding VLAN 0 to HW filter on device macvtap3 [ 364.441837][T10460] netlink: 'syz.0.1704': attribute type 10 has an invalid length. [ 364.475666][T10460] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1704'. [ 364.539274][T10460] batman_adv: batadv0: Adding interface: virt_wifi0 [ 364.594264][T10460] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.619866][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.649776][T10460] batman_adv: batadv0: Interface activated: virt_wifi0 [ 364.675853][T10466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1708'. [ 364.745964][T10466] macvtap2: entered promiscuous mode [ 364.758330][T10466] macvtap2: entered allmulticast mode [ 364.765793][T10466] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 364.794291][T10467] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1707'. [ 365.966671][T10492] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 366.339370][T10507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1721'. [ 366.366423][T10507] macvtap4: entered promiscuous mode [ 366.372017][T10507] macvtap4: entered allmulticast mode [ 366.378545][T10507] 8021q: adding VLAN 0 to HW filter on device macvtap4 [ 367.617085][T10529] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1731'. [ 367.647774][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 367.647789][ T28] audit: type=1326 audit(1757693595.244:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10530 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 367.741848][ T28] audit: type=1326 audit(1757693595.284:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10530 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 367.820509][ T28] audit: type=1326 audit(1757693595.284:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10530 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 367.854265][ T28] audit: type=1326 audit(1757693595.284:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10530 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6a98eba9 code=0x7ffc0000 [ 367.889245][T10537] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1735'. [ 367.927796][T10537] macvtap2: entered promiscuous mode [ 367.943546][T10537] bond0: entered promiscuous mode [ 367.956149][T10537] macvtap2: entered allmulticast mode [ 367.961719][T10537] bond0: entered allmulticast mode [ 367.985025][T10537] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 368.998266][ T28] audit: type=1326 audit(1757693596.594:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.1.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 369.122383][ T28] audit: type=1326 audit(1757693596.614:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.1.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 369.177860][ T28] audit: type=1326 audit(1757693596.614:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.1.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 369.214962][ T28] audit: type=1326 audit(1757693596.614:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.1.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05acf8eba9 code=0x7ffc0000 [ 369.262733][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1749'. [ 369.280884][T10565] macvtap3: entered promiscuous mode [ 369.286691][T10565] bond0: entered promiscuous mode [ 369.292038][T10565] macvtap3: entered allmulticast mode [ 369.304270][T10565] bond0: entered allmulticast mode [ 369.311772][T10565] 8021q: adding VLAN 0 to HW filter on device macvtap3 [ 369.733518][T10588] warning: `syz.1.1758' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 369.790442][T10592] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1761'. [ 369.826729][T10592] macvtap5: entered promiscuous mode [ 369.832384][T10592] macvtap5: entered allmulticast mode [ 369.842437][T10592] 8021q: adding VLAN 0 to HW filter on device macvtap5 [ 369.853617][T10590] tipc: Started in network mode [ 369.860164][T10590] tipc: Node identity 960e18ba6004, cluster identity 4711 [ 369.871405][T10590] tipc: Enabled bearer , priority 0 [ 369.879879][T10599] syzkaller0: entered promiscuous mode [ 369.893386][T10599] syzkaller0: entered allmulticast mode [ 369.989186][T10590] tipc: Resetting bearer [ 370.004904][T10589] tipc: Resetting bearer [ 370.045044][T10589] tipc: Disabling bearer [ 370.076354][T10608] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1764'. [ 370.230788][T10615] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1767'. [ 370.523799][T10627] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1773'. [ 370.795744][ T28] audit: type=1326 audit(1757693598.394:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10637 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 370.845911][ T28] audit: type=1326 audit(1757693598.394:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10637 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc3db8eba9 code=0x7ffc0000 [ 371.054055][T10650] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1783'. [ 371.532045][T10675] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1795'. [ 371.562429][T10677] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1796'. [ 372.261161][T10702] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1805'. [ 372.353037][T10705] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1807'. [ 372.494105][T10713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1811'. [ 373.333416][T10744] netlink: 'syz.1.1824': attribute type 4 has an invalid length. [ 373.601060][T10756] tipc: Started in network mode [ 373.610791][T10756] tipc: Node identity 4a4792d60f71, cluster identity 4711 [ 373.620527][T10756] tipc: Enabled bearer , priority 0 [ 373.649337][T10756] syzkaller0: entered promiscuous mode [ 373.657092][T10756] syzkaller0: entered allmulticast mode [ 373.667680][T10756] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 373.743604][T10756] tipc: Resetting bearer [ 373.975403][T10755] tipc: Resetting bearer [ 374.405869][T10755] tipc: Disabling bearer [ 374.552467][T10765] veth0: entered promiscuous mode [ 374.626862][T10764] veth0: left promiscuous mode [ 374.828666][T10779] __nla_validate_parse: 4 callbacks suppressed [ 374.828685][T10779] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1841'. [ 375.172774][T10789] tipc: Enabled bearer , priority 0 [ 375.189552][T10789] syzkaller0: entered promiscuous mode [ 375.199532][T10789] syzkaller0: entered allmulticast mode [ 375.971741][T10789] tipc: Resetting bearer [ 376.042448][T10785] tipc: Resetting bearer [ 376.160611][T10785] tipc: Disabling bearer [ 376.202091][T10809] veth0: entered promiscuous mode [ 376.261810][T10800] veth0: left promiscuous mode [ 376.340493][T10814] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1851'. [ 377.824198][T10839] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1857'. [ 377.833360][T10839] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1857'. [ 377.842832][T10839] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1857'. [ 377.852138][T10839] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1857'. [ 378.045421][T10843] tipc: Enabled bearer , priority 0 [ 378.071839][T10845] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1862'. [ 378.083007][T10843] syzkaller0: entered promiscuous mode [ 378.103224][T10843] syzkaller0: entered allmulticast mode [ 378.153206][T10846] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 378.281725][T10843] tipc: Resetting bearer [ 378.371384][T10842] tipc: Resetting bearer [ 378.596333][T10850] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1864'. [ 378.627682][T10842] tipc: Disabling bearer [ 379.018483][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.034314][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.221322][T10872] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1874'. [ 379.572380][T10869] nbd1: detected capacity change from 0 to 63 [ 379.832816][T10875] block nbd1: NBD_DISCONNECT [ 379.880844][T10875] block nbd1: Disconnected due to user request. [ 379.912544][ T96] blk_print_req_error: 9 callbacks suppressed [ 379.912565][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 379.930521][ T96] buffer_io_error: 9 callbacks suppressed [ 379.930537][ T96] Buffer I/O error on dev nbd1, logical block 0, async page read [ 379.944696][ T96] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2 [ 379.953833][ T96] Buffer I/O error on dev nbd1, logical block 1, async page read [ 379.963557][ T96] Buffer I/O error on dev nbd1, logical block 2, async page read [ 379.971526][ T96] Buffer I/O error on dev nbd1, logical block 3, async page read [ 379.981373][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 379.990795][ T96] Buffer I/O error on dev nbd1, logical block 0, async page read [ 379.998735][ T96] Buffer I/O error on dev nbd1, logical block 1, async page read [ 380.006714][ T96] Buffer I/O error on dev nbd1, logical block 2, async page read [ 380.014706][ T96] Buffer I/O error on dev nbd1, logical block 3, async page read [ 380.022917][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.033597][ T96] Buffer I/O error on dev nbd1, logical block 0, async page read [ 380.044350][ T96] Buffer I/O error on dev nbd1, logical block 1, async page read [ 380.054355][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.063910][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.064720][T10875] block nbd1: shutting down sockets [ 380.074533][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.087852][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.097375][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 380.106597][T10820] ldm_validate_partition_table(): Disk read failed. [ 380.113490][ T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 380.166501][T10820] Dev nbd1: unable to read RDB block 0 [ 380.174228][T10820] nbd1: unable to read partition table [ 380.198317][T10820] ldm_validate_partition_table(): Disk read failed. [ 380.222929][T10820] Dev nbd1: unable to read RDB block 0 [ 380.252714][T10820] nbd1: unable to read partition table [ 380.450181][T10890] tipc: Enabled bearer , priority 0 [ 380.474056][T10890] syzkaller0: entered promiscuous mode [ 380.499707][T10890] syzkaller0: entered allmulticast mode [ 380.541840][T10890] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 380.592473][T10896] tipc: Enabled bearer , priority 0 [ 380.602976][T10896] syzkaller0: entered promiscuous mode [ 380.608968][T10896] syzkaller0: entered allmulticast mode [ 380.648733][T10890] tipc: Resetting bearer [ 380.670981][T10889] tipc: Resetting bearer [ 380.715235][T10889] tipc: Disabling bearer [ 380.784940][T10900] tipc: Resetting bearer [ 380.811440][T10895] tipc: Resetting bearer [ 380.892985][T10895] tipc: Disabling bearer [ 381.134265][T10905] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1884'. [ 381.143352][T10905] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1884'. [ 381.153447][T10905] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1884'. [ 381.162669][T10905] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1884'. [ 382.737395][T10935] tipc: Enabled bearer , priority 0 [ 382.771324][T10935] syzkaller0: entered promiscuous mode [ 382.788058][T10935] syzkaller0: entered allmulticast mode [ 383.125332][T10935] tipc: Resetting bearer [ 383.361583][T10932] tipc: Resetting bearer [ 383.567535][T10932] tipc: Disabling bearer [ 384.117036][T10972] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1914'. [ 384.355689][T10977] nbd2: detected capacity change from 0 to 63 [ 384.376407][ T5802] block nbd2: Receive control failed (result -32) [ 384.426978][ T54] block nbd2: Dead connection, failed to find a fallback [ 384.435457][ T54] block nbd2: shutting down sockets [ 384.454873][T10984] ldm_validate_partition_table(): Disk read failed. [ 384.491066][T10984] Dev nbd2: unable to read RDB block 0 [ 384.516314][T10984] nbd2: unable to read partition table [ 384.548954][T10984] ldm_validate_partition_table(): Disk read failed. [ 384.566248][T10984] Dev nbd2: unable to read RDB block 0 [ 384.578303][T10984] nbd2: unable to read partition table [ 384.646637][T10992] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1925'. [ 384.942975][T11005] tipc: Enabled bearer , priority 13 [ 385.160179][T11015] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1937'. [ 385.331802][T11021] tipc: Enabled bearer , priority 0 [ 385.353749][T11024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1940'. [ 385.368701][T11021] syzkaller0: entered promiscuous mode [ 385.377673][T11021] syzkaller0: entered allmulticast mode [ 385.428060][T11021] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 385.469102][T11021] tipc: Resetting bearer [ 385.515260][T11020] tipc: Resetting bearer [ 385.615408][T11020] tipc: Disabling bearer [ 385.665417][T11035] sock: sock_set_timeout: `syz.2.1943' (pid 11035) tries to set negative timeout [ 385.853568][T11043] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1947'. [ 386.135646][T11058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1954'. [ 386.323860][T11065] tipc: Enabled bearer , priority 0 [ 386.334296][ T9444] tipc: Node number set to 1161204438 [ 386.343239][T11065] syzkaller0: entered promiscuous mode [ 386.362546][T11065] syzkaller0: entered allmulticast mode [ 386.414544][T11065] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 386.469144][T11069] tipc: Resetting bearer [ 386.482834][T11073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1959'. [ 386.502601][T11062] tipc: Resetting bearer [ 386.508871][T11075] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1960'. [ 386.570333][T11062] tipc: Disabling bearer [ 386.609702][T11077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1961'. [ 386.723577][T11083] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1964'. [ 386.806048][T11085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1965'. [ 386.928605][T11093] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1969'. [ 386.944006][T11094] bridge_slave_0: default FDB implementation only supports local addresses [ 387.089295][T11099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1971'. [ 387.352629][T11109] tipc: Enabled bearer , priority 0 [ 387.370305][T11109] syzkaller0: entered promiscuous mode [ 387.385828][T11109] syzkaller0: entered allmulticast mode [ 387.412967][T11109] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 387.472175][T11109] tipc: Resetting bearer [ 387.497354][T11107] tipc: Resetting bearer [ 387.547488][T11107] tipc: Disabling bearer [ 387.572885][T11118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1977'. [ 387.593702][T11120] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1978'. [ 387.753690][T11125] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1981'. [ 387.794407][T11125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 387.833111][T11125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 387.875525][T11125] batadv_slave_0: entered promiscuous mode [ 387.911461][T11125] batadv_slave_1: entered promiscuous mode [ 389.176065][T11160] tipc: Enabled bearer , priority 0 [ 389.199864][T11160] syzkaller0: entered promiscuous mode [ 389.205851][T11160] syzkaller0: entered allmulticast mode [ 389.214089][T11157] tipc: Enabled bearer , priority 0 [ 389.222615][T11157] syzkaller0: entered promiscuous mode [ 389.231692][T11157] syzkaller0: entered allmulticast mode [ 389.261219][T11160] tipc: Resetting bearer [ 389.288200][T11157] tipc: Resetting bearer [ 389.311837][T11159] tipc: Resetting bearer [ 389.366740][T11159] tipc: Disabling bearer [ 389.399593][T11156] tipc: Resetting bearer [ 389.464236][T11156] tipc: Disabling bearer [ 390.278087][T11194] tipc: Enabling of bearer rejected, failed to enable media [ 390.344769][T11196] tipc: Enabled bearer , priority 0 [ 390.355260][T11196] syzkaller0: entered promiscuous mode [ 390.360791][T11196] syzkaller0: entered allmulticast mode [ 390.403715][T11196] tipc: Resetting bearer [ 390.436014][T11195] tipc: Resetting bearer [ 390.486240][T11195] tipc: Disabling bearer [ 390.512423][T11161] lo speed is unknown, defaulting to 1000 [ 391.191683][T11229] tipc: Enabled bearer , priority 0 [ 391.207994][T11229] syzkaller0: entered promiscuous mode [ 391.213566][T11229] syzkaller0: entered allmulticast mode [ 391.237185][T11232] dvmrp0: entered allmulticast mode [ 391.255184][T11229] tipc: Resetting bearer [ 391.287971][T11227] tipc: Resetting bearer [ 391.292450][T11234] nbd: nbd2 already in use [ 391.345562][T11227] tipc: Disabling bearer [ 391.477530][T11242] block nbd0: not configured, cannot reconfigure [ 391.652172][T11249] delete_channel: no stack [ 391.795825][T11249] __nla_validate_parse: 10 callbacks suppressed [ 391.795843][T11249] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2028'. [ 391.877531][T11255] nbd: nbd2 already in use [ 392.771345][T11292] tipc: Enabled bearer , priority 0 [ 392.786003][T11292] syzkaller0: entered promiscuous mode [ 392.793397][T11292] syzkaller0: entered allmulticast mode [ 392.827374][T11292] tipc: Resetting bearer [ 392.843624][T11290] tipc: Resetting bearer [ 392.877143][T11290] tipc: Disabling bearer [ 393.087858][T11305] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2053'. [ 393.176022][T11310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2056'. [ 393.709735][T11329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2064'. [ 393.732506][T11329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2064'. [ 393.922194][T11339] netlink: 'syz.3.2067': attribute type 11 has an invalid length. [ 393.955206][T11339] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2067'. [ 394.475540][T11366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2078'. [ 394.504238][T11366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2078'. [ 394.788981][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2084'. [ 394.824561][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2084'. [ 395.976583][T11407] lo speed is unknown, defaulting to 1000 [ 396.035309][T11426] tipc: Enabled bearer , priority 0 [ 396.052425][T11426] syzkaller0: entered promiscuous mode [ 396.059158][T11426] syzkaller0: entered allmulticast mode [ 396.119876][T11426] tipc: Resetting bearer [ 396.159803][T11425] tipc: Resetting bearer [ 396.221778][T11425] tipc: Disabling bearer [ 396.579843][ T6211] IPVS: starting estimator thread 0... [ 396.695343][T11445] IPVS: using max 17 ests per chain, 40800 per kthread [ 396.893817][T11456] tipc: Enabled bearer , priority 0 [ 396.917661][T11456] syzkaller0: entered promiscuous mode [ 396.929223][T11456] syzkaller0: entered allmulticast mode [ 396.957351][T11460] __nla_validate_parse: 9 callbacks suppressed [ 396.957377][T11460] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2119'. [ 396.978731][T11460] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2119'. [ 397.002375][T11456] tipc: Resetting bearer [ 397.042841][T11455] tipc: Resetting bearer [ 397.094664][T11455] tipc: Disabling bearer [ 397.339275][T11474] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2121'. [ 397.344554][T11476] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2123'. [ 397.436330][T11479] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2124'. [ 397.668304][T11490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2129'. [ 397.704446][T11490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2129'. [ 397.906280][T11501] tipc: Enabled bearer , priority 0 [ 397.921161][T11501] syzkaller0: entered promiscuous mode [ 397.927432][T11501] syzkaller0: entered allmulticast mode [ 397.945510][T11501] tipc: Resetting bearer [ 397.966764][T11499] tipc: Resetting bearer [ 398.000539][T11504] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2134'. [ 398.015208][T11499] tipc: Disabling bearer [ 398.082319][T11506] tipc: Enabling of bearer rejected, already enabled [ 398.115805][T11508] tipc: Enabling of bearer rejected, failed to enable media [ 398.342631][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2139'. [ 398.351988][T11519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2139'. [ 398.553118][T11530] netlink: zone id is out of range [ 398.693695][T11536] tipc: Enabled bearer , priority 0 [ 398.703205][T11536] syzkaller0: entered promiscuous mode [ 398.710251][T11536] syzkaller0: entered allmulticast mode [ 398.731232][T11536] tipc: Resetting bearer [ 398.755107][T11534] tipc: Resetting bearer [ 398.788937][T11534] tipc: Disabling bearer [ 398.988270][T11547] tipc: Enabled bearer , priority 13 [ 399.982985][T11554] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 400.040501][T11553] lo speed is unknown, defaulting to 1000 [ 400.109090][ T6211] tipc: Node number set to 4127856826 [ 400.529207][T11574] tipc: Enabled bearer , priority 0 [ 400.530117][T11574] syzkaller0: entered promiscuous mode [ 400.530136][T11574] syzkaller0: entered allmulticast mode [ 400.552955][T11574] tipc: Resetting bearer [ 400.581746][T11573] tipc: Resetting bearer [ 400.616038][T11573] tipc: Disabling bearer [ 401.264640][T11597] tipc: Enabling of bearer rejected, failed to enable media [ 402.095744][ C0] vcan0: j1939_tp_rxtimer: 0xffff88801ebd1400: rx timeout, send abort [ 402.106711][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801ebd1400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 402.121700][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802e5ba000: rx timeout, send abort [ 402.130436][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802e5ba000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 402.685310][T11653] __nla_validate_parse: 9 callbacks suppressed [ 402.685328][T11653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2188'. [ 402.771773][T11655] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2189'. [ 403.082344][T11634] lo speed is unknown, defaulting to 1000 [ 403.351043][T11675] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2195'. [ 403.555390][T11681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2198'. [ 403.694621][T11683] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2199'. [ 404.087715][T11695] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2204'. [ 404.263027][T11701] ================================================================== [ 404.271492][T11701] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6b2/0x8d0 [ 404.279623][T11701] Read of size 2 at addr ffff888024ea8d22 by task syz.1.2207/11701 [ 404.287694][T11701] [ 404.290068][T11701] CPU: 1 PID: 11701 Comm: syz.1.2207 Not tainted syzkaller #0 [ 404.297580][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 404.307686][T11701] Call Trace: [ 404.311000][T11701] [ 404.313960][T11701] dump_stack_lvl+0x16c/0x230 [ 404.318689][T11701] ? __lock_acquire+0x7c80/0x7c80 [ 404.323882][T11701] ? show_regs_print_info+0x20/0x20 [ 404.329135][T11701] ? load_image+0x3b0/0x3b0 [ 404.333677][T11701] ? __virt_addr_valid+0x469/0x540 [ 404.338830][T11701] print_report+0xac/0x220 [ 404.343368][T11701] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 404.348785][T11701] kasan_report+0x117/0x150 [ 404.353553][T11701] ? trace_contention_end+0x39/0xe0 [ 404.358811][T11701] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 404.364151][T11701] __xfrm_state_lookup+0x6b2/0x8d0 [ 404.369322][T11701] ? xfrm_state_lookup+0x1a0/0x1a0 [ 404.374461][T11701] ? xfrm_calg_get_byname+0x193/0x280 [ 404.379864][T11701] xfrm_state_lookup+0xef/0x1a0 [ 404.384749][T11701] ? xfrm_state_lookup+0x36/0x1a0 [ 404.389815][T11701] ipcomp4_init_state+0x1fc/0x9f0 [ 404.394870][T11701] __xfrm_init_state+0xd8b/0x11c0 [ 404.399920][T11701] ? __xfrm_init_state+0x7fc/0x11c0 [ 404.405170][T11701] xfrm_add_sa+0x236d/0x30a0 [ 404.409889][T11701] ? xfrm_user_rcv_msg+0x870/0x870 [ 404.415025][T11701] ? __nla_parse+0x40/0x50 [ 404.419474][T11701] xfrm_user_rcv_msg+0x596/0x870 [ 404.424430][T11701] ? lockdep_hardirqs_on+0x98/0x150 [ 404.429656][T11701] ? xfrm_netlink_rcv+0x90/0x90 [ 404.434523][T11701] ? __local_bh_enable_ip+0x12e/0x1c0 [ 404.439920][T11701] ? __dev_queue_xmit+0x245/0x35a0 [ 404.445050][T11701] ? __mutex_trylock_common+0x153/0x250 [ 404.450624][T11701] netlink_rcv_skb+0x216/0x480 [ 404.455407][T11701] ? xfrm_netlink_rcv+0x90/0x90 [ 404.460268][T11701] ? netlink_ack+0x1110/0x1110 [ 404.465050][T11701] ? netlink_deliver_tap+0x2e/0x1b0 [ 404.470260][T11701] ? __lock_acquire+0x7c80/0x7c80 [ 404.475301][T11701] xfrm_netlink_rcv+0x79/0x90 [ 404.479990][T11701] netlink_unicast+0x751/0x8d0 [ 404.484784][T11701] netlink_sendmsg+0x8c1/0xbe0 [ 404.489572][T11701] ? netlink_getsockopt+0x580/0x580 [ 404.494792][T11701] ? aa_sock_msg_perm+0x94/0x150 [ 404.499849][T11701] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 404.505158][T11701] ? security_socket_sendmsg+0x80/0xa0 [ 404.510641][T11701] ? netlink_getsockopt+0x580/0x580 [ 404.515867][T11701] ____sys_sendmsg+0x5bf/0x950 [ 404.520669][T11701] ? __asan_memset+0x22/0x40 [ 404.525290][T11701] ? __sys_sendmsg_sock+0x30/0x30 [ 404.530437][T11701] ? __import_iovec+0x5f2/0x860 [ 404.535331][T11701] ? import_iovec+0x73/0xa0 [ 404.539862][T11701] ___sys_sendmsg+0x220/0x290 [ 404.544575][T11701] ? __sys_sendmsg+0x270/0x270 [ 404.549555][T11701] __se_sys_sendmsg+0x1a5/0x270 [ 404.554447][T11701] ? __x64_sys_sendmsg+0x80/0x80 [ 404.559448][T11701] ? lockdep_hardirqs_on+0x98/0x150 [ 404.564677][T11701] do_syscall_64+0x55/0xb0 [ 404.569132][T11701] ? clear_bhb_loop+0x40/0x90 [ 404.573825][T11701] ? clear_bhb_loop+0x40/0x90 [ 404.578522][T11701] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 404.584453][T11701] RIP: 0033:0x7f05acf8eba9 [ 404.588894][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 404.608521][T11701] RSP: 002b:00007f05add93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 404.616958][T11701] RAX: ffffffffffffffda RBX: 00007f05ad1d5fa0 RCX: 00007f05acf8eba9 [ 404.624943][T11701] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 404.632932][T11701] RBP: 00007f05ad011e19 R08: 0000000000000000 R09: 0000000000000000 [ 404.640919][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.648901][T11701] R13: 00007f05ad1d6038 R14: 00007f05ad1d5fa0 R15: 00007ffcb9d9f8a8 [ 404.656900][T11701] [ 404.659944][T11701] [ 404.662286][T11701] Allocated by task 10754: [ 404.666723][T11701] kasan_set_track+0x4e/0x70 [ 404.671331][T11701] __kasan_slab_alloc+0x6c/0x80 [ 404.676210][T11701] slab_post_alloc_hook+0x6e/0x4d0 [ 404.681360][T11701] kmem_cache_alloc+0x11e/0x2e0 [ 404.686253][T11701] xfrm_state_alloc+0x22/0x2a0 [ 404.691038][T11701] __find_acq_core+0x7d8/0x19d0 [ 404.695909][T11701] xfrm_find_acq+0x6a/0x90 [ 404.700344][T11701] xfrm_alloc_userspi+0x57a/0xa90 [ 404.705385][T11701] xfrm_user_rcv_msg+0x596/0x870 [ 404.710337][T11701] netlink_rcv_skb+0x216/0x480 [ 404.715124][T11701] xfrm_netlink_rcv+0x79/0x90 [ 404.719808][T11701] netlink_unicast+0x751/0x8d0 [ 404.724582][T11701] netlink_sendmsg+0x8c1/0xbe0 [ 404.729359][T11701] ____sys_sendmsg+0x5bf/0x950 [ 404.734147][T11701] ___sys_sendmsg+0x220/0x290 [ 404.738845][T11701] __se_sys_sendmsg+0x1a5/0x270 [ 404.743713][T11701] do_syscall_64+0x55/0xb0 [ 404.748144][T11701] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 404.754060][T11701] [ 404.756391][T11701] Freed by task 6211: [ 404.760375][T11701] kasan_set_track+0x4e/0x70 [ 404.764984][T11701] kasan_save_free_info+0x2e/0x50 [ 404.770027][T11701] ____kasan_slab_free+0x126/0x1e0 [ 404.775172][T11701] slab_free_freelist_hook+0x130/0x1b0 [ 404.780652][T11701] kmem_cache_free+0xf8/0x280 [ 404.785348][T11701] xfrm_state_gc_task+0x10a/0x160 [ 404.790389][T11701] process_scheduled_works+0xa45/0x15b0 [ 404.795950][T11701] worker_thread+0xa55/0xfc0 [ 404.800554][T11701] kthread+0x2fa/0x390 [ 404.804632][T11701] ret_from_fork+0x48/0x80 [ 404.809067][T11701] ret_from_fork_asm+0x11/0x20 [ 404.813849][T11701] [ 404.816226][T11701] The buggy address belongs to the object at ffff888024ea8c00 [ 404.816226][T11701] which belongs to the cache xfrm_state of size 848 [ 404.830204][T11701] The buggy address is located 290 bytes inside of [ 404.830204][T11701] freed 848-byte region [ffff888024ea8c00, ffff888024ea8f50) [ 404.844015][T11701] [ 404.846351][T11701] The buggy address belongs to the physical page: [ 404.852779][T11701] page:ffffea000093aa00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888024ea9000 pfn:0x24ea8 [ 404.864253][T11701] head:ffffea000093aa00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 404.873368][T11701] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 404.881358][T11701] page_type: 0xffffffff() [ 404.885712][T11701] raw: 00fff00000000840 ffff88801ca92140 dead000000000122 0000000000000000 [ 404.894316][T11701] raw: ffff888024ea9000 000000008010000e 00000001ffffffff 0000000000000000 [ 404.902911][T11701] page dumped because: kasan: bad access detected [ 404.909346][T11701] page_owner tracks the page as allocated [ 404.915074][T11701] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 10037, tgid 10036 (syz.3.1560), ts 337688471066, free_ts 337686794869 [ 404.935929][T11701] post_alloc_hook+0x1cd/0x210 [ 404.940895][T11701] get_page_from_freelist+0x195c/0x19f0 [ 404.946482][T11701] __alloc_pages+0x1e3/0x460 [ 404.951287][T11701] alloc_slab_page+0x5d/0x170 [ 404.955988][T11701] new_slab+0x87/0x2e0 [ 404.960072][T11701] ___slab_alloc+0xc6d/0x1300 [ 404.964768][T11701] kmem_cache_alloc+0x1b7/0x2e0 [ 404.969658][T11701] xfrm_state_alloc+0x22/0x2a0 [ 404.974439][T11701] __find_acq_core+0x7d8/0x19d0 [ 404.979330][T11701] xfrm_find_acq+0x6a/0x90 [ 404.983783][T11701] xfrm_alloc_userspi+0x57a/0xa90 [ 404.988907][T11701] xfrm_user_rcv_msg+0x596/0x870 [ 404.993852][T11701] netlink_rcv_skb+0x216/0x480 [ 404.998629][T11701] xfrm_netlink_rcv+0x79/0x90 [ 405.003334][T11701] netlink_unicast+0x751/0x8d0 [ 405.008114][T11701] netlink_sendmsg+0x8c1/0xbe0 [ 405.012984][T11701] page last free stack trace: [ 405.017669][T11701] free_unref_page_prepare+0x7ce/0x8e0 [ 405.023148][T11701] free_unref_page+0x32/0x2e0 [ 405.027859][T11701] free_large_kmalloc+0x101/0x1a0 [ 405.032975][T11701] bpf_check+0x62c6/0xe970 [ 405.037451][T11701] bpf_prog_load+0x11cb/0x16d0 [ 405.042262][T11701] __sys_bpf+0x55a/0x800 [ 405.046521][T11701] __x64_sys_bpf+0x7c/0x90 [ 405.050958][T11701] do_syscall_64+0x55/0xb0 [ 405.055399][T11701] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 405.061353][T11701] [ 405.063694][T11701] Memory state around the buggy address: [ 405.069330][T11701] ffff888024ea8c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 405.077421][T11701] ffff888024ea8c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 405.085598][T11701] >ffff888024ea8d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 405.093668][T11701] ^ [ 405.098789][T11701] ffff888024ea8d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 405.106860][T11701] ffff888024ea8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 405.114947][T11701] ================================================================== [ 405.123154][ C1] vkms_vblank_simulate: vblank timer overrun [ 405.148395][T11704] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2209'. [ 405.180371][T11701] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 405.187685][T11701] CPU: 0 PID: 11701 Comm: syz.1.2207 Not tainted syzkaller #0 [ 405.195187][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 405.205295][T11701] Call Trace: [ 405.207870][T11707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2208'. [ 405.217578][T11701] [ 405.220613][T11701] dump_stack_lvl+0x16c/0x230 [ 405.225321][T11701] ? show_regs_print_info+0x20/0x20 [ 405.230549][T11701] ? load_image+0x3b0/0x3b0 [ 405.235071][T11701] panic+0x2c0/0x710 [ 405.238996][T11701] ? bpf_jit_dump+0xd0/0xd0 [ 405.243525][T11701] ? _raw_spin_unlock_irqrestore+0xfa/0x110 [ 405.249430][T11701] ? _raw_spin_unlock+0x40/0x40 [ 405.254376][T11701] ? print_memory_metadata+0x314/0x400 [ 405.259850][T11701] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 405.265158][T11701] check_panic_on_warn+0x84/0xa0 [ 405.270109][T11701] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 405.275426][T11701] end_report+0x6f/0x140 [ 405.279685][T11701] kasan_report+0x128/0x150 [ 405.284205][T11701] ? trace_contention_end+0x39/0xe0 [ 405.289610][T11701] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 405.294916][T11701] __xfrm_state_lookup+0x6b2/0x8d0 [ 405.300051][T11701] ? xfrm_state_lookup+0x1a0/0x1a0 [ 405.305219][T11701] ? xfrm_calg_get_byname+0x193/0x280 [ 405.310614][T11701] xfrm_state_lookup+0xef/0x1a0 [ 405.315483][T11701] ? xfrm_state_lookup+0x36/0x1a0 [ 405.320527][T11701] ipcomp4_init_state+0x1fc/0x9f0 [ 405.325573][T11701] __xfrm_init_state+0xd8b/0x11c0 [ 405.330616][T11701] ? __xfrm_init_state+0x7fc/0x11c0 [ 405.335831][T11701] xfrm_add_sa+0x236d/0x30a0 [ 405.340439][T11701] ? xfrm_user_rcv_msg+0x870/0x870 [ 405.345566][T11701] ? __nla_parse+0x40/0x50 [ 405.350005][T11701] xfrm_user_rcv_msg+0x596/0x870 [ 405.354956][T11701] ? lockdep_hardirqs_on+0x98/0x150 [ 405.360176][T11701] ? xfrm_netlink_rcv+0x90/0x90 [ 405.365059][T11701] ? __local_bh_enable_ip+0x12e/0x1c0 [ 405.370454][T11701] ? __dev_queue_xmit+0x245/0x35a0 [ 405.375583][T11701] ? __mutex_trylock_common+0x153/0x250 [ 405.381167][T11701] netlink_rcv_skb+0x216/0x480 [ 405.385955][T11701] ? xfrm_netlink_rcv+0x90/0x90 [ 405.390819][T11701] ? netlink_ack+0x1110/0x1110 [ 405.395955][T11701] ? netlink_deliver_tap+0x2e/0x1b0 [ 405.401180][T11701] ? __lock_acquire+0x7c80/0x7c80 [ 405.406225][T11701] xfrm_netlink_rcv+0x79/0x90 [ 405.410914][T11701] netlink_unicast+0x751/0x8d0 [ 405.415702][T11701] netlink_sendmsg+0x8c1/0xbe0 [ 405.420485][T11701] ? netlink_getsockopt+0x580/0x580 [ 405.425710][T11701] ? aa_sock_msg_perm+0x94/0x150 [ 405.430665][T11701] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 405.435965][T11701] ? security_socket_sendmsg+0x80/0xa0 [ 405.441433][T11701] ? netlink_getsockopt+0x580/0x580 [ 405.446669][T11701] ____sys_sendmsg+0x5bf/0x950 [ 405.451454][T11701] ? __asan_memset+0x22/0x40 [ 405.456174][T11701] ? __sys_sendmsg_sock+0x30/0x30 [ 405.461216][T11701] ? __import_iovec+0x5f2/0x860 [ 405.466090][T11701] ? import_iovec+0x73/0xa0 [ 405.470623][T11701] ___sys_sendmsg+0x220/0x290 [ 405.475346][T11701] ? __sys_sendmsg+0x270/0x270 [ 405.480154][T11701] __se_sys_sendmsg+0x1a5/0x270 [ 405.485024][T11701] ? __x64_sys_sendmsg+0x80/0x80 [ 405.489988][T11701] ? lockdep_hardirqs_on+0x98/0x150 [ 405.495217][T11701] do_syscall_64+0x55/0xb0 [ 405.499680][T11701] ? clear_bhb_loop+0x40/0x90 [ 405.504367][T11701] ? clear_bhb_loop+0x40/0x90 [ 405.509057][T11701] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 405.514972][T11701] RIP: 0033:0x7f05acf8eba9 [ 405.519417][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.539044][T11701] RSP: 002b:00007f05add93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 405.547480][T11701] RAX: ffffffffffffffda RBX: 00007f05ad1d5fa0 RCX: 00007f05acf8eba9 [ 405.555550][T11701] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 405.563533][T11701] RBP: 00007f05ad011e19 R08: 0000000000000000 R09: 0000000000000000 [ 405.571514][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 405.579500][T11701] R13: 00007f05ad1d6038 R14: 00007f05ad1d5fa0 R15: 00007ffcb9d9f8a8 [ 405.587504][T11701] [ 405.590843][T11701] Kernel Offset: disabled [ 405.595178][T11701] Rebooting in 86400 seconds..