last executing test programs: 11m31.55883995s ago: executing program 2 (id=466): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = eventfd2(0xe5c, 0x80000) r3 = eventfd2(0x4, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r3, 0x8, 0x2, r2}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @ioapic={0x2, 0xfffffffc, 0x4, 0xffffff00, 0x0, [{0xf1, 0x5, 0x5, '\x00', 0x4}, {0x3, 0xff, 0x5d, '\x00', 0xfd}, {0x1, 0x40, 0xf, '\x00', 0x3}, {0x2, 0x99, 0x4}, {0x10, 0x6, 0xd3, '\x00', 0x7}, {0x7, 0x7, 0x7, '\x00', 0x4}, {0x3, 0x5, 0x5, '\x00', 0x5}, {0x86, 0x4, 0xee}, {0x40, 0x3, 0xea, '\x00', 0xa}, {0x2, 0x3, 0x6, '\x00', 0xed}, {0x8, 0x10, 0x6, '\x00', 0x7}, {0x4b, 0xff, 0xab, '\x00', 0x4}, {0x6, 0x9, 0x5, '\x00', 0x58}, {0x3, 0x6, 0x40, '\x00', 0x9}, {0x0, 0x3, 0x4, '\x00', 0x4}, {0xa, 0x5, 0xfd, '\x00', 0x3}, {0x7, 0x7, 0xd9, '\x00', 0xe}, {0x2, 0x80, 0x7, '\x00', 0x3}, {0x7, 0x1, 0xa, '\x00', 0x6}, {0x2, 0xb, 0x80, '\x00', 0x4}, {0x7, 0xe9, 0x0, '\x00', 0x4}, {0x9, 0x4, 0x58, '\x00', 0x2}, {0x7, 0x5, 0x9, '\x00', 0xe}, {0x0, 0x80, 0x43}]}}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0xcb, 0xd, 0x2000000000004, 0x6d, 0x2, 0x1002, 0x80000ef, 0x200, 0x7fffffffffffb, 0x8d, 0x2, 0x1, 0xfffffffffffffffe, 0x5, 0x3, 0xbdf], 0x2000, 0x67a64fa265d09613}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 11m31.019474446s ago: executing program 2 (id=468): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xdfb}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) getrlimit(0xd, &(0x7f00000000c0)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_MCE_KILL(0x35, 0x0, 0x8) lseek(0xffffffffffffffff, 0x9, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x48, &(0x7f0000000d80)={0x2, 0xc, '\x00', [@ra={0x5, 0x2, 0x8000}, @jumbo={0xc2, 0x4, 0x2ca2daea}, @padn={0x1, 0x1, [0x0]}, @calipso={0x7, 0x8, {0x3, 0x0, 0x9, 0x83}}, @jumbo={0xc2, 0x4, 0x7ff}, @generic={0x1, 0x41, "d8553b60073656b6635ed50730462ec50ed8013de7467d0885f2e05a7cf72c87ebff43d2933a4d4fdaa63b4bb5a6a8382074433ec70d17ea734686fd6fdadab8bd"}]}, 0x68) 11m30.105783834s ago: executing program 2 (id=469): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040)={0x90000005}) epoll_pwait(r3, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000) epoll_pwait(r3, &(0x7f00000000c0)=[{}], 0x1, 0x101, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) 11m29.614187406s ago: executing program 2 (id=472): r0 = socket(0x10, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) creat(&(0x7f0000002640)='./bus\x00', 0x44) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x20) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 11m28.559520642s ago: executing program 2 (id=480): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000600), 0xfec8) r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0) 11m27.52366085s ago: executing program 2 (id=485): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f0000000d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000380)="1a00000002800000", 0x8) 11m26.928149607s ago: executing program 32 (id=485): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f0000000d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000380)="1a00000002800000", 0x8) 8m31.313903044s ago: executing program 4 (id=1376): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x8, 0xc4}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x16, 0x4, &(0x7f0000000000)=@framed={{}, [@generic={0x71, 0x0, 0x1, 0x4d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8m30.20352225s ago: executing program 4 (id=1378): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}]}, &(0x7f0000000300)='GPL\x00', 0xb, 0xff7, &(0x7f0000001e00)=""/4087}, 0x94) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0xc080}, 0x0) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4) getsockopt(r0, 0x200000000114, 0x271e, 0x0, &(0x7f0000000040)) 8m29.732875487s ago: executing program 4 (id=1382): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x4008000, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 8m28.946609654s ago: executing program 4 (id=1385): r0 = socket(0x10, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) creat(&(0x7f0000002640)='./bus\x00', 0x44) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) 8m28.267744418s ago: executing program 4 (id=1388): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x0, 0x0, @pic={0x3, 0x7, 0xe1, 0x81, 0x9, 0xd9, 0x40, 0x41, 0xfb, 0x5e, 0xc, 0x0, 0x1, 0x40, 0x1, 0x5}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x103, 0x20, 0x3, 0x0, 0x106c, 0x100, 0x7fffffffffffa, 0x7, 0xfffffffffffffffe, 0x8, 0x0, 0x0, 0x0, 0x7], 0x1, 0x3c4210}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8m24.015945603s ago: executing program 4 (id=1393): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x1) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x1c) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000100)=0x1003ff, 0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f00000008c0)=0x61e2, 0x4) sendmmsg$inet6(r2, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x40010140, 0x0) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r1, 0x0) 8m23.728832719s ago: executing program 33 (id=1393): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x1) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x1c) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000100)=0x1003ff, 0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f00000008c0)=0x61e2, 0x4) sendmmsg$inet6(r2, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x40010140, 0x0) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r1, 0x0) 17.713685047s ago: executing program 1 (id=2727): r0 = socket$unix(0x1, 0x1, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) bind$unix(r0, &(0x7f0000000180)=@file={0x1}, 0x6e) listen(r0, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) connect$unix(r2, &(0x7f0000000000)=@file={0x1}, 0x6e) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) connect$unix(r2, &(0x7f0000000080)=@file={0x1}, 0x6e) close(r0) 14.495594574s ago: executing program 1 (id=2734): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x40}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec08894194"], 0xb0) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8) mkdir(&(0x7f00000020c0)='./file0\x00', 0x22) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f00000002c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r3, &(0x7f00000083c0)={0x2020, 0x0, 0x0}, 0x49e8648f) write$FUSE_ENTRY(r2, &(0x7f0000000440)={0x90, 0x0, r4, {0x0, 0x0, 0xffffffffffffffff, 0x2, 0x200, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1}}}, 0x90) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) 13.420792686s ago: executing program 1 (id=2736): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x10001, 0x7ffd, 0x27b6, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x20004}, 0x50) 12.590256327s ago: executing program 0 (id=2738): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r2, 0x0, 0xb) splice(r4, 0x0, r2, 0x0, 0x1000, 0x0) splice(r1, 0x0, r5, 0x0, 0x80, 0x0) 10.230311148s ago: executing program 1 (id=2741): setitimer(0x0, &(0x7f0000000580)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x111) close(r0) r1 = inotify_init1(0x800) fcntl$setstatus(r0, 0x4, 0x2c00) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0) r2 = gettid() fcntl$setown(r0, 0x8, r2) fcntl$setsig(r1, 0xa, 0xe) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960) rmdir(&(0x7f0000000100)='./control\x00') 9.057331734s ago: executing program 5 (id=2744): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x63, 0xfffffffb, 0x5}}}}]}, 0x44}}, 0x20040084) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xf3f, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xfff1}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20041010}, 0x4044000) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r8 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) 7.838457894s ago: executing program 3 (id=2745): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) socket$nl_netfilter(0x10, 0x3, 0xc) openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4) r3 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r3, 0x0, 0x484, &(0x7f0000001e00)=""/218, &(0x7f0000001f00)=0xda) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000040)=0x9, 0x4) 7.81120104s ago: executing program 0 (id=2746): sched_setscheduler(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = syz_io_uring_setup(0x117, &(0x7f0000000240)={0x0, 0x4a2d, 0x0, 0xff7fffff, 0xdd}, &(0x7f0000000500)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x4, 0x0, 0x1, 0xc}) io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) 7.675464099s ago: executing program 5 (id=2747): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001500192340834b80040d8c560a0603a6ff8000000000000000006302496b3a17b42e64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) 7.526106465s ago: executing program 3 (id=2748): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace(0x8, r3) r4 = syz_pidfd_open(r3, 0x0) process_mrelease(r4, 0x700000000000000) 6.489007203s ago: executing program 0 (id=2749): socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) 6.488335333s ago: executing program 5 (id=2750): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x7, 0x4, 0x8, 0xd27}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f00000000c0)}, 0x20) 6.464433179s ago: executing program 3 (id=2751): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$set_reqkey_keyring(0xe, 0x5) request_key(&(0x7f0000000040)='id_resolver\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9n::e\x00\x00\x00\x00\x00\x00\x00\x00H\x00\x00\x00', 0x0) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f00000001c0)={[{@type={'type', 0x3d, "699a1c87"}}, {@gid}, {}, {@uid}, {@force}, {@umask={'umask', 0x3d, 0x8}}, {@nls={'nls', 0x3d, 'default'}}, {@part={'part', 0x3d, 0x3}}, {@creator={'creator', 0x3d, "995d95f7"}}, {@type={'type', 0x3d, "e016e5dc"}}]}, 0x47, 0x6f6, &(0x7f00000010c0)="$eJzs3U1sHGcZAOB31uu1N5XcbZO0FUKK1YgIGkhsLyVBQiJUCPlQoUhcel0Sp7G8diPbRU6EiAsUjnBCOXAoQubQE+oBCcQBUc5ISFxR7pG4RxxYNLMz6/2x17uNf5LwPNJ4vpn5ft55O/Pt7myjDeD/1uI7MbkdSSxefHsr3X64U28+3KmvFuWImIqIUkS5vYpkLSL5NOJatJc4ne7Mu0v2G+fNR3/89YUHH9fbW+V8yeqXhrXb1Roywna+xGxETOTrMZX36+9GvDXQ3/2xuk46cacJO18kDk5aa8D2OM1HuG+Bp939iInJPfbXIk5FxHT+PiDy2aF0zOEdurFmOQAAAHg6TRxU4cXH8Ti2YuZ4wgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnQ9L+zcAkX0pFeTaS4vf/K/m+VKVywvEO9+UDjn9465gCAQAAAAAAAIAj8Un+xf25x/E4tmKm2N9Ksu/8X882zmR/X4j3YyOWYj0uxVY0YjM2Yz3mIyZnujqsbDU2N9fnB1v+KtKWrVbrft5yISJqAy0XjuGkAQAAAAAAAOD59eNYjJmTDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALolERPtVbacKcq1KJUjYjoiKmm97Yg/F+WnXXXIsb8cYxwAAABwQoqPxjPJf9uFVpJ95n8l+9w/He/HWmzGcmxGM5biZvYsoP2pv/SP7Xrz4U59NV0GO/7Wv8eKI+sxIibig31GnstqnO20WIzvxPfiYszG9ViP5fhBNGIzlmI2qulJRCOSqFXbTy9qRZx7x3utZ+t6f2zn+rZfyyKpxq1YzmK7FDcq0X5skp1DOuZrXaP9oRLRN+IHaXaSb+ZGzNHNrv9ev8yfy+RaL47Yx9GoZWc+2cnIXJr7PBsvDc/9mNdJ/0jzUeo8gzqzO0q62T9SkfPvj5PzU/k6zfXPenN+2MZ8lNafiYUo5VdfxCu9Ob/zhQcv9zb+0j//ev12aW3l9q2Ni0d4Sk9i9qAKk0WhPxP1rky8OvzqyzPRTDOxPXomJvt3TI/a8mhV8mxkU9GIs+W3s1IjXu+6BN+Lm7EUV2Iu5uNqzMXXYyHqnSssXc725LVcX+3NSXavlQbnt2FPYs9/savSzw+ofLzSvLzUldfuma6WHcv3XPtFzHVdfS8Pv/rGfhVIx/9cXk7H+EnnFedp0JOJfG4uojs9PBO/aaV/N5prK+u3G3dGHO9Cvk5v2w975+bfjh51/6v7YUivl3TGLWdbWU6qxfWSHjvdibY3X5X8G5d2u9LAsbOdY7WYieX47r53aiV/DzfYU/vYq93H/rU7c1by9zfFsZ53OfFeNLN3IX0OnKoBOGan3jhVqT6q/r36UfWn1dvVt6ffmro69flKTP6t/KeJ35d+V/pG8kZ8FD+KmZOOFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngcbd++tNJrNpfVOIab79zxpobLvWMMLUTqwzs4Lo3UYtYjhYyV5oXK45/4sFqrRt6f4haUn7fmTiBhSp/LEwSdjX2NjF9I8HEqHxQ+nZXtaE2M0Lxet9q5Tjo3pWGkk5T3uuKnduyBqK43mf1o9zavRdcsAz7nLm6t3Lm/cvfeV5dXGu0vvLq0tXL1y9Ur9a/NfvXxrubk01/570lECR2Hj7r2Jk44BAAAAAAAAAAAAGE/+f/9vfuZ/zFA+oE5lfWPvkc8d96kCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz6jFd2JyO5KYn7s0l24/3Kk306Uo79YsR0QpIpIfRiSfRlyL9hK1ru6S/cZ581GULjz4uL7bV7moXxrWbjTb+RKzETGRrw82tUc3g/3d6Opv+zOFl3TOME3Y+SJxcNL+FwAA///VOPOq") 4.489629461s ago: executing program 5 (id=2752): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) socket$nl_audit(0x10, 0x3, 0x9) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x1, 0x6) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001240)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {}, {0x0, 0x1}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0xc9, 0x8}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x60001d0}, 0xc084) 4.468002517s ago: executing program 3 (id=2753): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) landlock_restrict_self(r0, 0x0) mount$tmpfs(0x0, &(0x7f0000000300)='./file0/file1\x00', &(0x7f0000000340), 0x0, 0x0) umount2(&(0x7f0000000380)='./file0/file0\x00', 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x0) mount$bind(&(0x7f0000000440)='\x00', &(0x7f0000000480)='./file0/file0\x00', &(0x7f00000004c0), 0x21, 0x0) pivot_root(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file0/file0\x00') 4.192656985s ago: executing program 3 (id=2754): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x0, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008"], 0x50) 4.117217713s ago: executing program 0 (id=2755): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r3 = syz_clone(0x40011, 0x0, 0xfb, 0x0, 0x0, 0x0) r4 = gettid() kcmp(r4, r3, 0xb44c031f136537ae, 0xffffffffffffffff, 0xffffffffffffffff) 3.734342943s ago: executing program 1 (id=2756): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) read$FUSE(r4, &(0x7f0000006380)={0x2020}, 0x2020) 3.734112893s ago: executing program 5 (id=2757): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) getrlimit(0x6, &(0x7f0000000040)) getpid() r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$PIO_UNIMAP(r0, 0x4b52, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, 0x0, 0x3, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001280)=@newtaction={0x18, 0x31, 0x3d, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x84, 0x30, 0xffff, 0x70bd27, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x5, 0x0, 0x0, 0x0, {0x0, 0x2, 0x0, 0x6, 0xfffe}, {0x20, 0x0, 0x0, 0x0, 0xfffd}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0) 2.928274447s ago: executing program 3 (id=2758): socket$netlink(0x10, 0x3, 0x13) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wg1\x00'}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, &(0x7f0000000580)) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb9, 0x0, 0x0, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x32, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4044040}, 0x40090) socket$inet_sctp(0x2, 0x1, 0x84) r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000001340)={{0x84, @broadcast, 0x4e24, 0x3, 'lc\x00', 0xc, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0xffffffff, 0x12d5c, 0x1294b}}, 0x44) 2.918431906s ago: executing program 0 (id=2759): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001500192340834b80040d8c560a0603a6ff8000000000000000006302496b3a17b42e64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) 876.066676ms ago: executing program 1 (id=2760): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000580)={0x0, 0x8149, 0x20}, 0xc) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x48, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0xffff, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 234.460106ms ago: executing program 0 (id=2761): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/rt_cache\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0xf5ff, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0) 0s ago: executing program 5 (id=2762): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r2 = gettid() sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x2a94, 0x60004}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0xffffffffffffffe3, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24008080) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1e, 0x13, r0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r0}, 0x4) kernel console output (not intermixed with test programs): : 12 bytes leftover after parsing attributes in process `syz.1.692'. [ 204.564624][ T8142] netlink: 'syz.0.688': attribute type 1 has an invalid length. [ 204.610239][ T8142] bond5: entered promiscuous mode [ 204.615771][ T8142] 8021q: adding VLAN 0 to HW filter on device bond5 [ 204.741026][ T8142] bond5: (slave veth3): making interface the new active one [ 204.764749][ T8142] veth3: entered promiscuous mode [ 204.775489][ T8142] bond5: (slave veth3): Enslaving as an active interface with an up link [ 205.114752][ T8164] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 206.592182][ T8195] netlink: 12 bytes leftover after parsing attributes in process `syz.4.705'. [ 207.088827][ T8214] netlink: 28 bytes leftover after parsing attributes in process `syz.3.714'. [ 207.367823][ T8223] bond6: entered promiscuous mode [ 207.626319][ T5805] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 207.649534][ T8217] loop4: detected capacity change from 0 to 32768 [ 207.668853][ T8217] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.716 (8217) [ 207.708137][ T8217] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 207.722007][ T8217] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 207.731992][ T8217] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 207.744318][ T8217] BTRFS info (device loop4): use zstd compression, level 3 [ 207.773175][ T8217] BTRFS info (device loop4): use no compression [ 207.796474][ T8217] BTRFS info (device loop4): using free space tree [ 208.054414][ T8217] BTRFS info (device loop4): enabling ssd optimizations [ 208.067445][ T8217] BTRFS info (device loop4): auto enabling async discard [ 208.190217][ T8217] loop4: detected capacity change from 32768 to 0 [ 208.268653][ T8252] syz.4.716: attempt to access beyond end of device [ 208.268653][ T8252] loop4: rw=2049, sector=10440, nr_sectors = 16 limit=0 [ 208.312140][ T8252] BTRFS error (device loop4): bdev /dev/loop4 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0 [ 208.575154][ T11] kworker/u4:0: attempt to access beyond end of device [ 208.575154][ T11] loop4: rw=6145, sector=13448, nr_sectors = 8 limit=0 [ 208.622962][ T11] BTRFS error (device loop4): bdev /dev/loop4 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0 [ 208.754873][ T7285] BTRFS error (device loop4: state A): Transaction aborted (error -5) [ 208.806662][ T7285] BTRFS: error (device loop4: state A) in __btrfs_run_delayed_items:1161: errno=-5 IO failure [ 208.832705][ T7285] BTRFS info (device loop4: state EA): forced readonly [ 208.852232][ T7285] BTRFS warning (device loop4: state EA): Skipping commit of aborted transaction. [ 208.880221][ T7285] BTRFS: error (device loop4: state EA) in cleanup_transaction:2005: errno=-5 IO failure [ 208.919244][ T7285] BTRFS info (device loop4: state EA): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 210.385756][ T5805] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 210.394273][ T5805] usb 1-1: can't read configurations, error -71 [ 210.620784][ T8271] loop0: detected capacity change from 0 to 512 [ 211.627106][ T8279] loop4: detected capacity change from 0 to 2048 [ 211.664828][ T8279] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 212.758213][ T8297] netlink: 'syz.3.739': attribute type 10 has an invalid length. [ 212.781134][ T8297] team0: Port device dummy0 added [ 213.191377][ T8311] netlink: 'syz.1.745': attribute type 1 has an invalid length. [ 213.399936][ T8313] 8021q: adding VLAN 0 to HW filter on device bond5 [ 213.489116][ T8313] bond4: (slave bond5): making interface the new active one [ 213.523000][ T8313] bond4: (slave bond5): Enslaving as an active interface with an up link [ 213.614101][ T8311] bond4: (slave gretap1): Enslaving as a backup interface with an up link [ 213.824479][ T8311] netlink: 28 bytes leftover after parsing attributes in process `syz.1.745'. [ 213.843930][ T8311] 8021q: adding VLAN 0 to HW filter on device bond4 [ 213.884143][ T8319] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 215.478125][ T8334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.751'. [ 216.614892][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 216.614909][ T27] audit: type=1326 audit(1772077386.496:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.674095][ T27] audit: type=1326 audit(1772077386.496:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.713022][ T27] audit: type=1326 audit(1772077386.506:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.764938][ T27] audit: type=1326 audit(1772077386.506:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.803221][ T27] audit: type=1326 audit(1772077386.506:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.837938][ T27] audit: type=1326 audit(1772077386.506:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.865274][ T27] audit: type=1326 audit(1772077386.506:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.888226][ T27] audit: type=1326 audit(1772077386.506:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.910788][ T27] audit: type=1326 audit(1772077386.506:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 216.945637][ T27] audit: type=1326 audit(1772077386.506:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.0.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 221.380364][ T5777] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 222.333591][ T8449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.796'. [ 222.910358][ T8465] loop5: detected capacity change from 0 to 7 [ 222.979566][ T8465] Dev loop5: unable to read RDB block 7 [ 222.985209][ T8465] loop5: unable to read partition table [ 222.991342][ T8465] loop5: partition table beyond EOD, truncated [ 222.997683][ T8465] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 223.143311][ T8472] loop0: detected capacity change from 0 to 512 [ 223.159154][ T8472] EXT4-fs: Ignoring removed mblk_io_submit option [ 223.280184][ T8472] EXT4-fs (loop0): write access unavailable, skipping orphan cleanup [ 223.295944][ T8472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 224.004505][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.382972][ T8493] sctp: [Deprecated]: syz.0.802 (pid 8493) Use of struct sctp_assoc_value in delayed_ack socket option. [ 224.382972][ T8493] Use struct sctp_sack_info instead [ 225.553902][ T8509] loop4: detected capacity change from 0 to 512 [ 225.561901][ T8509] EXT4-fs: Ignoring removed mblk_io_submit option [ 226.792373][ T8509] EXT4-fs (loop4): orphan cleanup on readonly fs [ 226.798905][ T8509] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 226.866521][ T8509] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.807: attempt to clear invalid blocks 2 len 1 [ 226.883225][ T8509] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 226.900619][ T8509] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.807: invalid indirect mapped block 1819239214 (level 0) [ 226.922434][ T6483] IPVS: starting estimator thread 0... [ 226.960334][ T8509] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.807: invalid indirect mapped block 1819239214 (level 1) [ 226.978367][ T8509] EXT4-fs (loop4): 1 truncate cleaned up [ 226.984781][ T8509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 227.076660][ T8515] netlink: 24 bytes leftover after parsing attributes in process `syz.3.809'. [ 227.098427][ T8513] IPVS: using max 16 ests per chain, 38400 per kthread [ 227.237554][ T7285] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.307183][ T8515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.809'. [ 230.023106][ T8535] netlink: 24 bytes leftover after parsing attributes in process `syz.3.816'. [ 232.836706][ T8563] netlink: 'syz.4.827': attribute type 10 has an invalid length. [ 232.854307][ T8563] netlink: 55 bytes leftover after parsing attributes in process `syz.4.827'. [ 236.333154][ T8614] netlink: 156 bytes leftover after parsing attributes in process `syz.3.842'. [ 236.369612][ T8614] netlink: 156 bytes leftover after parsing attributes in process `syz.3.842'. [ 236.392463][ T8614] netlink: 12 bytes leftover after parsing attributes in process `syz.3.842'. [ 237.324865][ T8641] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000009 [ 237.631485][ T8649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.854'. [ 238.866463][ T8] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 239.080597][ T8] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 239.096161][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.122047][ T8] usb 5-1: Product: syz [ 239.126740][ T8] usb 5-1: Manufacturer: syz [ 239.131373][ T8] usb 5-1: SerialNumber: syz [ 239.161713][ T8] usb 5-1: config 0 descriptor?? [ 239.426433][ T8] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 242.497303][ T8698] overlayfs: failed to clone upperpath [ 242.541851][ T8693] loop0: detected capacity change from 0 to 1024 [ 242.549139][ T8693] EXT4-fs: Ignoring removed orlov option [ 242.554829][ T8693] EXT4-fs: inline encryption not supported [ 242.561080][ T8693] ext3: Unknown parameter 'hash' [ 242.769685][ T8] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 242.786524][ T8] usb 5-1: USB disconnect, device number 3 [ 242.948679][ T8701] netlink: 12 bytes leftover after parsing attributes in process `syz.4.875'. [ 243.184160][ T8709] xt_hashlimit: max too large, truncated to 1048576 [ 244.218569][ T8738] loop4: detected capacity change from 0 to 1024 [ 244.229206][ T8738] EXT4-fs: Ignoring removed i_version option [ 244.255815][ T8738] EXT4-fs: inline encryption not supported [ 244.274978][ T8738] EXT4-fs (loop4): Test dummy encryption mode enabled [ 244.312276][ T8738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 244.684144][ T7285] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.741904][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.906'. [ 245.756779][ T8780] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.806384][ T8780] batadv0: mtu less than device minimum [ 245.814412][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.827281][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.840086][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.852769][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.865522][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.878373][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.889901][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.901578][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 245.913100][ T8780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 246.023513][ T8787] overlayfs: failed to clone upperpath [ 246.034679][ T8787] overlayfs: failed to clone upperpath [ 246.229770][ T8780] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.284341][ T8786] bridge2: entered promiscuous mode [ 246.291996][ T8786] bridge2: entered allmulticast mode [ 246.338566][ T8786] team0: Port device bridge2 added [ 246.382208][ T8788] bridge0: port 3(team0) entered blocking state [ 246.400966][ T8788] bridge0: port 3(team0) entered disabled state [ 246.430657][ T8788] team0: entered allmulticast mode [ 246.446535][ T8788] team_slave_0: entered allmulticast mode [ 246.467593][ T8788] team_slave_1: entered allmulticast mode [ 246.478293][ T8788] team0: entered promiscuous mode [ 246.483447][ T8788] team_slave_0: entered promiscuous mode [ 246.490198][ T8788] team_slave_1: entered promiscuous mode [ 246.564640][ T8798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.914'. [ 246.614314][ T8799] netlink: 'syz.1.915': attribute type 1 has an invalid length. [ 246.679542][ T8805] bond6: (slave ip6gretap1): making interface the new active one [ 246.688878][ T8805] bond6: (slave ip6gretap1): Enslaving as an active interface with an up link [ 246.732698][ T8799] bond6: entered promiscuous mode [ 246.738741][ T8799] ip6gretap1: entered promiscuous mode [ 246.744404][ T8799] bond6: entered allmulticast mode [ 246.750531][ T8799] ip6gretap1: entered allmulticast mode [ 246.758255][ T8799] 8021q: adding VLAN 0 to HW filter on device bond6 [ 247.451770][ T8834] ref_ctr increment failed for inode: 0x50a offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888017c68980 [ 247.557773][ T8840] pimreg: entered allmulticast mode [ 247.581124][ T8840] pimreg: left allmulticast mode [ 247.603902][ T8844] overlayfs: failed to clone upperpath [ 248.578444][ T8] IPVS: starting estimator thread 0... [ 248.676735][ T8881] IPVS: using max 17 ests per chain, 40800 per kthread [ 248.822266][ T8888] netlink: 'syz.4.945': attribute type 11 has an invalid length. [ 249.551327][ T8937] netlink: 'syz.3.950': attribute type 4 has an invalid length. [ 249.643326][ T8938] netlink: 'syz.3.950': attribute type 4 has an invalid length. [ 249.697502][ T8940] loop0: detected capacity change from 0 to 512 [ 249.758109][ T5758] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 250.262102][ T8955] netlink: 12 bytes leftover after parsing attributes in process `syz.3.957'. [ 250.599062][ T8957] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.632072][ T8957] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.796426][ T8958] netlink: 'syz.3.958': attribute type 16 has an invalid length. [ 250.821703][ T8958] netlink: 'syz.3.958': attribute type 17 has an invalid length. [ 250.848646][ T2999] bond5: (slave bridge4): link status up again after 0 ms [ 250.896571][ T8918] bond5: (slave bridge4): link status up again after 0 ms [ 250.944461][ T8918] bond5: (slave bridge4): link status up again after 0 ms [ 250.987524][ T2999] bond5: (slave bridge4): link status up again after 0 ms [ 251.026301][ T8918] bond5: (slave bridge4): link status up again after 0 ms [ 251.046721][ T8958] net_ratelimit: 10 callbacks suppressed [ 251.046732][ T8958] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 251.066343][ T2957] bond5: (slave bridge4): link status up again after 0 ms [ 251.104019][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 251.252520][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 251.321568][ T8968] bridge1: entered promiscuous mode [ 251.332829][ T8968] bridge1: entered allmulticast mode [ 251.356015][ T8968] team0: Port device bridge1 added [ 251.375892][ T8971] bridge0: port 3(team0) entered blocking state [ 251.406440][ T8971] bridge0: port 3(team0) entered disabled state [ 251.418371][ T8971] team0: entered allmulticast mode [ 251.423537][ T8971] team_slave_1: entered allmulticast mode [ 251.461610][ T8971] team0: entered promiscuous mode [ 251.480349][ T8971] team_slave_1: entered promiscuous mode [ 251.503988][ T8971] bridge0: port 3(team0) entered blocking state [ 251.510809][ T8971] bridge0: port 3(team0) entered forwarding state [ 251.537899][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 251.692282][ T8980] netlink: 32 bytes leftover after parsing attributes in process `syz.1.967'. [ 251.812980][ T8978] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 251.897660][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 252.031521][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 252.149478][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 252.297054][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 252.384327][ T9000] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 252.430475][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 252.547512][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 252.951300][ T9022] bond3: entered allmulticast mode [ 253.024223][ T9030] bridge3: entered promiscuous mode [ 253.055756][ T9030] bridge3: entered allmulticast mode [ 253.073510][ T9030] bond3: (slave bridge3): Enslaving as an active interface with an up link [ 253.079589][ T9035] overlayfs: failed to clone upperpath [ 253.088031][ T9033] netlink: 798 bytes leftover after parsing attributes in process `syz.1.984'. [ 254.955434][ T9081] bridge5: entered promiscuous mode [ 254.976238][ T9081] bridge5: entered allmulticast mode [ 254.996879][ T9081] team0: Port device bridge5 added [ 255.040417][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 255.040433][ T27] audit: type=1326 audit(1772077680.925:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.070721][ T9081] bridge0: port 3(team0) entered blocking state [ 255.085235][ T9081] bridge0: port 3(team0) entered disabled state [ 255.096251][ T27] audit: type=1326 audit(1772077680.925:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.127656][ T9081] team0: entered allmulticast mode [ 255.146430][ T9081] team_slave_0: entered allmulticast mode [ 255.157688][ T9081] team_slave_1: entered allmulticast mode [ 255.176535][ T27] audit: type=1326 audit(1772077680.925:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.199758][ T9081] team0: entered promiscuous mode [ 255.208851][ T9081] team_slave_0: entered promiscuous mode [ 255.214920][ T9081] team_slave_1: entered promiscuous mode [ 255.223951][ T27] audit: type=1326 audit(1772077680.925:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.248131][ T27] audit: type=1326 audit(1772077680.925:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.291494][ T27] audit: type=1326 audit(1772077680.925:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.356476][ T27] audit: type=1326 audit(1772077680.925:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.419307][ T27] audit: type=1326 audit(1772077680.925:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.492453][ T27] audit: type=1326 audit(1772077680.925:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.540119][ T27] audit: type=1326 audit(1772077680.925:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf8b9c629 code=0x7ffc0000 [ 255.851613][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.858135][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.126840][ T8921] net_ratelimit: 28 callbacks suppressed [ 256.126869][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 256.266279][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 256.386548][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 256.423626][ T42] libceph: connect (1)[c::]:6789 error -101 [ 256.432350][ T42] libceph: mon0 (1)[c::]:6789 connect error [ 256.518190][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 256.557353][ T9106] ceph: No mds server is up or the cluster is laggy [ 256.678725][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 256.846779][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 256.998174][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 257.058365][ T9113] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 257.106481][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 257.216740][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 257.326380][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 257.428963][ T9122] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1010'. [ 257.493847][ T9123] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1010'. [ 257.519018][ T9123] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1010'. [ 257.599859][ T9114] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 257.608748][ T9114] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 257.619022][ T9114] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 257.649081][ T9114] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 257.658602][ T9114] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 257.668738][ T9114] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 257.674744][ T9114] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 257.689835][ T9114] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 258.085000][ T9135] loop4: detected capacity change from 0 to 512 [ 259.660745][ T9135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.703598][ T5777] Bluetooth: hci2: command 0x0c1a tx timeout [ 259.709852][ T5777] Bluetooth: hci3: command 0x0406 tx timeout [ 259.715888][ T5777] Bluetooth: hci1: command 0x0406 tx timeout [ 259.780222][ T9135] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 260.176847][ T7285] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.198731][ T8924] net_ratelimit: 17 callbacks suppressed [ 261.198749][ T8924] bond5: (slave bridge4): failed to get link speed/duplex [ 261.357714][ T8924] bond5: (slave bridge4): failed to get link speed/duplex [ 261.433496][ T9166] loop4: detected capacity change from 0 to 128 [ 261.469393][ T8924] bond5: (slave bridge4): failed to get link speed/duplex [ 261.517488][ T9166] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 261.551101][ T9166] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 261.607537][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 261.658067][ T9169] binder: 9168:9169 unknown command 0 [ 261.663515][ T9169] binder: 9168:9169 ioctl c0306201 200000000080 returned -22 [ 261.716279][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 261.766563][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 261.772677][ T5777] Bluetooth: hci3: command 0x0406 tx timeout [ 261.778825][ T5766] Bluetooth: hci2: command 0x0c1a tx timeout [ 261.834842][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 261.900493][ T7285] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 262.012175][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 262.164270][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 262.307536][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 262.453759][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 262.729244][ T6472] kernel read not supported for file inotify (pid: 6472 comm: kworker/0:7) [ 262.740820][ T9190] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1032'. [ 262.849010][ T9190] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.898280][ T9191] kvm: pic: single mode not supported [ 262.898478][ T9191] kvm: pic: level sensitive irq not supported [ 262.921805][ T9191] kvm: pic: non byte read [ 262.945054][ T9191] kvm: pic: non byte read [ 262.951443][ T9191] kvm: pic: non byte read [ 262.956796][ T9191] kvm: pic: single mode not supported [ 262.956815][ T9191] kvm: pic: level sensitive irq not supported [ 262.962645][ T9191] kvm: pic: non byte read [ 262.975684][ T9191] kvm: pic: single mode not supported [ 262.975704][ T9191] kvm: pic: level sensitive irq not supported [ 262.981663][ T9191] kvm: pic: non byte read [ 263.002256][ T9191] kvm: pic: non byte read [ 263.007743][ T9191] kvm: pic: non byte read [ 263.012662][ T9191] kvm: pic: single mode not supported [ 263.012681][ T9191] kvm: pic: level sensitive irq not supported [ 263.028472][ T9191] kvm: pic: non byte read [ 263.053663][ T9191] kvm: pic: single mode not supported [ 263.053684][ T9191] kvm: pic: level sensitive irq not supported [ 263.066815][ T9191] kvm: pic: non byte read [ 263.789672][ T9199] loop4: detected capacity change from 0 to 32768 [ 263.846433][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 264.198578][ T9209] loop0: detected capacity change from 0 to 128 [ 265.206605][ T9226] overlayfs: failed to clone upperpath [ 265.382819][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 265.407560][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 265.428853][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 265.438877][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 265.453025][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 266.126258][ T9248] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 266.231315][ T9247] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1055'. [ 266.299553][ T8921] net_ratelimit: 32 callbacks suppressed [ 266.299572][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 266.448308][ T8924] bond5: (slave bridge4): failed to get link speed/duplex [ 266.558566][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 266.680973][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 266.958920][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 267.096519][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 267.297026][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 267.442285][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 267.568959][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 267.708822][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 267.744128][ T9265] netlink: 35 bytes leftover after parsing attributes in process `syz.3.1063'. [ 267.746221][ T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 267.966347][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 267.973807][ T8] usb 1-1: config 0 has an invalid interface number: 188 but max is 0 [ 267.982636][ T8] usb 1-1: config 0 has no interface number 0 [ 267.988869][ T8] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 268.012482][ T8] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 268.022187][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.031141][ T8] usb 1-1: Product: syz [ 268.035593][ T8] usb 1-1: Manufacturer: syz [ 268.040426][ T8] usb 1-1: SerialNumber: syz [ 268.048313][ T8] usb 1-1: config 0 descriptor?? [ 268.054412][ T9257] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 268.147796][ T9277] netlink: 'syz.4.1067': attribute type 39 has an invalid length. [ 268.313644][ T9257] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 269.217598][ T9294] tipc: Failed to remove unknown binding: 66,0,0/4:3008686315/3008686317 [ 269.231698][ T9294] tipc: Failed to remove unknown binding: 66,0,0/4:3008686315/3008686316 [ 269.243318][ T9294] tipc: Failed to remove unknown binding: 66,0,0/4:3008686315/3008686317 [ 269.252219][ T9294] tipc: Failed to remove unknown binding: 66,0,0/4:3008686315/3008686316 [ 270.135595][ T9316] loop4: detected capacity change from 0 to 8 [ 270.148902][ T8] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 270.190839][ T8] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 270.248882][ T8] asix: probe of 1-1:0.188 failed with error -71 [ 270.272492][ T8] usb 1-1: USB disconnect, device number 7 [ 270.277723][ T9316] SQUASHFS error: Failed to read block 0x636: -5 [ 270.287007][ T9316] SQUASHFS error: Unable to read metadata cache entry [634] [ 270.294343][ T9316] SQUASHFS error: Unable to read metadata cache entry [634] [ 270.324734][ T9316] SQUASHFS error: Unable to read directory block [634:0] [ 270.381373][ T9316] SQUASHFS error: Unable to read metadata cache entry [634] [ 270.407135][ T9316] SQUASHFS error: Unable to read metadata cache entry [634] [ 270.441304][ T9316] SQUASHFS error: Unable to read directory block [629:0] [ 270.800072][ T9337] binder: 9336:9337 ioctl c0306201 200000000180 returned -14 [ 271.379454][ T72] net_ratelimit: 30 callbacks suppressed [ 271.379472][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 271.398711][ T9341] loop4: detected capacity change from 0 to 40427 [ 271.532840][ T9341] F2FS-fs (loop4): Found nat_bits in checkpoint [ 271.546415][ T9350] bridge2: entered promiscuous mode [ 271.566972][ T9350] bridge2: entered allmulticast mode [ 271.612936][ T9341] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 271.641367][ T9350] team0: Port device bridge2 added [ 271.724352][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 271.806977][ T9350] geneve2: entered promiscuous mode [ 271.836451][ T9350] geneve2: entered allmulticast mode [ 272.010620][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 272.157672][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 272.276184][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 272.405746][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 272.475005][ T7285] syz-executor: attempt to access beyond end of device [ 272.475005][ T7285] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 272.509052][ T7285] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 272.537442][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 272.666191][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 272.675637][ T9376] overlayfs: failed to clone upperpath [ 272.776357][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 272.916497][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 276.455303][ T72] net_ratelimit: 27 callbacks suppressed [ 276.455321][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 276.578889][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 276.578905][ T27] audit: type=1326 audit(1772077702.465:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9435 comm="syz.3.1122" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x0 [ 276.634235][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 276.755439][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 276.886392][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 277.129976][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 277.336202][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 277.547339][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 277.770422][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 277.916175][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 278.039795][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 279.230738][ T9459] loop0: detected capacity change from 0 to 2048 [ 279.968279][ T9467] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 280.034805][ T51] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11 [ 280.157850][ T9472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1135'. [ 281.040919][ T9487] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1140'. [ 281.576295][ T2999] net_ratelimit: 28 callbacks suppressed [ 281.576317][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 281.709272][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 281.827416][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 282.247234][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 282.458647][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 282.714144][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 282.986522][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 283.098005][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 283.258677][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 283.397602][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 283.477603][ T9530] o2cb: This node has not been configured. [ 283.484024][ T9530] o2cb: Cluster check failed. Fix errors before retrying. [ 283.494720][ T9530] (syz.0.1156,9530,0):user_dlm_register:674 ERROR: status = -22 [ 283.521450][ T9530] (syz.0.1156,9530,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus" [ 284.888255][ T9546] loop4: detected capacity change from 0 to 512 [ 284.926764][ T9546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.966651][ T9546] ext4 filesystem being mounted at /164/bus/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.237762][ T7285] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.161936][ T9559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1166'. [ 286.264231][ T9559] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1166'. [ 286.615143][ T2957] net_ratelimit: 26 callbacks suppressed [ 286.615163][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 286.810496][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 286.967376][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 287.179029][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 287.406857][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 287.717810][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 287.863949][ T9577] netlink: 'syz.4.1170': attribute type 1 has an invalid length. [ 288.016345][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 288.074046][ T9584] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0 [ 288.121302][ T9584] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0 [ 288.165845][ T9584] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0 [ 288.221725][ T9584] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0 [ 288.329433][ T9584] bond4: (slave geneve2): making interface the new active one [ 288.403408][ T9584] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 288.526340][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 288.660879][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 288.856307][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 291.726254][ T59] net_ratelimit: 12 callbacks suppressed [ 291.726544][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 292.007041][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 292.116315][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 292.226311][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 292.306478][ T9616] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1183'. [ 292.348303][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 292.456569][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 292.588707][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 292.712348][ T9621] syzkaller0: entered promiscuous mode [ 292.724452][ T9621] syzkaller0: entered allmulticast mode [ 292.750726][ T72] syzkaller0: tun_net_xmit 48 [ 292.788452][ T9621] syzkaller0: create flow: hash 1144209095 index 1 [ 292.796860][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 293.047204][ T9620] syzkaller0: delete flow: hash 1144209095 index 1 [ 293.436693][ T9633] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1181'. [ 296.003538][ T9611] netlink: 'syz.3.1181': attribute type 12 has an invalid length. [ 296.152901][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 296.295433][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 296.761756][ T8918] net_ratelimit: 3 callbacks suppressed [ 296.761801][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 296.887395][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 296.996439][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 297.106254][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 297.236488][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 297.516475][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 297.628238][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 297.806397][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 297.966481][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 299.086995][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 299.204575][ T27] audit: type=1326 audit(1772077725.085:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.278150][ T27] audit: type=1326 audit(1772077725.115:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.323035][ T27] audit: type=1326 audit(1772077725.115:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.396543][ T27] audit: type=1326 audit(1772077725.125:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.467292][ T27] audit: type=1326 audit(1772077725.125:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.522161][ T27] audit: type=1326 audit(1772077725.125:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.665191][ T27] audit: type=1326 audit(1772077725.145:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.751126][ T27] audit: type=1326 audit(1772077725.145:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.774293][ T27] audit: type=1326 audit(1772077725.145:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 299.807860][ T27] audit: type=1326 audit(1772077725.145:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9677 comm="syz.0.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 301.112258][ T9708] team0: left allmulticast mode [ 301.119650][ T9708] team_slave_0: left allmulticast mode [ 301.143749][ T9708] team_slave_1: left allmulticast mode [ 301.170319][ T9708] team0: left promiscuous mode [ 301.189419][ T9708] team_slave_0: left promiscuous mode [ 301.207273][ T9708] team_slave_1: left promiscuous mode [ 301.219991][ T9708] bridge0: port 3(team0) entered disabled state [ 301.252695][ T9708] bridge_slave_1: left allmulticast mode [ 301.258526][ T9708] bridge_slave_1: left promiscuous mode [ 301.275773][ T9708] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.301130][ T9708] bridge_slave_0: left allmulticast mode [ 301.322115][ T9708] bridge_slave_0: left promiscuous mode [ 301.344591][ T9708] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.810054][ T2999] net_ratelimit: 17 callbacks suppressed [ 301.810072][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 301.964833][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 302.023265][ T9728] loop4: detected capacity change from 0 to 512 [ 302.126133][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 302.146565][ T9728] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 0)! [ 302.181312][ T9728] EXT4-fs (loop4): group descriptors corrupted! [ 302.267479][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 302.324538][ T5758] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 302.407134][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 302.548223][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 302.659956][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 302.806373][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 302.851322][ T9749] batman_adv: batadv0: Adding interface: dummy0 [ 302.866179][ T9749] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.926505][ T9749] batman_adv: batadv0: Interface activated: dummy0 [ 302.968617][ T9751] batadv0: mtu less than device minimum [ 302.977356][ T9751] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 306.866794][ T1327] net_ratelimit: 51 callbacks suppressed [ 306.866815][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 306.914862][ T9816] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1240'. [ 307.028762][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 307.156606][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 307.288254][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 307.416207][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 307.546392][ T8918] bond5: (slave bridge4): failed to get link speed/duplex [ 307.695344][ T8924] bond5: (slave bridge4): failed to get link speed/duplex [ 307.942600][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 308.079433][ T2999] bond5: (slave bridge4): failed to get link speed/duplex [ 308.217315][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 308.345933][ T9841] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0 [ 308.357598][ T9841] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0 [ 308.367352][ T9841] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0 [ 308.382568][ T9841] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0 [ 308.506322][ T42] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 308.698244][ T42] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 308.729023][ T42] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 308.764398][ T42] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 308.820414][ T42] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 308.860096][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.948820][ T42] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 308.973093][ T42] usb 1-1: invalid MIDI out EP 0 [ 310.166189][ T42] snd-usb-audio: probe of 1-1:27.0 failed with error -22 [ 310.422871][ T9840] udevd[9840]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 310.572999][ T42] usb 1-1: USB disconnect, device number 8 [ 311.792931][ T9870] netlink: 'syz.4.1259': attribute type 39 has an invalid length. [ 311.901793][ T2957] net_ratelimit: 19 callbacks suppressed [ 311.901815][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 312.028879][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 312.157844][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 312.266199][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 313.394013][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 313.608786][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 313.726400][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 313.839240][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 315.093429][ T8916] bond5: (slave bridge4): failed to get link speed/duplex [ 315.440246][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 316.981284][ T8927] net_ratelimit: 5 callbacks suppressed [ 316.981305][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 317.126838][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 317.266401][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 317.290839][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.297319][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.376673][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 317.498299][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 317.606278][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 317.726271][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 317.783394][ T9946] loop4: detected capacity change from 0 to 256 [ 317.877984][ T1327] bond5: (slave bridge4): failed to get link speed/duplex [ 317.895552][ T9946] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 317.998002][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 318.237680][ T8927] bond5: (slave bridge4): failed to get link speed/duplex [ 319.446412][ T9983] netlink: 'syz.0.1294': attribute type 46 has an invalid length. [ 319.471065][ T9983] netlink: 'syz.0.1294': attribute type 19 has an invalid length. [ 319.486332][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1294'. [ 320.302004][T10001] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1300'. [ 320.484516][T10001] 8021q: adding VLAN 0 to HW filter on device bond7 [ 320.638219][T10005] macvlan0: entered promiscuous mode [ 320.643589][T10005] macvlan0: entered allmulticast mode [ 320.673866][T10005] bond7: entered allmulticast mode [ 320.705920][T10005] bond7: entered promiscuous mode [ 320.730125][T10005] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 320.745450][T10005] team0: Port device macvlan0 added [ 321.619956][T10028] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1309'. [ 321.851371][T10037] lo speed is unknown, defaulting to 1000 [ 321.859119][T10037] lo speed is unknown, defaulting to 1000 [ 321.869824][T10037] lo speed is unknown, defaulting to 1000 [ 321.882913][T10037] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 321.939155][T10037] lo speed is unknown, defaulting to 1000 [ 321.960768][T10037] lo speed is unknown, defaulting to 1000 [ 321.972215][T10035] loop0: detected capacity change from 0 to 512 [ 321.972833][T10037] lo speed is unknown, defaulting to 1000 [ 321.989252][T10037] lo speed is unknown, defaulting to 1000 [ 322.037544][ T59] net_ratelimit: 20 callbacks suppressed [ 322.037557][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 322.104109][ T9840] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 322.157126][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 322.296824][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 322.437569][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 322.533656][T10042] IPVS: Scheduler module ip_vs_ not found [ 322.569258][ T8916] bond5: (slave bridge4): failed to get link speed/duplex [ 322.707772][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 322.751857][T10050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1315'. [ 323.056912][T10050] 8021q: adding VLAN 0 to HW filter on device bond7 [ 323.162001][T10052] macvlan2: entered promiscuous mode [ 323.198757][T10052] macvlan2: entered allmulticast mode [ 323.228898][T10052] bond7: entered allmulticast mode [ 323.251336][T10052] bond7: entered promiscuous mode [ 323.290605][T10052] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 323.333276][T10052] team0: Port device macvlan2 added [ 323.404454][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 323.546358][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 323.677488][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 323.787085][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 324.856306][T10075] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1323'. [ 327.082515][ T49] net_ratelimit: 20 callbacks suppressed [ 327.082538][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 327.266854][ T8916] bond5: (slave bridge4): failed to get link speed/duplex [ 327.387354][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 327.457139][ T51] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1 [ 327.458510][ T27] kauditd_printk_skb: 51 callbacks suppressed [ 327.458524][ T27] audit: type=1326 audit(2000000008.440:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10104 comm="syz.3.1334" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x0 [ 327.465367][ T51] Bluetooth: hci3: unexpected event for opcode 0x203e [ 327.501770][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 327.626344][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 327.767574][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 327.876476][ T49] bond5: (slave bridge4): failed to get link speed/duplex [ 328.409964][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 328.917308][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 329.068640][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 329.114595][T10130] loop0: detected capacity change from 0 to 512 [ 329.134595][T10130] ext4: Unknown parameter '"' [ 329.314440][ T9840] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 329.983708][T10136] nfs: Unknown parameter 'fs' [ 330.573018][T10142] syzkaller0: entered promiscuous mode [ 330.594645][T10142] syzkaller0: entered allmulticast mode [ 330.620141][T10144] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 331.297037][T10155] bridge_slave_1: left allmulticast mode [ 331.316238][T10155] bridge_slave_1: left promiscuous mode [ 331.527841][ T51] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 331.536845][ T51] Bluetooth: hci3: Injecting HCI hardware error event [ 331.548105][ T5777] Bluetooth: hci3: hardware error 0x00 [ 331.741732][T10155] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.230551][T10164] loop4: detected capacity change from 0 to 164 [ 332.407716][T10155] bridge_slave_0: left allmulticast mode [ 332.425336][T10155] bridge_slave_0: left promiscuous mode [ 332.497604][T10155] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.518088][T10164] rock: directory entry would overflow storage [ 332.572141][T10164] rock: sig=0x5053, size=7, remaining=4 [ 332.635120][T10164] isofs_fill_super: root inode is not a directory. Corrupted media? [ 333.086331][ T8916] net_ratelimit: 12 callbacks suppressed [ 333.086350][ T8916] bond5: (slave bridge4): failed to get link speed/duplex [ 333.221049][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 333.336516][ T8921] bond5: (slave bridge4): failed to get link speed/duplex [ 333.352140][T10175] lo speed is unknown, defaulting to 1000 [ 333.377390][T10168] loop0: detected capacity change from 0 to 256 [ 333.606307][ T5777] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 333.614423][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 333.661073][T10182] overlayfs: failed to get index nlink (file0/file1, err=-61) [ 333.726356][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 333.878797][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 334.026276][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 334.045033][T10191] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1361'. [ 334.089390][T10191] bridge3: port 1(veth0_to_bond) entered blocking state [ 334.104690][T10191] bridge3: port 1(veth0_to_bond) entered disabled state [ 334.112893][T10191] veth0_to_bond: entered allmulticast mode [ 334.121586][T10191] veth0_to_bond: entered promiscuous mode [ 334.146838][ T59] bond5: (slave bridge4): failed to get link speed/duplex [ 334.256894][ T72] bond5: (slave bridge4): failed to get link speed/duplex [ 334.391685][ T2957] bond5: (slave bridge4): failed to get link speed/duplex [ 335.729288][ T27] audit: type=1804 audit(2000000016.720:332): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1368" name="file0" dev="ramfs" ino=22891 res=1 errno=0 [ 336.122546][T10236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1375'. [ 336.265758][T10236] team0: Port device dummy0 removed [ 336.292370][T10236] bond0: (slave bond_slave_0): Releasing backup interface [ 336.327867][T10236] bond0: (slave bond_slave_1): Releasing backup interface [ 336.811856][T10236] team0: Port device team_slave_0 removed [ 337.020602][T10236] team0: Port device team_slave_1 removed [ 337.051848][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 337.094857][T10236] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 337.147966][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 337.175492][T10236] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 337.217364][T10236] bond4: (slave bridge1): Releasing backup interface [ 337.225630][T10236] bridge1: left allmulticast mode [ 337.255880][T10236] bond5: (slave bridge4): Removing an active aggregator [ 337.265473][T10236] bond5: (slave bridge4): Releasing backup interface [ 337.275713][T10236] bridge4: left promiscuous mode [ 337.293627][T10236] bridge4: left allmulticast mode [ 337.322759][T10236] bond7: left allmulticast mode [ 337.328385][T10236] bond7: left promiscuous mode [ 337.339124][T10236] team0: Port device macvlan2 removed [ 338.482602][T10264] loop4: detected capacity change from 0 to 2048 [ 338.514646][T10264] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 338.517269][T10268] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1387'. [ 338.845031][T10268] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1387'. [ 338.877038][T10268] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1387'. [ 338.968277][ T7285] UDF-fs: error (device loop4): udf_read_inode: (ino 1) failed !bh [ 339.003719][ T7285] UDF-fs: error (device loop4): udf_read_inode: (ino 1) failed !bh [ 344.404884][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 344.415791][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 344.424575][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 344.432865][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 344.441525][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 344.449500][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 344.543189][T10309] lo speed is unknown, defaulting to 1000 [ 344.720893][T10309] chnl_net:caif_netlink_parms(): no params data found [ 344.820903][T10309] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.828675][T10309] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.837965][T10309] bridge_slave_0: entered allmulticast mode [ 344.845543][T10309] bridge_slave_0: entered promiscuous mode [ 344.855830][T10309] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.863554][T10309] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.872371][T10309] bridge_slave_1: entered allmulticast mode [ 344.880905][T10309] bridge_slave_1: entered promiscuous mode [ 344.924289][T10309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.941980][T10309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 344.977376][T10309] team0: Port device team_slave_0 added [ 344.985387][T10309] team0: Port device team_slave_1 added [ 345.022541][T10309] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.029697][T10309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.061770][T10309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 345.074953][T10309] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 345.090566][T10309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.125793][T10309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.175002][T10309] hsr_slave_0: entered promiscuous mode [ 345.183683][T10309] hsr_slave_1: entered promiscuous mode [ 345.192540][T10309] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 345.200534][T10309] Cannot create hsr debugfs directory [ 345.360129][T10309] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 345.371678][T10309] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 345.382188][T10309] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 345.391870][T10309] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 345.422263][T10309] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.429519][T10309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 345.437159][T10309] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.444470][T10309] bridge0: port 1(bridge_slave_0) entered forwarding state [ 345.535883][T10309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 345.560021][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.569914][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.585988][T10309] 8021q: adding VLAN 0 to HW filter on device team0 [ 345.602342][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.609521][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 345.630532][ T8916] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.637748][ T8916] bridge0: port 2(bridge_slave_1) entered forwarding state [ 345.902514][T10309] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 346.489659][ T51] Bluetooth: hci2: command tx timeout [ 347.330157][T10309] veth0_vlan: entered promiscuous mode [ 347.391388][T10309] veth1_vlan: entered promiscuous mode [ 347.492424][T10309] veth0_macvtap: entered promiscuous mode [ 347.513855][T10309] veth1_macvtap: entered promiscuous mode [ 347.564771][T10309] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 347.615817][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.634965][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.659388][T10309] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 347.704732][T10309] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 347.738338][T10309] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 347.772042][T10309] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 347.792133][T10309] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.279584][ T8916] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.305373][ T8916] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 348.520936][ T8924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.569231][ T51] Bluetooth: hci2: command tx timeout [ 348.596480][ T8924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 349.023404][T10381] binder: 10380:10381 ioctl c0306201 2000000003c0 returned -14 [ 349.654991][T10394] netlink: 'syz.0.1433': attribute type 13 has an invalid length. [ 350.656522][ T51] Bluetooth: hci2: command tx timeout [ 350.861127][T10403] syz_tun: entered allmulticast mode [ 350.891836][T10399] syz_tun: left allmulticast mode [ 350.903766][T10401] lo speed is unknown, defaulting to 1000 [ 351.176765][T10408] netlink: 'syz.0.1428': attribute type 1 has an invalid length. [ 351.392588][T10408] 8021q: adding VLAN 0 to HW filter on device bond6 [ 351.420276][T10411] bond6: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms [ 351.444556][T10411] bond6: entered allmulticast mode [ 351.521454][T10413] bond6: (slave ip6gretap4): Enslaving as an active interface with an up link [ 352.726316][ T51] Bluetooth: hci2: command tx timeout [ 357.286961][T10437] netlink: 'syz.5.1438': attribute type 13 has an invalid length. [ 362.269603][T10501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1456'. [ 368.072157][T10556] vlan2: entered promiscuous mode [ 368.074537][T10557] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1468'. [ 368.085682][T10556] bridge0: entered promiscuous mode [ 368.094222][T10556] vlan2: entered allmulticast mode [ 368.124556][T10556] bridge0: entered allmulticast mode [ 368.282284][T10556] bridge_slave_0: left allmulticast mode [ 368.301935][T10556] bridge_slave_0: left promiscuous mode [ 368.336576][T10556] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.383162][T10556] bridge_slave_1: left allmulticast mode [ 368.401481][T10556] bridge_slave_1: left promiscuous mode [ 368.411310][T10556] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.462453][T10556] bond0: (slave bond_slave_0): Releasing backup interface [ 368.567726][T10556] bond0: (slave bond_slave_1): Releasing backup interface [ 368.679699][T10556] team0: Port device team_slave_0 removed [ 368.777732][T10556] team0: Port device team_slave_1 removed [ 368.813006][T10556] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 368.846219][T10556] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 368.882635][T10556] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 368.925815][T10556] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.786507][T10582] batadv_slave_0: entered promiscuous mode [ 369.809685][T10582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1476'. [ 369.907077][T10582] batadv_slave_0 (unregistering): left promiscuous mode [ 369.917071][T10589] binder: 10588:10589 ioctl c0306201 2000000001c0 returned -14 [ 369.940480][T10582] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.948326][T10589] binder: 10588:10589 ioctl c0306201 200000000180 returned -14 [ 370.707507][T10605] lo speed is unknown, defaulting to 1000 [ 370.983441][T10608] lo speed is unknown, defaulting to 1000 [ 372.975849][T10625] lo speed is unknown, defaulting to 1000 [ 375.272634][T10651] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1496'. [ 375.425225][T10651] veth0_virt_wifi: Caught tx_queue_len zero misconfig [ 376.696509][T10662] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 377.099584][T10664] netlink: 'syz.3.1501': attribute type 1 has an invalid length. [ 377.700240][T10664] bond8: entered promiscuous mode [ 377.705343][T10664] bond8: entered allmulticast mode [ 377.931265][T10668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1501'. [ 377.974550][T10668] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 378.049773][T10668] bond8: (slave bridge0): making interface the new active one [ 378.125176][T10668] bridge0: entered promiscuous mode [ 378.143641][T10668] bridge0: entered allmulticast mode [ 378.161172][T10668] bond8: (slave bridge0): Enslaving as an active interface with an up link [ 378.249532][T10673] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1503'. [ 378.342440][T10664] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1501'. [ 378.373844][T10664] bond8: left promiscuous mode [ 378.396130][T10664] bridge0: left promiscuous mode [ 378.415690][T10664] bond8: left allmulticast mode [ 378.424328][T10664] bridge0: left allmulticast mode [ 378.444469][T10664] 8021q: adding VLAN 0 to HW filter on device bond8 [ 378.675069][T10685] xt_TCPMSS: Only works on TCP SYN packets [ 378.730521][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.737296][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.984741][T10690] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 379.011810][T10690] CIFS mount error: No usable UNC path provided in device string! [ 379.011810][T10690] [ 379.022293][T10690] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 381.356664][ T27] audit: type=1326 audit(2000000062.340:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.5.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7fc00000 [ 381.495228][ T27] audit: type=1326 audit(2000000062.480:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.5.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff631b9c629 code=0x7fc00000 [ 385.355054][T10764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1532'. [ 386.381505][T10778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1535'. [ 386.415801][T10775] vlan0: entered promiscuous mode [ 386.447860][T10775] bridge0: entered promiscuous mode [ 386.471187][T10775] vlan0: entered allmulticast mode [ 386.496391][T10775] bridge0: entered allmulticast mode [ 386.591981][T10779] team0: left allmulticast mode [ 386.598177][T10779] team_slave_0: left allmulticast mode [ 386.649788][T10779] team_slave_1: left allmulticast mode [ 386.695080][T10779] team0: left promiscuous mode [ 386.706766][T10779] team_slave_0: left promiscuous mode [ 386.757983][T10779] team_slave_1: left promiscuous mode [ 386.776487][T10779] bridge0: port 3(team0) entered disabled state [ 386.892182][T10779] batman_adv: batadv0: Interface deactivated: dummy0 [ 386.908059][T10779] batman_adv: batadv0: Removing interface: dummy0 [ 386.940749][T10779] bridge_slave_0: left allmulticast mode [ 386.961713][T10779] bridge_slave_0: left promiscuous mode [ 386.976467][T10779] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.038948][T10779] bridge_slave_1: left allmulticast mode [ 387.067887][T10779] bridge_slave_1: left promiscuous mode [ 387.097322][T10779] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.165561][T10779] bond0: (slave bond_slave_0): Releasing backup interface [ 387.205789][T10779] bond0: (slave bond_slave_1): Releasing backup interface [ 387.249260][T10779] team0: Port device team_slave_0 removed [ 387.296826][T10779] team0: Port device team_slave_1 removed [ 387.354864][T10779] bond2: (slave bridge2): Releasing backup interface [ 387.413826][T10779] bridge2: left allmulticast mode [ 387.439480][T10779] bond3: (slave bridge3): Releasing active interface [ 387.498602][T10779] bond4: (slave bond5): Releasing backup interface [ 387.528702][T10779] bond4: (slave bond5): the permanent HWaddr of slave - 9a:84:c4:63:6a:07 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 387.579120][T10779] bond4: (slave gretap1): making interface the new active one [ 387.654643][T10779] bond4: (slave gretap1): Releasing backup interface [ 387.694694][T10779] bond6: (slave ip6gretap1): Releasing active interface [ 387.733818][T10779] ip6gretap1: left promiscuous mode [ 387.754959][T10779] ip6gretap1: left allmulticast mode [ 387.831021][T10779] team0: Port device bridge5 removed [ 387.851839][T10779] bond7: left allmulticast mode [ 387.866337][T10779] bond7: left promiscuous mode [ 387.885705][T10779] team0: Port device macvlan0 removed [ 388.116970][T10810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1546'. [ 388.187607][T10810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1546'. [ 389.773805][T10837] vlan3: entered promiscuous mode [ 389.796178][T10837] bridge0: entered promiscuous mode [ 389.813427][T10837] vlan3: entered allmulticast mode [ 389.840226][T10837] bridge0: entered allmulticast mode [ 389.862813][T10840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1557'. [ 389.982648][T10846] x_tables: duplicate underflow at hook 2 [ 389.990988][T10837] team0: left allmulticast mode [ 390.023055][T10837] team_slave_1: left allmulticast mode [ 390.044818][T10837] team0: left promiscuous mode [ 390.098918][T10837] team_slave_1: left promiscuous mode [ 390.115425][T10837] bridge0: port 3(team0) entered disabled state [ 390.147799][T10837] batman_adv: batadv0: Interface deactivated: dummy0 [ 390.161402][T10837] batman_adv: batadv0: Removing interface: dummy0 [ 390.187520][T10837] bridge_slave_0: left allmulticast mode [ 390.201980][T10837] bridge_slave_0: left promiscuous mode [ 390.219836][T10837] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.259269][T10837] bridge_slave_1: left allmulticast mode [ 390.265124][T10837] bridge_slave_1: left promiscuous mode [ 390.280319][T10837] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.309087][T10837] veth0_to_bond: left allmulticast mode [ 390.329542][T10837] veth0_to_bond: left promiscuous mode [ 390.343270][T10837] bridge3: port 1(veth0_to_bond) entered disabled state [ 390.379091][T10837] bond0: (slave bond_slave_0): Releasing backup interface [ 390.446838][T10837] bond0: (slave bond_slave_1): Releasing backup interface [ 390.529700][T10837] team0: Port device team_slave_1 removed [ 390.541726][T10837] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 390.550769][T10837] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 390.581011][T10837] bond2: (slave ip6gretap1): Releasing backup interface [ 390.602087][T10837] bond3: (slave ip6gretap2): Releasing backup interface [ 390.633993][T10837] ip6gretap2: left allmulticast mode [ 390.672232][T10837] bond4: (slave ip6gretap3): Releasing backup interface [ 390.711998][T10837] ip6gretap3: left allmulticast mode [ 390.739567][T10837] bond5: (slave veth3): Releasing backup interface [ 390.781444][T10837] veth3: left promiscuous mode [ 390.817756][T10837] team0: Port device bridge1 removed [ 390.834653][T10837] team0: Port device bridge2 removed [ 390.862236][T10837] bond6: (slave ip6gretap4): Releasing active interface [ 391.313658][T10858] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -11243, delta: 1 [ 391.356894][T10858] ref_ctr increment failed for inode: 0x8a1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888030d5e880 [ 391.399322][T10857] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -11243, delta: -1 [ 391.422640][T10857] ref_ctr decrement failed for inode: 0x8a1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888030d5e880 [ 391.658200][T10860] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1565'. [ 391.698264][T10860] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 391.707321][T10860] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 391.716097][T10860] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 391.724837][T10860] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 391.750167][T10860] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1565'. [ 392.678911][T10883] lo speed is unknown, defaulting to 1000 [ 393.095095][T10891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1575'. [ 394.343348][T10916] lo speed is unknown, defaulting to 1000 [ 397.238221][T10934] lo speed is unknown, defaulting to 1000 [ 398.139006][ T51] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 398.174678][T10938] x_tables: duplicate underflow at hook 2 [ 402.330551][ T8] Process accounting resumed [ 402.535849][T10960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1600'. [ 402.596539][T10960] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 402.605336][T10960] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 402.614573][T10960] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 402.623548][T10960] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 402.646078][T10966] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1600'. [ 402.655622][T10960] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1600'. [ 402.842378][T10966] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1600'. [ 402.967489][T10971] netlink: 'syz.1.1603': attribute type 1 has an invalid length. [ 403.076539][T10971] bond8: (slave vxcan3): The slave device specified does not support setting the MAC address [ 403.095142][T10971] bond8: (slave vxcan3): Setting fail_over_mac to active for active-backup mode [ 403.118105][T10971] bond8: (slave vxcan3): making interface the new active one [ 403.172696][T10971] bond8: (slave vxcan3): Enslaving as an active interface with an up link [ 403.216172][T10976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1603'. [ 403.254346][T10976] bond8 (unregistering): (slave vxcan3): Releasing backup interface [ 403.283924][T10976] bond8 (unregistering): Released all slaves [ 405.524328][T11017] team_slave_1: Caught tx_queue_len zero misconfig [ 405.983015][T11033] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 406.271101][T11037] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1622'. [ 406.560145][T11041] overlayfs: failed to clone upperpath [ 408.667646][T11085] xt_ecn: cannot match TCP bits for non-tcp packets [ 414.669905][T11133] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1657'. [ 414.785358][ T27] audit: type=1326 audit(2000000095.770:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 414.849816][ T27] audit: type=1326 audit(2000000095.770:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 414.907839][ T27] audit: type=1326 audit(2000000095.810:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 414.931264][ T27] audit: type=1326 audit(2000000095.830:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 414.961832][ T27] audit: type=1326 audit(2000000095.830:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 415.016746][ T27] audit: type=1326 audit(2000000095.830:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 415.040087][ T27] audit: type=1326 audit(2000000095.830:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 415.084621][ T27] audit: type=1326 audit(2000000095.830:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 415.132082][ T27] audit: type=1326 audit(2000000095.830:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 415.250501][ T27] audit: type=1326 audit(2000000095.830:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 417.509710][T11161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1665'. [ 419.966701][T11186] net_ratelimit: 15 callbacks suppressed [ 419.966718][T11186] openvswitch: netlink: Message has 4 unknown bytes. [ 428.172744][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1681'. [ 433.129596][T11279] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1698'. [ 439.008110][T11320] lo speed is unknown, defaulting to 1000 [ 440.170452][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.194023][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 442.437874][T11344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1719'. [ 442.628988][T11344] bridge4: port 1(veth7) entered blocking state [ 442.635477][T11344] bridge4: port 1(veth7) entered disabled state [ 442.642154][T11344] veth7: entered allmulticast mode [ 442.650727][T11344] veth7: entered promiscuous mode [ 442.657374][T11344] bridge4: port 1(veth7) entered blocking state [ 442.663786][T11344] bridge4: port 1(veth7) entered forwarding state [ 442.697396][ T8921] bridge4: port 1(veth7) entered disabled state [ 442.790145][T11347] bridge4: port 2(veth9) entered blocking state [ 442.800681][T11347] bridge4: port 2(veth9) entered disabled state [ 442.816373][T11347] veth9: entered allmulticast mode [ 442.833518][T11347] veth9: entered promiscuous mode [ 442.863997][T11347] bridge4: port 2(veth9) entered blocking state [ 442.870487][T11347] bridge4: port 2(veth9) entered forwarding state [ 442.957579][ T49] bridge4: port 2(veth9) entered disabled state [ 443.462873][T11356] overlayfs: failed to clone upperpath [ 443.536286][T11356] overlayfs: failed to resolve './file1': -2 [ 445.299142][T11364] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1725'. [ 445.543636][T11364] bridge5: port 1(veth11) entered blocking state [ 445.597844][T11364] bridge5: port 1(veth11) entered disabled state [ 445.604449][T11364] veth11: entered allmulticast mode [ 445.667748][T11364] veth11: entered promiscuous mode [ 445.867040][T11367] bridge5: port 2(veth13) entered blocking state [ 445.873528][T11367] bridge5: port 2(veth13) entered disabled state [ 445.923355][T11367] veth13: entered allmulticast mode [ 445.947458][T11367] veth13: entered promiscuous mode [ 445.981897][T11369] VFS: Mount too revealing [ 447.656812][T11389] bond2: entered allmulticast mode [ 447.665204][T11389] bond2: left allmulticast mode [ 447.927660][T11391] lo: Caught tx_queue_len zero misconfig [ 449.057409][T11391] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1735'. [ 450.744222][T11413] netlink: 'syz.1.1740': attribute type 1 has an invalid length. [ 450.758980][T11409] VFS: Mount too revealing [ 450.797166][T11413] bond8: entered promiscuous mode [ 450.802619][T11413] 8021q: adding VLAN 0 to HW filter on device bond8 [ 450.820613][T11415] bond8: (slave bridge6): making interface the new active one [ 450.836169][T11415] bridge6: entered promiscuous mode [ 450.843184][T11415] bond8: (slave bridge6): Enslaving as an active interface with an up link [ 450.916458][T11413] bridge0: Device is already in use. [ 451.145334][T11419] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1743'. [ 454.006274][T11450] netlink: 'syz.0.1753': attribute type 1 has an invalid length. [ 454.099140][T11450] 8021q: adding VLAN 0 to HW filter on device bond7 [ 454.286368][T11452] 8021q: adding VLAN 0 to HW filter on device bond7 [ 454.296924][T11452] bond7: (slave vti0): The slave device specified does not support setting the MAC address [ 454.322717][T11452] bond7: (slave vti0): Error -95 calling set_mac_address [ 455.012826][T11453] bond7: (slave gretap1): making interface the new active one [ 455.081495][T11453] bond7: (slave gretap1): Enslaving as an active interface with an up link [ 456.993247][T11474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1758'. [ 458.844199][T11489] netlink: get zone limit has 4 unknown bytes [ 459.577194][T11491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1765'. [ 459.849229][T11495] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1766'. [ 461.060637][T11508] syz_tun: entered allmulticast mode [ 461.421451][T11518] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1773'. [ 462.236584][T11510] lo speed is unknown, defaulting to 1000 [ 462.414337][T11522] netlink: 'syz.5.1776': attribute type 1 has an invalid length. [ 462.443531][T11522] netlink: 193500 bytes leftover after parsing attributes in process `syz.5.1776'. [ 464.866342][ T6483] kernel write not supported for file bpf-prog (pid: 6483 comm: kworker/0:8) [ 465.016769][T11556] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: 1 [ 465.039454][T11556] ref_ctr increment failed for inode: 0x1f7 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888023ae6880 [ 465.737535][T11548] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: -1 [ 465.830502][T11548] ref_ctr decrement failed for inode: 0x1f7 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888023ae6880 [ 467.927619][ T5777] Bluetooth: hci2: command 0x0406 tx timeout [ 469.123598][T11587] lo speed is unknown, defaulting to 1000 [ 475.114907][T11618] tipc: Enabled bearer , priority 10 [ 475.224629][T11618] tipc: Enabled bearer , priority 0 [ 478.040499][T11651] lo speed is unknown, defaulting to 1000 [ 478.128947][T11660] xt_TCPMSS: Only works on TCP SYN packets [ 480.047795][T11689] sch_fq: defrate 0 ignored. [ 483.876923][T11716] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1835'. [ 484.637134][T11729] lo speed is unknown, defaulting to 1000 [ 485.445885][T11744] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa [ 490.228931][ T27] kauditd_printk_skb: 49 callbacks suppressed [ 490.228948][ T27] audit: type=1326 audit(2000000171.210:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11794 comm="syz.0.1858" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x0 [ 491.455456][ T27] audit: type=1326 audit(2000000172.440:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.505791][ T27] audit: type=1326 audit(2000000172.440:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.534734][ T27] audit: type=1326 audit(2000000172.440:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.580422][ T27] audit: type=1326 audit(2000000172.450:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.613200][ T27] audit: type=1326 audit(2000000172.450:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.700951][ T27] audit: type=1326 audit(2000000172.450:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff38835cece code=0x7ffc0000 [ 491.772640][ T27] audit: type=1326 audit(2000000172.450:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.866601][ T27] audit: type=1326 audit(2000000172.450:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 491.902319][ T27] audit: type=1326 audit(2000000172.450:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11805 comm="syz.3.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 493.166228][T11827] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1867'. [ 493.519133][T11850] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1873'. [ 494.209871][T11867] UBIFS error (pid: 11867): cannot open "ubifs", error -22 [ 495.016731][T11872] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1879'. [ 495.568071][T11884] lo speed is unknown, defaulting to 1000 [ 497.298583][T11911] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1891'. [ 497.377021][T11911] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1891'. [ 500.743134][T11940] lo speed is unknown, defaulting to 1000 [ 501.612646][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.619081][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.477533][T11882] Set syz1 is full, maxelem 65536 reached [ 502.649367][T11946] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.664850][T11946] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.675480][T11946] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.690657][T11946] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.483768][T11946] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 503.492952][T11946] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 503.502115][T11946] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 503.511077][T11946] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 503.760935][T11944] lo speed is unknown, defaulting to 1000 [ 504.863368][T11963] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1903'. [ 504.875234][T11963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1903'. [ 504.884713][T11963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1903'. [ 507.548107][T11975] lo speed is unknown, defaulting to 1000 [ 509.931754][T12000] xt_nat: multiple ranges no longer supported [ 510.530680][T12001] vxcan2: entered allmulticast mode [ 514.955096][T12038] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1925'. [ 515.079679][T12038] netlink: 'syz.5.1925': attribute type 5 has an invalid length. [ 515.099196][T12038] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1925'. [ 515.919330][T12042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 516.133725][T12059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1931'. [ 520.181805][T12105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1946'. [ 520.398490][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1946'. [ 520.600853][T12113] openvswitch: netlink: Key 22 has unexpected len 2 expected 4 [ 523.087598][T12128] xt_CT: You must specify a L4 protocol and not use inversions on it [ 525.550916][T12131] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 525.568545][T12131] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 525.578059][T12131] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 525.587307][T12131] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 525.692520][T12131] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 525.703431][T12131] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 525.712416][T12131] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 525.721413][T12131] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 525.783586][T12149] netlink: 'syz.0.1957': attribute type 1 has an invalid length. [ 525.854643][T12149] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR [ 525.986707][T12159] netlink: 'syz.1.1962': attribute type 12 has an invalid length. [ 528.417541][T12203] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1975'. [ 529.231020][T12205] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1977'. [ 529.240699][ T27] kauditd_printk_skb: 54 callbacks suppressed [ 529.240714][ T27] audit: type=1326 audit(2000000210.230:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.277723][ T27] audit: type=1326 audit(2000000210.230:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.357613][ T27] audit: type=1326 audit(2000000210.230:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.380693][ T27] audit: type=1326 audit(2000000210.230:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff631b5cece code=0x7ffc0000 [ 529.403463][ T27] audit: type=1326 audit(2000000210.230:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.426334][ T27] audit: type=1326 audit(2000000210.230:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.459996][ T27] audit: type=1326 audit(2000000210.230:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.526005][ T27] audit: type=1326 audit(2000000210.230:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.573770][T12205] bond9: (slave ip_vti0): The slave device specified does not support setting the MAC address [ 529.573907][ T27] audit: type=1326 audit(2000000210.230:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.606963][ T27] audit: type=1326 audit(2000000210.230:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12206 comm="syz.5.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7ff631b9c629 code=0x7ffc0000 [ 529.646544][T12205] bond9: (slave ip_vti0): Error -95 calling set_mac_address [ 531.146750][T12222] xt_socket: unknown flags 0x50 [ 532.280234][T12237] xt_CT: You must specify a L4 protocol and not use inversions on it [ 532.719677][T12241] veth0_to_hsr: Caught tx_queue_len zero misconfig [ 533.184533][T12252] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1988'. [ 533.279649][T12255] bond1: (slave ip_vti0): The slave device specified does not support setting the MAC address [ 533.323862][T12255] bond1: (slave ip_vti0): Error -95 calling set_mac_address [ 533.573970][T12260] netlink: 'syz.3.1991': attribute type 1 has an invalid length. [ 533.988409][T12260] 8021q: adding VLAN 0 to HW filter on device bond10 [ 534.614059][T12264] bond10: (slave gretap1): making interface the new active one [ 534.667335][T12264] bond10: (slave gretap1): Enslaving as an active interface with an up link [ 534.679234][ T27] kauditd_printk_skb: 96 callbacks suppressed [ 534.679250][ T27] audit: type=1326 audit(2000000215.670:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 534.939177][ T27] audit: type=1326 audit(2000000215.670:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 535.401130][ T27] audit: type=1326 audit(2000000215.700:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 535.863405][ T27] audit: type=1326 audit(2000000215.700:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 535.978585][ T27] audit: type=1326 audit(2000000215.710:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5910b5cece code=0x7ffc0000 [ 536.074323][ T27] audit: type=1326 audit(2000000215.710:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 536.166961][ T27] audit: type=1326 audit(2000000215.710:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 536.189736][ T27] audit: type=1326 audit(2000000215.710:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 536.213362][ T27] audit: type=1326 audit(2000000215.710:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 536.242247][ T27] audit: type=1326 audit(2000000215.720:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12265 comm="syz.1.1992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 536.430864][T12278] overlayfs: failed to clone upperpath [ 538.885193][T12297] xt_CT: You must specify a L4 protocol and not use inversions on it [ 541.744619][T12328] netlink: 'syz.5.2009': attribute type 12 has an invalid length. [ 542.454890][T12331] lo speed is unknown, defaulting to 1000 [ 545.492807][T12346] netlink: 'syz.0.2017': attribute type 1 has an invalid length. [ 545.708268][T12346] 8021q: adding VLAN 0 to HW filter on device bond8 [ 549.328158][T12402] mac80211_hwsim hwsim13 wlan0: entered allmulticast mode [ 549.375798][T12402] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 550.865398][T12419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2037'. [ 550.894388][T12417] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2035'. [ 557.949661][ T8921] hsr_slave_0: left promiscuous mode [ 557.968205][ T8921] hsr_slave_1: left promiscuous mode [ 557.999227][ T8921] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 558.212537][ T8921] bond4 (unregistering): (slave geneve2): Releasing active interface [ 558.329665][ T8921] bond4 (unregistering): Released all slaves [ 558.439636][ T8921] bond3 (unregistering): (slave bridge3): Releasing backup interface [ 559.008565][ T8921] bond3 (unregistering): Released all slaves [ 559.257121][ T27] kauditd_printk_skb: 53 callbacks suppressed [ 559.257138][ T27] audit: type=1804 audit(2000000240.240:627): pid=12502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2055" name="bus" dev="ramfs" ino=29702 res=1 errno=0 [ 559.285663][ T8921] team0 (unregistering): Port device bridge2 removed [ 559.339618][ T27] audit: type=1804 audit(2000000240.330:628): pid=12503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2055" name="bus" dev="ramfs" ino=29702 res=1 errno=0 [ 559.434411][ T8921] bond2 (unregistering): Released all slaves [ 559.694376][ T8921] bond1 (unregistering): (slave veth3): Releasing active interface [ 560.081963][ T8921] bond1 (unregistering): Released all slaves [ 563.149027][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.156138][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.403643][T12536] netlink: 'syz.0.2062': attribute type 1 has an invalid length. [ 564.099045][ T8921] team0 (unregistering): Port device team_slave_1 removed [ 564.224169][ T8921] team0 (unregistering): Port device team_slave_0 removed [ 564.299704][ T8921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 564.378894][ T8921] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 566.754700][ T8921] bond0 (unregistering): Released all slaves [ 566.846289][T12555] netlink: 'syz.3.2069': attribute type 1 has an invalid length. [ 566.937583][T12555] 8021q: adding VLAN 0 to HW filter on device bond11 [ 566.988519][T12556] bond11: (slave geneve2): making interface the new active one [ 567.077383][T12556] bond11: (slave geneve2): Enslaving as an active interface with an up link [ 568.469062][T12586] xt_TCPMSS: Only works on TCP SYN packets [ 568.691344][T12589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2074'. [ 568.867960][ T2001] IPVS: starting estimator thread 0... [ 568.997319][T12592] IPVS: using max 15 ests per chain, 36000 per kthread [ 569.075538][T12589] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 569.084645][T12589] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 569.093441][T12589] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 569.102231][T12589] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 569.380496][T12589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2074'. [ 569.952983][ T8921] IPVS: stop unused estimator thread 0... [ 575.364437][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2087'. [ 575.444384][T12648] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 575.453474][T12648] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 575.462886][T12648] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 575.471705][T12648] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 575.559036][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2087'. [ 581.558687][T12759] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2104'. [ 582.467388][T12767] netlink: 'syz.3.2107': attribute type 10 has an invalid length. [ 582.475280][T12767] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2107'. [ 582.603454][T12767] team0: Port device geneve0 added [ 582.904200][T12763] debugfs: Directory 'netdev:nicvf0' with parent 'phy7' already present! [ 587.241846][T12840] bond2: (slave ip6gretap1): making interface the new active one [ 587.253517][T12840] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 590.220559][ T2957] bond8: (slave bridge0): link status definitely down, disabling slave [ 590.231835][ T2957] bond8: now running without any active interface! [ 590.314634][T12884] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 590.378916][T12884] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 593.014560][T12944] netlink: 'syz.0.2141': attribute type 11 has an invalid length. [ 594.619320][T12972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2134'. [ 600.427576][T13085] netlink: 'syz.1.2155': attribute type 21 has an invalid length. [ 603.897656][T13120] lo: Caught tx_queue_len zero misconfig [ 605.355020][T13134] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2164'. [ 605.612456][T13136] sch_tbf: burst 88 is lower than device veth17 mtu (1514) ! [ 609.298259][T13208] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2177'. [ 609.603960][T13208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2177'. [ 611.866417][T13248] ptrace attach of "./syz-executor exec"[13250] was attempted by "./syz-executor exec"[13248] [ 612.973147][T13266] netlink: 'syz.1.2183': attribute type 9 has an invalid length. [ 613.342945][T13276] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2174'. [ 616.959239][T13316] syz.5.2181 (13316) used greatest stack depth: 17864 bytes left [ 617.274969][T13328] x_tables: duplicate entry at hook 3 [ 617.303319][T13328] netlink: 'syz.0.2194': attribute type 16 has an invalid length. [ 617.336873][T13328] netlink: 'syz.0.2194': attribute type 17 has an invalid length. [ 617.495221][T13328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 617.508271][T13328] 8021q: adding VLAN 0 to HW filter on device team0 [ 617.534162][T13328] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 618.993747][T13339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2198'. [ 619.021961][T13339] nbd: socks must be embedded in a SOCK_ITEM attr [ 619.314072][T13355] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2202'. [ 623.790933][T13379] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2210'. [ 623.892287][T13379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2210'. [ 624.493210][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.505785][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.924318][T13423] xt_CT: No such helper "pptp" [ 628.291463][T13428] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2224'. [ 628.609903][T13428] netlink: 63 bytes leftover after parsing attributes in process `syz.1.2224'. [ 631.264635][T13452] netlink: 'syz.1.2228': attribute type 5 has an invalid length. [ 636.720368][T13522] bond_slave_1: entered promiscuous mode [ 636.732958][T13522] bond_slave_1: left promiscuous mode [ 641.675664][T13561] bond_slave_1: entered promiscuous mode [ 641.699548][T13561] bond_slave_1: left promiscuous mode [ 642.201870][ T27] audit: type=1326 audit(2000000323.190:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 642.540332][ T27] audit: type=1326 audit(2000000323.220:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 642.864988][ T27] audit: type=1326 audit(2000000323.230:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.066340][ T27] audit: type=1326 audit(2000000323.230:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.088849][ T27] audit: type=1326 audit(2000000323.230:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.115944][ T27] audit: type=1326 audit(2000000323.230:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.149764][ T27] audit: type=1326 audit(2000000323.230:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.181534][ T27] audit: type=1326 audit(2000000323.230:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.227006][ T27] audit: type=1326 audit(2000000323.230:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.249630][ T27] audit: type=1326 audit(2000000323.230:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm=56CCA6F2B53ECE69FFFFFFFF08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f127cf9c629 code=0x7ffc0000 [ 643.347825][T13583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2265'. [ 644.893662][T13609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2280'. [ 645.381184][T13615] ipt_REJECT: TCP_RESET invalid for non-tcp [ 645.838623][T13617] bond_slave_1: entered promiscuous mode [ 645.845755][T13617] bond_slave_1: left promiscuous mode [ 646.189162][T13628] fuse: Bad value for 'fd' [ 651.111727][T13662] bond_slave_1: entered promiscuous mode [ 651.122809][T13662] bond_slave_1: left promiscuous mode [ 658.763903][T13744] netlink: 'syz.1.2310': attribute type 4 has an invalid length. [ 660.253299][T13753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2313'. [ 660.334650][T13755] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2312'. [ 660.381173][T13755] 8021q: adding VLAN 0 to HW filter on device bond12 [ 660.435445][T13760] bond12: entered promiscuous mode [ 660.567609][T13755] bond12: left promiscuous mode [ 661.621319][T13783] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2322'. [ 665.825337][T13807] vlan4: entered promiscuous mode [ 665.835966][T13807] bond0: entered promiscuous mode [ 667.035401][T13822] netlink: 'syz.1.2335': attribute type 1 has an invalid length. [ 667.079571][T13822] 8021q: adding VLAN 0 to HW filter on device bond10 [ 667.090487][T13825] netlink: 'syz.5.2336': attribute type 16 has an invalid length. [ 667.098797][T13825] netlink: 'syz.5.2336': attribute type 17 has an invalid length. [ 667.246632][T13822] bond10: entered allmulticast mode [ 667.715674][T13827] bond10: (slave ip6gretap0): making interface the new active one [ 667.740024][T13827] ip6gretap0: entered allmulticast mode [ 667.762502][T13827] bond10: (slave ip6gretap0): Enslaving as an active interface with an up link [ 670.990812][T13850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2343'. [ 673.056154][T13867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2348'. [ 673.149946][T13867] 8021q: adding VLAN 0 to HW filter on device bond11 [ 673.183897][T13873] bond11: entered promiscuous mode [ 673.781359][T13867] dummy0: entered promiscuous mode [ 675.776759][T13867] bond11: (slave dummy0): Enslaving as an active interface with an up link [ 675.789940][T13873] bond11: left promiscuous mode [ 675.794860][T13873] dummy0: left promiscuous mode [ 680.010208][T13929] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2365'. [ 680.089013][T13929] 8021q: adding VLAN 0 to HW filter on device bond3 [ 680.106594][T13926] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2366'. [ 680.117337][T13932] bond3: entered promiscuous mode [ 680.459115][T13932] bond3: left promiscuous mode [ 680.722115][T13929] bond3: (slave dummy0): Enslaving as an active interface with an up link [ 681.439831][T13949] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2370'. [ 684.369991][T13984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2380'. [ 684.443517][T13984] 8021q: adding VLAN 0 to HW filter on device bond9 [ 684.477118][T13988] bond9: entered promiscuous mode [ 685.320153][T13984] dummy0: entered promiscuous mode [ 685.467268][T13984] bond9: (slave dummy0): Enslaving as an active interface with an up link [ 685.476170][T13988] bond9: left promiscuous mode [ 685.480986][T13988] dummy0: left promiscuous mode [ 685.555525][T14002] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2384'. [ 685.930584][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.940722][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 694.823319][T14053] bad cache= option: no%e [ 694.823319][T14053] [ 694.831093][T14053] CIFS: VFS: bad cache= option: no%e [ 696.380600][T14064] Device name cannot be null; rc = [-22] [ 697.904470][T14074] netlink: 'syz.0.2397': attribute type 16 has an invalid length. [ 697.912592][T14074] netlink: 'syz.0.2397': attribute type 17 has an invalid length. [ 699.572958][T14105] netlink: 'syz.1.2418': attribute type 16 has an invalid length. [ 699.590108][T14105] netlink: 'syz.1.2418': attribute type 17 has an invalid length. [ 701.272250][T14133] overlayfs: failed to clone upperpath [ 701.589869][T14143] tipc: Enabling of bearer rejected, failed to enable media [ 702.452402][T14156] UBIFS error (pid: 14156): cannot open "./file0", error -22 [ 704.116199][T14169] netlink: 'syz.0.2439': attribute type 1 has an invalid length. [ 707.686017][T14207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2451'. [ 707.750401][T14207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2451'. [ 714.029406][T14259] netlink: 'syz.3.2466': attribute type 10 has an invalid length. [ 728.395357][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2498'. [ 730.355218][T14386] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 748.082385][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.182362][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.374885][T14530] ipt_REJECT: ECHOREPLY no longer supported. [ 754.081760][T14566] atomic_op ffff88806105b198 conn xmit_atomic 0000000000000000 [ 755.075280][T14573] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2556'. [ 756.188953][ T27] kauditd_printk_skb: 33 callbacks suppressed [ 756.188973][ T27] audit: type=1326 audit(2000000436.590:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.275759][ T27] audit: type=1326 audit(2000000436.590:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.298810][ T27] audit: type=1326 audit(2000000436.590:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.337549][ T27] audit: type=1326 audit(2000000436.600:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.418331][ T27] audit: type=1326 audit(2000000436.600:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.461342][ T27] audit: type=1326 audit(2000000436.600:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.529660][ T27] audit: type=1326 audit(2000000436.600:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.568146][ T27] audit: type=1326 audit(2000000436.600:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.687446][ T27] audit: type=1326 audit(2000000436.600:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 756.708939][T14592] sctp: [Deprecated]: syz.1.2562 (pid 14592) Use of int in max_burst socket option. [ 756.708939][T14592] Use struct sctp_assoc_value instead [ 756.737518][ T27] audit: type=1326 audit(2000000436.600:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff38839c629 code=0x7ffc0000 [ 760.227679][T14620] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 763.623396][T14653] netlink: 'syz.3.2568': attribute type 1 has an invalid length. [ 763.668000][T14653] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2568'. [ 763.687625][T14653] bond13: (slave bridge8): making interface the new active one [ 763.696122][T14653] bond13: (slave bridge8): Enslaving as an active interface with an up link [ 763.727274][T14653] bond13: (slave bridge9): Enslaving as an active interface with a down link [ 765.288836][T14671] netlink: 'syz.1.2577': attribute type 10 has an invalid length. [ 766.181700][T14684] capability: warning: `syz.0.2582' uses 32-bit capabilities (legacy support in use) [ 768.166671][T14693] MTD: Attempt to mount non-MTD device "./file0" [ 768.186696][T14693] ./file0: Can't open blockdev [ 774.509054][T14763] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2604'. [ 774.531251][T14763] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2604'. [ 775.993541][ T51] Bluetooth: hci0: unexpected event for opcode 0x080d [ 783.451633][T14833] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: 1 [ 783.481251][T14833] ref_ctr increment failed for inode: 0x672 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88801da73900 [ 783.540023][T14835] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: -1 [ 783.592516][T14835] ref_ctr decrement failed for inode: 0x672 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88801da73900 [ 793.813723][T14919] netlink: 'syz.0.2646': attribute type 1 has an invalid length. [ 793.928273][T14919] 8021q: adding VLAN 0 to HW filter on device bond10 [ 793.962885][T14921] vlan4: entered promiscuous mode [ 793.973667][T14921] bond10: entered promiscuous mode [ 794.080903][T14921] vlan4: entered allmulticast mode [ 794.091549][T14921] bond10: entered allmulticast mode [ 794.532889][T14925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2646'. [ 794.986646][T14925] bond10: (slave bridge9): making interface the new active one [ 795.007807][T14925] bridge9: entered promiscuous mode [ 795.016419][T14925] bridge9: entered allmulticast mode [ 795.037139][T14925] bond10: (slave bridge9): Enslaving as an active interface with an up link [ 795.313811][ T9] IPVS: starting estimator thread 0... [ 796.466229][T14947] IPVS: using max 17 ests per chain, 40800 per kthread [ 797.206828][ T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 797.215913][ T51] Bluetooth: hci2: Injecting HCI hardware error event [ 798.168468][ T51] Bluetooth: hci2: hardware error 0x00 [ 799.009871][T14974] overlayfs: failed to clone upperpath [ 799.832042][T14978] tipc: Enabling of bearer rejected, failed to enable media [ 800.561054][ T51] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 804.473014][T15017] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 808.671868][T15057] xt_cluster: node mask cannot exceed total number of nodes [ 809.802615][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 809.802632][ T27] audit: type=1326 audit(2000000487.289:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 809.862291][ T27] audit: type=1326 audit(2000000487.327:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.073893][ T27] audit: type=1326 audit(2000000487.383:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.118490][ T27] audit: type=1326 audit(2000000487.383:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.141793][ T27] audit: type=1326 audit(2000000487.383:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.164646][ T27] audit: type=1326 audit(2000000487.383:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.190611][ T27] audit: type=1326 audit(2000000487.392:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.213774][ T27] audit: type=1326 audit(2000000487.392:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.793388][ T27] audit: type=1326 audit(2000000487.392:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 810.822084][ T27] audit: type=1326 audit(2000000487.392:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15062 comm="syz.1.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5910b9c629 code=0x7ffc0000 [ 811.730205][T15069] netlink: 'syz.5.2684': attribute type 12 has an invalid length. [ 811.762400][T15069] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2684'. [ 811.793660][T15069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 811.814275][T15065] netlink: 'syz.0.2683': attribute type 16 has an invalid length. [ 811.842570][T15065] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2683'. [ 813.162275][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.168726][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 817.004921][T15117] IPVS: ip_vs_add_dest(): server weight less than zero [ 817.256262][T15128] IPVS: length: 218 != 24 [ 817.265682][T15128] lo: entered allmulticast mode [ 817.277812][T15128] pimreg: left allmulticast mode [ 818.389425][T15127] lo: left allmulticast mode [ 818.451620][T15136] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96 [ 818.504896][T15136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2702'. [ 818.568535][T15136] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2702'. [ 818.599271][T15136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2702'. [ 818.637700][T15136] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2702'. [ 823.201935][T15165] netlink: 'syz.1.2714': attribute type 3 has an invalid length. [ 832.245909][T15241] vlan1: entered promiscuous mode [ 832.251124][T15241] bridge0: entered promiscuous mode [ 832.472085][T15243] bridge0: port 1(hsr0) entered blocking state [ 832.489547][T15243] bridge0: port 1(hsr0) entered disabled state [ 832.515683][T15243] hsr0: entered allmulticast mode [ 832.520780][T15243] hsr_slave_0: entered allmulticast mode [ 832.532033][T15243] hsr_slave_1: entered allmulticast mode [ 832.540621][T15243] hsr0: entered promiscuous mode [ 833.870163][T15254] netlink: 'syz.3.2735': attribute type 12 has an invalid length. [ 833.878572][T15254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2735'. [ 839.554848][T15285] IPVS: length: 218 != 24 [ 839.581887][T15285] lo: entered allmulticast mode [ 839.625620][T15284] lo: left allmulticast mode [ 842.905032][T15310] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2752'. [ 842.980013][T15310] macvtap1: entered promiscuous mode [ 843.021121][T15310] macvtap1: entered allmulticast mode [ 847.909337][ T12] ------------[ cut here ]------------ [ 847.915407][ T12] WARNING: CPU: 1 PID: 12 at io_uring/io_uring.c:3214 io_ring_exit_work+0x3a7/0x820 [ 847.924973][ T12] Modules linked in: [ 847.928897][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0 [ 847.936330][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 847.946469][ T12] Workqueue: iou_exit io_ring_exit_work [ 847.952415][ T12] RIP: 0010:io_ring_exit_work+0x3a7/0x820 [ 847.958170][ T12] Code: 78 23 e8 ac 2a 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 93 2a 0b f7 e9 b9 fd ff ff e8 89 2a 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00 [ 847.980582][ T12] RSP: 0018:ffffc90000117a40 EFLAGS: 00010293 [ 847.986724][ T12] RAX: ffffffff8a7bea87 RBX: ffff88806088e000 RCX: ffff88801b645a00 [ 847.994761][ T12] RDX: 0000000000000000 RSI: fffffffffffffffe RDI: 0000000000000000 [ 848.002762][ T12] RBP: ffffc90000117bb0 R08: ffffc900001179c7 R09: 1ffff92000022f38 [ 848.011148][ T12] R10: dffffc0000000000 R11: fffff52000022f39 R12: dffffc0000000000 [ 848.019308][ T12] R13: ffff88806088e288 R14: 000000010000d2f0 R15: 000000010000d2f2 [ 848.027366][ T12] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 848.036347][ T12] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 848.043036][ T12] CR2: 00007f127cfe9d40 CR3: 000000004c4d8000 CR4: 00000000003506e0 [ 848.051117][ T12] Call Trace: [ 848.054422][ T12] [ 848.057392][ T12] ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0 [ 848.063308][ T12] ? _raw_spin_unlock_irq+0x23/0x50 [ 848.068566][ T12] ? process_scheduled_works+0x96f/0x15d0 [ 848.074468][ T12] ? process_scheduled_works+0x96f/0x15d0 [ 848.080265][ T12] process_scheduled_works+0xa5d/0x15d0 [ 848.085887][ T12] ? assign_work+0x430/0x430 [ 848.090591][ T12] ? assign_work+0x3d0/0x430 [ 848.095230][ T12] worker_thread+0xa55/0xfc0 [ 848.099891][ T12] kthread+0x2fa/0x390 [ 848.104113][ T12] ? pr_cont_work+0x560/0x560 [ 848.108828][ T12] ? kthread_blkcg+0xd0/0xd0 [ 848.113503][ T12] ret_from_fork+0x48/0x80 [ 848.117954][ T12] ? kthread_blkcg+0xd0/0xd0 [ 848.123267][ T12] ret_from_fork_asm+0x11/0x20 [ 848.128176][ T12] [ 848.131227][ T12] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 848.138527][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0 [ 848.145924][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 848.156089][ T12] Workqueue: iou_exit io_ring_exit_work [ 848.161684][ T12] Call Trace: [ 848.164983][ T12] [ 848.167939][ T12] dump_stack_lvl+0x18c/0x250 [ 848.172656][ T12] ? show_regs_print_info+0x20/0x20 [ 848.177893][ T12] ? load_image+0x400/0x400 [ 848.182444][ T12] panic+0x2dc/0x730 [ 848.186372][ T12] ? bpf_jit_dump+0xd0/0xd0 [ 848.190902][ T12] ? ret_from_fork_asm+0x11/0x20 [ 848.195854][ T12] __warn+0x2e0/0x470 [ 848.199840][ T12] ? io_ring_exit_work+0x3a7/0x820 [ 848.204956][ T12] ? io_ring_exit_work+0x3a7/0x820 [ 848.210073][ T12] report_bug+0x2be/0x4f0 [ 848.214412][ T12] ? io_ring_exit_work+0x3a7/0x820 [ 848.219529][ T12] ? io_ring_exit_work+0x3a7/0x820 [ 848.224642][ T12] ? io_ring_exit_work+0x3a9/0x820 [ 848.229759][ T12] handle_bug+0xcf/0x120 [ 848.234013][ T12] exc_invalid_op+0x1a/0x50 [ 848.238525][ T12] asm_exc_invalid_op+0x1a/0x20 [ 848.243381][ T12] RIP: 0010:io_ring_exit_work+0x3a7/0x820 [ 848.249111][ T12] Code: 78 23 e8 ac 2a 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 93 2a 0b f7 e9 b9 fd ff ff e8 89 2a 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00 [ 848.268722][ T12] RSP: 0018:ffffc90000117a40 EFLAGS: 00010293 [ 848.274795][ T12] RAX: ffffffff8a7bea87 RBX: ffff88806088e000 RCX: ffff88801b645a00 [ 848.282770][ T12] RDX: 0000000000000000 RSI: fffffffffffffffe RDI: 0000000000000000 [ 848.290744][ T12] RBP: ffffc90000117bb0 R08: ffffc900001179c7 R09: 1ffff92000022f38 [ 848.298718][ T12] R10: dffffc0000000000 R11: fffff52000022f39 R12: dffffc0000000000 [ 848.306698][ T12] R13: ffff88806088e288 R14: 000000010000d2f0 R15: 000000010000d2f2 [ 848.314681][ T12] ? io_ring_exit_work+0x3a7/0x820 [ 848.319820][ T12] ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0 [ 848.325645][ T12] ? _raw_spin_unlock_irq+0x23/0x50 [ 848.330848][ T12] ? process_scheduled_works+0x96f/0x15d0 [ 848.336575][ T12] ? process_scheduled_works+0x96f/0x15d0 [ 848.342300][ T12] process_scheduled_works+0xa5d/0x15d0 [ 848.347876][ T12] ? assign_work+0x430/0x430 [ 848.352480][ T12] ? assign_work+0x3d0/0x430 [ 848.357084][ T12] worker_thread+0xa55/0xfc0 [ 848.361709][ T12] kthread+0x2fa/0x390 [ 848.365782][ T12] ? pr_cont_work+0x560/0x560 [ 848.370467][ T12] ? kthread_blkcg+0xd0/0xd0 [ 848.375064][ T12] ret_from_fork+0x48/0x80 [ 848.379488][ T12] ? kthread_blkcg+0xd0/0xd0 [ 848.384083][ T12] ret_from_fork_asm+0x11/0x20 [ 848.388873][ T12] [ 848.392218][ T12] Kernel Offset: disabled [ 848.396615][ T12] Rebooting in 86400 seconds..