last executing test programs:

2.10067585s ago: executing program 2 (id=1339):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1800000024000103000000000000000001"], 0x18}}, 0x4044004)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x4008101}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001a00)}, 0x80000000}], 0x4, 0x0, 0x0)

2.027306844s ago: executing program 2 (id=1343):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000010000002800018014000400ff1f0000000000000000ffffac1414aa060001000a0080"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

1.920922152s ago: executing program 0 (id=1348):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="68000000180001002dbd7000fcdbdf2502201428ff00ff05000c000008000600b100000008001e000300000008000500e0"], 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.920677335s ago: executing program 0 (id=1350):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.920581665s ago: executing program 0 (id=1351):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000e40)=@filter={'filter\x00', 0x42, 0x4, 0x418, 0xffffffff, 0x98, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x380, 0x380, 0x380, 0xffffffff, 0x5, 0x0, {[{{@uncond, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@uncond, 0x287, 0x158, 0x180, 0x0, {}, [@common=@unspec=@string={{0x20}, {0x2, 0x4, 'bm\x00', "17fe85b2e7794dbf95fa4bbcb6a91c1f280c1999b9e9c91aec32acf40242838b14641ee58ffb2807b1455049d59591426d860cbcf1d58ab1ffbb5187b72db33268933cac58623e417fbdbd0b8753f88cb456e7cd9ef85fd6861f486fb7bab7930c4e57def2f1e72aede0b46c35ed67a0549781a3d3fe2b88393de1719bea5584", 0x7e, 0x2, {0xf}}}, @common=@unspec=@connlabel={{0x28}, {0x7fff}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x138, 0x168, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xff000000, 0xffffff, 0xffffff00], @ipv4=@rand_addr=0x64010101, [0x0, 0xffffff00, 0xffffffff, 0xffffffff], @ipv6=@local, [0xff, 0x0, 0xffffffff, 0xff000000], @ipv6=@remote, [0xff000000, 0xffffff00, 0xffffff00], 0x2, 0x10001, 0x3c, 0x4e20, 0x4e24, 0x4e21, 0x4e24, 0x300, 0x2001}, 0x80, 0x1000, 0x4e29, 0x4e22, 0x4e23, 0x4e24}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x1, 0x4, 0x6}, {}, 0x360, 0xa}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

1.850824593s ago: executing program 0 (id=1352):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB='-', @ANYRESOCT=r1], 0x9)

1.850687736s ago: executing program 0 (id=1353):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r0, 0x0, 0x0)

1.590595828s ago: executing program 0 (id=1358):
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40088a01, &(0x7f0000000000)=0x100)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
close(0x3)

1.147737323s ago: executing program 2 (id=1366):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0, @exit, @alu={0x4, 0x0, 0x0, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)

1.068395151s ago: executing program 2 (id=1367):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
close(r1)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x0, 0x3}}]}}}]}, 0x78}}, 0x0)
sendmsg$DCCPDIAG_GETSOCK(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000580)={0x50, 0x13, 0x8, 0x70bd2a, 0x25dfdbff, {0x26, 0x6, 0x0, 0x8e, {0x4e20, 0x4e24, [0x3, 0x7, 0xc0000000, 0xea48], [0xffffcf9c, 0x3, 0x7fffffff, 0x100], r5, [0x5, 0x6]}, 0x1, 0x1}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000040}, 0x800)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000020605000000000000000000000000050500010007000000090000050004000000000013000300686173683a6e65742c69666163650000"], 0x44}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r7, &(0x7f0000000380)={{0x3, @null, 0x1}, [@null={0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x2}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x3c)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000007b243ce4b3daa7804f"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = socket$alg(0x26, 0x5, 0x0)
accept4(r9, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r8}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
recvmsg(r10, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r11, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

470.732966ms ago: executing program 1 (id=1371):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, 0x0, 0x0, &(0x7f0000007880)=[@ip_retopts={{0x10}}], 0x10}, 0x0)

399.157609ms ago: executing program 1 (id=1372):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f00000005c0)={0xa, 0x4e23, 0xa, @loopback, 0x7ffffffe}, 0x1c)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x480, 0x0, 0x0)

340.669136ms ago: executing program 1 (id=1373):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0xfdff)

230.670139ms ago: executing program 1 (id=1374):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb010018000000000000000c0000001634d0f0b36abe7c89ae882e5fd6d33ead1949145aae3fd575b5b0c77780d0d17284cb8caae21a92992e89a15d8988fd96b15e4c5d058f0c8dbb41da611f7ab2b0694681088afece7bb4f309fe105c249eb04f9e7c2ecf0c38f09196a033bd000000000000"], &(0x7f0000001f80)=""/226, 0x26, 0x81, 0x2}, 0x20)

230.538655ms ago: executing program 1 (id=1375):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x8840)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

99.095753ms ago: executing program 1 (id=1376):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

98.66561ms ago: executing program 2 (id=1377):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000003"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc)

0s ago: executing program 2 (id=1378):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000380)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="24002d8005000100020000000500040001004000080002"], 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:21196' (ED25519) to the list of known hosts.
syzkaller login: [   48.882734][ T5815] cgroup: Unknown subsys name 'net'
[   48.990598][ T5815] cgroup: Unknown subsys name 'cpuset'
[   48.995435][ T5815] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   50.341060][ T5815] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   54.014473][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   54.017516][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   54.020028][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   54.022833][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   54.025409][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   54.089389][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   54.093173][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   54.095995][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   54.100161][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   54.103627][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   54.121446][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   54.124254][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   54.130835][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   54.133747][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   54.136331][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   54.249455][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   54.398291][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   54.404491][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.408022][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.410868][ T5827] bridge_slave_0: entered allmulticast mode
[   54.414152][ T5827] bridge_slave_0: entered promiscuous mode
[   54.438644][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.440962][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.443318][ T5827] bridge_slave_1: entered allmulticast mode
[   54.446296][ T5827] bridge_slave_1: entered promiscuous mode
[   54.488022][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.497248][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.541234][ T5827] team0: Port device team_slave_0 added
[   54.557889][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   54.565184][ T5827] team0: Port device team_slave_1 added
[   54.575573][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.578744][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.581136][ T5831] bridge_slave_0: entered allmulticast mode
[   54.583701][ T5831] bridge_slave_0: entered promiscuous mode
[   54.598779][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.601476][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.604057][ T5831] bridge_slave_1: entered allmulticast mode
[   54.607619][ T5831] bridge_slave_1: entered promiscuous mode
[   54.621833][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.624409][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.633870][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.649551][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.660764][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.662976][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.671037][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.675874][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.730066][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.732886][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.735619][ T5833] bridge_slave_0: entered allmulticast mode
[   54.740074][ T5833] bridge_slave_0: entered promiscuous mode
[   54.744249][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.748159][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.751055][ T5833] bridge_slave_1: entered allmulticast mode
[   54.753687][ T5833] bridge_slave_1: entered promiscuous mode
[   54.768801][ T5831] team0: Port device team_slave_0 added
[   54.784738][ T5831] team0: Port device team_slave_1 added
[   54.825796][ T5827] hsr_slave_0: entered promiscuous mode
[   54.828512][ T5827] hsr_slave_1: entered promiscuous mode
[   54.832640][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.836018][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.839004][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.850526][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.856782][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.860016][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.862262][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.871059][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.904885][ T5833] team0: Port device team_slave_0 added
[   54.908680][ T5833] team0: Port device team_slave_1 added
[   54.958420][ T5831] hsr_slave_0: entered promiscuous mode
[   54.961440][ T5831] hsr_slave_1: entered promiscuous mode
[   54.963975][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.967466][ T5831] Cannot create hsr debugfs directory
[   54.975384][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.978577][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.987813][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.992340][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.994588][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.004184][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.095712][ T5833] hsr_slave_0: entered promiscuous mode
[   55.099067][ T5833] hsr_slave_1: entered promiscuous mode
[   55.101384][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   55.103815][ T5833] Cannot create hsr debugfs directory
[   55.296023][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.321388][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.331798][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.346981][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.373914][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   55.380216][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   55.385646][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   55.391674][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   55.447080][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   55.452694][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   55.457782][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   55.462391][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   55.535692][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.540649][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.561822][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   55.571371][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   55.575359][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.584632][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.587235][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.597956][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.600342][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.604035][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.606626][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.614082][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   55.624741][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.627205][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.635785][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.638509][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.667367][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.670086][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.729463][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.865734][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.920977][ T5827] veth0_vlan: entered promiscuous mode
[   55.924163][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.933721][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.941410][ T5827] veth1_vlan: entered promiscuous mode
[   55.980746][ T5827] veth0_macvtap: entered promiscuous mode
[   55.987393][ T5831] veth0_vlan: entered promiscuous mode
[   55.991032][ T5833] veth0_vlan: entered promiscuous mode
[   55.994475][ T5827] veth1_macvtap: entered promiscuous mode
[   56.005358][ T5831] veth1_vlan: entered promiscuous mode
[   56.010479][ T5833] veth1_vlan: entered promiscuous mode
[   56.017844][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.033080][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.040126][ T5827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.043678][ T5827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.047404][ T5221] Bluetooth: hci0: command tx timeout
[   56.047683][ T5827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.052192][ T5827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.081492][ T5833] veth0_macvtap: entered promiscuous mode
[   56.088670][ T5833] veth1_macvtap: entered promiscuous mode
[   56.095789][ T5831] veth0_macvtap: entered promiscuous mode
[   56.108861][ T5831] veth1_macvtap: entered promiscuous mode
[   56.122110][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.124865][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.128341][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.128885][ T5221] Bluetooth: hci1: command tx timeout
[   56.152947][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.160235][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.162781][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.163120][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.168862][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.172207][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.175041][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.180565][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.188974][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.202363][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.205424][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.208468][ T5221] Bluetooth: hci2: command tx timeout
[   56.211481][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.214340][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.237898][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   56.280107][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.282672][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.319021][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.321528][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.329632][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.334048][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.364945][ T4043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.368843][ T4043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.442564][ T5896] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   56.578961][ T5908] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   56.592357][ T5908] netlink: 'syz.2.7': attribute type 10 has an invalid length.
[   56.624791][ T5908] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.629776][ T5908] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   56.910159][ T5921] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   57.554824][ T5934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.20'.
[   57.628498][ T5941] warning: `syz.0.24' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   57.884193][ T5965] macsec0: entered promiscuous mode
[   57.888929][ T5965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.34'.
[   57.893428][ T5965] veth1_macvtap: left promiscuous mode
[   57.896187][ T5967] netlink: 36 bytes leftover after parsing attributes in process `syz.0.36'.
[   57.905996][ T5965] macsec0 (unregistering): left promiscuous mode
[   58.127194][ T5221] Bluetooth: hci0: command tx timeout
[   58.208262][ T5221] Bluetooth: hci1: command tx timeout
[   58.296810][ T5221] Bluetooth: hci2: command tx timeout
[   59.172274][ T6033] netlink: 'syz.1.64': attribute type 1 has an invalid length.
[   59.175648][ T6033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.64'.
[   59.614630][ T6072] Driver unsupported XDP return value 0 on prog  (id 12) dev N/A, expect packet loss!
[   59.787585][ T6080] nbd0: detected capacity change from 0 to 127
[   59.794725][   T55] block nbd0: Receive control failed (result -104)
[   60.007987][ T6102] netlink: 16 bytes leftover after parsing attributes in process `syz.2.87'.
[   60.013368][ T6102] netlink: 16 bytes leftover after parsing attributes in process `syz.2.87'.
[   60.218182][ T5221] Bluetooth: hci0: command tx timeout
[   60.288245][ T5221] Bluetooth: hci1: command tx timeout
[   60.376782][ T5221] Bluetooth: hci2: command tx timeout
[   60.553025][ T6150] netlink: 'syz.0.111': attribute type 1 has an invalid length.
[   60.556214][ T6150] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.111'.
[   60.681562][ T6163] netlink: 28 bytes leftover after parsing attributes in process `syz.1.117'.
[   60.685267][ T6163] openvswitch: netlink: Flow key attr not present in new flow.
[   60.701867][ T6164] netlink: 320 bytes leftover after parsing attributes in process `syz.2.118'.
[   61.053240][ T6193] netlink: 24 bytes leftover after parsing attributes in process `syz.2.131'.
[   61.413911][ T6217] bridge2: entered promiscuous mode
[   61.564806][ T6223] xfrm1: entered promiscuous mode
[   61.570192][ T6223] xfrm1: entered allmulticast mode
[   61.593215][ T6223] xt_hashlimit: size too large, truncated to 1048576
[   62.286655][ T5834] Bluetooth: hci0: command tx timeout
[   62.368178][ T5834] Bluetooth: hci1: command tx timeout
[   62.451149][ T5834] Bluetooth: hci2: command tx timeout
[   62.827482][ T6313] sctp: [Deprecated]: syz.1.186 (pid 6313) Use of int in max_burst socket option deprecated.
[   62.827482][ T6313] Use struct sctp_assoc_value instead
[   62.828608][ T6322] __nla_validate_parse: 2 callbacks suppressed
[   62.828615][ T6322] netlink: 68 bytes leftover after parsing attributes in process `syz.0.188'.
[   63.519209][ T6387] netlink: 8 bytes leftover after parsing attributes in process `syz.2.217'.
[   63.522473][ T6387] netlink: 312 bytes leftover after parsing attributes in process `syz.2.217'.
[   63.525307][ T6387] netlink: 8 bytes leftover after parsing attributes in process `syz.2.217'.
[   63.840606][ T6412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   64.201156][ T6444] netlink: 'syz.1.243': attribute type 11 has an invalid length.
[   64.204016][ T6444] netlink: 224 bytes leftover after parsing attributes in process `syz.1.243'.
[   64.350116][ T6457] SET target dimension over the limit!
[   64.440737][ T6457] netlink: 84 bytes leftover after parsing attributes in process `syz.1.248'.
[   64.445227][ T6457] netlink: 84 bytes leftover after parsing attributes in process `syz.1.248'.
[   64.527488][ T5834] Bluetooth: hci2: command 0x0405 tx timeout
[   64.642071][ T6487] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   64.677514][ T6491] netlink: 24 bytes leftover after parsing attributes in process `syz.1.260'.
[   65.590272][ T6551] netlink: 'syz.0.287': attribute type 2 has an invalid length.
[   65.848084][   T10] IPVS: starting estimator thread 0...
[   65.966731][ T6573] IPVS: using max 79 ests per chain, 189600 per kthread
[   66.073938][ T6588] netlink: 68 bytes leftover after parsing attributes in process `syz.0.302'.
[   66.129902][ T6592] netlink: 16 bytes leftover after parsing attributes in process `syz.0.304'.
[   66.374439][ T6596] infiniband syz0: set down
[   66.376178][ T6596] infiniband syz0: added ipvlan1
[   66.423240][ T6596] RDS/IB: syz0: added
[   66.427517][ T6596] smc: adding ib device syz0 with port count 1
[   66.429890][ T6596] smc:    ib device syz0 port 1 has pnetid SYZ2 (user defined)
[   68.298981][ T6688] Zero length message leads to an empty skb
[   68.524778][ T6694] netlink: 'syz.0.349': attribute type 1 has an invalid length.
[   68.534330][ T6694] __nla_validate_parse: 2 callbacks suppressed
[   68.534343][ T6694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.349'.
[   68.600709][   T33] audit: type=1800 audit(1752034628.754:2): pid=6697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.351" name="memory.events" dev="tmpfs" ino=645 res=0 errno=0
[   68.627907][   T33] audit: type=1804 audit(1752034628.774:3): pid=6697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.351" name="memory.events" dev="tmpfs" ino=645 res=1 errno=0
[   69.299809][ T6736] netlink: 40 bytes leftover after parsing attributes in process `syz.0.367'.
[   69.653906][ T6761] xt_TCPMSS: Only works on TCP SYN packets
[   70.329886][ T6836] netlink: 224 bytes leftover after parsing attributes in process `syz.0.405'.
[   70.368323][ T5834] Bluetooth: hci2: command 0x0405 tx timeout
[   70.931286][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   70.934650][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   70.968986][ T6890] netlink: 'syz.2.427': attribute type 5 has an invalid length.
[   71.535945][ T6918] veth4: entered allmulticast mode
[   71.544366][ T6918] veth5: entered promiscuous mode
[   71.649700][ T6922] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.727526][ T6922] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.779646][ T6922] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.839298][ T6922] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.929204][ T6922] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.958818][ T6922] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.975628][ T6922] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.985682][ T6922] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.062604][ T6962] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.460'.
[   72.065510][ T6962] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.460'.
[   72.188147][ T6966] nbd2: detected capacity change from 0 to 63
[   72.203716][ T6968] block nbd2: NBD_DISCONNECT
[   72.213255][ T6968] block nbd2: Disconnected due to user request.
[   72.216120][ T6968] block nbd2: shutting down sockets
[   72.228117][    C0] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.231605][    C0] Buffer I/O error on dev nbd2, logical block 0, async page read
[   72.234754][    C0] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.238242][    C0] Buffer I/O error on dev nbd2, logical block 1, async page read
[   72.241035][    C0] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.243989][    C0] Buffer I/O error on dev nbd2, logical block 2, async page read
[   72.246496][    C0] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.249297][    C0] Buffer I/O error on dev nbd2, logical block 3, async page read
[   72.257109][ T6408] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.262276][ T6408] Buffer I/O error on dev nbd2, logical block 0, async page read
[   72.265686][ T6408] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.288015][ T6408] Buffer I/O error on dev nbd2, logical block 1, async page read
[   72.291336][ T6408] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.295126][ T6408] Buffer I/O error on dev nbd2, logical block 2, async page read
[   72.307959][ T6408] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.311706][ T6408] Buffer I/O error on dev nbd2, logical block 3, async page read
[   72.314982][ T6408] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.325114][ T6408] Buffer I/O error on dev nbd2, logical block 0, async page read
[   72.329151][ T6408] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   72.334086][ T6408] Buffer I/O error on dev nbd2, logical block 1, async page read
[   72.354456][ T6408] ldm_validate_partition_table(): Disk read failed.
[   72.366096][ T6408] Dev nbd2: unable to read RDB block 0
[   72.375767][ T6408]  nbd2: unable to read partition table
[   72.402273][ T6408] ldm_validate_partition_table(): Disk read failed.
[   72.412234][ T6408] Dev nbd2: unable to read RDB block 0
[   72.421221][ T6408]  nbd2: unable to read partition table
[   73.243596][ T7016] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[   73.776918][ T7030] syz.0.488 uses obsolete (PF_INET,SOCK_PACKET)
[   73.849420][ T7034] syzkaller1: entered promiscuous mode
[   73.851199][ T7034] syzkaller1: entered allmulticast mode
[   74.116256][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.495'.
[   74.150101][ T7046] syz_tun: entered promiscuous mode
[   74.156161][ T7046] macvtap1: entered promiscuous mode
[   74.161214][ T7046] macvtap1: entered allmulticast mode
[   74.164755][ T7046] syz_tun: entered allmulticast mode
[   74.178335][ T7051] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[   74.195740][   T52] IPVS: starting estimator thread 0...
[   74.287277][ T7054] IPVS: using max 81 ests per chain, 194400 per kthread
[   74.569091][ T7092] bridge: RTM_NEWNEIGH with invalid ether address
[   75.548592][ T7137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.537'.
[   75.634823][   T33] audit: type=1800 audit(1752034635.784:4): pid=7146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.540" name="memory.events" dev="tmpfs" ino=891 res=0 errno=0
[   75.642877][   T33] audit: type=1804 audit(1752034635.794:5): pid=7146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.540" name="/newroot/173/memory.events" dev="tmpfs" ino=891 res=1 errno=0
[   75.821625][ T7169] Bluetooth: MGMT ver 1.23
[   75.951278][ T7185] tipc: Failed to remove unknown binding: 66,1,1/0:277808815/277808817
[   75.954218][ T7185] tipc: Failed to remove unknown binding: 66,1,1/0:277808815/277808817
[   76.038474][ T7193] netlink: 4 bytes leftover after parsing attributes in process `syz.1.562'.
[   76.045863][ T7193] bridge0: entered promiscuous mode
[   76.050423][ T7193] macsec1: entered allmulticast mode
[   76.052884][ T7193] bridge0: entered allmulticast mode
[   76.062897][ T7193] bridge0: left allmulticast mode
[   76.065189][ T7193] bridge0: left promiscuous mode
[   76.324928][ T7199] raw_sendmsg: syz.0.565 forgot to set AF_INET. Fix it!
[   76.336828][ T7210] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   76.340262][   T13] bond0: (slave bond_slave_0): interface is now down
[   76.342966][   T13] bond0: (slave bond_slave_1): interface is now down
[   76.361157][   T13] bond0: (slave bond_slave_0): interface is now down
[   76.363307][   T13] bond0: (slave bond_slave_1): interface is now down
[   76.367128][   T13] bond0: now running without any active interface!
[   76.818190][ T7253] netlink: 240 bytes leftover after parsing attributes in process `syz.0.589'.
[   77.152001][ T7288] ieee802154 phy0 wpan0: encryption failed: -22
[   77.225554][ T7296] netlink: 'syz.2.609': attribute type 10 has an invalid length.
[   77.229424][ T7298] xt_hashlimit: size too large, truncated to 1048576
[   77.231665][ T7296] netlink: 40 bytes leftover after parsing attributes in process `syz.2.609'.
[   77.235661][ T7296] batadv0: entered promiscuous mode
[   77.238681][ T7296] batadv0: entered allmulticast mode
[   77.242942][ T7296] bond0: (slave batadv0): Releasing backup interface
[   77.252092][ T7296] bridge0: port 3(batadv0) entered blocking state
[   77.255083][ T7296] bridge0: port 3(batadv0) entered disabled state
[   77.297367][ T5854] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   77.299127][ T7298] xt_bpf: check failed: parse error
[   77.301444][ T5854] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   77.444367][ T7314] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[   77.634583][ T7336] netlink: 16 bytes leftover after parsing attributes in process `syz.2.628'.
[   77.888567][ T5221] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   77.897984][ T5221] Bluetooth: hci0: command 0x0c1a tx timeout
[   77.986567][ T7371] geneve2: entered promiscuous mode
[   78.043010][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.639'.
[   78.766905][ T7399] netlink: 332 bytes leftover after parsing attributes in process `syz.0.652'.
[   78.770812][ T7399] netlink: 104 bytes leftover after parsing attributes in process `syz.0.652'.
[   79.775872][ T7451] xt_hashlimit: size too large, truncated to 1048576
[   80.008966][ T7469] vlan0: entered promiscuous mode
[   81.178065][  T972] cfg80211: failed to load regulatory.db
[   81.297657][ T7502] __nla_validate_parse: 1 callbacks suppressed
[   81.297668][ T7502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.700'.
[   81.302640][ T7502] netlink: 16 bytes leftover after parsing attributes in process `syz.2.700'.
[   81.429378][ T7519] netlink: 16 bytes leftover after parsing attributes in process `syz.0.707'.
[   81.439803][ T7519] netlink: 216 bytes leftover after parsing attributes in process `syz.0.707'.
[   81.645962][ T7536] netlink: 28 bytes leftover after parsing attributes in process `syz.2.714'.
[   81.655760][ T7536] netlink: 28 bytes leftover after parsing attributes in process `syz.2.714'.
[   82.355177][ T7536] gretap0: entered promiscuous mode
[   82.358027][ T7536] gretap0: left promiscuous mode
[   82.472318][ T7556] netlink: 'syz.2.725': attribute type 21 has an invalid length.
[   82.480465][ T7556] netlink: 'syz.2.725': attribute type 1 has an invalid length.
[   82.875114][ T7591] dummy0: entered allmulticast mode
[   82.877976][ T7590] dummy0: left allmulticast mode
[   83.169398][ T7617] RDS: rds_bind could not find a transport for ::ffff:172.30.1.1, load rds_tcp or rds_rdma?
[   83.434637][ T7647] batadv_slave_1: entered promiscuous mode
[   83.440244][ T7646] batadv_slave_1: left promiscuous mode
[   83.444433][ T7645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.759'.
[   83.449060][ T7645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.759'.
[   83.848849][ T7701] ieee802154 phy0 wpan0: encryption failed: -22
[   83.884032][ T7703] netlink: 16 bytes leftover after parsing attributes in process `syz.0.789'.
[   84.619479][ T7782] IPv6: NLM_F_REPLACE set, but no existing node found!
[   84.655434][ T7786] netlink: 60 bytes leftover after parsing attributes in process `syz.2.829'.
[   84.832156][ T7799] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.841659][ T7799] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   84.845301][ T7799] bond0 (unregistering): Released all slaves
[   85.060448][ T7816] bridge0: port 3(batadv0) entered disabled state
[   85.068805][ T7816] bridge_slave_0: left allmulticast mode
[   85.071330][ T7816] bridge_slave_0: left promiscuous mode
[   85.073517][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.082892][ T7816] bridge_slave_1: left allmulticast mode
[   85.085456][ T7816] bridge_slave_1: left promiscuous mode
[   85.092598][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.115196][ T7816] team0: Port device team_slave_0 removed
[   85.125352][ T7816] team0: Port device team_slave_1 removed
[   85.131810][ T7816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   85.135045][ T7816] batman_adv: batadv0: Removing interface: batadv_slave_0
[   85.139076][ T7816] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   85.142784][ T7816] batman_adv: batadv0: Removing interface: batadv_slave_1
[   85.201865][ T7816] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   85.229278][ T7816] syz.2.842 (7816) used greatest stack depth: 19928 bytes left
[   85.451291][ T7844] dummy0: entered promiscuous mode
[   85.453956][ T7844] macvtap1: entered promiscuous mode
[   85.456174][ T7844] macvtap1: entered allmulticast mode
[   85.459032][ T7844] dummy0: entered allmulticast mode
[   85.711842][ T7868] openvswitch: netlink: IP tunnel dst address not specified
[   86.636686][ T7940] __nla_validate_parse: 2 callbacks suppressed
[   86.636695][ T7940] netlink: 8 bytes leftover after parsing attributes in process `syz.1.897'.
[   86.641533][ T7940] netlink: 8 bytes leftover after parsing attributes in process `syz.1.897'.
[   87.299822][ T7974] xt_CT: No such helper "snmp"
[   87.362343][ T7998] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   87.855587][ T8011] 8021q: adding VLAN 0 to HW filter on device bond1
[   88.080811][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.939'.
[   88.207767][ T8055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.947'.
[   89.393044][ T8116] netlink: 'syz.0.975': attribute type 10 has an invalid length.
[   89.397435][ T8116] netlink: 40 bytes leftover after parsing attributes in process `syz.0.975'.
[   89.401812][ T8116] batman_adv: batadv0: Adding interface: virt_wifi0
[   89.404247][ T8116] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.419205][ T8116] batman_adv: batadv0: Interface activated: virt_wifi0
[   89.477625][ T8125] lo: entered promiscuous mode
[   89.479637][ T8125] tunl0: entered promiscuous mode
[   89.481580][ T8125] gre0: entered promiscuous mode
[   89.484556][ T8125] gretap0: entered promiscuous mode
[   89.489640][ T8125] erspan0: entered promiscuous mode
[   89.491635][ T8125] ip_vti0: entered promiscuous mode
[   89.494060][ T8125] ip6_vti0: entered promiscuous mode
[   89.496190][ T8125] sit0: entered promiscuous mode
[   89.500419][ T8125] ip6tnl0: entered promiscuous mode
[   89.502430][ T8125] ip6gre0: entered promiscuous mode
[   89.504796][ T8125] ip6gretap0: entered promiscuous mode
[   89.507946][ T8125] bridge0: entered promiscuous mode
[   89.509928][ T8125] vcan0: entered promiscuous mode
[   89.511780][ T8125] bond0: entered promiscuous mode
[   89.513377][ T8125] bond_slave_0: entered promiscuous mode
[   89.515197][ T8125] bond_slave_1: entered promiscuous mode
[   89.519050][ T8125] team0: entered promiscuous mode
[   89.520711][ T8125] team_slave_0: entered promiscuous mode
[   89.523536][ T8125] team_slave_1: entered promiscuous mode
[   89.525827][ T8125] dummy0: entered promiscuous mode
[   89.531623][ T8125] nlmon0: entered promiscuous mode
[   89.534912][ T8125] caif0: entered promiscuous mode
[   89.539307][ T8125] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.555133][ T8130] wireguard0: entered promiscuous mode
[   89.560931][ T8130] wireguard0: entered allmulticast mode
[   89.624793][ T8137] netlink: 'syz.0.985': attribute type 3 has an invalid length.
[   89.662465][ T8143] bond0: option mode: unable to set because the bond device has slaves
[   89.915559][ T8175] tipc: Started in network mode
[   89.917645][ T8175] tipc: Node identity 00000000040000000000000000000001, cluster identity 4711
[   89.922193][ T8175] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   89.991826][ T8187] trusted_key: syz.2.1009 sent an empty control message without MSG_MORE.
[   90.155594][ T1113] block nbd0: Possible stuck request ffff888022318000: control (read@0,1024B). Runtime 30 seconds
[   90.162577][ T1113] block nbd0: Possible stuck request ffff888022318200: control (read@1024,1024B). Runtime 30 seconds
[   90.166049][ T1113] block nbd0: Possible stuck request ffff888022318400: control (read@2048,1024B). Runtime 30 seconds
[   90.171930][ T1113] block nbd0: Possible stuck request ffff888022318600: control (read@3072,1024B). Runtime 30 seconds
[   90.304817][ T8228] macsec0: entered promiscuous mode
[   90.306712][ T8228] macsec0: entered allmulticast mode
[   90.328834][ T8232] netlink: 'syz.2.1029': attribute type 3 has an invalid length.
[   90.331444][ T8232] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1029'.
[   90.745588][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1054'.
[   90.805248][ T8290] netlink: 'syz.0.1057': attribute type 11 has an invalid length.
[   90.893892][ T8293] netlink: 'syz.1.1059': attribute type 15 has an invalid length.
[   91.024935][ T8309] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1066'.
[   91.128538][ T8319] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1071'.
[   91.132367][ T8319] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   91.155266][ T8319] batman_adv: batadv0: Removing interface: batadv_slave_1
[   91.593997][ T8348] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.1085'.
[   91.703980][ T8366] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   91.977319][ T8393] __nla_validate_parse: 3 callbacks suppressed
[   91.977330][ T8393] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1105'.
[   92.542948][ T8443] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received
[   92.604889][ T8449] netlink: 'syz.1.1127': attribute type 9 has an invalid length.
[   92.607477][ T8449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1127'.
[   92.624425][ T8449] hsr0: entered promiscuous mode
[   92.626385][ T8449] macvlan0: entered promiscuous mode
[   92.628259][ T8449] macvlan0: entered allmulticast mode
[   92.630004][ T8449] hsr0: entered allmulticast mode
[   92.631698][ T8449] hsr_slave_0: entered allmulticast mode
[   92.633615][ T8449] hsr_slave_1: entered allmulticast mode
[   92.706164][ T8461] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1134'.
[   93.221830][ T8509] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1156'.
[   93.224766][ T8509] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1156'.
[   93.237337][ T8509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1156'.
[   93.471658][ T8530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1167'.
[   93.475710][ T8530] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1167'.
[   93.673304][ T8542] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   93.965374][ T8570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1186'.
[   95.024671][ T8599] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1197'.
[   95.159590][ T8627] netlink: 'syz.2.1211': attribute type 12 has an invalid length.
[   95.285167][ T8642] netlink: 'syz.2.1218': attribute type 1 has an invalid length.
[   95.488728][ T8671] netlink: 'syz.1.1228': attribute type 10 has an invalid length.
[   95.537152][ T8671] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.547670][ T8671] batadv0: entered promiscuous mode
[   95.550878][ T8671] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   95.569455][ T5854] bond0: (slave batadv0): interface is now down
[   95.572480][ T5854] bond0: now running without any active interface!
[   95.926606][   T33] audit: type=1800 audit(1752034656.084:6): pid=8703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1243" name="memory.events" dev="tmpfs" ino=2151 res=0 errno=0
[   96.163192][ T8736] netlink: 'syz.2.1260': attribute type 8 has an invalid length.
[   96.325574][   T33] audit: type=1800 audit(1752034656.474:7): pid=8744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1259" name="memory.events" dev="tmpfs" ino=2143 res=0 errno=0
[   96.551508][ T8772] netlink: 'syz.1.1275': attribute type 10 has an invalid length.
[   96.800002][ T8787] batadv_slave_0: entered promiscuous mode
[   97.499103][ T8873] Set syz1 is full, maxelem 0 reached
[   97.599777][ T8887] syz.0.1323: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   97.627592][ T8887] CPU: 1 UID: 0 PID: 8887 Comm: syz.0.1323 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[   97.627605][ T8887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   97.627610][ T8887] Call Trace:
[   97.627614][ T8887]  <TASK>
[   97.627619][ T8887]  dump_stack_lvl+0x189/0x250
[   97.627639][ T8887]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.627652][ T8887]  ? __pfx__printk+0x10/0x10
[   97.627666][ T8887]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[   97.627681][ T8887]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[   97.627700][ T8887]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[   97.627716][ T8887]  warn_alloc+0x214/0x310
[   97.627731][ T8887]  ? stack_depot_save_flags+0x40/0x900
[   97.627754][ T8887]  ? __pfx_warn_alloc+0x10/0x10
[   97.627771][ T8887]  ? kasan_save_track+0x4f/0x80
[   97.627785][ T8887]  ? xskq_create+0x56/0x170
[   97.627794][ T8887]  ? xsk_init_queue+0xb0/0x110
[   97.627808][ T8887]  ? xsk_setsockopt+0x43f/0x710
[   97.627824][ T8887]  ? do_sock_setsockopt+0x25a/0x3e0
[   97.627837][ T8887]  ? __x64_sys_setsockopt+0x18b/0x220
[   97.627850][ T8887]  ? do_syscall_64+0xfa/0x3b0
[   97.627860][ T8887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.627879][ T8887]  __vmalloc_node_range_noprof+0x125/0x12f0
[   97.627914][ T8887]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   97.627929][ T8887]  ? __kasan_kmalloc+0x93/0xb0
[   97.627939][ T8887]  vmalloc_user_noprof+0xad/0xf0
[   97.627950][ T8887]  ? xskq_create+0xbf/0x170
[   97.627957][ T8887]  xskq_create+0xbf/0x170
[   97.627965][ T8887]  xsk_init_queue+0xb0/0x110
[   97.627976][ T8887]  xsk_setsockopt+0x43f/0x710
[   97.627987][ T8887]  ? __pfx_xsk_setsockopt+0x10/0x10
[   97.627997][ T8887]  ? __lock_acquire+0xab9/0xd20
[   97.628008][ T8887]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[   97.628015][ T8887]  ? __pfx_xsk_setsockopt+0x10/0x10
[   97.628026][ T8887]  do_sock_setsockopt+0x25a/0x3e0
[   97.628036][ T8887]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   97.628047][ T8887]  ? __fget_files+0x2a/0x420
[   97.628060][ T8887]  __x64_sys_setsockopt+0x18b/0x220
[   97.628071][ T8887]  do_syscall_64+0xfa/0x3b0
[   97.628078][ T8887]  ? lockdep_hardirqs_on+0x9c/0x150
[   97.628085][ T8887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.628092][ T8887]  ? exc_page_fault+0x9f/0xf0
[   97.628103][ T8887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.628110][ T8887] RIP: 0033:0x7f6c6698e929
[   97.628118][ T8887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.628124][ T8887] RSP: 002b:00007f6c647d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   97.628133][ T8887] RAX: ffffffffffffffda RBX: 00007f6c66bb6080 RCX: 00007f6c6698e929
[   97.628138][ T8887] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[   97.628143][ T8887] RBP: 00007f6c66a10b39 R08: 0000000000000004 R09: 0000000000000000
[   97.628148][ T8887] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.628153][ T8887] R13: 0000000000000000 R14: 00007f6c66bb6080 R15: 00007fff12569538
[   97.628164][ T8887]  </TASK>
[   97.628168][ T8887] Mem-Info:
[   97.749156][ T8887] active_anon:5872 inactive_anon:0 isolated_anon:0
[   97.749156][ T8887]  active_file:917 inactive_file:38220 isolated_file:0
[   97.749156][ T8887]  unevictable:1768 dirty:108 writeback:0
[   97.749156][ T8887]  slab_reclaimable:9454 slab_unreclaimable:55492
[   97.749156][ T8887]  mapped:18219 shmem:2448 pagetables:1123
[   97.749156][ T8887]  sec_pagetables:0 bounce:0
[   97.749156][ T8887]  kernel_misc_reclaimable:0
[   97.749156][ T8887]  free:294288 free_pcp:22707 free_cma:0
[   97.772461][ T8887] Node 0 active_anon:13504kB inactive_anon:0kB active_file:3088kB inactive_file:142924kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:34904kB dirty:380kB writeback:0kB shmem:4816kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5968kB pagetables:3148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   97.788794][ T8887] Node 1 active_anon:10052kB inactive_anon:0kB active_file:580kB inactive_file:9956kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:37972kB dirty:52kB writeback:0kB shmem:4976kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5748kB pagetables:1412kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   97.802680][ T8887] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   97.816755][ T8887] lowmem_reserve[]: 0 812 812 812 812
[   97.845752][ T8879] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[   97.846253][ T8887] Node 0 DMA32 free:249892kB boost:0kB min:33656kB low:42068kB high:50480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13300kB inactive_anon:0kB active_file:3088kB inactive_file:142924kB unevictable:3536kB writepending:380kB present:1556484kB managed:831900kB mlocked:0kB bounce:0kB free_pcp:48948kB local_pcp:19604kB free_cma:0kB
[   97.860513][ T8887] lowmem_reserve[]: 0 0 0 0 0
[   97.864015][ T8887] Node 1 DMA32 free:458492kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:116kB local_pcp:116kB free_cma:0kB
[   97.876256][ T8887] lowmem_reserve[]: 0 0 854 854 854
[   97.882667][ T8887] Node 1 Normal free:453280kB boost:0kB min:36616kB low:45768kB high:54920kB reserved_highatomic:0KB free_highatomic:0KB active_anon:10120kB inactive_anon:0kB active_file:580kB inactive_file:9956kB unevictable:3536kB writepending:52kB present:1048576kB managed:875016kB mlocked:0kB bounce:0kB free_pcp:42172kB local_pcp:21820kB free_cma:0kB
[   97.905457][ T8887] lowmem_reserve[]: 0 0 0 0 0
[   97.908168][ T8887] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   97.917105][ T8887] Node 0 DMA32: 55*4kB (ME) 125*8kB (UME) 82*16kB (UME) 43*32kB (UME) 19*64kB (UM) 4*128kB (ME) 12*256kB (UM) 11*512kB (M) 10*1024kB (UME) 6*2048kB (ME) 52*4096kB (UM) = 249860kB
[   97.924431][ T8887] Node 1 DMA32: 3*4kB (UM) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 2*128kB (UM) 3*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 109*4096kB (M) = 458492kB
[   97.932889][ T8887] Node 1 Normal: 140*4kB (UME) 272*8kB (UME) 807*16kB (UME) 466*32kB (UM) 214*64kB (UM) 75*128kB (UM) 28*256kB (UM) 14*512kB (UME) 4*1024kB (M) 2*2048kB (UE) 92*4096kB (M) = 453216kB
[   97.939141][ T8887] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   97.943574][ T8887] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   97.947886][ T8887] 41585 total pagecache pages
[   97.949620][ T8887] 0 pages in swap cache
[   97.951520][ T8887] Free swap  = 124996kB
[   97.953485][ T8887] Total swap = 124996kB
[   97.954877][ T8887] 786301 pages RAM
[   97.956141][ T8887] 0 pages HighMem/MovableOnly
[   97.962841][ T8887] 241078 pages reserved
[   97.964247][ T8887] 0 pages cma reserved
[   98.044462][ T8916] __nla_validate_parse: 2 callbacks suppressed
[   98.044473][ T8916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1339'.
[   98.157132][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1343'.
[   98.161675][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1343'.
[   98.165584][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1343'.
[   98.201153][ T8933] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1348'.
[   98.290550][ T5831] cgroup: fork rejected by pids controller in /syz0
[   98.583863][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.634927][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.697897][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.700797][ T8956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1359'.
[   98.705831][ T8956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1359'.
[   98.779333][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.819662][   T33] audit: type=1800 audit(1752034658.974:8): pid=8960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1361" name=25705320202020 dev="tmpfs" ino=2330 res=0 errno=0
[   98.981171][   T12] bridge_slave_1: left allmulticast mode
[   98.983867][   T12] bridge_slave_1: left promiscuous mode
[   98.987261][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.000073][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   99.004293][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   99.005049][ T8972] netlink: 'syz.1.1365': attribute type 1 has an invalid length.
[   99.011510][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   99.014471][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   99.016544][ T8972] netlink: 784 bytes leftover after parsing attributes in process `syz.1.1365'.
[   99.020957][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   99.026551][   T12] bridge_slave_0: left allmulticast mode
[   99.028919][   T12] bridge_slave_0: left promiscuous mode
[   99.031472][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.302794][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.307445][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.311143][   T12] bond0 (unregistering): Released all slaves
[   99.901828][ T5221] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   99.998834][ T8969] chnl_net:caif_netlink_parms(): no params data found
[  100.066617][   T12] hsr_slave_0: left promiscuous mode
[  100.072957][   T12] hsr_slave_1: left promiscuous mode
[  100.075859][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.080911][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.084979][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.088403][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.094076][ T9016] netlink: 'syz.1.1376': attribute type 4 has an invalid length.
[  100.099082][   T12] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  100.102267][   T12] batman_adv: batadv0: Removing interface: virt_wifi0
[  100.133442][   T12] veth1_macvtap: left promiscuous mode
[  100.136054][   T12] veth0_macvtap: left promiscuous mode
[  100.139139][   T12] veth1_vlan: left promiscuous mode
[  100.145416][ T9021] netlink: 'syz.1.1376': attribute type 4 has an invalid length.
[  100.263419][ T1086] smc: removing ib device syz0
[  100.427506][   T12] team0 (unregistering): Port device team_slave_1 removed
[  100.452618][   T12] team0 (unregistering): Port device team_slave_0 removed
[  100.691058][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1378'.
[  100.723481][ T5855] ==================================================================
[  100.727124][ T5855] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x6e/0x190
[  100.730863][ T5855] Read of size 8 at addr ffff88803a5dc2e8 by task kworker/0:3/5855
[  100.734837][ T5855] 
[  100.735890][ T5855] CPU: 0 UID: 0 PID: 5855 Comm: kworker/0:3 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  100.735905][ T5855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.735914][ T5855] Workqueue: events smc_ib_port_event_work
[  100.735934][ T5855] Call Trace:
[  100.735939][ T5855]  <TASK>
[  100.735945][ T5855]  dump_stack_lvl+0x189/0x250
[  100.735959][ T5855]  ? __virt_addr_valid+0x1c8/0x5c0
[  100.735975][ T5855]  ? rcu_is_watching+0x15/0xb0
[  100.735987][ T5855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.735998][ T5855]  ? rcu_is_watching+0x15/0xb0
[  100.736016][ T5855]  ? lock_release+0x4b/0x3e0
[  100.736027][ T5855]  ? __virt_addr_valid+0x1c8/0x5c0
[  100.736039][ T5855]  ? __virt_addr_valid+0x4a5/0x5c0
[  100.736053][ T5855]  print_report+0xd2/0x2b0
[  100.736063][ T5855]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  100.736082][ T5855]  kasan_report+0x118/0x150
[  100.736097][ T5855]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  100.736114][ T5855]  __ethtool_get_link_ksettings+0x6e/0x190
[  100.736130][ T5855]  ib_get_eth_speed+0x15e/0x7b0
[  100.736147][ T5855]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  100.736198][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[  100.736215][ T5855]  rxe_query_port+0x93/0x3b0
[  100.736229][ T5855]  ib_query_port+0x170/0x830
[  100.736240][ T5855]  smc_ib_port_event_work+0x15a/0x940
[  100.736257][ T5855]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.736272][ T5855]  ? process_scheduled_works+0x9ef/0x17b0
[  100.736284][ T5855]  ? process_scheduled_works+0x9ef/0x17b0
[  100.736295][ T5855]  process_scheduled_works+0xae1/0x17b0
[  100.736314][ T5855]  ? __pfx_process_scheduled_works+0x10/0x10
[  100.736330][ T5855]  worker_thread+0x8a0/0xda0
[  100.736343][ T5855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.736361][ T5855]  ? __kthread_parkme+0x7b/0x200
[  100.736377][ T5855]  kthread+0x711/0x8a0
[  100.736392][ T5855]  ? __pfx_worker_thread+0x10/0x10
[  100.736403][ T5855]  ? __pfx_kthread+0x10/0x10
[  100.736418][ T5855]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.736432][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.736441][ T5855]  ? __pfx_kthread+0x10/0x10
[  100.736454][ T5855]  ret_from_fork+0x3fc/0x770
[  100.736467][ T5855]  ? __pfx_ret_from_fork+0x10/0x10
[  100.736479][ T5855]  ? __switch_to_asm+0x39/0x70
[  100.736492][ T5855]  ? __switch_to_asm+0x33/0x70
[  100.736505][ T5855]  ? __pfx_kthread+0x10/0x10
[  100.736519][ T5855]  ret_from_fork_asm+0x1a/0x30
[  100.736537][ T5855]  </TASK>
[  100.736541][ T5855] 
[  100.833533][ T5855] Allocated by task 5831:
[  100.835404][ T5855]  kasan_save_track+0x3e/0x80
[  100.837385][ T5855]  __kasan_kmalloc+0x93/0xb0
[  100.839342][ T5855]  __kvmalloc_node_noprof+0x30d/0x5f0
[  100.841596][ T5855]  alloc_netdev_mqs+0xa6/0x11e0
[  100.843652][ T5855]  rtnl_create_link+0x31f/0xd10
[  100.845718][ T5855]  rtnl_newlink_create+0x25c/0xb00
[  100.847914][ T5855]  rtnl_newlink+0x16d6/0x1c70
[  100.849861][ T5855]  rtnetlink_rcv_msg+0x7cf/0xb70
[  100.851990][ T5855]  netlink_rcv_skb+0x208/0x470
[  100.853997][ T5855]  netlink_unicast+0x75b/0x8d0
[  100.856032][ T5855]  netlink_sendmsg+0x805/0xb30
[  100.858021][ T5855]  __sock_sendmsg+0x21c/0x270
[  100.860049][ T5855]  __sys_sendto+0x3bd/0x520
[  100.861855][ T5855]  __x64_sys_sendto+0xde/0x100
[  100.863822][ T5855]  do_syscall_64+0xfa/0x3b0
[  100.865785][ T5855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.868329][ T5855] 
[  100.869373][ T5855] Freed by task 12:
[  100.871016][ T5855]  kasan_save_track+0x3e/0x80
[  100.872964][ T5855]  kasan_save_free_info+0x46/0x50
[  100.875090][ T5855]  __kasan_slab_free+0x62/0x70
[  100.877092][ T5855]  kfree+0x18e/0x440
[  100.878740][ T5855]  device_release+0x9c/0x1c0
[  100.880679][ T5855]  kobject_put+0x22b/0x480
[  100.882611][ T5855]  netdev_run_todo+0xd2e/0xea0
[  100.884648][ T5855]  default_device_exit_batch+0x81e/0x890
[  100.887029][ T5855]  ops_undo_list+0x525/0x990
[  100.889022][ T5855]  cleanup_net+0x4c5/0x800
[  100.890979][ T5855]  process_scheduled_works+0xae1/0x17b0
[  100.893336][ T5855]  worker_thread+0x8a0/0xda0
[  100.895318][ T5855]  kthread+0x711/0x8a0
[  100.897051][ T5855]  ret_from_fork+0x3fc/0x770
[  100.899042][ T5855]  ret_from_fork_asm+0x1a/0x30
[  100.901095][ T5855] 
[  100.902129][ T5855] The buggy address belongs to the object at ffff88803a5dc000
[  100.902129][ T5855]  which belongs to the cache kmalloc-cg-4k of size 4096
[  100.907942][ T5855] The buggy address is located 744 bytes inside of
[  100.907942][ T5855]  freed 4096-byte region [ffff88803a5dc000, ffff88803a5dd000)
[  100.913529][ T5855] 
[  100.914586][ T5855] The buggy address belongs to the physical page:
[  100.917180][ T5855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a5d8
[  100.920772][ T5855] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  100.924219][ T5855] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  100.927270][ T5855] page_type: f5(slab)
[  100.928976][ T5855] raw: 00fff00000000040 ffff88801a44b500 dead000000000122 0000000000000000
[  100.932297][ T5855] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  100.935052][ T5855] head: 00fff00000000040 ffff88801a44b500 dead000000000122 0000000000000000
[  100.937835][ T5855] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  100.940585][ T5855] head: 00fff00000000003 ffffea0000e97601 00000000ffffffff 00000000ffffffff
[  100.943613][ T5855] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  100.946366][ T5855] page dumped because: kasan: bad access detected
[  100.948478][ T5855] page_owner tracks the page as allocated
[  100.950322][ T5855] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5827, tgid 5827 (syz-executor), ts 55037761045, free_ts 0
[  100.956858][ T5855]  post_alloc_hook+0x240/0x2a0
[  100.958512][ T5855]  get_page_from_freelist+0x21e4/0x22c0
[  100.960309][ T5855]  __alloc_frozen_pages_noprof+0x181/0x370
[  100.962351][ T5855]  alloc_pages_mpol+0x232/0x4a0
[  100.963904][ T5855]  allocate_slab+0x8a/0x3b0
[  100.965475][ T5855]  ___slab_alloc+0xbfc/0x1480
[  100.967016][ T5855]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[  100.969183][ T5855]  kmemdup_noprof+0x2b/0x70
[  100.970856][ T5855]  __addrconf_sysctl_register+0x9c/0x530
[  100.973233][ T5855]  addrconf_sysctl_register+0x168/0x1c0
[  100.975493][ T5855]  ipv6_add_dev+0xd46/0x1370
[  100.977467][ T5855]  addrconf_notify+0x794/0x1010
[  100.979526][ T5855]  notifier_call_chain+0x1b6/0x3e0
[  100.981659][ T5855]  register_netdevice+0x1608/0x1ae0
[  100.983793][ T5855]  macvlan_common_newlink+0x120a/0x1980
[  100.986140][ T5855]  rtnl_newlink_create+0x310/0xb00
[  100.988298][ T5855] page_owner free stack trace missing
[  100.990538][ T5855] 
[  100.991579][ T5855] Memory state around the buggy address:
[  100.993518][ T5855]  ffff88803a5dc180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.996031][ T5855]  ffff88803a5dc200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.998682][ T5855] >ffff88803a5dc280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.001347][ T5855]                                                           ^
[  101.003875][ T5855]  ffff88803a5dc300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.007248][ T5855]  ffff88803a5dc380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.010551][ T5855] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  101.031370][ T5855] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  101.034488][ T5855] CPU: 0 UID: 0 PID: 5855 Comm: kworker/0:3 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8-dirty #0 PREEMPT(full) 
[  101.039585][ T5855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.043581][ T5855] Workqueue: events smc_ib_port_event_work
[  101.045659][ T5855] Call Trace:
[  101.046751][ T5855]  <TASK>
[  101.047884][ T5855]  dump_stack_lvl+0x99/0x250
[  101.049776][ T5855]  ? __asan_memcpy+0x40/0x70
[  101.051517][ T5855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.053633][ T5855]  ? __pfx__printk+0x10/0x10
[  101.055574][ T5855]  panic+0x2db/0x790
[  101.057186][ T5855]  ? __pfx_panic+0x10/0x10
[  101.059064][ T5855]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  101.061510][ T5855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.064048][ T5855]  ? print_memory_metadata+0x314/0x400
[  101.066313][ T5855]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  101.068722][ T5855]  check_panic_on_warn+0x89/0xb0
[  101.070786][ T5855]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  101.073345][ T5855]  end_report+0x78/0x160
[  101.075169][ T5855]  kasan_report+0x129/0x150
[  101.077031][ T5855]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  101.079308][ T5855]  __ethtool_get_link_ksettings+0x6e/0x190
[  101.081704][ T5855]  ib_get_eth_speed+0x15e/0x7b0
[  101.083741][ T5855]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  101.085993][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[  101.088215][ T5855]  rxe_query_port+0x93/0x3b0
[  101.090187][ T5855]  ib_query_port+0x170/0x830
[  101.092111][ T5855]  smc_ib_port_event_work+0x15a/0x940
[  101.094360][ T5855]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.096528][ T5855]  ? process_scheduled_works+0x9ef/0x17b0
[  101.098869][ T5855]  ? process_scheduled_works+0x9ef/0x17b0
[  101.101271][ T5855]  process_scheduled_works+0xae1/0x17b0
[  101.103596][ T5855]  ? __pfx_process_scheduled_works+0x10/0x10
[  101.106084][ T5855]  worker_thread+0x8a0/0xda0
[  101.108014][ T5855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.110598][ T5855]  ? __kthread_parkme+0x7b/0x200
[  101.112741][ T5855]  kthread+0x711/0x8a0
[  101.114203][ T5855]  ? __pfx_worker_thread+0x10/0x10
[  101.116307][ T5855]  ? __pfx_kthread+0x10/0x10
[  101.118297][ T5855]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.120421][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.122577][ T5855]  ? __pfx_kthread+0x10/0x10
[  101.124515][ T5855]  ret_from_fork+0x3fc/0x770
[  101.126484][ T5855]  ? __pfx_ret_from_fork+0x10/0x10
[  101.128686][ T5855]  ? __switch_to_asm+0x39/0x70
[  101.130664][ T5855]  ? __switch_to_asm+0x33/0x70
[  101.132639][ T5855]  ? __pfx_kthread+0x10/0x10
[  101.134699][ T5855]  ret_from_fork_asm+0x1a/0x30
[  101.136704][ T5855]  </TASK>
[  101.138718][ T5855] Kernel Offset: disabled
[  101.140541][ T5855] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:17:41  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900037bf090
R8 =ffff888021880237 R9 =1ffff11004310046 R10=dffffc0000000000 R11=ffffffff85475610
R12=dffffc0000000000 R13=ffffffff99af78e9 R14=ffffffff99dfc760 R15=0000000000000000
RIP=ffffffff8547568c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa46fe29032 CR3=000000002825a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f0b04984478 00007f0b04984450 XMM03=00007f0b04984488 00007f0b04984480
XMM04=00007f0b054ed100 00007f0b04984440 XMM05=00007f0b04984458 00007f0b049844a0
XMM06=00007f0b04984498 00007f0b04984490 XMM07=00007f0b04984488 00007f0b04984480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f0b04811c91
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000555cb208c040 RCX=00007f43197169a4 RDX=0000000000080141
RSI=0000000000000000 RDI=000000000000000c RBP=000000000000000c RSP=00007ffcc2772bf8
R8 =00000000ffffffff R9 =0000000000000000 R10=00000000000001a4 R11=0000000000000246
R12=0000000000000000 R13=ffffffffffffffff R14=00000000ffffffff R15=00000000ffffffff
RIP=00007f4319719ffe RFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4319b53c80 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0b055aafc8 CR3=000000001248f000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 ff00000000000000 XMM05=0000000000000035 0000000031003030
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffff00ff0000 XMM09=6c6c696b66722f35 7968702f31313230
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
