last executing test programs: 9m14.554917479s ago: executing program 0 (id=255): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x20000000) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000180)={0x1, 0x0, [{0x7, 0x0, 0x7, 0xfaa, 0xffffffff, 0x4, 0x7}]}) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e24, 0x1, @empty, 0x3}], 0x1c) io_uring_enter(0xffffffffffffffff, 0x8af, 0xc0b8, 0x0, &(0x7f0000000100)={[0x6]}, 0x8) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x7) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f280, 0x0, 0x399}) io_uring_enter(r0, 0x8ae, 0xfbb9, 0x1f, 0x0, 0x0) 9m13.915797542s ago: executing program 0 (id=261): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3}) mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x9, 0x0) 9m12.845750033s ago: executing program 0 (id=272): openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x82c00) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x8, 0x0, 0x0, 0x3, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x9, 0x0, 0x0, 0x2}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000003ff, 0x2], 0x0, 0x200306}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9m12.31581938s ago: executing program 0 (id=276): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82) r1 = fanotify_init(0x81, 0x40000) fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0) read$FUSE(r1, &(0x7f0000002300)={0x2020}, 0x2020) 9m12.043426392s ago: executing program 0 (id=277): socket$nl_sock_diag(0x10, 0x3, 0x4) socketpair$unix(0x1, 0x3, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0x4) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in6=@local, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x4000, 0x0, 0x8004}, {@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x0, 0x32}, @in6=@private2, {0x327, 0x9, 0x0, 0x4, 0x20000000000000, 0x0, 0x1, 0x7}, {0x0, 0x0, 0x2}, {0x8f, 0x0, 0x8}, 0x70bd29, 0x3502, 0x2, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020a00000200000000000000000000002d760c587ab0553f836a504248ee8b5a814a0b45520937e195de0f32863197456852a08075"], 0x10}}, 0x0) recvmmsg(r0, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400}) 9m11.083375366s ago: executing program 0 (id=284): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x1, r1}) ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00') r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 9m10.77451202s ago: executing program 32 (id=284): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x1, r1}) ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00') r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 8m5.329694971s ago: executing program 3 (id=567): io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESHEX], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300020000000000fedbdf25fc000000000000000000000000000000fc00000000000000000000000000000000000400000000000a0060003b000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000009"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x20008004) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc000000000000000000000000000000ac1414bb0000000000000000000000000000e9d8000100c40a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000048000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x4000) 8m5.156503964s ago: executing program 3 (id=568): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x7, 0x4, 0x900, 0x5, 0x28}, 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0xa57, 0x8}, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x5, 0xf, 0x3, 0x8}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f00000008c0)=[{0x2, 0x3, 0xb, 0x6}, {0x3, 0x1, 0x1, 0x2}, {0x0, 0x4, 0xa, 0x7}, {0x1, 0x4, 0x9, 0x5}]}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000005000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r2, r0}, 0xc) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r2, r0}, 0xc) 8m4.254987201s ago: executing program 3 (id=570): r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000040)=0x7, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4) syz_emit_ethernet(0x42, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c89000c2c0120010000000000000000000000000001fe8000000000000000000000000000aaff"], 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xfffffffffffffe84}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5}) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x9f69a7a086f70ae8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 8m3.87592029s ago: executing program 3 (id=572): r0 = socket(0x10, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) creat(&(0x7f0000002640)='./bus\x00', 0x44) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) 8m3.103011955s ago: executing program 3 (id=575): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 8m1.432068758s ago: executing program 3 (id=581): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4020aeb2, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x400}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00004a7000/0x2000)=nil, &(0x7f0000986000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00009fd000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000719000/0x4000)=nil, &(0x7f000036e000/0x4000)=nil, &(0x7f00002bc000/0x2000)=nil, 0x0}, 0x68) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x10000}, 0x28) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000140)=0x6, 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f280, 0x0, 0x399}) io_uring_enter(r2, 0x4010af, 0xfbb9, 0x1f, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x4}]}, 0x10) sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840) 8m0.704591882s ago: executing program 33 (id=581): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4020aeb2, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x400}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00004a7000/0x2000)=nil, &(0x7f0000986000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00009fd000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000719000/0x4000)=nil, &(0x7f000036e000/0x4000)=nil, &(0x7f00002bc000/0x2000)=nil, 0x0}, 0x68) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x10000}, 0x28) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000140)=0x6, 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f280, 0x0, 0x399}) io_uring_enter(r2, 0x4010af, 0xfbb9, 0x1f, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x4}]}, 0x10) sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840) 11.359881248s ago: executing program 1 (id=2142): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x1000040, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3c}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) 7.959867702s ago: executing program 1 (id=2146): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f0000000040), 0x4) 6.534295007s ago: executing program 1 (id=2149): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x2010, 0xffffffffffffffff, 0x8000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x3c, r4, 0x1, 0xffffffff, 0x0, {0x37}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xfcb3ae1e0968818a}, 0x8006) 6.308051708s ago: executing program 5 (id=2152): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000000)='bridge0\x00') r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080), 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0) 5.319112957s ago: executing program 1 (id=2154): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) statx(0xffffffffffffffff, 0x0, 0x4000, 0x40, 0x0) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) 5.249351062s ago: executing program 5 (id=2155): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x4361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40048a0}, 0x4880) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f0000000240)="bad330fbc9b55400041900ea0756", 0xe, 0x1840, &(0x7f00000000c0)={0x11, 0x88a8, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14) 5.23758842s ago: executing program 4 (id=2156): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_timeval(r3, 0x1, 0x42, 0x0, 0x0) getpid() r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000000a0a01010000000000", @ANYRES64], 0x14}, 0x1, 0x0, 0x0, 0x2004c484}, 0x8000) 5.228423738s ago: executing program 2 (id=2157): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x113, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x3e0}, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_OPENAT={0x12, 0xf, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x11, 0x400000, 0x12345}) io_uring_enter(r3, 0x8aa, 0x0, 0x0, 0x0, 0x0) 4.025822921s ago: executing program 2 (id=2158): socket$igmp(0x2, 0x3, 0x2) socket$packet(0x11, 0x3, 0x300) socket$inet(0x2, 0x2, 0x1) socket$packet(0x11, 0x3, 0x300) socket(0x2, 0x3, 0x6) socket$unix(0x1, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x8}, 0x50) landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000280), &(0x7f0000000000)=r1}, 0x20) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000740)={@local, @random="a6e286036e89", @val={@val={0x88a8, 0x0, 0x0, 0x1}, {0x8100, 0x1, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0xb00, 0x4e22, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x9a5f}}}}}}, 0x0) 3.888014021s ago: executing program 4 (id=2159): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) r1 = socket$packet(0x11, 0x3, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) mknod$loop(0x0, 0x6000, 0x0) creat(0x0, 0x0) socket$tipc(0x1e, 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0xffffff51}, 0x1, 0x0, 0x0, 0x2000c014}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}]}}}]}, 0x38}}, 0x20000080) sendto$packet(r1, &(0x7f0000000280)="3562547ac6b644a1775d0e6cbf8eeccaa8afd8b5be55606900bc4d904906da590cd409", 0x23, 0x4c800, &(0x7f0000000200)={0x11, 0x8100, r4, 0x1, 0x9, 0x6, @local}, 0x14) 3.390245345s ago: executing program 5 (id=2160): setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4001c00) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in6=@loopback, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x20, 0x3b, 0x0, 0xee01}, {0x0, 0x9a6, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xb288efd}, {0xfffffffffffffffe, 0x0, 0x0, 0x7}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x24000080}, 0x240400c4) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000001"], 0xb8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='pids.max\x00', 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x0) 3.297622125s ago: executing program 1 (id=2161): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x30000009}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x3c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r3 = io_uring_setup(0x13ea, &(0x7f0000000040)={0x0, 0x6daa, 0xd000, 0x20000a, 0x220002f7, 0x0, r2}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r4 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x10113}], 0x1) 3.27193777s ago: executing program 2 (id=2162): r0 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000001000390400"/20, @ANYRES32=r3, @ANYBLOB="8106e2bc00000200140012800b000100627269646765"], 0x34}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x681}]}, 0x34}}, 0x0) 3.249065305s ago: executing program 4 (id=2163): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20) connect$l2tp6(r3, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00) 3.109085254s ago: executing program 5 (id=2164): r0 = socket$caif_stream(0x25, 0x1, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x800) syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) close_range(r0, 0xffffffffffffffff, 0x0) 3.011080534s ago: executing program 2 (id=2165): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4) r2 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x133d, 0x3e000000, 0x8, 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x42000) read$FUSE(r1, &(0x7f0000004500)={0x2020}, 0x2020) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x103041, 0x0) writev(r5, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x10113}], 0x1) 2.986233168s ago: executing program 1 (id=2166): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x19, 0x0, 0x0) 2.038235566s ago: executing program 4 (id=2167): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[], 0x188}}, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000001c0)={@private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @mcast1, 0x800000, 0xa, 0x0, 0x100, 0x7ffffffe, 0x140192}) r2 = socket$tipc(0x1e, 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00'}, 0x80) socket(0x10, 0x3, 0x0) socket(0x2a, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r1, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) sendmsg$tipc(r2, &(0x7f0000000080)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0xd4043f9e78e97721}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x24000000) 2.037417896s ago: executing program 5 (id=2168): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000380), 0x1, 0x590, &(0x7f0000001740)="$eJzs3V9rW+UfAPDvSdv9328djPHTCynswslcurb+mSBsXooOB3o/Q5uV0nQZTTrWOth24UC8kSGIOBBfgF545eXwBeirGOhgyCh64U3kpCdbbJqmf9I1M58PnO15zjnN8zx5zvPke/IkJIC+NZL+k4t4ISK+SA7HkaZjg5EdHFk5b/nxjcl0S6JW+/CPJJJsX+P8JPv/YJb5f0T8/GnEqVxruZXFpdlCqVScz/Kj1bmro5XFpdMzc4Xp4nTxyvjExNnXJ8bfevONrrX1lYt/ff3B/XfPfn5i+avvHx69m8T5OJQda27HNtxqzozESPacDMX5VSeOdaGwXpLsdgXYkoFsnA9FOgcciYFs1AP/fTcjogb0qcT4hz7ViAMa9/Zdug9+bjx6Z+UGqLX9gyvvjcS++r3RgeXkX3dG6f3ucBfKT8v46fd7d9MtOrwPcbML5QE03LodEWcGB1vnvySb/7buTP3N4/WtLqPd/Ld3m3UBWt1P459X14p/ck/in1gj/jm4xtjdis7jP/ewC8W0lcZ/b68Z/z6ZuoYHstzhesw3lFyeKRXPRMT/IuJkDO1N8+ut55xdflBrd6w5/ku3tPxGLJjV4+HgqslvqlAtbKfNzR7djnjxafybRMv8v68e667u//T5uJgmfvmsYxnHi/deandsZGX5YZ32N+t+BFz7LuLlNfv/6YpW0lifrCURreuTo/XrYbRxVbT6887xX9uV37n/d1ba/wfWb/9w0rxeW9l8Gd/u+7vY7thWr/89yUf19J5s3/VCtTo/FrEneb91//jTv23kG+en7T95Yv35b63rf39EfLzB9t85dqftqb3Q/1Ob6v/NJx6898k37crfWP+/Vk+dzPZsZP7baAW389wBAAAAAABAr8lFxKFIcvkn6Vwun1/5fMexOJArlSvVU5fLC1emov5d2eEYyjVWuo80fR5iLPs8bCM/vio/ERFHI+LLgf31fH6yXJra7cYDAAAAAAAAAAAAAAAAAABAjzjY5vv/qd8Gdrt2wI7zk9/QvzqO/2780hPQk7z+Q/8y/qF/Gf/Qv4x/6F/GP/Qv4x/61ybH/4/nfpjZqaoAz5jXfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOiqixcupFtt+fGNyTQ/dW1xYbZ87fRUsTKbn1uYzE+W56/mp8vl6VIxP1me6/R4pXL56th4LFwfrRYr1dHK4tKlufLCleqlmbnCdPFSceiZtAoAAAAAAAAAAAAAAAAAAACeL5XFpdlCqVScl2ibOBc9UY0tJ5JOvXwuuxg29ciRJQZ3v4FbTOR6oxo9mtjliQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmvwTAAD//2WgM5M=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001700), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f00000003c0)={0x0, 0xf00, &(0x7f0000000380)={&(0x7f0000000180)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0xffffffff}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0) 1.953291998s ago: executing program 2 (id=2169): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x700000000000, 0x202) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000180)=0x1001) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x7, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f0000000000)) fchdir(0xffffffffffffffff) 1.02800387s ago: executing program 2 (id=2170): openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58) r4 = accept$alg(r3, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)='v', 0xf4240}], 0x1}], 0x4924924924923d5, 0x8004) 1.02632765s ago: executing program 4 (id=2171): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x84c18000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r3 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x18, 0x0) landlock_restrict_self(r3, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file1\x00', 0x81c0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file1\x00', 0x0) 155.624593ms ago: executing program 5 (id=2172): syz_mount_image$hfsplus(&(0x7f0000000340), &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000000)=ANY=[], 0x1, 0x6eb, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvrNeON1Sp0yY0QkGYRCpIEYkTK4VwwSCEcqhQVQ49W4nTWNkkVeKitELgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmft3fX6LfFLAp9PNJ5n5nnmmd/+5pkZ7zqrCfB/6+q5NB+myNVzbz4ol1dXZturK7NH6up2krLcSJrdWYo7SfEomSvri74pffMNPl688vZnj1c/7y4166lqP7bVdiOMaLtcT5mu+5seueX4TnexXIeXl5Jcq+eDJnba10DDMmln6zkcus6gRjrLu9l8N+ct8Jzp3Z2K7n1zg6nkaJLJ+veA1FeHxsFFuKe+3ivs6ioHAAAAL6hP7x52BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDiqZ7/31pbbHRXJdMpes//n+itq8vPobkdt3y4r3EAAAAAAAAAwMH42pM8yYMcK8vjSTpF9Tf/M1XliXzRSb6U93M/C7mX83mQ+SxlKfdyMclUX0cTD+aXlu5dXNuyNHrLSyO3vHSQrxoAAAAAAAAA/uf8Mq3u3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB5USRj3Vk1najnmUqjmfW6LCf/TDJx2PHuQjFq5cODjwMAAACeyeRTbPPykzzJgxzrLXeK6j3/l6v3y5N5P3eylMUspZ2FXK/fQ5fv+hurK7Pt1ZXZ2+VULg/2+/1/7yqMibqHsWpp1J5PVS1auZHFas35XKuCuZ5Gd99nk1O9ePri6vNRGVPxvdoOI2vWaS139vvNPkXYE4MfRTS2aNlaDy5Zy8hMHVu55fFuBorqg5pkOBPDR2fDzpoDS1NVk/G1PV1MY+2TnxP7kPOj9bx8Pb/Z15zvRH8u1jLRSJWJS73RV54zW2ci+cZf//TOzfadWzdv3D93uC9pF8Y2WT88Jmb7MvHaC52J5i7bz1SZOLm2fDU/yk9yLtN5K/eymJ9mPktZSKeun6/Hc/lzautMzQ0svbVdJBP1cekes53ENJ0fVqX5nKm2PZbFFLmb61nIG9W/S7mYb+dyLudK3xE+uWnc1WurzvrG8FnfO9J/Gxn82W/WhfLq9tv1q9zcVq94s9G5V7rX/jKvx/vy2h31j9daHe87D2b6svRKLzvjIzt/mmtj8yt1odzHr7a5TxysqToT5QnUu0v0onu1m4lmdS/aOM7/0Cm3S/tOp3Nz/r1N+l8eWn69npfDauWr27XuGX0o9lY5Xl7JZH0lGRwdZd2ra1eZvrrO+lju1g3eccvtTlZ1RdE7U3+cu9UA2HimTtS/w23s6VJV99pQ3en6Gl7WneqrG/h9K3fTzvUDyB8AT+Mf76wVp3J0ovWv1qetT1q/bt1svTn5gyPfOXJ6IuN/H/9uc2bs9cbp4i/5JD9ff/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vfsffHhrvt1euDe60Ni8aqDQyvCa7XoeKhT1A31GtblVP6VgVx0ecmEyycCa6jlHBx5GaziMDYXOL5IDz0/vIYKj2/yuLDR3dLjnBtb8eWOHH20fz1iGxuEOzot9LDSyLz13Xt5kJIxl9AA4rCsScFAuLN1+78L9Dz781uLt+XcX3l24M3758pWZK5ffmL1wY7G9MNP9edhRAvth/aZ/2JEAAAAAAAAAAAAAOzXqqwJnXtruSyMbCo0kw9/x8D8LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD1x9VyaD1Pk4sz5mXJ5dWW2XU698nrLZpJGIyl+lhSPkrl0p0z1dVfkj4/SGbGfjxevvP3Z49XP1/tqdtsnjXq+ua1rkyzXU6aTjNXzZzDQ37Vn7q/4T+81lAn7otPpzD1bfLA3/hsAAP//ShfsxA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x1, 0x8, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x40) open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x108) 0s ago: executing program 4 (id=2173): openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80b42, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x484b02, 0x11) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x24000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002680), &(0x7f00000000c0)=0xc) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x4, 0x1, 0x7, 0x8000, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): multicast mode [ 100.766465][ T6309] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 100.776110][ T6300] netlink: 28 bytes leftover after parsing attributes in process `syz.0.151'. [ 100.787646][ T6300] 8021q: adding VLAN 0 to HW filter on device bond2 [ 100.796354][ T6319] netlink: 24 bytes leftover after parsing attributes in process `syz.1.157'. [ 100.864034][ T6314] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 100.909162][ T6314] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 100.912913][ T6320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.157'. [ 102.145506][ T6345] netlink: 'syz.2.167': attribute type 4 has an invalid length. [ 102.463967][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 102.971175][ T9] usb 2-1: config 0 has no interfaces? [ 103.076796][ T9] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 103.097159][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.137777][ T6347] netlink: 798 bytes leftover after parsing attributes in process `syz.0.166'. [ 103.148078][ T9] usb 2-1: Product: syz [ 103.152275][ T9] usb 2-1: Manufacturer: syz [ 103.158533][ T6348] netlink: 'syz.2.167': attribute type 4 has an invalid length. [ 103.167245][ T9] usb 2-1: SerialNumber: syz [ 103.198015][ T9] usb 2-1: config 0 descriptor?? [ 103.212901][ T6353] (null): rxe_set_mtu: Set mtu to 1024 [ 103.231212][ T6353] rdma_rxe: rxe_newlink: failed to add syz_tun [ 103.446665][ T6360] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 103.697816][ T6341] veth0_vlan: left promiscuous mode [ 103.709113][ T6341] veth0_vlan: entered promiscuous mode [ 103.877325][ T6373] netlink: 12 bytes leftover after parsing attributes in process `syz.0.176'. [ 103.900480][ T27] usb 2-1: USB disconnect, device number 3 [ 103.942746][ T6373] Zero length message leads to an empty skb [ 104.151019][ T6378] syz_tun: entered allmulticast mode [ 104.169815][ T6378] pimreg: entered allmulticast mode [ 104.193068][ T6377] syz_tun: left allmulticast mode [ 104.503081][ T28] audit: type=1326 audit(1772031830.786:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.561667][ T28] audit: type=1326 audit(1772031830.786:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.611626][ T28] audit: type=1326 audit(1772031830.786:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.630945][ T6390] capability: warning: `syz.1.181' uses 32-bit capabilities (legacy support in use) [ 104.664798][ T28] audit: type=1326 audit(1772031830.786:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.694249][ T28] audit: type=1326 audit(1772031830.786:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.771311][ T28] audit: type=1326 audit(1772031830.786:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.815773][ T28] audit: type=1326 audit(1772031830.786:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.871891][ T28] audit: type=1326 audit(1772031830.786:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fec69d5cece code=0x7ffc0000 [ 104.939488][ T28] audit: type=1326 audit(1772031830.816:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 104.974247][ T28] audit: type=1326 audit(1772031830.816:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.2.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 105.023663][ T6400] bridge_slave_0: left allmulticast mode [ 105.029820][ T6400] bridge_slave_0: left promiscuous mode [ 105.036934][ T6400] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.072339][ T6400] bridge_slave_1: left allmulticast mode [ 105.083888][ T6400] bridge_slave_1: left promiscuous mode [ 105.089844][ T6400] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.152275][ T6400] bond0: (slave bond_slave_0): Releasing backup interface [ 105.211247][ T6400] bond0: (slave bond_slave_1): Releasing backup interface [ 105.249296][ T6400] team0: Port device team_slave_0 removed [ 105.268179][ T6400] team0: Port device team_slave_1 removed [ 105.280441][ T6400] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.288338][ T6400] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.298033][ T6400] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.321697][ T6400] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.739653][ T788] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 106.650220][ T788] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 106.671182][ T788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.763473][ T788] usb 1-1: config 0 descriptor?? [ 106.799691][ T788] cp210x 1-1:0.0: cp210x converter detected [ 107.205435][ T6458] netlink: 32 bytes leftover after parsing attributes in process `syz.1.202'. [ 107.217758][ T788] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 107.274415][ T788] usb 1-1: cp210x converter now attached to ttyUSB0 [ 107.516151][ T27] usb 1-1: USB disconnect, device number 3 [ 107.530334][ T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 107.570737][ T27] cp210x 1-1:0.0: device disconnected [ 108.131648][ T6478] trusted_key: syz.0.209 sent an empty control message without MSG_MORE. [ 109.504910][ T6509] netlink: 84 bytes leftover after parsing attributes in process `syz.0.217'. [ 109.527068][ T6507] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 110.264104][ T6531] loop1: detected capacity change from 0 to 512 [ 110.283410][ T6531] EXT4-fs: Ignoring removed mblk_io_submit option [ 110.527553][ T6531] EXT4-fs (loop1): orphan cleanup on readonly fs [ 110.534474][ T6531] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 110.562918][ T6531] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.223: attempt to clear invalid blocks 2 len 1 [ 110.609568][ T6531] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 110.627244][ T6531] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.223: invalid indirect mapped block 1819239214 (level 0) [ 110.654372][ T6531] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.223: invalid indirect mapped block 1819239214 (level 1) [ 110.700810][ T6531] EXT4-fs (loop1): 1 truncate cleaned up [ 110.708523][ T6531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 110.862273][ T6537] (null): rxe_set_mtu: Set mtu to 1024 [ 110.890226][ T6540] netlink: 24 bytes leftover after parsing attributes in process `syz.3.226'. [ 110.908440][ T6537] rdma_rxe: rxe_newlink: failed to add syz_tun [ 111.012731][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.054969][ T6545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'. [ 111.202272][ T6551] pimreg: entered allmulticast mode [ 111.220162][ T6551] pimreg: left allmulticast mode [ 111.272970][ T6553] binder: 6552:6553 ioctl c0306201 2000000003c0 returned -14 [ 111.466568][ T6559] overlayfs: failed to resolve './file2': -2 [ 111.897628][ T6576] syz_tun: entered allmulticast mode [ 111.948627][ T6576] pimreg: entered allmulticast mode [ 112.040625][ T6575] syz_tun: left allmulticast mode [ 112.197895][ T6583] netlink: 84 bytes leftover after parsing attributes in process `syz.1.241'. [ 112.473292][ T6593] netlink: 'syz.1.244': attribute type 1 has an invalid length. [ 112.508228][ T6593] netlink: 16 bytes leftover after parsing attributes in process `syz.1.244'. [ 114.859393][ T6623] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.890849][ T6623] netlink: 24 bytes leftover after parsing attributes in process `syz.2.254'. [ 115.409830][ T6642] netlink: 4 bytes leftover after parsing attributes in process `syz.3.263'. [ 116.454405][ T6665] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 116.479409][ T6671] loop1: detected capacity change from 0 to 128 [ 116.725860][ T6671] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 50) [ 116.735558][ T6671] FAT-fs (loop1): Filesystem has been set read-only [ 116.742956][ T6671] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 50) [ 116.753226][ T6671] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 50) [ 116.765142][ T6671] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 50) [ 118.635213][ T6707] loop1: detected capacity change from 0 to 256 [ 120.355522][ T6707] FAT-fs (loop1): Directory bread(block 64) failed [ 120.362591][ T6707] FAT-fs (loop1): Directory bread(block 65) failed [ 120.434576][ T6707] FAT-fs (loop1): Directory bread(block 66) failed [ 120.441126][ T6707] FAT-fs (loop1): Directory bread(block 67) failed [ 120.544386][ T6707] FAT-fs (loop1): Directory bread(block 68) failed [ 120.590489][ T6707] FAT-fs (loop1): Directory bread(block 69) failed [ 120.613953][ T6707] FAT-fs (loop1): Directory bread(block 70) failed [ 120.641579][ T6707] FAT-fs (loop1): Directory bread(block 71) failed [ 120.667121][ T6707] FAT-fs (loop1): Directory bread(block 72) failed [ 120.692158][ T6707] FAT-fs (loop1): Directory bread(block 73) failed [ 121.028741][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 121.050472][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 121.068523][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 121.079655][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 121.087622][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 121.095160][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 121.508998][ T6731] 9pnet: Found fid 0 not clunked [ 121.558765][ T3455] bond2: (slave gretap1): Releasing backup interface [ 122.004659][ T27] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 122.038657][ T6747] batadv_slave_0: entered promiscuous mode [ 122.091009][ T6746] batadv_slave_0: left promiscuous mode [ 122.193928][ T27] usb 4-1: Using ep0 maxpacket: 16 [ 122.212071][ T27] usb 4-1: config 0 has no interfaces? [ 122.257460][ T27] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 122.292715][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.348728][ T27] usb 4-1: Product: syz [ 122.352952][ T27] usb 4-1: Manufacturer: syz [ 122.391646][ T27] usb 4-1: SerialNumber: syz [ 122.418181][ T27] usb 4-1: config 0 descriptor?? [ 122.461343][ T3455] hsr_slave_1: left promiscuous mode [ 122.605409][ T3455] pimreg (unregistering): left allmulticast mode [ 123.158930][ T3455] bond2 (unregistering): (slave bond3): Releasing backup interface [ 123.177513][ T3455] bond3 (unregistering): Released all slaves [ 123.234200][ T51] Bluetooth: hci0: command tx timeout [ 123.417763][ T3455] bond2 (unregistering): Released all slaves [ 123.477068][ T3455] bond1 (unregistering): Released all slaves [ 124.453480][ T3455] bond0 (unregistering): Released all slaves [ 124.577378][ T6767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.295'. [ 124.688748][ T5799] usb 4-1: USB disconnect, device number 3 [ 124.776764][ T6721] chnl_net:caif_netlink_parms(): no params data found [ 124.985486][ T6721] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.994142][ T6721] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.006729][ T6721] bridge_slave_0: entered allmulticast mode [ 125.015503][ T6721] bridge_slave_0: entered promiscuous mode [ 125.039378][ T6721] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.061527][ T6721] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.069974][ T6721] bridge_slave_1: entered allmulticast mode [ 125.082564][ T6721] bridge_slave_1: entered promiscuous mode [ 125.315475][ T51] Bluetooth: hci0: command tx timeout [ 125.554641][ T6721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.685763][ T6721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.813027][ T6721] team0: Port device team_slave_0 added [ 125.859402][ T6721] team0: Port device team_slave_1 added [ 126.005339][ T6721] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.026794][ T6721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.074398][ T6721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.100703][ T6721] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.107987][ T6721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.153823][ T6721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.295357][ T6721] hsr_slave_0: entered promiscuous mode [ 126.317808][ T6721] hsr_slave_1: entered promiscuous mode [ 126.329369][ T6721] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 126.339683][ T6721] Cannot create hsr debugfs directory [ 127.339728][ T6834] netlink: 12 bytes leftover after parsing attributes in process `syz.2.316'. [ 127.383887][ T51] Bluetooth: hci0: command tx timeout [ 127.745267][ T6847] tipc: Enabling of bearer rejected, failed to enable media [ 127.841146][ T6721] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 127.947100][ T6721] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 128.004452][ T6721] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 128.065567][ T6721] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 128.313518][ T6721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.377434][ T6721] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.402926][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.410147][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.421541][ T6843] netlink: 28 bytes leftover after parsing attributes in process `syz.3.319'. [ 128.441033][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.448436][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.472105][ T6873] loop1: detected capacity change from 0 to 128 [ 128.498113][ T6843] lo: entered promiscuous mode [ 128.507701][ T6873] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 128.518320][ T6843] lo: entered allmulticast mode [ 128.599888][ T6873] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 128.645791][ T6873] ext2 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.468233][ T51] Bluetooth: hci0: command tx timeout [ 129.568203][ T6721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 130.317353][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 130.468283][ T6908] bond2: entered allmulticast mode [ 130.627973][ T6721] veth0_vlan: entered promiscuous mode [ 130.656029][ T6908] netlink: 4 bytes leftover after parsing attributes in process `syz.2.328'. [ 130.704884][ T6908] bridge2: entered allmulticast mode [ 130.715929][ T6908] bond2: (slave bridge2): Enslaving as an active interface with an up link [ 130.769975][ T6721] veth1_vlan: entered promiscuous mode [ 130.856111][ T6721] veth0_macvtap: entered promiscuous mode [ 130.926684][ T6721] veth1_macvtap: entered promiscuous mode [ 130.981579][ T6721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.013115][ T6721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.044835][ T6721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.083773][ T6721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.115773][ T6721] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.152223][ T6721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.190563][ T6721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.219506][ T6721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.251357][ T6721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.273161][ T6721] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.301489][ T6721] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.362910][ T6721] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.392628][ T6721] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.411867][ T6721] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.113015][ T6109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.235050][ T6109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.957293][ T6948] netlink: 'syz.1.337': attribute type 12 has an invalid length. [ 132.997208][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.012814][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.044716][ T6954] loop3: detected capacity change from 0 to 512 [ 133.056067][ T6954] EXT4-fs: Ignoring removed i_version option [ 133.062125][ T6954] EXT4-fs: Ignoring removed oldalloc option [ 133.105355][ T6954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.234471][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.241361][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.499331][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.078150][ T6985] loop1: detected capacity change from 0 to 2048 [ 134.115612][ T6987] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 134.195124][ T6992] bridge1: entered promiscuous mode [ 134.212884][ T6985] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 134.217058][ T6992] bridge1: entered allmulticast mode [ 134.270123][ T6992] team0: Port device bridge1 added [ 134.352965][ T6996] bridge0: port 1(team0) entered blocking state [ 134.392408][ T6996] bridge0: port 1(team0) entered disabled state [ 134.419258][ T6996] team0: entered allmulticast mode [ 134.440701][ T6996] team0: entered promiscuous mode [ 134.613132][ T7000] bridge1: entered promiscuous mode [ 134.641620][ T7000] bridge1: entered allmulticast mode [ 134.770595][ T7008] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.790465][ T7008] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.925892][ T7010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.349'. [ 135.007959][ T7011] netlink: 'syz.2.351': attribute type 16 has an invalid length. [ 135.017210][ T7011] netlink: 'syz.2.351': attribute type 17 has an invalid length. [ 135.042875][ T7011] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 139.312282][ T7094] netlink: 36 bytes leftover after parsing attributes in process `syz.3.370'. [ 142.716257][ T7131] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 143.026837][ T7139] netlink: 'syz.3.383': attribute type 16 has an invalid length. [ 143.073769][ T7139] netlink: 'syz.3.383': attribute type 17 has an invalid length. [ 143.145627][ T7139] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 143.733928][ T788] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 143.974871][ T788] usb 4-1: Using ep0 maxpacket: 8 [ 143.985610][ T788] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 144.008250][ T788] usb 4-1: config 179 has no interface number 0 [ 144.025020][ T788] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 144.046446][ T788] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 144.078253][ T788] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 144.116010][ T788] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 144.143867][ T788] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 144.178271][ T788] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 144.198396][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.228394][ T7155] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 144.301305][ T5822] IPVS: starting estimator thread 0... [ 144.431680][ T7167] IPVS: using max 19 ests per chain, 45600 per kthread [ 144.723951][ T7173] loop4: detected capacity change from 0 to 2048 [ 144.744706][ T7173] ======================================================= [ 144.744706][ T7173] WARNING: The mand mount option has been deprecated and [ 144.744706][ T7173] and is ignored by this kernel. Remove the mand [ 144.744706][ T7173] option from the mount to silence this warning. [ 144.744706][ T7173] ======================================================= [ 144.876365][ T7173] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 144.886984][ T7173] UDF-fs: Scanning with blocksize 512 failed [ 144.906433][ T7173] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 144.940430][ T7178] bridge0: entered promiscuous mode [ 144.962978][ T7178] bridge0: port 3(macvlan0) entered blocking state [ 144.977030][ T7178] bridge0: port 3(macvlan0) entered disabled state [ 145.004002][ T7178] macvlan0: entered allmulticast mode [ 145.012943][ T7178] bridge0: entered allmulticast mode [ 145.029471][ T7178] macvlan0: left allmulticast mode [ 145.035341][ T7178] bridge0: left allmulticast mode [ 145.056839][ T7178] bridge0: left promiscuous mode [ 146.078720][ T7195] IPv6: NLM_F_CREATE should be specified when creating new route [ 146.160497][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 146.220718][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 146.270769][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 146.302425][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 146.436352][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 146.436366][ T28] audit: type=1326 audit(1772031872.716:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7154 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58d8f9c629 code=0x7fc00000 [ 146.555632][ T5801] usb 4-1: USB disconnect, device number 4 [ 146.555690][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 146.569868][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 147.989700][ T7242] io-wq is not configured for unbound workers [ 148.218718][ T5822] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 148.424042][ T5822] usb 4-1: Using ep0 maxpacket: 32 [ 148.439057][ T5822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.474360][ T5822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 148.504178][ T5822] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 148.533860][ T5822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.575249][ T5822] usb 4-1: config 0 descriptor?? [ 148.594134][ T5822] hub 4-1:0.0: USB hub found [ 148.794377][ T5822] hub 4-1:0.0: 1 port detected [ 149.433413][ T5822] hub 4-1:0.0: activate --> -90 [ 150.046244][ T6047] usb 4-1: USB disconnect, device number 5 [ 150.093963][ T7298] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 150.234048][ T7298] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 150.786743][ T7320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.425'. [ 150.827947][ T7320] bond0: option arp_all_targets: invalid value (172) [ 151.020059][ T7327] netlink: 1319 bytes leftover after parsing attributes in process `syz.1.428'. [ 151.081485][ T7330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'. [ 151.106779][ T7330] team0: left allmulticast mode [ 151.133267][ T7330] team0: left promiscuous mode [ 151.144220][ T7330] bridge0: port 1(team0) entered disabled state [ 151.382811][ T7338] netlink: 'syz.1.431': attribute type 1 has an invalid length. [ 151.605143][ T7340] bond1: (slave veth3): Enslaving as an active interface with a down link [ 152.396883][ T51] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1 [ 152.587791][ T7364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.437'. [ 153.461077][ T28] audit: type=1326 audit(1772031879.746:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.518121][ T28] audit: type=1326 audit(1772031879.746:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.571414][ T28] audit: type=1326 audit(1772031879.746:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.638331][ T28] audit: type=1326 audit(1772031879.786:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.681105][ T28] audit: type=1326 audit(1772031879.786:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.750890][ T28] audit: type=1326 audit(1772031879.786:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.858270][ T28] audit: type=1326 audit(1772031879.786:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 153.942373][ T28] audit: type=1326 audit(1772031879.786:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 154.002051][ T28] audit: type=1326 audit(1772031879.786:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 154.060677][ T28] audit: type=1326 audit(1772031879.786:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7390 comm="syz.1.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 154.200312][ T7412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.450'. [ 154.284449][ T7412] team1: entered promiscuous mode [ 154.296342][ T7412] team1: entered allmulticast mode [ 156.435308][ T51] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 156.446867][ T51] Bluetooth: hci0: Injecting HCI hardware error event [ 156.457864][ T5772] Bluetooth: hci0: hardware error 0x00 [ 158.583953][ T5772] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 159.268276][ T7502] loop4: detected capacity change from 0 to 32768 [ 159.305352][ T7502] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.468 (7502) [ 159.333825][ T5801] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 159.389824][ T7502] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 159.411075][ T7502] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 159.436329][ T7502] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 159.456560][ T7502] BTRFS info (device loop4): use zstd compression, level 3 [ 159.483838][ T7502] BTRFS info (device loop4): use no compression [ 159.500557][ T7502] BTRFS info (device loop4): using free space tree [ 159.525983][ T5801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.545524][ T5801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.577021][ T5801] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 159.714300][ T5801] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 159.723631][ T7502] BTRFS info (device loop4): enabling ssd optimizations [ 159.730971][ T7502] BTRFS info (device loop4): auto enabling async discard [ 159.740279][ T5801] usb 2-1: Manufacturer: syz [ 159.791503][ T5801] usb 2-1: config 0 descriptor?? [ 161.629380][ T6721] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 161.828418][ T5801] usbhid 2-1:0.0: can't add hid device: -71 [ 161.861694][ T5801] usbhid: probe of 2-1:0.0 failed with error -71 [ 161.878152][ T5801] usb 2-1: USB disconnect, device number 4 [ 162.015067][ T7552] IPVS: Scheduler module ip_vs_ not found [ 162.657756][ T7567] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 164.814112][ T7590] netlink: 24 bytes leftover after parsing attributes in process `syz.1.488'. [ 164.842921][ T7587] IPVS: Scheduler module ip_vs_ not found [ 164.924774][ T7593] netlink: 'syz.2.490': attribute type 1 has an invalid length. [ 165.000967][ T7593] 8021q: adding VLAN 0 to HW filter on device bond3 [ 165.019396][ T7598] bond3: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 165.145732][ T7593] bond3: (slave ip6gretap2): making interface the new active one [ 165.186086][ T7593] bond3: (slave ip6gretap2): Enslaving as an active interface with an up link [ 165.403955][ T5801] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 166.284343][ T5801] usb 2-1: Using ep0 maxpacket: 16 [ 166.293531][ T5801] usb 2-1: config 222 has an invalid interface number: 31 but max is 0 [ 166.403795][ T5801] usb 2-1: config 222 has no interface number 0 [ 166.410137][ T5801] usb 2-1: config 222 interface 31 altsetting 11 endpoint 0xE has an invalid bInterval 255, changing to 11 [ 166.435656][ T5801] usb 2-1: config 222 interface 31 altsetting 11 endpoint 0xE has invalid maxpacket 59391, setting to 1024 [ 166.447256][ T5801] usb 2-1: config 222 interface 31 has no altsetting 0 [ 166.469275][ T5801] usb 2-1: New USB device found, idVendor=0f11, idProduct=2030, bcdDevice=a9.fd [ 166.478934][ T5801] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.497904][ T5801] usb 2-1: Product: syz [ 166.502627][ T5801] usb 2-1: Manufacturer: syz [ 166.508609][ T5801] usb 2-1: SerialNumber: syz [ 166.521352][ T7604] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 166.607428][ T7634] loop3: detected capacity change from 0 to 1024 [ 166.616083][ T7634] EXT4-fs: Ignoring removed nomblk_io_submit option [ 166.625343][ T7634] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 166.649549][ T7634] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 166.668540][ T7634] System zones: 0-1, 3-36 [ 166.687668][ T7634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.764609][ T7637] IPVS: Scheduler module ip_vs_ not found [ 166.773158][ T5801] ldusb 2-1:222.31: LD USB Device #0 now attached to major 180 minor 0 [ 166.790364][ T5801] usb 2-1: USB disconnect, device number 5 [ 166.803234][ T5801] ldusb 2-1:222.31: LD USB Device #0 now disconnected [ 166.887495][ T7646] netlink: 24 bytes leftover after parsing attributes in process `syz.2.501'. [ 166.889735][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.165518][ T7660] netlink: 'syz.1.504': attribute type 1 has an invalid length. [ 168.310025][ T7660] 8021q: adding VLAN 0 to HW filter on device bond2 [ 168.359407][ T7665] bond2: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 171.004011][ T7708] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 171.032162][ T7708] CIFS mount error: No usable UNC path provided in device string! [ 171.032162][ T7708] [ 171.043130][ T7708] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 174.084297][ T7731] tipc: Started in network mode [ 174.113910][ T7731] tipc: Node identity ac14140f, cluster identity 4711 [ 174.153250][ T7731] tipc: New replicast peer: 255.255.255.255 [ 174.203243][ T7731] tipc: Enabled bearer , priority 10 [ 174.218721][ T7737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.526'. [ 174.316773][ T7737] tipc: Disabling bearer [ 177.451805][ T7768] xt_TCPMSS: Only works on TCP SYN packets [ 177.760889][ T7756] loop3: detected capacity change from 0 to 40427 [ 177.785564][ T7756] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 177.831879][ T7756] F2FS-fs (loop3): invalid crc value [ 177.886304][ T7756] F2FS-fs (loop3): Found nat_bits in checkpoint [ 178.086484][ T7756] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 179.697639][ T7797] loop1: detected capacity change from 0 to 512 [ 179.711878][ T7797] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 0)! [ 179.728280][ T7797] EXT4-fs (loop1): group descriptors corrupted! [ 179.989354][ T5767] syz-executor: attempt to access beyond end of device [ 179.989354][ T5767] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 180.010748][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 182.556683][ T7849] netlink: 'syz.4.560': attribute type 39 has an invalid length. [ 183.646826][ T7864] bridge1: entered promiscuous mode [ 183.671450][ T7864] bridge1: entered allmulticast mode [ 183.754449][ T7864] team0: Port device bridge1 added [ 183.795406][ T7865] bridge0: port 3(team0) entered blocking state [ 183.802986][ T7865] bridge0: port 3(team0) entered disabled state [ 183.831092][ T7865] team0: entered allmulticast mode [ 183.964353][ T7865] team_slave_0: entered allmulticast mode [ 183.970652][ T7865] team_slave_1: entered allmulticast mode [ 184.037551][ T7865] team0: entered promiscuous mode [ 184.042755][ T7865] team_slave_0: entered promiscuous mode [ 184.048727][ T7865] team_slave_1: entered promiscuous mode [ 184.057640][ T7865] bridge0: port 3(team0) entered blocking state [ 184.064685][ T7865] bridge0: port 3(team0) entered forwarding state [ 184.079824][ T7866] geneve2: entered promiscuous mode [ 184.153888][ T7866] geneve2: entered allmulticast mode [ 185.312939][ T7888] loop3: detected capacity change from 0 to 2048 [ 185.363271][ T7888] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.995592][ T5767] UDF-fs: error (device loop3): udf_read_inode: (ino 1) failed !bh [ 186.035766][ T5767] UDF-fs: error (device loop3): udf_read_inode: (ino 1) failed !bh [ 188.227908][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.342021][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.597660][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.747817][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.026969][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 189.041341][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 189.051734][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 189.080586][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 189.089886][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 189.114508][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 189.535864][ T7925] chnl_net:caif_netlink_parms(): no params data found [ 189.709565][ T7925] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.717192][ T7925] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.726274][ T7925] bridge_slave_0: entered allmulticast mode [ 189.733123][ T7925] bridge_slave_0: entered promiscuous mode [ 189.774874][ T7925] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.782151][ T7925] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.789836][ T7925] bridge_slave_1: entered allmulticast mode [ 189.797650][ T7925] bridge_slave_1: entered promiscuous mode [ 189.852024][ T7925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.868425][ T7925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.922332][ T7925] team0: Port device team_slave_0 added [ 189.932723][ T7925] team0: Port device team_slave_1 added [ 190.030544][ T7925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 190.049333][ T7925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.086079][ T7925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 190.122866][ T7925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.151515][ T7925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.189101][ T7925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.302403][ T7925] hsr_slave_0: entered promiscuous mode [ 190.312257][ T7925] hsr_slave_1: entered promiscuous mode [ 190.322553][ T7925] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.338943][ T7925] Cannot create hsr debugfs directory [ 190.351134][ T12] hsr_slave_0: left promiscuous mode [ 190.364185][ T12] hsr_slave_1: left promiscuous mode [ 190.388058][ T12] veth1_macvtap: left promiscuous mode [ 190.394304][ T12] veth0_macvtap: left promiscuous mode [ 190.399970][ T12] veth1_vlan: left promiscuous mode [ 190.405967][ T12] veth0_vlan: left promiscuous mode [ 190.551913][ T12] team0 (unregistering): Port device bridge1 removed [ 190.636997][ T12] pimreg (unregistering): left allmulticast mode [ 191.224101][ T51] Bluetooth: hci2: command tx timeout [ 191.552773][ T12] bond0 (unregistering): Released all slaves [ 191.630236][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 191.906680][ T7925] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 191.931932][ T7925] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 191.948817][ T7925] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 191.967271][ T7925] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 192.108024][ T7925] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.142312][ T7925] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.157091][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.165287][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.189358][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.196613][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.507373][ T7925] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.862592][ T7925] veth0_vlan: entered promiscuous mode [ 192.893352][ T7925] veth1_vlan: entered promiscuous mode [ 192.943247][ T7925] veth0_macvtap: entered promiscuous mode [ 192.956504][ T7925] veth1_macvtap: entered promiscuous mode [ 193.008027][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.019362][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.029776][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.040399][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.050394][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.060946][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.072007][ T7925] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.090365][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.101160][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.111339][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.123424][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.133448][ T7925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.145414][ T7925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.159952][ T7925] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.170743][ T7925] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.179711][ T7925] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.188553][ T7925] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.197355][ T7925] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.288588][ T3433] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.305330][ T3433] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.311599][ T5772] Bluetooth: hci2: command tx timeout [ 193.359099][ T3433] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.369679][ T3433] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.674379][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.680797][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.795540][ T8030] tipc: New replicast peer: 255.255.255.255 [ 194.801862][ T8030] tipc: Enabled bearer , priority 10 [ 194.828704][ T8030] netlink: 12 bytes leftover after parsing attributes in process `syz.2.588'. [ 194.881938][ T8030] tipc: Disabling bearer [ 195.383873][ T5772] Bluetooth: hci2: command tx timeout [ 195.911618][ T8061] netlink: 35 bytes leftover after parsing attributes in process `syz.1.602'. [ 196.043442][ T8066] tipc: Failed to remove unknown binding: 66,0,0/0:665175692/665175694 [ 196.052885][ T8066] tipc: Failed to remove unknown binding: 66,0,0/0:665175692/665175693 [ 196.068157][ T8066] tipc: Failed to remove unknown binding: 66,0,0/0:665175692/665175694 [ 196.078496][ T8066] tipc: Failed to remove unknown binding: 66,0,0/0:665175692/665175693 [ 197.474209][ T5772] Bluetooth: hci2: command tx timeout [ 199.901846][ T8137] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.909885][ T8137] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.988566][ T8140] bridge_slave_1: left allmulticast mode [ 200.006574][ T8140] bridge_slave_1: left promiscuous mode [ 200.013017][ T8140] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.054856][ T8140] bridge_slave_0: left allmulticast mode [ 200.076885][ T8140] bridge_slave_0: left promiscuous mode [ 200.101981][ T8140] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.010863][ T8187] batadv_slave_1: entered promiscuous mode [ 202.072315][ T8186] batadv_slave_1: left promiscuous mode [ 204.575054][ T8212] netlink: 4 bytes leftover after parsing attributes in process `syz.5.639'. [ 204.596338][ T8212] netlink: 24 bytes leftover after parsing attributes in process `syz.5.639'. [ 206.106485][ T8222] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 206.504076][ T788] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 206.549846][ T8200] Set syz1 is full, maxelem 65536 reached [ 206.735157][ T788] usb 6-1: Using ep0 maxpacket: 32 [ 206.749585][ T788] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 206.808474][ T788] usb 6-1: config 0 has no interface number 0 [ 206.853441][ T788] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 206.888769][ T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.932561][ T788] usb 6-1: Product: syz [ 206.937433][ T788] usb 6-1: Manufacturer: syz [ 206.954901][ T788] usb 6-1: SerialNumber: syz [ 206.971013][ T788] usb 6-1: config 0 descriptor?? [ 207.011680][ T788] smsc95xx v2.0.0 [ 207.465661][ T788] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 207.489413][ T788] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 208.213641][ T8274] netlink: 'syz.1.657': attribute type 1 has an invalid length. [ 208.501874][ T8274] bond3: entered promiscuous mode [ 208.507226][ T8274] bond3: entered allmulticast mode [ 208.513337][ T8277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.657'. [ 208.540971][ T8277] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 208.607099][ T8277] bond3: (slave bridge1): making interface the new active one [ 208.625627][ T8277] bridge1: entered promiscuous mode [ 208.640904][ T8277] bridge1: entered allmulticast mode [ 208.662714][ T8277] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 208.685385][ T8279] netlink: 28 bytes leftover after parsing attributes in process `syz.1.657'. [ 208.878934][ T8279] bond3: left promiscuous mode [ 208.885857][ T8279] bridge1: left promiscuous mode [ 208.891102][ T8279] bond3: left allmulticast mode [ 208.896396][ T8279] bridge1: left allmulticast mode [ 208.902986][ T8279] 8021q: adding VLAN 0 to HW filter on device bond3 [ 209.883462][ T788] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000038: -71 [ 209.895102][ T788] smsc95xx: probe of 6-1:0.67 failed with error -71 [ 209.906074][ T788] usb 6-1: USB disconnect, device number 2 [ 210.014035][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.4.662'. [ 210.051202][ T8295] netlink: 24 bytes leftover after parsing attributes in process `syz.4.662'. [ 210.191288][ T8302] syz.4.664 uses obsolete (PF_INET,SOCK_PACKET) [ 210.458527][ T8313] netlink: 'syz.1.668': attribute type 13 has an invalid length. [ 210.916065][ T8319] netlink: 24 bytes leftover after parsing attributes in process `syz.5.670'. [ 210.942056][ T8324] ip_vti0: Master is either lo or non-ether device [ 211.150719][ T8334] Invalid ELF header magic: != ELF [ 211.892506][ T8362] netlink: 'syz.5.681': attribute type 1 has an invalid length. [ 212.198933][ T8363] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.206662][ T8363] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.632012][ T8363] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.668710][ T8363] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.963613][ T8363] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.973115][ T8363] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.996499][ T8363] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.005971][ T8363] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.181970][ T8365] netlink: 12 bytes leftover after parsing attributes in process `syz.4.682'. [ 213.202505][ T8365] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 213.480842][ T8399] x_tables: duplicate underflow at hook 2 [ 218.346178][ T8451] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 218.638239][ T8458] netlink: 32 bytes leftover after parsing attributes in process `syz.1.709'. [ 218.683863][ T8458] netlink: 32 bytes leftover after parsing attributes in process `syz.1.709'. [ 218.747822][ T8462] tipc: Failed to remove unknown binding: 66,0,0/0:3662997147/3662997149 [ 218.774045][ T8462] tipc: Failed to remove unknown binding: 66,0,0/0:3662997147/3662997148 [ 218.791192][ T8462] tipc: Failed to remove unknown binding: 66,0,0/0:3662997147/3662997149 [ 218.803976][ T8462] tipc: Failed to remove unknown binding: 66,0,0/0:3662997147/3662997148 [ 218.835666][ T8466] netlink: 24 bytes leftover after parsing attributes in process `syz.2.712'. [ 218.900723][ T8465] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 219.392385][ T8475] team0: left allmulticast mode [ 219.397525][ T8475] team_slave_0: left allmulticast mode [ 219.403197][ T8475] team_slave_1: left allmulticast mode [ 219.412182][ T8475] team0: left promiscuous mode [ 219.417467][ T8475] team_slave_0: left promiscuous mode [ 219.423193][ T8475] team_slave_1: left promiscuous mode [ 219.429707][ T8475] bridge0: port 3(team0) entered disabled state [ 219.440679][ T8475] bridge_slave_1: left allmulticast mode [ 219.447507][ T8475] bridge_slave_1: left promiscuous mode [ 219.455878][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.466988][ T8475] bridge_slave_0: left allmulticast mode [ 219.472752][ T8475] bridge_slave_0: left promiscuous mode [ 219.480162][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.887524][ T8550] batman_adv: batadv0: Adding interface: dummy0 [ 224.895786][ T8550] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.953194][ T8550] batman_adv: batadv0: Interface activated: dummy0 [ 225.019252][ T8560] batadv0: mtu less than device minimum [ 225.035116][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.048209][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.060709][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.073199][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.085748][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.098339][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.110833][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.123318][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 225.135788][ T8560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 227.277611][ T8599] loop5: detected capacity change from 0 to 40427 [ 227.310346][ T8599] F2FS-fs (loop5): Wrong SIT boundary, start(1536) end(50334208) blocks(1024) [ 227.335301][ T8599] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 227.372345][ T8599] F2FS-fs (loop5): invalid crc value [ 227.409956][ T8599] F2FS-fs (loop5): Found nat_bits in checkpoint [ 227.550638][ T8599] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 227.561996][ T8599] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 227.788306][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 227.788321][ T28] audit: type=1804 audit(1772031954.076:127): pid=8599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.743" name="/newroot/33/file2/bus" dev="loop5" ino=10 res=1 errno=0 [ 228.409094][ T7925] syz-executor: attempt to access beyond end of device [ 228.409094][ T7925] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 228.430735][ T7925] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 229.832500][ T8694] netlink: 'syz.4.760': attribute type 46 has an invalid length. [ 229.892785][ T8694] netlink: 'syz.4.760': attribute type 19 has an invalid length. [ 229.939554][ T8694] netlink: 4 bytes leftover after parsing attributes in process `syz.4.760'. [ 230.596147][ T8713] netlink: 24 bytes leftover after parsing attributes in process `syz.4.761'. [ 230.700848][ T8716] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -11243, delta: 1 [ 230.715721][ T8719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.766'. [ 230.743977][ T8716] ref_ctr increment failed for inode: 0xc6 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880780d4c00 [ 230.762766][ T8719] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 230.772200][ T8719] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 230.781156][ T8719] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 230.789983][ T8719] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 230.807194][ T8719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.766'. [ 230.852986][ T8715] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -11243, delta: -1 [ 230.871995][ T8715] ref_ctr decrement failed for inode: 0xc6 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880780d4c00 [ 241.475757][ T8878] nfs: Unknown parameter 'fs' [ 243.495080][ T5822] Process accounting resumed [ 248.280470][ T8935] netlink: 'syz.4.831': attribute type 12 has an invalid length. [ 248.854701][ T8935] netlink: 16 bytes leftover after parsing attributes in process `syz.4.831'. [ 249.734326][ T8984] nfs: Unknown parameter 'fs' [ 250.709403][ T9006] netlink: 24 bytes leftover after parsing attributes in process `syz.2.852'. [ 251.426293][ T9013] netlink: 8 bytes leftover after parsing attributes in process `syz.5.853'. [ 253.201129][ T9045] loop5: detected capacity change from 0 to 128 [ 253.285570][ T9045] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 253.419029][ T9045] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 253.464126][ T9045] ext2 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.675082][ T7925] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 256.110339][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.118639][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.789853][ T9079] netlink: 'syz.2.875': attribute type 12 has an invalid length. [ 256.825792][ T9079] netlink: 16 bytes leftover after parsing attributes in process `syz.2.875'. [ 258.044449][ T9105] netlink: 'syz.2.884': attribute type 1 has an invalid length. [ 258.985859][ T9107] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address [ 258.997581][ T9107] bond4: (slave vxcan3): Setting fail_over_mac to active for active-backup mode [ 259.010680][ T9107] bond4: (slave vxcan3): making interface the new active one [ 259.025479][ T9107] bond4: (slave vxcan3): Enslaving as an active interface with an up link [ 259.035628][ T9109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.884'. [ 259.048826][ T9109] bond4 (unregistering): (slave vxcan3): Releasing backup interface [ 259.067899][ T9109] bond4 (unregistering): Released all slaves [ 259.259342][ T9118] netlink: 'syz.1.888': attribute type 1 has an invalid length. [ 259.387391][ T9122] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0 [ 259.410066][ T9122] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0 [ 259.436772][ T9122] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0 [ 259.460678][ T9122] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0 [ 259.496592][ T9122] bond4: (slave geneve2): making interface the new active one [ 259.519987][ T9122] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 259.937755][ T9135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.893'. [ 260.101397][ T9135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.893'. [ 261.271479][ T9152] lo: Caught tx_queue_len zero misconfig [ 261.671207][ T9155] binder: BINDER_SET_CONTEXT_MGR already set [ 261.692960][ T9155] binder: 9154:9155 ioctl 4018620d 2000000002c0 returned -16 [ 262.159088][ T28] audit: type=1326 audit(1772031988.446:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9161 comm="syz.1.899" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x0 [ 262.651944][ T9166] loop5: detected capacity change from 0 to 512 [ 262.739267][ T9166] EXT4-fs (loop5): 1 truncate cleaned up [ 262.746999][ T9166] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.071906][ T7925] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.507746][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.908'. [ 265.566894][ T9196] bond0: (slave bond_slave_0): Releasing backup interface [ 265.626638][ T9196] bond0: (slave bond_slave_1): Releasing backup interface [ 265.730064][ T9196] team0: Port device team_slave_0 removed [ 265.762150][ T9196] team0: Port device team_slave_1 removed [ 265.779306][ T9196] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.787687][ T9196] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.811250][ T9196] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 265.833368][ T9196] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.885061][ T9196] team0: Port device bridge1 removed [ 265.926888][ T9204] o2cb: This node has not been configured. [ 265.934285][ T9204] o2cb: Cluster check failed. Fix errors before retrying. [ 265.942630][ T9204] (syz.1.911,9204,1):user_dlm_register:674 ERROR: status = -22 [ 265.952839][ T9204] (syz.1.911,9204,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus" [ 268.281218][ T9239] loop5: detected capacity change from 0 to 4096 [ 268.328410][ T9239] EXT4-fs (loop5): Test dummy encryption mode enabled [ 268.904974][ T9239] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 268.913310][ T9239] System zones: 0-5 [ 268.931350][ T9239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.247666][ T7925] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.436037][ T9250] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: 1 [ 270.786183][ T9250] ref_ctr increment failed for inode: 0x554 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88801c6dcc00 [ 270.945882][ T9252] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: -1 [ 271.360361][ T9252] ref_ctr decrement failed for inode: 0x554 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88801c6dcc00 [ 271.559999][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.5.928'. [ 272.144149][ T9278] net_ratelimit: 10 callbacks suppressed [ 272.144164][ T9278] netlink: get zone limit has 4 unknown bytes [ 272.817763][ T9294] xt_CT: You must specify a L4 protocol and not use inversions on it [ 273.451704][ T9293] vlan0: entered promiscuous mode [ 273.515457][ T9293] bridge0: entered promiscuous mode [ 273.520983][ T9293] vlan0: entered allmulticast mode [ 273.526586][ T9293] bridge0: entered allmulticast mode [ 273.536157][ T9295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.936'. [ 273.603900][ T9295] batman_adv: batadv0: Interface deactivated: dummy0 [ 273.612012][ T9295] batman_adv: batadv0: Removing interface: dummy0 [ 273.626224][ T9295] bridge_slave_0: left allmulticast mode [ 273.652504][ T9295] bridge_slave_0: left promiscuous mode [ 273.666647][ T9295] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.691804][ T9295] bridge_slave_1: left allmulticast mode [ 273.710125][ T9295] bridge_slave_1: left promiscuous mode [ 273.747231][ T9295] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.757883][ T9295] bond0: (slave bond_slave_0): Releasing backup interface [ 273.767017][ T9295] bond0: (slave bond_slave_1): Releasing backup interface [ 273.782606][ T9295] team0: Port device team_slave_0 removed [ 273.793176][ T9295] team0: Port device team_slave_1 removed [ 273.800056][ T9295] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.811429][ T9295] bond1: (slave veth3): Releasing active interface [ 273.888456][ T9306] UBIFS error (pid: 9306): cannot open "ubifs", error -22 [ 274.548052][ T9295] bond3: (slave bridge1): Releasing active interface [ 274.580138][ T9295] bond4: (slave geneve2): Releasing active interface [ 274.628632][ T9295] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0 [ 274.638680][ T9295] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0 [ 274.658848][ T9295] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0 [ 274.672136][ T9295] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0 [ 275.158171][ T9315] 9pnet_fd: Insufficient options for proto=fd [ 276.447016][ T9336] loop5: detected capacity change from 0 to 1024 [ 280.187870][ T28] audit: type=1326 audit(1772032006.476:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 280.213542][ T9376] lo speed is unknown, defaulting to 1000 [ 280.223979][ T9376] lo speed is unknown, defaulting to 1000 [ 280.230544][ T9376] lo speed is unknown, defaulting to 1000 [ 280.245295][ T28] audit: type=1326 audit(1772032006.476:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 280.309277][ T9376] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 280.320942][ T28] audit: type=1326 audit(1772032006.476:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 280.375097][ T28] audit: type=1326 audit(1772032006.476:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 280.433911][ T28] audit: type=1326 audit(1772032006.476:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 280.466034][ T9384] overlayfs: failed to clone upperpath [ 280.490693][ T28] audit: type=1326 audit(1772032006.476:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3a0a39c392 code=0x7ffc0000 [ 280.504586][ T9376] lo speed is unknown, defaulting to 1000 [ 280.522467][ T9384] overlayfs: failed to resolve './file1': -2 [ 280.569777][ T28] audit: type=1326 audit(1772032006.476:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a0a35cece code=0x7ffc0000 [ 280.588250][ T9376] lo speed is unknown, defaulting to 1000 [ 280.619157][ T28] audit: type=1326 audit(1772032006.516:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3a0a39c457 code=0x7ffc0000 [ 280.658724][ T9376] lo speed is unknown, defaulting to 1000 [ 280.676537][ T28] audit: type=1326 audit(1772032006.526:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a0a35cece code=0x7ffc0000 [ 280.702465][ T9376] lo speed is unknown, defaulting to 1000 [ 280.746467][ T28] audit: type=1326 audit(1772032006.526:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.4.961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3a0a35cece code=0x7ffc0000 [ 281.833337][ T9401] lo speed is unknown, defaulting to 1000 [ 283.749137][ T9436] netlink: 4 bytes leftover after parsing attributes in process `syz.5.976'. [ 284.402617][ T9428] lo speed is unknown, defaulting to 1000 [ 284.588716][ T9436] bond0: (slave bond_slave_0): Releasing backup interface [ 284.644686][ T9436] bond0: (slave bond_slave_1): Releasing backup interface [ 285.487226][ T9436] team0: Port device team_slave_0 removed [ 285.603652][ T9436] team0: Port device team_slave_1 removed [ 285.639813][ T9436] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.662037][ T9436] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.705001][ T9436] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.732934][ T9436] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 286.056809][ T9452] netlink: 12 bytes leftover after parsing attributes in process `syz.1.983'. [ 286.103014][ T9452] bridge3: port 1(veth7) entered blocking state [ 286.110847][ T9452] bridge3: port 1(veth7) entered disabled state [ 286.120724][ T9452] veth7: entered allmulticast mode [ 286.128834][ T9452] veth7: entered promiscuous mode [ 286.135857][ T9452] bridge3: port 1(veth7) entered blocking state [ 286.142260][ T9452] bridge3: port 1(veth7) entered forwarding state [ 286.165931][ T9457] bridge3: port 2(veth9) entered blocking state [ 286.172314][ T9457] bridge3: port 2(veth9) entered disabled state [ 286.231297][ T9457] veth9: entered allmulticast mode [ 286.520892][ T9457] veth9: entered promiscuous mode [ 286.556273][ T9457] bridge3: port 2(veth9) entered blocking state [ 286.562756][ T9457] bridge3: port 2(veth9) entered forwarding state [ 286.925392][ T1141] bridge3: port 1(veth7) entered disabled state [ 286.946388][ T1141] bridge3: port 2(veth9) entered disabled state [ 287.140932][ T9465] bridge4: entered promiscuous mode [ 295.734144][ T9540] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1011'. [ 298.201845][ T9574] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1021'. [ 299.405518][ T9599] xt_CT: You must specify a L4 protocol and not use inversions on it [ 299.443590][ T9601] xt_TCPMSS: Only works on TCP SYN packets [ 300.331802][ T9606] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1030'. [ 300.478972][ T9608] lo speed is unknown, defaulting to 1000 [ 300.658358][ T9613] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1033'. [ 300.779301][ T9613] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1033'. [ 305.293471][ T9648] xt_CT: You must specify a L4 protocol and not use inversions on it [ 308.626521][ T9678] syz_tun: entered allmulticast mode [ 308.667063][ T9678] syz_tun: left allmulticast mode [ 308.773301][ T9688] warning: `syz.2.1055' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 311.007073][ T9703] netlink: 'syz.2.1055': attribute type 10 has an invalid length. [ 311.131485][ T9703] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 311.566602][ T9713] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1063'. [ 312.991835][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 312.991849][ T28] audit: type=1326 audit(1772032039.276:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.052624][ T28] audit: type=1326 audit(1772032039.316:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.085129][ T28] audit: type=1326 audit(1772032039.316:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.114716][ T28] audit: type=1326 audit(1772032039.316:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.148386][ T28] audit: type=1326 audit(1772032039.316:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7987d5cece code=0x7ffc0000 [ 313.224003][ T28] audit: type=1326 audit(1772032039.316:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.301085][ T28] audit: type=1326 audit(1772032039.316:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.323919][ T28] audit: type=1326 audit(1772032039.316:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.352623][ T28] audit: type=1326 audit(1772032039.316:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.413792][ T28] audit: type=1326 audit(1772032039.316:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.1.1068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 313.524799][ T9743] netlink: 'syz.5.1072': attribute type 1 has an invalid length. [ 313.609095][ T9743] 8021q: adding VLAN 0 to HW filter on device bond1 [ 313.795322][ T9743] bond1: (slave gretap2): making interface the new active one [ 313.837419][ T9743] bond1: (slave gretap2): Enslaving as an active interface with an up link [ 313.910584][ T9743] syz.5.1072 (9743) used greatest stack depth: 19504 bytes left [ 314.203034][ T9764] xt_TCPMSS: Only works on TCP SYN packets [ 314.650777][ T9762] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 314.658993][ T9762] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 314.865104][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 316.055380][ T9768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1078'. [ 316.704907][ T5822] IPVS: starting estimator thread 0... [ 316.706248][ T9785] IPVS: rr: FWM 3 0x00000003 - no destination available [ 316.732991][ T9788] vlan0: entered promiscuous mode [ 316.744365][ T9788] vlan0: entered allmulticast mode [ 316.750860][ T9788] hsr_slave_1: entered allmulticast mode [ 316.794420][ T9789] IPVS: using max 17 ests per chain, 40800 per kthread [ 316.803054][ T9788] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1086'. [ 316.998842][ T9795] syz_tun: entered allmulticast mode [ 317.065359][ T9799] vxcan4: entered allmulticast mode [ 317.549274][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.558545][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.993955][ T28] kauditd_printk_skb: 93 callbacks suppressed [ 317.993968][ T28] audit: type=1326 audit(1772032044.286:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.086521][ T28] audit: type=1326 audit(1772032044.276:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.133074][ T28] audit: type=1326 audit(1772032044.316:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.138457][ T9818] lo speed is unknown, defaulting to 1000 [ 318.182141][ T28] audit: type=1326 audit(1772032044.316:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.283909][ T28] audit: type=1326 audit(1772032044.316:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.308506][ T788] kernel write not supported for file bpf-prog (pid: 788 comm: kworker/1:2) [ 318.393843][ T28] audit: type=1326 audit(1772032044.316:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 318.755269][ T28] audit: type=1326 audit(1772032044.316:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 319.116235][ T28] audit: type=1326 audit(1772032044.316:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 319.232548][ T28] audit: type=1326 audit(1772032044.316:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 319.263765][ T28] audit: type=1326 audit(1772032044.316:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9815 comm="syz.2.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 321.436703][ T9857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1105'. [ 321.744142][ T9865] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1116'. [ 321.861211][ T9871] netlink: 'syz.5.1109': attribute type 1 has an invalid length. [ 321.905311][ T9871] 8021q: adding VLAN 0 to HW filter on device bond2 [ 322.002308][ T9868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1108'. [ 322.155902][ T9871] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1109'. [ 322.170513][ T9871] bond2: entered promiscuous mode [ 322.177206][ T9871] bond2: entered allmulticast mode [ 322.814701][ T9877] bond2: (slave dummy0): making interface the new active one [ 322.864429][ T9877] dummy0: entered promiscuous mode [ 322.870206][ T9877] dummy0: entered allmulticast mode [ 322.980511][ T9877] bond2: (slave dummy0): Enslaving as an active interface with an up link [ 323.124555][ T9887] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1112'. [ 323.279955][ T9885] lo speed is unknown, defaulting to 1000 [ 323.784060][ T9900] openvswitch: netlink: Key 22 has unexpected len 2 expected 4 [ 324.844156][ T9911] xt_nat: multiple ranges no longer supported [ 325.602824][ T9915] veth7: left allmulticast mode [ 325.626441][ T9915] veth7: left promiscuous mode [ 325.631615][ T9915] bridge3: port 1(veth7) entered disabled state [ 325.661186][ T9915] veth9: left allmulticast mode [ 325.693808][ T9915] veth9: left promiscuous mode [ 325.705220][ T9915] bridge3: port 2(veth9) entered disabled state [ 325.776828][ T9916] team0: Mode changed to "loadbalance" [ 326.755783][ T9915] tipc: Started in network mode [ 326.760815][ T9915] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 326.783531][ T9915] tipc: Enabled bearer , priority 0 [ 328.220589][ T9] tipc: Node number set to 11578026 [ 330.589218][ T9943] xt_TCPMSS: Only works on TCP SYN packets [ 331.910968][ T9966] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1137'. [ 331.956592][ T9966] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.965654][ T9966] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.974815][ T9966] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.983545][ T9966] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 332.000240][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 332.000254][ T28] audit: type=1326 audit(1772032317.288:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.002133][ T9966] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1137'. [ 332.006390][ T28] audit: type=1326 audit(1772032317.288:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.011362][ T28] audit: type=1326 audit(1772032317.298:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.099628][ T28] audit: type=1326 audit(1772032317.378:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.123264][ T28] audit: type=1326 audit(1772032317.378:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.192751][ T28] audit: type=1326 audit(1772032317.378:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.244743][ T28] audit: type=1326 audit(1772032317.378:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.360995][ T28] audit: type=1326 audit(1772032317.378:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.441105][ T28] audit: type=1326 audit(1772032317.388:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.550337][ T28] audit: type=1326 audit(1772032317.388:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f3a0a39c629 code=0x7ffc0000 [ 332.613617][ T9986] xt_ecn: cannot match TCP bits for non-tcp packets [ 333.364601][ T9990] netlink: 'syz.5.1142': attribute type 11 has an invalid length. [ 333.427547][ T9992] xt_TCPMSS: Only works on TCP SYN packets [ 334.260911][ T9994] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 334.270243][ T9994] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 334.279205][ T9994] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 334.288282][ T9994] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 334.402533][ T9998] tipc: Enabled bearer , priority 10 [ 334.471968][ T9998] tipc: Enabled bearer , priority 0 [ 334.541777][T10005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1145'. [ 334.875660][T10016] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 335.580141][T10020] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1152'. [ 335.686445][T10029] bridge0: port 1(veth5) entered blocking state [ 335.693034][T10029] bridge0: port 1(veth5) entered disabled state [ 335.700475][T10029] veth5: entered allmulticast mode [ 335.897427][T10032] xt_TCPMSS: Only works on TCP SYN packets [ 336.416684][T10029] veth5: entered promiscuous mode [ 336.458609][T10020] bridge0: port 2(veth7) entered blocking state [ 336.476998][T10020] bridge0: port 2(veth7) entered disabled state [ 336.495406][T10020] veth7: entered allmulticast mode [ 336.555370][T10020] veth7: entered promiscuous mode [ 338.272190][T10064] netlink: 'syz.2.1162': attribute type 1 has an invalid length. [ 343.285195][T10064] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR [ 344.416298][ T28] kauditd_printk_skb: 43 callbacks suppressed [ 344.416331][ T28] audit: type=1326 audit(1772032329.698:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10083 comm="syz.1.1168" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x0 [ 345.771262][ T28] audit: type=1804 audit(1772032331.058:329): pid=10125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1179" name="bus" dev="ramfs" ino=19413 res=1 errno=0 [ 345.803965][ T28] audit: type=1804 audit(1772032331.088:330): pid=10125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1179" name="bus" dev="ramfs" ino=19413 res=1 errno=0 [ 346.935127][ T28] audit: type=1326 audit(1772032332.188:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10131 comm="syz.2.1181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x0 [ 347.132536][T10144] capability: warning: `syz.4.1185' uses deprecated v2 capabilities in a way that may be insecure [ 349.493842][T10168] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1194'. [ 350.292851][T10171] lo speed is unknown, defaulting to 1000 [ 351.883870][ T28] audit: type=1326 audit(1772032337.158:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10191 comm="syz.5.1198" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x0 [ 352.836886][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1200'. [ 356.634977][ T28] audit: type=1326 audit(1772032341.918:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.662887][ T28] audit: type=1326 audit(1772032341.918:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.688594][ T28] audit: type=1326 audit(1772032341.948:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.716512][ T28] audit: type=1326 audit(1772032341.948:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.740330][ T28] audit: type=1326 audit(1772032341.948:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.773766][ T28] audit: type=1326 audit(1772032341.948:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.796630][ T28] audit: type=1326 audit(1772032341.948:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.822530][ T28] audit: type=1326 audit(1772032341.948:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fec69d9c629 code=0x7ffc0000 [ 356.848537][ T28] audit: type=1326 audit(1772032341.948:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10248 comm="syz.2.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fec69d9c392 code=0x7ffc0000 [ 357.174946][T10224] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.184115][T10224] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.192997][T10224] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.202673][T10224] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.291162][T10244] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1216'. [ 357.383887][T10257] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1219'. [ 357.454718][T10259] bond4: (slave vcan1): refused to change device type [ 357.643342][T10270] netlink: 'syz.4.1223': attribute type 1 has an invalid length. [ 357.863300][T10270] 8021q: adding VLAN 0 to HW filter on device bond1 [ 359.137311][T10273] 8021q: adding VLAN 0 to HW filter on device bond1 [ 359.174574][T10273] bond1: (slave vti0): The slave device specified does not support setting the MAC address [ 359.219287][T10273] bond1: (slave vti0): Error -95 calling set_mac_address [ 359.468293][T10270] bond1: (slave gretap1): making interface the new active one [ 359.482096][T10270] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 360.696535][T10297] netlink: 276 bytes leftover after parsing attributes in process `syz.4.1228'. [ 361.481249][T10296] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1229'. [ 361.817071][T10307] veth5: left allmulticast mode [ 361.832321][T10307] veth5: left promiscuous mode [ 361.842681][T10307] bridge0: port 1(veth5) entered disabled state [ 361.876648][T10307] veth7: left allmulticast mode [ 361.938496][T10307] veth7: left promiscuous mode [ 361.944286][T10307] bridge0: port 2(veth7) entered disabled state [ 361.979358][T10307] bond1: (slave gretap1): Releasing active interface [ 362.796334][T10312] team0: Mode changed to "loadbalance" [ 362.802463][T10316] vlan0: entered promiscuous mode [ 363.092407][T10307] tipc: Enabled bearer , priority 0 [ 364.699587][ T5822] tipc: Node number set to 2886997007 [ 364.777743][T10340] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1239'. [ 364.985988][T10343] bond6: (slave gretap0): Enslaving as an active interface with an up link [ 365.076765][T10340] bond6 (unregistering): (slave gretap0): Releasing backup interface [ 365.132976][T10340] bond6 (unregistering): Released all slaves [ 365.617591][T10358] sch_fq: defrate 0 ignored. [ 366.228385][T10369] tipc: Resetting bearer [ 366.239581][T10369] bridge_slave_0: left allmulticast mode [ 366.245791][T10369] bridge_slave_0: left promiscuous mode [ 366.425966][T10369] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.756513][T10369] bridge_slave_1: left allmulticast mode [ 366.891552][T10369] bridge_slave_1: left promiscuous mode [ 366.897521][T10369] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.920034][T10369] bond0: (slave bond_slave_0): Releasing backup interface [ 367.002984][T10369] bond0: (slave bond_slave_1): Releasing backup interface [ 367.039119][T10365] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1255'. [ 367.101459][T10369] team0: Port device team_slave_0 removed [ 367.130314][T10369] team0: Port device team_slave_1 removed [ 367.139550][T10369] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.152276][T10369] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.171730][T10369] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.201919][T10369] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.319574][T10369] bond0: (slave wlan1): Releasing backup interface [ 367.405551][T10388] xt_socket: unknown flags 0x50 [ 368.088193][T10369] bond1: (slave ip6gretap1): Releasing backup interface [ 368.108799][T10369] ip6gretap1: left allmulticast mode [ 368.126525][T10369] bond2: (slave bridge2): Releasing backup interface [ 368.159266][T10369] bridge2: left allmulticast mode [ 368.222131][T10369] bond3: (slave ip6gretap2): Releasing active interface [ 368.336788][T10374] team0: Mode changed to "loadbalance" [ 368.384135][T10375] veth0_vlan: left promiscuous mode [ 368.394516][T10375] vlan0: entered promiscuous mode [ 368.400225][T10375] veth0_vlan: entered promiscuous mode [ 368.434372][T10375] team0: Port device vlan0 added [ 370.011544][T10409] openvswitch: netlink: Message has 4 unknown bytes. [ 370.824435][T10411] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa [ 371.120157][T10421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1262'. [ 374.232861][T10461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1276'. [ 375.341372][T10475] netlink: 'syz.2.1284': attribute type 1 has an invalid length. [ 375.354998][T10475] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.1284'. [ 378.996608][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.003411][T10496] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 379.014254][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.103938][T10509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 379.496684][T10513] netlink: 'syz.1.1296': attribute type 1 has an invalid length. [ 379.874976][T10513] bond6: entered promiscuous mode [ 379.880440][T10513] 8021q: adding VLAN 0 to HW filter on device bond6 [ 379.928701][T10514] bond6: (slave bridge6): making interface the new active one [ 379.938289][T10514] bridge6: entered promiscuous mode [ 379.949714][T10514] bond6: (slave bridge6): Enslaving as an active interface with an up link [ 379.982741][T10517] bond6: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 380.005140][T10517] bond6: (slave ipvlan0): The slave device specified does not support setting the MAC address [ 380.115225][T10518] tipc: Started in network mode [ 380.121906][T10518] tipc: Node identity , cluster identity 4711 [ 380.130767][T10518] tipc: Failed to obtain node identity [ 380.154019][T10518] tipc: Enabling of bearer rejected, failed to enable media [ 380.171716][T10519] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1297'. [ 380.202690][T10519] 0ªX¹¦À: renamed from caif0 [ 380.228423][T10519] 0ªX¹¦À: entered allmulticast mode [ 380.246318][T10519] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 380.273427][T10526] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1300'. [ 380.937097][T10525] netlink: 'syz.2.1300': attribute type 5 has an invalid length. [ 380.953939][T10525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 383.005140][T10560] openvswitch: netlink: Message has 4 unknown bytes. [ 386.252259][T10595] netlink: 'syz.5.1321': attribute type 1 has an invalid length. [ 386.445309][T10595] 8021q: adding VLAN 0 to HW filter on device bond3 [ 386.485806][T10597] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1322'. [ 387.605780][T10619] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1329'. [ 388.822570][T10637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1336'. [ 388.879725][T10637] bond7: (slave ip_vti0): The slave device specified does not support setting the MAC address [ 388.891109][T10637] bond7: (slave ip_vti0): Error -95 calling set_mac_address [ 389.155029][T10645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1335'. [ 393.171253][T10717] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1362'. [ 395.026801][ T27] IPVS: starting estimator thread 0... [ 395.114017][T10742] IPVS: using max 18 ests per chain, 43200 per kthread [ 395.288270][T10744] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1371'. [ 395.351623][T10747] fuse: Bad value for 'fd' [ 401.950689][T10842] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1401'. [ 401.988122][T10842] sch_tbf: burst 88 is lower than device veth9 mtu (1514) ! [ 403.848258][T10855] netlink: 'syz.4.1405': attribute type 4 has an invalid length. [ 405.811617][T10868] lo speed is unknown, defaulting to 1000 [ 408.260466][T10885] fuse: Bad value for 'fd' [ 409.241980][T10893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 414.946848][T10955] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1434'. [ 416.266116][T10965] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1437'. [ 416.597068][T10973] netlink: 'syz.4.1443': attribute type 11 has an invalid length. [ 418.191015][T10990] netlink: zone id is out of range [ 418.374759][T10990] netlink: zone id is out of range [ 418.401498][T10990] netlink: zone id is out of range [ 418.627917][T10990] netlink: zone id is out of range [ 418.641158][T10990] netlink: zone id is out of range [ 418.647013][T10990] netlink: zone id is out of range [ 418.652327][T10990] netlink: zone id is out of range [ 418.661002][T10990] netlink: zone id is out of range [ 418.682417][T10990] netlink: zone id is out of range [ 418.702175][T10990] netlink: zone id is out of range [ 418.725257][T10995] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1447'. [ 418.832703][T10995] 8021q: adding VLAN 0 to HW filter on device bond5 [ 418.886748][T10996] bond5: entered promiscuous mode [ 419.018179][T10998] dummy0: entered promiscuous mode [ 419.054648][T10998] bond5: (slave dummy0): Enslaving as an active interface with an up link [ 419.104501][T10993] bond5: left promiscuous mode [ 419.109829][T10993] dummy0: left promiscuous mode [ 419.535411][T11017] bad cache= option: no%e [ 419.535411][T11017] [ 419.542314][T11017] CIFS: VFS: bad cache= option: no%e [ 420.709016][T11021] netlink: 'syz.1.1455': attribute type 10 has an invalid length. [ 420.734980][T11021] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1455'. [ 420.795051][T11021] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.844304][T11021] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.878629][T11021] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.898931][T11021] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 421.016510][T11021] team0: Failed to send options change via netlink (err -105) [ 421.041795][T11021] team0: Port device geneve0 added [ 421.074141][T11026] debugfs: Directory 'netdev:nicvf0' with parent 'phy8' already present! [ 421.106042][T11035] netlink: 'syz.5.1453': attribute type 10 has an invalid length. [ 421.975681][T11040] netlink: 'syz.1.1457': attribute type 9 has an invalid length. [ 425.908785][T11088] ipt_REJECT: TCP_RESET invalid for non-tcp [ 433.328977][T11171] lo speed is unknown, defaulting to 1000 [ 440.811224][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.817710][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.652138][T11214] netlink: 'syz.2.1505': attribute type 1 has an invalid length. [ 441.821901][T11217] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1507'. [ 442.019961][T11220] lo speed is unknown, defaulting to 1000 [ 445.767490][T11257] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1518'. [ 446.009021][T11257] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1518'. [ 450.036723][T11319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1533'. [ 453.589589][T11365] Device name cannot be null; rc = [-22] [ 455.538784][T11394] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1555'. [ 455.820062][T11394] netlink: 63 bytes leftover after parsing attributes in process `syz.5.1555'. [ 459.836410][T11450] libceph: resolve '4..' (ret=-3): failed [ 462.198285][T11475] netlink: 'syz.2.1578': attribute type 1 has an invalid length. [ 462.772080][T11485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1580'. [ 463.691833][T11494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1575'. [ 467.084983][T11536] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1596'. [ 468.921949][T11548] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1599'. [ 469.021297][T11551] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1599'. [ 469.044644][T11551] veth3: entered promiscuous mode [ 469.049723][T11551] veth3: entered allmulticast mode [ 469.207479][T11554] fuse: Bad value for 'fd' [ 469.764106][T11567] netlink: 'syz.2.1604': attribute type 1 has an invalid length. [ 470.571152][T11567] 8021q: adding VLAN 0 to HW filter on device bond6 [ 470.587124][T11569] bond6: entered allmulticast mode [ 473.924267][T11608] netlink: 'syz.5.1615': attribute type 16 has an invalid length. [ 473.938903][T11608] netlink: 'syz.5.1615': attribute type 17 has an invalid length. [ 476.514203][T11638] netlink: 'syz.1.1622': attribute type 1 has an invalid length. [ 476.660187][T11638] 8021q: adding VLAN 0 to HW filter on device bond8 [ 476.814578][T11645] bond8: (slave geneve3): making interface the new active one [ 476.875945][T11645] bond8: (slave geneve3): Enslaving as an active interface with an up link [ 482.575946][T11733] netlink: 'syz.4.1642': attribute type 21 has an invalid length. [ 482.823572][T11738] netlink: 'syz.1.1643': attribute type 4 has an invalid length. [ 483.046138][T11743] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 486.775282][T11779] netlink: 'syz.5.1656': attribute type 1 has an invalid length. [ 486.892454][T11779] 8021q: adding VLAN 0 to HW filter on device bond5 [ 486.974794][T11781] bond5: entered allmulticast mode [ 487.068496][T11783] bond5: (slave ip6gretap1): making interface the new active one [ 487.078502][T11783] ip6gretap1: entered allmulticast mode [ 487.091008][T11783] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link [ 487.177044][T11789] bond9: (slave ip6gretap1): making interface the new active one [ 487.208033][T11789] bond9: (slave ip6gretap1): Enslaving as an active interface with an up link [ 487.332663][T11797] xt_TCPMSS: Only works on TCP SYN packets [ 491.998773][T11830] lo speed is unknown, defaulting to 1000 [ 492.125644][T11845] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1673'. [ 499.157521][T11919] net_ratelimit: 23 callbacks suppressed [ 499.157538][T11919] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 499.252209][T11919] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 501.872724][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.879231][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.215072][T11965] lo speed is unknown, defaulting to 1000 [ 504.395837][T11976] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1711'. [ 509.951131][T12016] bond7: (slave ip6gretap0): making interface the new active one [ 510.181995][T12016] bond7: (slave ip6gretap0): Enslaving as an active interface with an up link [ 512.655255][T12055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1729'. [ 512.686690][T12055] macvtap1: entered promiscuous mode [ 512.692034][T12055] syz_tun: entered promiscuous mode [ 512.698700][T12055] macvtap1: entered allmulticast mode [ 512.704483][T12055] syz_tun: entered allmulticast mode [ 512.860210][T12059] bond_slave_1: entered promiscuous mode [ 512.896120][T12059] bond_slave_1: left promiscuous mode [ 514.506040][T12089] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1742'. [ 514.538280][T12089] syz_tun: entered promiscuous mode [ 514.547458][T12089] macvtap1: entered promiscuous mode [ 514.553131][T12089] macvtap1: entered allmulticast mode [ 514.562979][T12089] syz_tun: entered allmulticast mode [ 518.093103][T12151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1756'. [ 518.194959][T12151] bond7: (slave ip6gretap0): Releasing active interface [ 520.679179][T12178] netlink: 'syz.2.1766': attribute type 1 has an invalid length. [ 521.722975][T12178] bond8: entered promiscuous mode [ 521.728467][T12178] 8021q: adding VLAN 0 to HW filter on device bond8 [ 521.839842][T12178] bond8: (slave bridge6): making interface the new active one [ 521.852227][T12178] bridge6: entered promiscuous mode [ 521.861221][T12178] bond8: (slave bridge6): Enslaving as an active interface with an up link [ 522.996788][T12201] bridge7: entered allmulticast mode [ 523.127310][T12204] tipc: Enabling of bearer rejected, failed to enable media [ 525.729503][T12250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1778'. [ 525.763927][T12245] tipc: Failed to remove unknown binding: 66,0,0/0:3167821633/3167821634 [ 525.795314][T12251] tipc: Failed to remove unknown binding: 66,0,0/0:1048969356/1048969358 [ 525.805697][T12250] macvtap1: entered promiscuous mode [ 525.824032][T12245] tipc: Failed to remove unknown binding: 66,0,0/0:3167821633/3167821634 [ 525.832728][T12250] syz_tun: entered promiscuous mode [ 525.845270][T12250] macvtap1: entered allmulticast mode [ 525.869729][T12250] syz_tun: entered allmulticast mode [ 526.173154][T12261] x_tables: duplicate entry at hook 3 [ 526.223849][T12261] netlink: 'syz.1.1787': attribute type 16 has an invalid length. [ 526.272867][T12261] netlink: 'syz.1.1787': attribute type 17 has an invalid length. [ 526.511831][T12261] 8021q: adding VLAN 0 to HW filter on device bond0 [ 526.559312][T12261] 8021q: adding VLAN 0 to HW filter on device team0 [ 526.592691][T12261] tipc: Resetting bearer [ 526.608804][T12261] tipc: Resetting bearer [ 526.639826][T12261] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 528.436278][T12296] netlink: 'syz.1.1796': attribute type 9 has an invalid length. [ 529.485505][T12311] tipc: Enabling of bearer rejected, failed to enable media [ 531.567491][T12347] netlink: 'syz.5.1809': attribute type 1 has an invalid length. [ 531.700492][T12347] bond6: entered promiscuous mode [ 531.734292][T12347] 8021q: adding VLAN 0 to HW filter on device bond6 [ 531.868819][T12347] bond6: (slave bridge2): making interface the new active one [ 531.888020][T12347] bridge2: entered promiscuous mode [ 531.934419][T12347] bond6: (slave bridge2): Enslaving as an active interface with an up link [ 533.893443][T12375] tipc: Invalid UDP bearer configuration [ 533.893498][T12375] tipc: Enabling of bearer rejected, failed to enable media [ 534.096112][T12380] tipc: Resetting bearer [ 534.129697][T12383] netlink: 'syz.5.1820': attribute type 5 has an invalid length. [ 534.201104][T12380] bond_slave_1: entered promiscuous mode [ 534.222203][T12380] bond_slave_1: left promiscuous mode [ 534.445504][T12385] virtio-fs: tag not found [ 535.675213][T12397] UBIFS error (pid: 12397): cannot open "./file0", error -22 [ 537.798936][T12417] tipc: Resetting bearer [ 537.879135][T12422] bond_slave_1: entered promiscuous mode [ 537.888149][T12422] bond_slave_1: left promiscuous mode [ 540.913787][T12420] syz.5.1830 (12420) used greatest stack depth: 17904 bytes left [ 541.420243][T12424] syz.5.1830 (12424) used greatest stack depth: 17864 bytes left [ 541.832947][T12456] ipt_REJECT: ECHOREPLY no longer supported. [ 542.368199][T12458] bond_slave_1: entered promiscuous mode [ 542.389282][T12458] bond_slave_1: left promiscuous mode [ 544.768562][T12484] IPVS: length: 218 != 24 [ 545.069956][T12492] tipc: Resetting bearer [ 546.167004][T12492] bond_slave_1: entered promiscuous mode [ 546.188891][T12492] bond_slave_1: left promiscuous mode [ 549.565525][T12536] tipc: Resetting bearer [ 549.660097][T12536] tipc: Disabling bearer [ 550.337580][T12536] team0 (unregistering): Port device vlan0 removed [ 552.846786][T12581] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaaa [ 557.532098][T12637] IPVS: length: 218 != 24 [ 562.220441][T12678] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 563.304894][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.311729][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.347084][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 563.347099][ T28] audit: type=1326 audit(1772032554.642:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.489185][ T28] audit: type=1326 audit(1772032554.682:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.517490][ T28] audit: type=1326 audit(1772032554.682:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.630483][ T28] audit: type=1326 audit(1772032554.682:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.719300][ T28] audit: type=1326 audit(1772032554.682:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.751962][T12698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1911'. [ 563.761466][ T28] audit: type=1326 audit(1772032554.682:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.769454][T12698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1911'. [ 563.803067][ T28] audit: type=1326 audit(1772032554.682:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.830047][T12698] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 563.830712][ T28] audit: type=1326 audit(1772032554.682:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.838845][T12698] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 563.867411][ T28] audit: type=1326 audit(1772032554.682:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 563.871026][T12698] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 563.871062][T12698] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 563.926660][T12698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1911'. [ 563.944631][T12698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1911'. [ 563.954116][ T28] audit: type=1326 audit(1772032554.682:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12695 comm="syz.5.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 564.009443][ T788] af_packet: tpacket_rcv: packet too big, clamped from 76 to 4294967272. macoff=96 [ 570.885920][T12763] atomic_op ffff88807cbf5198 conn xmit_atomic 0000000000000000 [ 570.996764][T12753] lo speed is unknown, defaulting to 1000 [ 571.506275][T12756] netlink: 'syz.5.1926': attribute type 1 has an invalid length. [ 571.589031][T12769] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1926'. [ 571.679906][T12769] bond7: (slave bridge3): making interface the new active one [ 571.703350][T12769] bond7: (slave bridge3): Enslaving as an active interface with an up link [ 571.727550][T12772] IPVS: ip_vs_add_dest(): server weight less than zero [ 572.571537][T12756] bond7: (slave bridge4): Enslaving as an active interface with a down link [ 580.133422][T12838] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1948'. [ 581.207297][ T5772] Bluetooth: hci2: unexpected event for opcode 0x080d [ 584.282870][ T5772] Bluetooth: hci2: unexpected event for opcode 0x0c1c [ 584.424022][T12872] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1958'. [ 585.348776][ T5772] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 585.357749][ T5772] Bluetooth: hci2: Injecting HCI hardware error event [ 585.442034][ T5772] Bluetooth: hci2: hardware error 0x00 [ 585.696473][T12885] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 585.713458][T12884] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 585.807753][T12885] tipc: Resetting bearer [ 586.460152][T12885] team0: Port device geneve0 removed [ 586.483245][T12885] bond6: (slave bridge6): Releasing backup interface [ 586.512306][T12885] bridge6: left promiscuous mode [ 586.679597][T12885] bond8: (slave geneve3): Releasing active interface [ 587.625713][T12885] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.643204][T12885] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.657068][T12885] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.666587][T12885] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.677537][ T5772] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 587.734889][T12885] bond9: (slave ip6gretap1): Releasing active interface [ 587.984312][T12908] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 588.308530][T12887] netlink: 'syz.1.1949': attribute type 10 has an invalid length. [ 588.833377][T12887] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 588.847038][T12887] bond0: (slave wlan1): refused to change device type [ 588.879104][T12889] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1949'. [ 590.257504][T12889] bond0 (unregistering): Released all slaves [ 590.316174][ T39] tipc: Resetting bearer [ 592.305939][T12947] tipc: Enabling of bearer rejected, failed to enable media [ 592.365006][T12947] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1976'. [ 592.543335][T12947] tipc: Enabling of bearer rejected, failed to enable media [ 592.749571][T12959] netlink: 4096 bytes leftover after parsing attributes in process `syz.5.1978'. [ 592.759421][T12959] openvswitch: netlink: ct_state flags 00030000 unsupported [ 599.541958][T13034] xt_cluster: node mask cannot exceed total number of nodes [ 605.579392][T13079] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2009'. [ 605.588868][T13079] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2009'. [ 605.603521][T13079] team0: entered promiscuous mode [ 605.611737][T13079] bond0: entered promiscuous mode [ 605.626953][T13079] hsr1: Slave A (team0) is not up; please bring it up to get a fully working HSR network [ 605.644101][T13079] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network [ 605.667122][T13079] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 607.773087][T13089] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2014'. [ 608.584037][T13106] netlink: 'syz.5.2020': attribute type 1 has an invalid length. [ 608.778651][T13106] 8021q: adding VLAN 0 to HW filter on device bond8 [ 608.810053][T13110] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2020'. [ 609.002335][T13110] bond8: (slave bridge5): making interface the new active one [ 609.024024][T13110] bond8: (slave bridge5): Enslaving as an active interface with an up link [ 613.086417][T13146] tipc: Enabling of bearer rejected, failed to enable media [ 613.171033][T13149] MTD: Attempt to mount non-MTD device "./file0" [ 613.178482][T13149] ./file0: Can't open blockdev [ 614.680932][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 614.680947][ T28] audit: type=1326 audit(1772032605.907:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.111329][ T28] audit: type=1326 audit(1772032605.907:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.369018][ T28] audit: type=1326 audit(1772032605.907:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.391825][ T28] audit: type=1326 audit(1772032605.908:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.465906][ T28] audit: type=1326 audit(1772032605.908:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.524854][ T28] audit: type=1326 audit(1772032605.908:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.548167][ T28] audit: type=1326 audit(1772032605.908:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.572768][ T28] audit: type=1326 audit(1772032605.908:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.606438][ T28] audit: type=1326 audit(1772032605.908:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 615.635103][ T28] audit: type=1326 audit(1772032605.908:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13161 comm="syz.5.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 620.941208][T13224] vlan2: entered promiscuous mode [ 621.102196][T13224] bridge0: entered promiscuous mode [ 621.657305][T13236] bridge0: port 1(hsr0) entered blocking state [ 621.675944][T13236] bridge0: port 1(hsr0) entered disabled state [ 621.682498][T13236] hsr0: entered allmulticast mode [ 621.687634][T13236] hsr_slave_0: entered allmulticast mode [ 621.693559][T13236] hsr_slave_1: entered allmulticast mode [ 621.700920][T13236] hsr0: entered promiscuous mode [ 624.622072][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.632633][T13269] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.686564][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.698914][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.708419][T13269] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.739325][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.756235][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.765695][T13269] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.798984][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 624.812132][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2059'. [ 626.643732][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.650444][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 626.650456][ T28] audit: type=1326 audit(1772032617.195:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13273 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 626.679312][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.690963][ T28] audit: type=1326 audit(1772032617.195:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13273 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 626.882740][ T28] audit: type=1326 audit(1772032617.195:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13273 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 626.906522][ T28] audit: type=1326 audit(1772032617.195:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13273 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 627.104203][ T28] audit: type=1326 audit(1772032617.195:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13273 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7987d9c629 code=0x7ffc0000 [ 630.445015][ T5772] Bluetooth: hci3: command 0x0406 tx timeout [ 631.737169][ T28] audit: type=1326 audit(1772032621.958:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.000616][ T28] audit: type=1326 audit(1772032621.958:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.029023][ T28] audit: type=1326 audit(1772032621.968:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.436144][T13327] overlayfs: failed to clone upperpath [ 632.482906][ T28] audit: type=1326 audit(1772032621.968:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.521544][ T28] audit: type=1326 audit(1772032621.968:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.564065][ T28] audit: type=1326 audit(1772032621.968:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 632.599687][ T28] audit: type=1326 audit(1772032621.968:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 633.144122][ T28] audit: type=1326 audit(1772032621.968:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 633.302523][ T28] audit: type=1326 audit(1772032621.968:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 633.480158][ T28] audit: type=1326 audit(1772032621.968:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 633.964140][ T28] audit: type=1326 audit(1772032621.968:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13323 comm="syz.5.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cbcd9c629 code=0x7ffc0000 [ 635.131864][T13356] __nla_validate_parse: 20 callbacks suppressed [ 635.131881][T13356] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2082'. [ 635.168154][T13358] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2083'. [ 635.228260][T13358] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2083'. [ 647.667108][T13464] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: 1 [ 647.676404][T13464] ref_ctr increment failed for inode: 0xaf1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880219d8980 [ 647.845202][T13470] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: -1 [ 647.893433][T13470] ref_ctr decrement failed for inode: 0xaf1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880219d8980 [ 649.005009][T13485] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 651.698567][T13517] netlink: 'syz.4.2128': attribute type 3 has an invalid length. [ 652.914621][T13535] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2132'. [ 661.401117][T13597] netlink: 'syz.4.2147': attribute type 10 has an invalid length. [ 662.283287][T13609] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2147'. [ 662.568592][T13611] netlink: 'syz.2.2150': attribute type 1 has an invalid length. [ 662.660336][T13613] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 662.720015][T13613] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 662.728863][T13613] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 662.750217][T13613] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 662.769294][T13613] bond9: (slave geneve0): making interface the new active one [ 662.780435][T13613] bond9: (slave geneve0): Enslaving as an active interface with an up link [ 662.790291][T13611] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2150'. [ 662.804645][T13611] 8021q: adding VLAN 0 to HW filter on device bond9 [ 669.334331][ T1141] ------------[ cut here ]------------ [ 669.340469][ T1141] WARNING: CPU: 0 PID: 1141 at io_uring/io_uring.c:3214 io_ring_exit_work+0x3a7/0x820 [ 669.350154][ T1141] Modules linked in: [ 669.354070][ T1141] CPU: 0 PID: 1141 Comm: kworker/u4:6 Not tainted syzkaller #0 [ 669.361925][ T1141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 669.372050][ T1141] Workqueue: iou_exit io_ring_exit_work [ 669.377670][ T1141] RIP: 0010:io_ring_exit_work+0x3a7/0x820 [ 669.383388][ T1141] Code: 78 23 e8 ac 2a 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 93 2a 0b f7 e9 b9 fd ff ff e8 89 2a 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00 [ 669.403222][ T1141] RSP: 0018:ffffc9000490fa40 EFLAGS: 00010293 [ 669.409361][ T1141] RAX: ffffffff8a7bea87 RBX: ffff88805bbdc000 RCX: ffff888023fc9e00 [ 669.417357][ T1141] RDX: 0000000000000000 RSI: fffffffffffffffd RDI: 0000000000000000 [ 669.425444][ T1141] RBP: ffffc9000490fbb0 R08: ffffc9000490f9c7 R09: 1ffff92000921f38 [ 669.434032][ T1141] R10: dffffc0000000000 R11: fffff52000921f39 R12: dffffc0000000000 [ 669.442091][ T1141] R13: ffff88805bbdc288 R14: 0000000100008e0d R15: 0000000100008e10 [ 669.450090][ T1141] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 669.459099][ T1141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 669.465771][ T1141] CR2: 000000110c3c1eb5 CR3: 000000000cf32000 CR4: 00000000003506f0 [ 669.473812][ T1141] Call Trace: [ 669.477126][ T1141] [ 669.480099][ T1141] ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0 [ 669.486091][ T1141] ? _raw_spin_unlock_irq+0x23/0x50 [ 669.491340][ T1141] ? process_scheduled_works+0x96f/0x15d0 [ 669.497167][ T1141] ? process_scheduled_works+0x96f/0x15d0 [ 669.503005][ T1141] process_scheduled_works+0xa5d/0x15d0 [ 669.508895][ T1141] ? assign_work+0x430/0x430 [ 669.513527][ T1141] ? assign_work+0x3d0/0x430 [ 669.518206][ T1141] worker_thread+0xa55/0xfc0 [ 669.522809][ T1141] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 669.528730][ T1141] ? _raw_spin_unlock+0x40/0x40 [ 669.533640][ T1141] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 669.539570][ T1141] kthread+0x2fa/0x390 [ 669.543802][ T1141] ? pr_cont_work+0x560/0x560 [ 669.548536][ T1141] ? kthread_blkcg+0xd0/0xd0 [ 669.553116][ T1141] ret_from_fork+0x48/0x80 [ 669.557524][ T1141] ? kthread_blkcg+0xd0/0xd0 [ 669.562198][ T1141] ret_from_fork_asm+0x11/0x20 [ 669.566963][ T1141] [ 669.570006][ T1141] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 669.577286][ T1141] CPU: 0 PID: 1141 Comm: kworker/u4:6 Not tainted syzkaller #0 [ 669.584841][ T1141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 669.594892][ T1141] Workqueue: iou_exit io_ring_exit_work [ 669.600628][ T1141] Call Trace: [ 669.603926][ T1141] [ 669.606850][ T1141] dump_stack_lvl+0x18c/0x250 [ 669.611614][ T1141] ? show_regs_print_info+0x20/0x20 [ 669.617550][ T1141] ? load_image+0x400/0x400 [ 669.622073][ T1141] panic+0x2dc/0x730 [ 669.625984][ T1141] ? bpf_jit_dump+0xd0/0xd0 [ 669.630480][ T1141] ? ret_from_fork_asm+0x11/0x20 [ 669.635410][ T1141] __warn+0x2e0/0x470 [ 669.639375][ T1141] ? io_ring_exit_work+0x3a7/0x820 [ 669.644470][ T1141] ? io_ring_exit_work+0x3a7/0x820 [ 669.649564][ T1141] report_bug+0x2be/0x4f0 [ 669.653908][ T1141] ? io_ring_exit_work+0x3a7/0x820 [ 669.659101][ T1141] ? io_ring_exit_work+0x3a7/0x820 [ 669.664301][ T1141] ? io_ring_exit_work+0x3a9/0x820 [ 669.669414][ T1141] handle_bug+0xcf/0x120 [ 669.673651][ T1141] exc_invalid_op+0x1a/0x50 [ 669.678149][ T1141] asm_exc_invalid_op+0x1a/0x20 [ 669.683006][ T1141] RIP: 0010:io_ring_exit_work+0x3a7/0x820 [ 669.688711][ T1141] Code: 78 23 e8 ac 2a 0b f7 48 8b 7c 24 30 48 8b 74 24 08 e8 ed ec 10 00 48 85 c0 75 1d e8 93 2a 0b f7 e9 b9 fd ff ff e8 89 2a 0b f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb cf c7 84 24 90 00 00 00 00 [ 669.708316][ T1141] RSP: 0018:ffffc9000490fa40 EFLAGS: 00010293 [ 669.714365][ T1141] RAX: ffffffff8a7bea87 RBX: ffff88805bbdc000 RCX: ffff888023fc9e00 [ 669.722333][ T1141] RDX: 0000000000000000 RSI: fffffffffffffffd RDI: 0000000000000000 [ 669.730286][ T1141] RBP: ffffc9000490fbb0 R08: ffffc9000490f9c7 R09: 1ffff92000921f38 [ 669.738237][ T1141] R10: dffffc0000000000 R11: fffff52000921f39 R12: dffffc0000000000 [ 669.746277][ T1141] R13: ffff88805bbdc288 R14: 0000000100008e0d R15: 0000000100008e10 [ 669.754246][ T1141] ? io_ring_exit_work+0x3a7/0x820 [ 669.759350][ T1141] ? io_ring_ctx_wait_and_kill+0x2b0/0x2b0 [ 669.765147][ T1141] ? _raw_spin_unlock_irq+0x23/0x50 [ 669.770326][ T1141] ? process_scheduled_works+0x96f/0x15d0 [ 669.776029][ T1141] ? process_scheduled_works+0x96f/0x15d0 [ 669.781748][ T1141] process_scheduled_works+0xa5d/0x15d0 [ 669.787317][ T1141] ? assign_work+0x430/0x430 [ 669.791901][ T1141] ? assign_work+0x3d0/0x430 [ 669.796482][ T1141] worker_thread+0xa55/0xfc0 [ 669.801062][ T1141] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 669.806949][ T1141] ? _raw_spin_unlock+0x40/0x40 [ 669.811788][ T1141] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 669.817677][ T1141] kthread+0x2fa/0x390 [ 669.821834][ T1141] ? pr_cont_work+0x560/0x560 [ 669.826602][ T1141] ? kthread_blkcg+0xd0/0xd0 [ 669.831208][ T1141] ret_from_fork+0x48/0x80 [ 669.835630][ T1141] ? kthread_blkcg+0xd0/0xd0 [ 669.840304][ T1141] ret_from_fork_asm+0x11/0x20 [ 669.845239][ T1141] [ 669.848687][ T1141] Kernel Offset: disabled [ 669.853081][ T1141] Rebooting in 86400 seconds..