last executing test programs: 5m32.245457731s ago: executing program 0 (id=351): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x99, &(0x7f0000000480)=""/153}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) sendmsg$netlink(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {0x0, 0x1f88}], 0x2}, 0x0) 5m31.473554386s ago: executing program 0 (id=355): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680), &(0x7f00000006c0), 0x9, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 5m30.017172673s ago: executing program 0 (id=359): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @local}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x18) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe) timerfd_create(0x8, 0x0) epoll_create1(0x80000) clock_adjtime(0x0, &(0x7f00000001c0)={0xffff, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfef, 0x0, 0x0, 0x1}) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000002500)=[@increfs], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000140)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0}) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) 5m26.158869927s ago: executing program 0 (id=366): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x98, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x4c, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}]}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x98}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) 5m25.127767646s ago: executing program 0 (id=369): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) open(0x0, 0x145142, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x2]}}) 5m24.817410092s ago: executing program 0 (id=373): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) 5m9.644811842s ago: executing program 32 (id=373): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) 26.987901677s ago: executing program 3 (id=2441): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000008c0)={[{@noblock_validity}, {}, {@auto_da_alloc}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) pwritev2(r1, &(0x7f0000000240), 0x0, 0x7800, 0x0, 0x3) fallocate(r0, 0x3, 0xf00, 0x10000) 26.462538037s ago: executing program 3 (id=2442): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000040), 0x12) syz_clone(0x11, 0x0, 0x500, 0x0, 0x0, 0x0) 26.062766055s ago: executing program 3 (id=2443): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18) times(0x0) 25.858712599s ago: executing program 3 (id=2444): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) r2 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r2, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 22.228445868s ago: executing program 3 (id=2450): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x4, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) 22.09983562s ago: executing program 2 (id=2452): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="414601", @ANYRES32=r3], 0x4) 21.774786137s ago: executing program 2 (id=2454): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000080a01030000e6ff0000000002000000090001"], 0x7c}}, 0x10) 21.550996381s ago: executing program 2 (id=2456): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c000000000101040000000100000000020000002c0001801400018008000100e000000108000200ac1414000c00028005000100000000000600034000040000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x6c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 21.398790444s ago: executing program 2 (id=2457): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) r2 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r2, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 21.196464027s ago: executing program 3 (id=2458): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) socket$key(0xf, 0x3, 0x2) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14, 0x40800) setsockopt$packet_int(r2, 0x107, 0x9, &(0x7f0000000240)=0x7fff, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRESOCT=r3, @ANYRES64=0x0, @ANYRES16], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000600)={'ip6gre0\x00', r6, 0x4, 0x6, 0x2, 0x120, 0x28, @empty, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8000, 0x20, 0x3e6, 0x3}}) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r10, 0x0, 0x20}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58) r11 = socket(0x10, 0x803, 0x0) bind$netlink(r11, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockopt$netlink(r4, 0x10e, 0xa, &(0x7f00000003c0)=""/82, &(0x7f0000000340)=0x52) sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a00)=@newlink={0x44, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40881, 0x64088}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x800) socket$nl_route(0x10, 0x3, 0x0) r12 = socket(0x1, 0x803, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) socket$nl_route(0x10, 0x3, 0x0) r13 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r13, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2) 20.967929062s ago: executing program 2 (id=2459): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18) times(0x0) 20.763187566s ago: executing program 2 (id=2461): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="414601", @ANYRES32=r3], 0x4) 6.754993672s ago: executing program 33 (id=2458): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) socket$key(0xf, 0x3, 0x2) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14, 0x40800) setsockopt$packet_int(r2, 0x107, 0x9, &(0x7f0000000240)=0x7fff, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRESOCT=r3, @ANYRES64=0x0, @ANYRES16], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000600)={'ip6gre0\x00', r6, 0x4, 0x6, 0x2, 0x120, 0x28, @empty, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8000, 0x20, 0x3e6, 0x3}}) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r10, 0x0, 0x20}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58) r11 = socket(0x10, 0x803, 0x0) bind$netlink(r11, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockopt$netlink(r4, 0x10e, 0xa, &(0x7f00000003c0)=""/82, &(0x7f0000000340)=0x52) sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a00)=@newlink={0x44, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40881, 0x64088}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x800) socket$nl_route(0x10, 0x3, 0x0) r12 = socket(0x1, 0x803, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) socket$nl_route(0x10, 0x3, 0x0) r13 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r13, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2) 5.907566638s ago: executing program 34 (id=2461): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="414601", @ANYRES32=r3], 0x4) 3.541449743s ago: executing program 1 (id=2573): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[], 0x15) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x298) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000001080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x41, 0x0, @multicast2}, 0x20020003}}, 0x2e) getsockopt$sock_buf(r5, 0x1, 0x1c, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=0x56) memfd_create(0x0, 0x1) 1.959848133s ago: executing program 1 (id=2574): socket(0xa, 0x5, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.845803626s ago: executing program 1 (id=2576): r0 = syz_io_uring_setup(0xac9, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}, 0x1, 0x8}) io_uring_enter(r0, 0x6efc, 0x3900, 0xb, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x35, {0x5, 0x1}, 0x1}, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10) syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff) 1.555999191s ago: executing program 4 (id=2578): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001180)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000014) 1.555725821s ago: executing program 1 (id=2579): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0) 1.521127441s ago: executing program 4 (id=2580): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[], 0x15) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x298) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002440)={0x2020}, 0x2020) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, 0x0, 0x0) getsockopt$sock_buf(r5, 0x1, 0x1c, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=0x56) memfd_create(0x0, 0x1) 1.454732043s ago: executing program 1 (id=2581): io_setup(0x7f, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8084}, 0x40000) rename(0x0, &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x8}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r4 = accept(r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x4000001) recvfrom(r3, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0) 386.091193ms ago: executing program 4 (id=2582): socket(0xa, 0x5, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 277.342905ms ago: executing program 4 (id=2583): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) ioctl$TCSETSW2(r0, 0x5408, &(0x7f0000000040)={0x0, 0x810000, 0x0, 0x0, 0x0, "23f5f3d9afb42d1a51020e90d1beaa82dc1ecf", 0x42, 0x20}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x50, 0x9, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/llc/core\x00') modify_ldt$write(0x1, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) 149.877388ms ago: executing program 4 (id=2584): mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r3 = dup(r2) write$P9_RLERRORu(r3, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000080)=ANY=[]) 3.913151ms ago: executing program 1 (id=2585): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="d458d3fd8b787e03ab90e78ea98262b95a8455aa6ef822f0ec7630e56e8fe752fe472a6d10114fe406f9fa44c5580d86ebcce07b282f9d9743ad34e7c073", @ANYBLOB="0000000000000000b7"], 0x0}, 0x94) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28) sendmsg$inet(r0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="d400000000"], 0x1e8}, 0x80) 0s ago: executing program 4 (id=2591): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0xfdfd, 0x101, 0x100}}) kernel console output (not intermixed with test programs): bytes leftover after parsing attributes in process `syz.1.1241'. [ 395.181566][ T9784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1242'. [ 395.206922][ T9784] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1242'. [ 395.417440][ T9789] bridge: RTM_NEWNEIGH with invalid ether address [ 396.275208][ T9817] bridge: RTM_NEWNEIGH with invalid ether address [ 398.008423][ T28] audit: type=1326 audit(1759551516.841:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.052189][ T28] audit: type=1326 audit(1759551516.872:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.112769][ T28] audit: type=1326 audit(1759551516.872:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.136920][ T28] audit: type=1326 audit(1759551516.872:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.168701][ T28] audit: type=1326 audit(1759551516.872:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.207400][ T28] audit: type=1326 audit(1759551516.872:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.277753][ T28] audit: type=1326 audit(1759551516.872:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.317507][ T9865] 9pnet: p9_errstr2errno: server reported unknown error [ 398.335274][ T28] audit: type=1326 audit(1759551516.872:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.372306][ T9866] random: crng reseeded on system resumption [ 398.406722][ T28] audit: type=1326 audit(1759551516.872:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 398.479777][ T28] audit: type=1326 audit(1759551516.872:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9848 comm="syz.3.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd49818ef03 code=0x7ffc0000 [ 398.678778][ T9877] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1279'. [ 398.705335][ T9877] IPVS: Error connecting to the multicast addr [ 399.802569][ T9889] bridge: RTM_NEWNEIGH with invalid ether address [ 400.157591][ T9897] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1287'. [ 400.337266][ T9903] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1290'. [ 400.358211][ T9903] IPVS: Error connecting to the multicast addr [ 401.287986][ T9913] bridge: RTM_NEWNEIGH with invalid ether address [ 401.800818][ T9931] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1302'. [ 401.830073][ T9931] IPVS: Error connecting to the multicast addr [ 401.897516][ T9933] 9pnet_fd: Insufficient options for proto=fd [ 402.444421][ T9947] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1310'. [ 402.627524][ T9951] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1312'. [ 402.647523][ T9951] IPVS: Error connecting to the multicast addr [ 403.392559][ T9983] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1324'. [ 403.417687][ T9983] IPVS: Error connecting to the multicast addr [ 403.698586][ T28] kauditd_printk_skb: 49 callbacks suppressed [ 403.698604][ T28] audit: type=1326 audit(1759551518.819:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 403.771136][ T28] audit: type=1326 audit(1759551518.851:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 403.849342][ T28] audit: type=1326 audit(1759551518.851:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 403.925094][ T28] audit: type=1326 audit(1759551518.851:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.047798][ T28] audit: type=1326 audit(1759551519.176:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10001 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.115910][ T28] audit: type=1326 audit(1759551519.208:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10001 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.173015][ T28] audit: type=1326 audit(1759551519.229:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10001 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.218499][ T28] audit: type=1326 audit(1759551519.229:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10001 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.249173][ T28] audit: type=1326 audit(1759551519.229:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10001 comm="syz.1.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 404.345856][T10007] bridge: RTM_NEWNEIGH with invalid ether address [ 404.516296][T10015] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1337'. [ 404.964746][T10034] bridge: RTM_NEWNEIGH with invalid ether address [ 406.082683][T10049] syz.4.1346[10049] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 406.082842][T10049] syz.4.1346[10049] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 406.267128][T10054] futex_wake_op: syz.4.1346 tries to shift op by 144; fix this program [ 406.290024][ T28] audit: type=1326 audit(1759551521.538:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10056 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 406.338747][T10059] bridge: RTM_NEWNEIGH with invalid ether address [ 406.616854][T10065] ip6gre1: entered allmulticast mode [ 407.034996][T10072] Illegal XDP return value 4294967262 on prog (id 737) dev syz_tun, expect packet loss! [ 407.205711][T10080] bridge: RTM_NEWNEIGH with invalid ether address [ 407.398077][T10085] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1367'. [ 408.106068][T10084] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.206360][T10085] IPVS: Error connecting to the multicast addr [ 408.393542][T10084] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.527743][T10084] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.683004][T10084] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.794200][T10102] bridge: RTM_NEWNEIGH with invalid ether address [ 408.917338][T10084] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.969907][T10084] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.008435][T10084] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.054964][T10084] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.260141][T10109] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1378'. [ 409.286264][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 409.286280][ T28] audit: type=1107 audit(1759551524.677:1014): pid=10108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 409.291643][T10109] IPVS: Error connecting to the multicast addr [ 410.237037][T10120] bridge: RTM_NEWNEIGH with invalid ether address [ 410.286698][ T28] audit: type=1326 audit(1759551525.727:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.356133][ T28] audit: type=1326 audit(1759551525.727:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.402410][T10124] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 410.402458][ T28] audit: type=1326 audit(1759551525.769:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.419788][ T28] audit: type=1326 audit(1759551525.769:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.518527][ T28] audit: type=1326 audit(1759551525.769:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.581192][ T28] audit: type=1326 audit(1759551525.769:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.623214][T10124] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 410.645313][ T6670] kernel write not supported for file /sg0 (pid: 6670 comm: kworker/1:7) [ 410.645857][ T28] audit: type=1326 audit(1759551525.769:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.747246][ T28] audit: type=1326 audit(1759551525.769:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 410.787967][ T28] audit: type=1326 audit(1759551525.769:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10121 comm="syz.3.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 411.385887][T10143] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1392'. [ 411.423897][T10143] IPVS: Error connecting to the multicast addr [ 412.421212][T10152] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1395'. [ 412.913129][T10161] bridge: RTM_NEWNEIGH with invalid ether address [ 412.943366][T10159] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1395'. [ 413.192260][T10167] binder: 10164:10167 unknown command 1074553619 [ 413.199017][T10167] binder: 10164:10167 ioctl c0306201 200000000540 returned -22 [ 413.581769][T10169] 9pnet_fd: Insufficient options for proto=fd [ 414.265244][T10183] bridge: RTM_NEWNEIGH with invalid ether address [ 414.565205][T10198] binder: 10190:10198 unknown command 1074553619 [ 414.573416][T10198] binder: 10190:10198 ioctl c0306201 200000000540 returned -22 [ 415.630245][T10209] bridge: RTM_NEWNEIGH with invalid ether address [ 415.701028][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 415.701051][ T28] audit: type=1326 audit(1759551527.413:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.734567][T10214] netlink: 'syz.4.1420': attribute type 1 has an invalid length. [ 415.775379][ T28] audit: type=1326 audit(1759551527.413:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.838840][ T28] audit: type=1326 audit(1759551527.455:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.880156][T10214] 8021q: adding VLAN 0 to HW filter on device bond1 [ 415.885387][ T28] audit: type=1326 audit(1759551527.465:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.909021][T10219] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1420'. [ 415.909726][ T28] audit: type=1326 audit(1759551527.465:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.945266][ T28] audit: type=1326 audit(1759551527.465:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.971595][ T28] audit: type=1326 audit(1759551527.465:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 415.997401][ T28] audit: type=1326 audit(1759551527.465:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 416.031022][ T28] audit: type=1326 audit(1759551527.465:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 416.084456][ T28] audit: type=1326 audit(1759551527.465:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 416.287207][T10233] binder: 10227:10233 unknown command 1074553619 [ 416.293802][T10233] binder: 10227:10233 ioctl c0306201 200000000540 returned -22 [ 417.140950][T10219] bond1 (unregistering): Released all slaves [ 417.379136][T10245] bridge: RTM_NEWNEIGH with invalid ether address [ 417.619272][T10258] netlink: 'syz.1.1436': attribute type 4 has an invalid length. [ 417.633453][T10258] netlink: 'syz.1.1436': attribute type 6 has an invalid length. [ 417.641272][T10258] netlink: 'syz.1.1436': attribute type 5 has an invalid length. [ 417.650232][T10258] netlink: 198116 bytes leftover after parsing attributes in process `syz.1.1436'. [ 417.760330][T10263] syzkaller1: entered promiscuous mode [ 417.779702][T10263] syzkaller1: entered allmulticast mode [ 418.306505][T10277] 9pnet_fd: Insufficient options for proto=fd [ 418.533910][T10286] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1449'. [ 418.881521][T10300] 9pnet_fd: Insufficient options for proto=fd [ 419.236282][T10315] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 419.243751][T10315] IPv6: NLM_F_CREATE should be set when creating new route [ 419.390850][T10323] 9pnet_fd: Insufficient options for proto=fd [ 420.710730][ T28] kauditd_printk_skb: 21 callbacks suppressed [ 420.710748][ T28] audit: type=1326 audit(1759551530.683:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 420.781984][ T28] audit: type=1326 audit(1759551530.683:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 420.823716][ T28] audit: type=1326 audit(1759551530.704:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 420.885081][ T28] audit: type=1326 audit(1759551530.704:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 420.955852][ T28] audit: type=1326 audit(1759551530.704:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 421.004515][ T28] audit: type=1326 audit(1759551530.725:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 421.036420][T10375] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1489'. [ 421.071052][ T28] audit: type=1326 audit(1759551530.725:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 421.143530][ T28] audit: type=1326 audit(1759551530.725:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 421.187147][ T28] audit: type=1326 audit(1759551530.725:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.1.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 422.572407][T10398] 9pnet_fd: Insufficient options for proto=fd [ 425.238471][T10394] bridge: RTM_NEWNEIGH with invalid ether address [ 425.923336][T10445] netlink: 'syz.4.1516': attribute type 10 has an invalid length. [ 425.931494][T10445] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1516'. [ 426.449674][T10445] team0: Port device geneve0 added [ 426.581407][T10447] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1519'. [ 426.725244][T10452] bridge: RTM_NEWNEIGH with invalid ether address [ 426.831888][T10457] binder: 10451:10457 unknown command 1074553619 [ 426.838411][T10457] binder: 10451:10457 ioctl c0306201 200000000540 returned -22 [ 427.606086][ T28] audit: type=1326 audit(1759551533.911:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.684529][ T28] audit: type=1326 audit(1759551533.911:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.758425][ T28] audit: type=1326 audit(1759551533.952:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.788229][ T28] audit: type=1326 audit(1759551533.952:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.811242][ T28] audit: type=1326 audit(1759551533.952:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.843107][ T28] audit: type=1326 audit(1759551533.963:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.910780][ T28] audit: type=1326 audit(1759551533.963:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.935571][ T28] audit: type=1326 audit(1759551533.963:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 427.997686][ T28] audit: type=1326 audit(1759551533.963:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 428.035219][T10473] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.042510][T10473] IPv6: NLM_F_CREATE should be set when creating new route [ 428.055942][ T28] audit: type=1326 audit(1759551533.963:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.1.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9c918eec9 code=0x7ffc0000 [ 429.170901][T10479] random: crng reseeded on system resumption [ 429.299973][T10493] syz.4.1536[10493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.300138][T10493] syz.4.1536[10493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 430.009244][T10520] binder: 10514:10520 unknown command 1074553619 [ 430.015747][T10520] binder: 10514:10520 ioctl c0306201 200000000540 returned -22 [ 431.299894][T10552] random: crng reseeded on system resumption [ 432.483099][T10562] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1563'. [ 432.711347][T10572] 9pnet_fd: Insufficient options for proto=fd [ 433.212052][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 433.224861][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 434.025332][T10594] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1573'. [ 434.040194][T10592] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1572'. [ 434.057936][T10594] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1573'. [ 434.177334][T10601] 9pnet_fd: Insufficient options for proto=fd [ 435.863242][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 435.863284][ T28] audit: type=1326 audit(1759551532.580:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.401496][ T28] audit: type=1326 audit(1759551532.622:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.451567][ T28] audit: type=1326 audit(1759551532.716:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.481133][ T28] audit: type=1326 audit(1759551532.737:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.528418][ T28] audit: type=1326 audit(1759551532.737:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.575336][ T28] audit: type=1326 audit(1759551532.758:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.602219][T10630] 9pnet_fd: Insufficient options for proto=fd [ 436.624548][ T28] audit: type=1326 audit(1759551532.790:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.624774][T10634] bridge: RTM_NEWNEIGH with invalid ether address [ 436.695755][ T28] audit: type=1326 audit(1759551532.790:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.723743][T10636] syz.3.1591[10636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 436.723895][T10636] syz.3.1591[10636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 436.757423][ T28] audit: type=1326 audit(1759551532.790:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 436.855212][ T28] audit: type=1326 audit(1759551532.821:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10622 comm="syz.3.1585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 437.090042][T10648] netlink: 404 bytes leftover after parsing attributes in process `syz.4.1596'. [ 437.269580][T10654] syz.4.1600[10654] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 437.269733][T10654] syz.4.1600[10654] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 437.318036][T10657] 9pnet_fd: Insufficient options for proto=fd [ 437.751220][T10675] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1611'. [ 437.899749][T10681] 9p: Unknown access argument ¿: -22 [ 438.015448][T10687] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1616'. [ 438.040940][T10687] IPVS: Unknown mcast interface: vet [ 438.337433][T10700] bridge: RTM_NEWNEIGH with invalid ether address [ 438.991673][T10729] bridge: RTM_NEWNEIGH with invalid ether address [ 440.195222][T10760] atomic_op ffff88807da97198 conn xmit_atomic 0000000000000000 [ 441.159089][T10766] tmpfs: Bad value for 'mpol' [ 441.458961][ T28] kauditd_printk_skb: 48 callbacks suppressed [ 441.458998][ T28] audit: type=1326 audit(1759551536.457:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 441.539251][ T28] audit: type=1326 audit(1759551536.457:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 441.539313][ T28] audit: type=1326 audit(1759551536.457:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 441.539361][ T28] audit: type=1326 audit(1759551536.457:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 441.539409][ T28] audit: type=1326 audit(1759551536.457:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 441.693104][T10787] 9pnet_fd: Insufficient options for proto=fd [ 441.998282][T10805] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1662'. [ 442.300137][T10814] 9pnet_fd: Insufficient options for proto=fd [ 443.129427][T10843] netlink: 404 bytes leftover after parsing attributes in process `syz.1.1678'. [ 444.113949][T10883] netlink: 'syz.4.1699': attribute type 10 has an invalid length. [ 444.172592][T10883] team0: Port device dummy0 added [ 444.198136][T10888] netlink: 'syz.4.1699': attribute type 10 has an invalid length. [ 444.249941][T10888] team0: Port device dummy0 removed [ 444.286212][T10888] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 445.141234][T10910] random: crng reseeded on system resumption [ 445.398709][T10920] netlink: 'syz.1.1712': attribute type 4 has an invalid length. [ 445.472280][T10923] netlink: 'syz.1.1712': attribute type 4 has an invalid length. [ 445.812838][ T28] audit: type=1326 audit(1759551541.013:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.4.1720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 445.864189][ T28] audit: type=1326 audit(1759551541.013:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.4.1720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 445.894264][ T28] audit: type=1326 audit(1759551541.024:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.4.1720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 445.965627][ T28] audit: type=1326 audit(1759551541.024:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.4.1720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 446.032139][ T28] audit: type=1326 audit(1759551541.024:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.4.1720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 446.073520][T10939] geneve0: entered allmulticast mode [ 446.444959][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 446.444977][ T28] audit: type=1326 audit(1759551541.685:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.509574][ T28] audit: type=1326 audit(1759551541.685:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.548333][ T28] audit: type=1326 audit(1759551541.738:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.610152][ T28] audit: type=1326 audit(1759551541.738:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.636028][ T28] audit: type=1326 audit(1759551541.738:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.708917][ T28] audit: type=1326 audit(1759551541.738:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.757259][ T28] audit: type=1326 audit(1759551541.748:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.814109][ T28] audit: type=1326 audit(1759551541.748:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 446.903147][T10976] bridge: RTM_NEWNEIGH with invalid ether address [ 446.937061][ T28] audit: type=1326 audit(1759551541.748:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 447.010658][ T28] audit: type=1326 audit(1759551541.748:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10961 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 447.864818][T10990] 9pnet_fd: Insufficient options for proto=fd [ 448.039671][T10996] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1746'. [ 448.266057][T11005] bridge: RTM_NEWNEIGH with invalid ether address [ 448.761357][T11027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1759'. [ 449.107380][T11038] syzkaller1: entered promiscuous mode [ 449.112939][T11038] syzkaller1: entered allmulticast mode [ 449.392259][T11048] netlink: 'syz.3.1767': attribute type 10 has an invalid length. [ 449.420928][T11048] bond0: (slave dummy0): Releasing backup interface [ 449.460551][T11051] netlink: 'syz.3.1767': attribute type 10 has an invalid length. [ 449.494324][T11051] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 449.523480][T11055] netlink: 'syz.1.1770': attribute type 1 has an invalid length. [ 449.759918][T11067] netlink: 'syz.4.1777': attribute type 3 has an invalid length. [ 449.812538][T11070] 9pnet: p9_errstr2errno: server reported unknown error [ 450.111443][T11083] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1784'. [ 450.132247][T11083] IPVS: Unknown mcast interface: vetN1_macvtap [ 450.290741][T11091] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1788'. [ 450.324985][T11091] !60ªX¹¦À: renamed from caif0 [ 450.345989][T11091] !60ªX¹¦À: entered allmulticast mode [ 450.354084][T11091] A link change request failed with some changes committed already. Interface !60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 450.585213][T11103] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1797'. [ 450.606537][T11103] IPVS: Unknown mcast interface: vetN1_macvtap [ 450.783996][T11117] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1801'. [ 450.992611][T11124] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1804'. [ 451.051531][T11124] bridge0: entered promiscuous mode [ 451.071473][T11124] bridge0: port 3(macvlan2) entered blocking state [ 451.096289][T11124] bridge0: port 3(macvlan2) entered disabled state [ 451.113282][T11124] macvlan2: entered allmulticast mode [ 451.130423][T11124] bridge0: entered allmulticast mode [ 451.149155][T11124] macvlan2: left allmulticast mode [ 451.162392][T11124] bridge0: left allmulticast mode [ 451.179809][T11124] bridge0: left promiscuous mode [ 451.273032][T11129] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1806'. [ 451.278550][T11131] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1807'. [ 451.295470][T11131] IPVS: Unknown mcast interface: ip [ 451.596895][T11142] 9pnet_fd: Insufficient options for proto=fd [ 452.063893][T11153] bridge: RTM_NEWNEIGH with invalid ether address [ 452.316122][T11165] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1819'. [ 452.344892][T11165] IPVS: Unknown mcast interface: ip [ 452.863959][T11183] bridge: RTM_NEWNEIGH with invalid ether address [ 453.138000][T11192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1831'. [ 453.163248][T11192] syz.4.1831[11192] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 453.163400][T11192] syz.4.1831[11192] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 453.184583][T11192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1831'. [ 453.310195][ T5837] kernel write not supported for file /sg0 (pid: 5837 comm: kworker/0:4) [ 453.495960][ T28] kauditd_printk_skb: 142 callbacks suppressed [ 453.495977][ T28] audit: type=1326 audit(1759551549.086:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.528203][T11207] bridge: RTM_NEWNEIGH with invalid ether address [ 453.563216][ T28] audit: type=1326 audit(1759551549.139:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.615487][ T28] audit: type=1326 audit(1759551549.139:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.667852][ T28] audit: type=1326 audit(1759551549.139:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.715640][ T28] audit: type=1326 audit(1759551549.139:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.765347][ T28] audit: type=1326 audit(1759551549.139:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.793254][ T28] audit: type=1326 audit(1759551549.139:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.825286][ T28] audit: type=1326 audit(1759551549.139:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.862452][ T28] audit: type=1326 audit(1759551549.139:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 453.906995][ T28] audit: type=1326 audit(1759551549.139:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 454.044981][T11222] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1845'. [ 454.057192][T11222] IPVS: Unknown mcast interface: ipvla [ 454.295014][T11227] 9pnet_fd: Insufficient options for proto=fd [ 454.727421][T11244] netlink: 'syz.4.1854': attribute type 10 has an invalid length. [ 454.790756][T11249] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1855'. [ 454.801360][T11249] IPVS: Unknown mcast interface: ipvla [ 454.904326][T11253] syz.1.1858[11253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 454.904496][T11253] syz.1.1858[11253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 454.998021][ T6670] kernel write not supported for file /sg0 (pid: 6670 comm: kworker/1:7) [ 455.127374][T11263] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 455.169565][T11263] wireguard0: entered promiscuous mode [ 455.176284][T11263] wireguard0: entered allmulticast mode [ 455.522499][T11281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1868'. [ 455.536926][T11279] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1867'. [ 455.550302][T11279] IPVS: Unknown mcast interface: ipvla [ 455.559052][T11281] syz.1.1868[11281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 455.559200][T11281] syz.1.1868[11281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 455.596484][T11281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1868'. [ 455.683873][T11286] bridge: RTM_NEWNEIGH with invalid ether address [ 455.917628][T11296] syz.3.1874[11296] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 455.917790][T11296] syz.3.1874[11296] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 456.165611][T11304] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1880'. [ 456.232730][T11304] IPVS: Unknown mcast interface: ipvlan [ 456.549038][T11322] 9pnet_fd: Insufficient options for proto=fd [ 456.924860][T11335] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1893'. [ 456.977778][T11336] IPVS: Unknown mcast interface: ipvlan [ 457.071149][T11338] syz.4.1894[11338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 457.071305][T11338] syz.4.1894[11338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 457.441431][T11350] 9pnet_fd: Insufficient options for proto=fd [ 457.779676][T11365] IPVS: Unknown mcast interface: ipvlan [ 457.863097][T11367] bridge: RTM_NEWNEIGH with invalid ether address [ 458.056817][T11375] 9pnet_fd: Insufficient options for proto=fd [ 460.912392][ T28] kauditd_printk_skb: 79 callbacks suppressed [ 460.912409][ T28] audit: type=1326 audit(1759551556.876:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 460.946856][ T28] audit: type=1326 audit(1759551556.897:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 460.989241][T11391] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.989866][ T28] audit: type=1326 audit(1759551556.897:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.132732][ T28] audit: type=1326 audit(1759551556.897:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.181296][T11391] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.197088][ T28] audit: type=1326 audit(1759551556.897:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.224355][T11408] : renamed from bond0 [ 461.229442][ T28] audit: type=1326 audit(1759551556.897:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.252569][ T28] audit: type=1326 audit(1759551556.897:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.277308][ T28] audit: type=1326 audit(1759551556.907:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.305783][ T28] audit: type=1326 audit(1759551556.918:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.384848][T11391] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.387292][ T28] audit: type=1326 audit(1759551556.918:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11405 comm="syz.4.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 461.421606][T11416] bridge: RTM_NEWNEIGH with invalid ether address [ 461.508857][T11391] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.599775][T11391] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.624998][T11391] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.645338][T11391] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.667522][T11391] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.531982][T11458] __nla_validate_parse: 3 callbacks suppressed [ 462.532025][T11458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1943'. [ 462.565150][T11458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1943'. [ 462.607421][T11464] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1946'. [ 462.689931][T11469] syz.1.1945[11469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 462.690084][T11469] syz.1.1945[11469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 462.745663][T11472] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.823551][T11472] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.860224][T11472] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.868991][T11472] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.553684][T11496] bridge: RTM_NEWNEIGH with invalid ether address [ 464.216192][T11524] bridge: RTM_NEWNEIGH with invalid ether address [ 465.115082][T11549] bridge: RTM_NEWNEIGH with invalid ether address [ 465.401967][T11562] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1986'. [ 465.420044][T11562] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1986'. [ 465.433121][T11561] 9pnet_fd: Insufficient options for proto=fd [ 465.436985][T11566] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1991'. [ 465.683605][T11576] bridge: RTM_NEWNEIGH with invalid ether address [ 465.795284][T11580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2000'. [ 465.888350][T11586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2001'. [ 465.892659][T11588] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2003'. [ 465.916661][T11588] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2003'. [ 466.650648][T11612] syz.2.2015[11612] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 466.650803][T11612] syz.2.2015[11612] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 466.975265][T11621] $Hÿ: renamed from  [ 467.021021][T11621] $Hÿ: entered promiscuous mode [ 467.032633][T11621] bond_slave_0: entered promiscuous mode [ 467.038700][T11621] bond_slave_1: entered promiscuous mode [ 467.062071][T11621] bond2: entered promiscuous mode [ 467.275499][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 467.275515][ T28] audit: type=1326 audit(1759551563.563:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.2.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.349428][ T28] audit: type=1326 audit(1759551563.594:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.2.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.401114][ T28] audit: type=1326 audit(1759551563.594:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.2.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.457929][ T28] audit: type=1326 audit(1759551563.594:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.488743][T11633] __nla_validate_parse: 5 callbacks suppressed [ 467.488765][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2023'. [ 467.507921][T11633] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2023'. [ 467.517459][ T28] audit: type=1326 audit(1759551563.594:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.548344][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2023'. [ 467.567336][ T28] audit: type=1326 audit(1759551563.594:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.635949][ T28] audit: type=1326 audit(1759551563.594:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.711440][ T28] audit: type=1326 audit(1759551563.594:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.788866][ T28] audit: type=1326 audit(1759551563.594:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 467.815392][ T28] audit: type=1326 audit(1759551563.594:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 468.010421][T11638] netlink: 468 bytes leftover after parsing attributes in process `syz.2.2025'. [ 469.235696][T11652] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2032'. [ 469.485058][T11654] bridge: RTM_NEWNEIGH with invalid ether address [ 469.657998][T11662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2036'. [ 469.996306][T11668] 9pnet_fd: Insufficient options for proto=fd [ 470.377583][T11675] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2041'. [ 470.424215][T11677] random: crng reseeded on system resumption [ 472.087755][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 472.087772][ T28] audit: type=1326 audit(1759551568.612:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.166959][ T28] audit: type=1326 audit(1759551568.612:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.188170][T11693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2048'. [ 472.224218][T11693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2048'. [ 472.250550][ T28] audit: type=1326 audit(1759551568.612:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.300116][ T28] audit: type=1326 audit(1759551568.612:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.347820][ T28] audit: type=1326 audit(1759551568.612:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.391723][T11695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2049'. [ 472.404648][ T28] audit: type=1326 audit(1759551568.612:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.475643][ T28] audit: type=1326 audit(1759551568.612:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.499518][T11699] netlink: 416 bytes leftover after parsing attributes in process `syz.3.2051'. [ 472.528516][ T28] audit: type=1326 audit(1759551568.612:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.593636][ T28] audit: type=1326 audit(1759551568.612:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 472.653463][ T28] audit: type=1326 audit(1759551568.612:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.4.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 473.301323][T11717] wg2: entered promiscuous mode [ 473.309552][T11717] wg2: entered allmulticast mode [ 473.456651][T11719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2059'. [ 473.481403][T11719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2059'. [ 474.297760][T11736] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2067'. [ 474.317554][T11629] Set syz1 is full, maxelem 65536 reached [ 475.715472][T11762] syz.2.2075[11762] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.715626][T11762] syz.2.2075[11762] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.785931][T11764] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2077'. [ 476.219267][T11778] bridge: RTM_NEWNEIGH with invalid ether address [ 476.965306][T11791] syz.4.2087[11791] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 476.965468][T11791] syz.4.2087[11791] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 477.125183][T11793] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2088'. [ 477.553356][T11803] bridge: RTM_NEWNEIGH with invalid ether address [ 478.749867][T11817] syz.4.2097[11817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 478.750022][T11817] syz.4.2097[11817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 479.825771][T11836] netlink: 416 bytes leftover after parsing attributes in process `syz.3.2105'. [ 481.095567][ T28] kauditd_printk_skb: 44 callbacks suppressed [ 481.095585][ T28] audit: type=1326 audit(1759551578.061:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.191621][T11846] syz.1.2108[11846] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 481.191774][T11846] syz.1.2108[11846] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 481.254494][ T28] audit: type=1326 audit(1759551578.061:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.447602][ T28] audit: type=1326 audit(1759551578.061:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.530537][ T28] audit: type=1326 audit(1759551578.061:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.596757][ T28] audit: type=1326 audit(1759551578.061:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.673371][ T28] audit: type=1326 audit(1759551578.061:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.701990][ T28] audit: type=1326 audit(1759551578.061:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11844 comm="syz.3.2109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 481.920893][T11858] netlink: 416 bytes leftover after parsing attributes in process `syz.1.2114'. [ 482.007171][T11860] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2115'. [ 482.877830][T11876] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2 [ 482.889120][T11876] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0/file1 [ 484.020623][ T28] audit: type=1326 audit(1759551581.137:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11882 comm="syz.4.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 484.083331][ T28] audit: type=1326 audit(1759551581.137:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11882 comm="syz.4.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 484.165425][ T28] audit: type=1326 audit(1759551581.179:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11882 comm="syz.4.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 484.592211][T11853] syz.3.2112: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 484.615091][T11853] CPU: 1 PID: 11853 Comm: syz.3.2112 Not tainted syzkaller #0 [ 484.622634][T11853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 484.632802][T11853] Call Trace: [ 484.636138][T11853] [ 484.639133][T11853] dump_stack_lvl+0x16c/0x230 [ 484.644020][T11853] ? show_regs_print_info+0x20/0x20 [ 484.649284][T11853] ? load_image+0x3b0/0x3b0 [ 484.653862][T11853] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 484.660476][T11853] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 484.667056][T11853] warn_alloc+0x210/0x300 [ 484.671546][T11853] ? zone_watermark_ok_safe+0x230/0x230 [ 484.677154][T11853] ? _raw_spin_unlock+0x28/0x40 [ 484.682110][T11853] __vmalloc_node_range+0x662/0x1320 [ 484.687567][T11853] ? free_vm_area+0x50/0x50 [ 484.692123][T11853] ? _raw_spin_unlock+0x28/0x40 [ 484.697016][T11853] ? __kasan_kmalloc+0x8f/0xa0 [ 484.701993][T11853] __vmalloc_node_range+0x568/0x1320 [ 484.707339][T11853] ? hash_netiface_create+0x361/0xff0 [ 484.712826][T11853] ? __asan_memset+0x22/0x40 [ 484.717555][T11853] ? free_vm_area+0x50/0x50 [ 484.722109][T11853] ? kvmalloc_node+0x70/0x180 [ 484.726941][T11853] ? rcu_is_watching+0x15/0xb0 [ 484.731771][T11853] ? kvmalloc_node+0x70/0x180 [ 484.736494][T11853] ? trace_kmalloc+0x1f/0xa0 [ 484.741216][T11853] kvmalloc_node+0x13f/0x180 [ 484.745863][T11853] ? hash_netiface_create+0x361/0xff0 [ 484.751286][T11853] hash_netiface_create+0x361/0xff0 [ 484.756536][T11853] ? __lock_acquire+0x7c80/0x7c80 [ 484.761630][T11853] ? __nla_parse+0x40/0x50 [ 484.766150][T11853] ? hash_netport6_gc+0x570/0x570 [ 484.771236][T11853] ip_set_create+0xa87/0x18e0 [ 484.776001][T11853] ? ip_set_create+0x4b2/0x18e0 [ 484.780943][T11853] ? ip_set_protocol+0x5d0/0x5d0 [ 484.785981][T11853] nfnetlink_rcv_msg+0xb49/0x1130 [ 484.791148][T11853] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 484.797313][T11853] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 484.802502][T11886] netlink: 404 bytes leftover after parsing attributes in process `syz.1.2125'. [ 484.802566][T11853] ? nfnetlink_unbind+0x160/0x160 [ 484.816777][T11853] ? __dev_queue_xmit+0x1a64/0x35a0 [ 484.822077][T11853] ? __netlink_deliver_tap+0x5ab/0x830 [ 484.827597][T11853] ? netlink_deliver_tap+0x19c/0x1b0 [ 484.832916][T11853] ? netlink_unicast+0x72c/0x8d0 [ 484.837893][T11853] ? netlink_sendmsg+0x8c1/0xbe0 [ 484.842843][T11853] ? ____sys_sendmsg+0x5bf/0x950 [ 484.847812][T11853] ? ___sys_sendmsg+0x220/0x290 [ 484.852681][T11853] ? __se_sys_sendmsg+0x1a5/0x270 [ 484.857753][T11853] ? do_syscall_64+0x55/0xb0 [ 484.862372][T11853] netlink_rcv_skb+0x216/0x480 [ 484.867156][T11853] ? nfnetlink_unbind+0x160/0x160 [ 484.872201][T11853] ? netlink_ack+0x1110/0x1110 [ 484.876998][T11853] ? apparmor_capable+0x137/0x1a0 [ 484.882174][T11853] ? bpf_lsm_capable+0x9/0x10 [ 484.886904][T11853] ? security_capable+0x89/0xb0 [ 484.891792][T11853] nfnetlink_rcv+0x274/0x2180 [ 484.896522][T11853] ? __local_bh_enable_ip+0x12e/0x1c0 [ 484.901991][T11853] ? lockdep_hardirqs_on+0x98/0x150 [ 484.907241][T11853] ? __local_bh_enable_ip+0x12e/0x1c0 [ 484.912662][T11853] ? _local_bh_enable+0xa0/0xa0 [ 484.917556][T11853] ? __dev_queue_xmit+0x245/0x35a0 [ 484.922784][T11853] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 484.928372][T11853] ? __dev_queue_xmit+0x245/0x35a0 [ 484.933530][T11853] ? ref_tracker_free+0x634/0x7d0 [ 484.938602][T11853] ? __copy_skb_header+0xa7/0x550 [ 484.943675][T11853] ? refcount_inc+0x70/0x70 [ 484.948251][T11853] ? __skb_clone+0x63/0x790 [ 484.952789][T11853] ? __skb_clone+0x480/0x790 [ 484.957417][T11853] ? __netlink_deliver_tap+0x7e8/0x830 [ 484.962896][T11853] ? netlink_deliver_tap+0x2e/0x1b0 [ 484.968118][T11853] ? __lock_acquire+0x7c80/0x7c80 [ 484.973178][T11853] ? netlink_deliver_tap+0x2e/0x1b0 [ 484.978409][T11853] netlink_unicast+0x751/0x8d0 [ 484.983216][T11853] netlink_sendmsg+0x8c1/0xbe0 [ 484.988033][T11853] ? netlink_getsockopt+0x580/0x580 [ 484.993276][T11853] ? aa_sock_msg_perm+0x94/0x150 [ 484.998353][T11853] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 485.003666][T11853] ? security_socket_sendmsg+0x80/0xa0 [ 485.009232][T11853] ? netlink_getsockopt+0x580/0x580 [ 485.014469][T11853] ____sys_sendmsg+0x5bf/0x950 [ 485.019375][T11853] ? __asan_memset+0x22/0x40 [ 485.024010][T11853] ? __sys_sendmsg_sock+0x30/0x30 [ 485.029065][T11853] ? __import_iovec+0x5f2/0x860 [ 485.034010][T11853] ? import_iovec+0x73/0xa0 [ 485.038555][T11853] ___sys_sendmsg+0x220/0x290 [ 485.043275][T11853] ? __sys_sendmsg+0x270/0x270 [ 485.048108][T11853] __se_sys_sendmsg+0x1a5/0x270 [ 485.053012][T11853] ? __x64_sys_sendmsg+0x80/0x80 [ 485.058079][T11853] ? lockdep_hardirqs_on+0x98/0x150 [ 485.063306][T11853] do_syscall_64+0x55/0xb0 [ 485.067760][T11853] ? clear_bhb_loop+0x40/0x90 [ 485.072473][T11853] ? clear_bhb_loop+0x40/0x90 [ 485.077169][T11853] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 485.083102][T11853] RIP: 0033:0x7fd49818eec9 [ 485.087671][T11853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.107314][T11853] RSP: 002b:00007fd49910e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 485.115859][T11853] RAX: ffffffffffffffda RBX: 00007fd4983e5fa0 RCX: 00007fd49818eec9 [ 485.123906][T11853] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 485.132099][T11853] RBP: 00007fd498211f91 R08: 0000000000000000 R09: 0000000000000000 [ 485.140086][T11853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.148098][T11853] R13: 00007fd4983e6038 R14: 00007fd4983e5fa0 R15: 00007ffdb22701a8 [ 485.156137][T11853] [ 485.173596][T11853] Mem-Info: [ 485.176897][T11853] active_anon:44740 inactive_anon:0 isolated_anon:0 [ 485.176897][T11853] active_file:2453 inactive_file:52355 isolated_file:0 [ 485.176897][T11853] unevictable:768 dirty:87 writeback:0 [ 485.176897][T11853] slab_reclaimable:11042 slab_unreclaimable:96157 [ 485.176897][T11853] mapped:27055 shmem:37030 pagetables:614 [ 485.176897][T11853] sec_pagetables:0 bounce:0 [ 485.176897][T11853] kernel_misc_reclaimable:0 [ 485.176897][T11853] free:1272179 free_pcp:9018 free_cma:0 [ 485.224853][T11853] Node 0 active_anon:178860kB inactive_anon:0kB active_file:9812kB inactive_file:209216kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108220kB dirty:348kB writeback:0kB shmem:146584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11380kB pagetables:2356kB sec_pagetables:0kB all_unreclaimable? no [ 485.257610][T11853] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 485.292453][T11853] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 485.321245][T11888] bridge: RTM_NEWNEIGH with invalid ether address [ 485.326019][T11853] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 485.337306][T11853] Node 0 DMA32 free:1186488kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:178916kB inactive_anon:0kB active_file:9812kB inactive_file:207896kB unevictable:1536kB writepending:348kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:9592kB local_pcp:8816kB free_cma:0kB [ 485.372593][T11853] lowmem_reserve[]: 0 0 1 1 1 [ 485.377600][T11853] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 485.408187][T11853] lowmem_reserve[]: 0 0 0 0 0 [ 485.414414][T11853] Node 1 Normal free:3886616kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:26864kB local_pcp:12864kB free_cma:0kB [ 485.444269][T11853] lowmem_reserve[]: 0 0 0 0 0 [ 485.449838][T11853] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 485.463768][T11853] Node 0 DMA32: 360*4kB (UME) 285*8kB (UME) 117*16kB (UME) 273*32kB (UME) 37*64kB (UME) 25*128kB (ME) 21*256kB (UME) 22*512kB (UME) 11*1024kB (ME) 6*2048kB (UME) 275*4096kB (M) = 1186488kB [ 485.485474][T11853] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 485.499487][T11853] Node 1 Normal: 156*4kB (UE) 65*8kB (U) 40*16kB (U) 57*32kB (UE) 12*64kB (UME) 6*128kB (UM) 2*256kB (UM) 2*512kB (UE) 1*1024kB (E) 2*2048kB (UE) 946*4096kB (M) = 3886616kB [ 485.525145][T11853] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 485.536652][T11853] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 485.548622][T11853] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 485.560048][T11853] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 485.572142][T11853] 91838 total pagecache pages [ 485.577025][T11853] 0 pages in swap cache [ 485.582700][T11853] Free swap = 124900kB [ 485.587007][T11853] Total swap = 124996kB [ 485.593660][T11853] 2097051 pages RAM [ 485.594789][T11894] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2129'. [ 485.601034][T11853] 0 pages HighMem/MovableOnly [ 485.613046][T11853] 416136 pages reserved [ 485.617706][T11853] 0 pages cma reserved [ 485.968418][T11903] syz.1.2133[11903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 485.968565][T11903] syz.1.2133[11903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 486.567440][T11907] bridge: RTM_NEWNEIGH with invalid ether address [ 486.684665][T11909] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2136'. [ 487.070155][T11917] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2139'. [ 489.928990][T11771] Set syz1 is full, maxelem 65536 reached [ 490.070036][T11957] bridge: RTM_NEWNEIGH with invalid ether address [ 490.471541][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 490.471559][ T28] audit: type=1326 audit(1759551587.908:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.511842][ T28] audit: type=1326 audit(1759551587.950:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.559439][ T28] audit: type=1326 audit(1759551587.950:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.614444][ T28] audit: type=1326 audit(1759551587.950:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.665435][ T28] audit: type=1326 audit(1759551587.950:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.712221][ T28] audit: type=1326 audit(1759551587.950:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.3.2165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49818eec9 code=0x7ffc0000 [ 490.725094][T11985] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2167'. [ 490.872897][T11989] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2170'. [ 491.239743][ T28] audit: type=1326 audit(1759551588.706:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.4.2179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 491.298993][T12007] bond0: (slave dummy0): Releasing backup interface [ 491.306113][ T28] audit: type=1326 audit(1759551588.716:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.4.2179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 491.345589][T12007] bridge_slave_0: left allmulticast mode [ 491.352198][T12007] bridge_slave_0: left promiscuous mode [ 491.358242][T12007] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.368858][ T28] audit: type=1326 audit(1759551588.716:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.4.2179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 491.396260][ T28] audit: type=1326 audit(1759551588.716:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.4.2179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 491.421497][T12007] bridge_slave_1: left allmulticast mode [ 491.427210][T12007] bridge_slave_1: left promiscuous mode [ 491.433808][T12007] bridge0: port 2(bridge_slave_1) entered disabled state [ 491.451053][T12007] bond0: (slave bond_slave_0): Releasing backup interface [ 491.473572][T12007] bond0: (slave bond_slave_1): Releasing backup interface [ 491.519436][T12007] team0: Port device team_slave_0 removed [ 491.555871][T12007] team0: Port device team_slave_1 removed [ 491.571672][T12007] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 491.581460][T12007] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 491.591433][T12007] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 491.600363][T12007] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 491.648021][T12007] team0: Port device geneve0 removed [ 491.671049][T12009] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2180'. [ 491.717106][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 491.726002][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 491.764383][T12011] bridge: RTM_NEWNEIGH with invalid ether address [ 491.774939][T12012] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2176'. [ 492.927031][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 492.939430][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 492.953943][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 492.970855][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 492.992460][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 493.000732][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 493.081333][T12050] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 493.159005][T12050] netlink: 4276 bytes leftover after parsing attributes in process `syz.2.2197'. [ 493.177094][ T6080] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.187707][T12050] netlink: 396 bytes leftover after parsing attributes in process `syz.2.2197'. [ 493.272154][T12057] netlink: 404 bytes leftover after parsing attributes in process `syz.4.2200'. [ 493.292765][ T6080] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.388162][ T6080] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.424604][T12061] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2202'. [ 493.491823][ T6080] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.961427][T12082] netlink: 404 bytes leftover after parsing attributes in process `syz.1.2209'. [ 494.038803][T12081] bridge: RTM_NEWNEIGH with invalid ether address [ 494.099350][T12046] chnl_net:caif_netlink_parms(): no params data found [ 494.762658][T12109] netlink: 404 bytes leftover after parsing attributes in process `syz.4.2219'. [ 494.925123][T12046] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.945636][T12046] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.957733][T12046] bridge_slave_0: entered allmulticast mode [ 494.969188][T12046] bridge_slave_0: entered promiscuous mode [ 494.979813][ T5101] Bluetooth: hci2: command tx timeout [ 495.120826][T12046] bridge0: port 2(bridge_slave_1) entered blocking state [ 495.166597][T12046] bridge0: port 2(bridge_slave_1) entered disabled state [ 495.193936][T12046] bridge_slave_1: entered allmulticast mode [ 495.220508][T12046] bridge_slave_1: entered promiscuous mode [ 495.238688][ T28] kauditd_printk_skb: 54 callbacks suppressed [ 495.238705][ T28] audit: type=1326 audit(1759551592.915:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="syz.4.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.329233][ T28] audit: type=1326 audit(1759551592.957:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.428778][ T28] audit: type=1326 audit(1759551592.957:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.511850][ T28] audit: type=1326 audit(1759551592.957:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.574589][T12046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 495.589855][ T28] audit: type=1326 audit(1759551592.957:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.660825][ T28] audit: type=1326 audit(1759551592.957:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.718745][ T28] audit: type=1326 audit(1759551592.957:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.719557][T12046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 495.778820][ T28] audit: type=1326 audit(1759551592.957:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.855457][ T28] audit: type=1326 audit(1759551592.957:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 495.924438][ T28] audit: type=1326 audit(1759551592.957:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12122 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799258eec9 code=0x7ffc0000 [ 496.153740][T12150] program syz.2.2233 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 496.164793][T12046] team0: Port device team_slave_0 added [ 496.281160][T12046] team0: Port device team_slave_1 added [ 496.393503][T12046] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 496.400972][T12046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 496.432774][T12046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 496.448917][T12156] bridge: RTM_NEWNEIGH with invalid ether address [ 496.495997][T12046] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 496.503113][T12046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 496.530501][T12046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 496.946598][T12046] hsr_slave_0: entered promiscuous mode [ 496.957742][ T5101] Bluetooth: hci2: command tx timeout [ 496.987942][T12046] hsr_slave_1: entered promiscuous mode [ 497.025534][T12046] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 497.039397][T12046] Cannot create hsr debugfs directory [ 497.396983][ T6080] hsr_slave_0: left promiscuous mode [ 497.411697][ T6080] hsr_slave_1: left promiscuous mode [ 497.425590][ T6080] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 497.440205][ T6080] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 497.470022][ T6080] bridge_slave_1: left allmulticast mode [ 497.483486][ T6080] bridge_slave_1: left promiscuous mode [ 497.496160][ T6080] bridge0: port 2(bridge_slave_1) entered disabled state [ 497.509906][ T6080] bridge_slave_0: left allmulticast mode [ 497.524103][ T6080] bridge_slave_0: left promiscuous mode [ 497.529991][ T6080] bridge0: port 1(bridge_slave_0) entered disabled state [ 497.602337][ T6080] veth1_macvtap: left promiscuous mode [ 497.620160][ T6080] veth0_macvtap: left promiscuous mode [ 497.625956][ T6080] veth1_vlan: left promiscuous mode [ 497.638367][ T6080] veth0_vlan: left promiscuous mode [ 497.947910][ T6080] bond1 (unregistering): (slave bridge1): Releasing active interface [ 498.097431][ T6080] bond1 (unregistering): Released all slaves [ 498.939597][ T5101] Bluetooth: hci2: command tx timeout [ 499.331062][ T6080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 499.386880][ T6080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 499.652083][ T6080] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 499.683429][ T6080] bond0 (unregistering): Released all slaves [ 499.786474][T12191] bridge: RTM_NEWNEIGH with invalid ether address [ 499.796894][T12207] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2252'. [ 500.874077][T12237] bridge: RTM_NEWNEIGH with invalid ether address [ 500.915321][ T5101] Bluetooth: hci2: command tx timeout [ 501.358899][T12046] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 501.382627][T12046] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 501.398156][T12046] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 501.461654][T12046] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 501.789244][T12046] 8021q: adding VLAN 0 to HW filter on device bond0 [ 501.842287][T12046] 8021q: adding VLAN 0 to HW filter on device team0 [ 501.884479][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 501.891776][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 501.966546][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 501.973829][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 501.998568][T12269] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2269'. [ 502.020242][T12269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2269'. [ 502.913572][T12046] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 503.197260][T12046] veth0_vlan: entered promiscuous mode [ 503.314292][T12046] veth1_vlan: entered promiscuous mode [ 503.326016][T12312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2279'. [ 503.343627][T12312] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2279'. [ 503.375962][T12312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2279'. [ 503.424084][T12046] veth0_macvtap: entered promiscuous mode [ 503.473502][T12046] veth1_macvtap: entered promiscuous mode [ 503.568826][T12046] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 503.619565][T12046] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 503.671106][T12046] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.693880][T12046] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.726464][T12046] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.736402][T12046] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 504.096403][T12330] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2285'. [ 504.110974][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 504.138727][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 504.230684][ T135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 504.238957][ T135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 504.524239][T12345] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 504.524239][T12345] program syz.3.2183 not setting count and/or reply_len properly [ 504.592784][T12348] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2289'. [ 504.611623][T12348] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2289'. [ 504.625009][T12348] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2289'. [ 505.202317][T12364] loop3: detected capacity change from 0 to 1024 [ 505.212164][T12364] EXT4-fs: Ignoring removed orlov option [ 505.226733][T12364] EXT4-fs: Ignoring removed nomblk_io_submit option [ 505.333893][T12364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.972695][T12046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.993062][T12389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2300'. [ 506.015522][T12389] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2300'. [ 506.062164][T12389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2300'. [ 506.114227][T12394] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2303'. [ 506.317736][T12401] bridge: RTM_NEWNEIGH with invalid ether address [ 506.722935][T12414] lo speed is unknown, defaulting to 1000 [ 506.760061][T12414] lo speed is unknown, defaulting to 1000 [ 506.787569][T12414] lo speed is unknown, defaulting to 1000 [ 506.814354][T12414] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 506.946712][T12414] lo speed is unknown, defaulting to 1000 [ 506.965251][T12414] lo speed is unknown, defaulting to 1000 [ 506.984436][T12414] lo speed is unknown, defaulting to 1000 [ 507.008576][T12414] lo speed is unknown, defaulting to 1000 [ 507.248157][T12430] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2314'. [ 507.287929][T12430] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2314'. [ 508.151482][T12462] team_slave_0: entered promiscuous mode [ 508.157854][T12462] team_slave_1: entered promiscuous mode [ 508.197569][T12461] team_slave_0: left promiscuous mode [ 508.203784][T12461] team_slave_1: left promiscuous mode [ 508.305555][T12466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2325'. [ 508.494708][T12471] bridge_slave_0: left allmulticast mode [ 508.531210][T12471] bridge_slave_0: left promiscuous mode [ 508.554920][T12471] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.622415][T12471] bridge_slave_1: left allmulticast mode [ 508.628581][T12471] bridge_slave_1: left promiscuous mode [ 508.646871][T12471] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.676715][T12471] bond0: (slave bond_slave_0): Releasing backup interface [ 508.693583][T12478] loop3: detected capacity change from 0 to 1024 [ 508.706231][T12471] bond0: (slave bond_slave_1): Releasing backup interface [ 508.764416][T12478] __quota_error: 34 callbacks suppressed [ 508.764435][T12478] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5 [ 508.809549][T12478] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 508.820026][T12478] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.2330: Failed to acquire dquot type 0 [ 508.842869][T12478] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 508.862413][T12478] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #13: comm syz.3.2330: corrupted inode contents [ 508.884799][T12478] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #13: comm syz.3.2330: mark_inode_dirty error [ 508.941320][T12478] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #13: comm syz.3.2330: corrupted inode contents [ 508.965174][T12471] team0: Port device team_slave_0 removed [ 508.971876][T12478] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #13: comm syz.3.2330: mark_inode_dirty error [ 509.021616][T12478] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #13: comm syz.3.2330: corrupted inode contents [ 509.035798][T12471] team0: Port device team_slave_1 removed [ 509.052436][T12478] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 509.072818][T12478] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #13: comm syz.3.2330: corrupted inode contents [ 509.086982][T12471] bond1: (slave bridge2): Releasing active interface [ 509.100854][T12478] EXT4-fs error (device loop3): ext4_truncate:4288: inode #13: comm syz.3.2330: mark_inode_dirty error [ 509.134709][T12478] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 509.146047][T12471] bond2: (slave bridge3): Releasing active interface [ 509.159448][T12478] EXT4-fs (loop3): 1 truncate cleaned up [ 509.167617][T12478] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 509.189770][T12478] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.528501][T12497] tipc: Started in network mode [ 509.543598][T12497] tipc: Node identity 8a80765fad9e, cluster identity 4711 [ 509.557136][T12497] tipc: Enabled bearer , priority 0 [ 509.575816][T12497] syzkaller0: entered promiscuous mode [ 509.581374][T12497] syzkaller0: entered allmulticast mode [ 509.671316][T12497] tipc: Resetting bearer [ 509.707246][T12496] tipc: Resetting bearer [ 509.763878][T12496] tipc: Disabling bearer [ 510.148973][T12515] bridge_slave_0: left allmulticast mode [ 510.154730][T12515] bridge_slave_0: left promiscuous mode [ 510.179434][T12515] bridge0: port 1(bridge_slave_0) entered disabled state [ 510.245018][T12515] bridge_slave_1: left allmulticast mode [ 510.251231][T12515] bridge_slave_1: left promiscuous mode [ 510.265466][T12515] bridge0: port 2(bridge_slave_1) entered disabled state [ 510.305292][T12515] $Hÿ: (slave bond_slave_0): Releasing backup interface [ 510.325224][T12515] bond_slave_0: left promiscuous mode [ 510.346642][T12515] $Hÿ: (slave bond_slave_1): Releasing backup interface [ 510.361852][T12515] bond_slave_1: left promiscuous mode [ 510.401107][T12515] team0: Port device team_slave_0 removed [ 510.409789][T12515] team0: Port device team_slave_1 removed [ 510.419482][T12515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 510.427930][T12515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 510.438756][T12515] $Hÿ: (slave bond2): Releasing backup interface [ 510.446989][T12515] bond2: left promiscuous mode [ 510.471537][T12515] bond3: (slave bridge2): Releasing active interface [ 510.916649][T12515] bond4: (slave bridge3): Releasing active interface [ 511.418696][T12523] lo speed is unknown, defaulting to 1000 [ 511.551628][T12526] __nla_validate_parse: 1 callbacks suppressed [ 511.551649][T12526] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2348'. [ 512.039399][T12548] bridge: RTM_NEWNEIGH with invalid ether address [ 512.239985][ T28] audit: type=1326 audit(1759551610.762:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="syz.3.2360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.271336][ T28] audit: type=1326 audit(1759551610.793:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="syz.3.2360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.323664][ T28] audit: type=1326 audit(1759551610.835:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="syz.3.2360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.388054][ T28] audit: type=1326 audit(1759551610.835:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.485324][ T28] audit: type=1326 audit(1759551610.835:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.602835][ T28] audit: type=1326 audit(1759551610.835:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.625874][ T28] audit: type=1326 audit(1759551610.835:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.649123][ T28] audit: type=1326 audit(1759551610.846:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12550 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 512.684490][T12557] loop3: detected capacity change from 0 to 128 [ 512.791401][T12557] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 512.855033][T12557] ext4 filesystem being mounted at /18/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 513.289367][ T5798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 513.302405][ T5798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 513.312093][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 513.330333][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 513.575023][ T5798] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 513.592140][ T5798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 513.854707][T12568] lo speed is unknown, defaulting to 1000 [ 513.920378][T12046] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 514.991171][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 514.991193][ T28] audit: type=1326 audit(1759551613.607:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 515.092994][T12568] chnl_net:caif_netlink_parms(): no params data found [ 515.116323][ T28] audit: type=1326 audit(1759551613.607:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 515.195424][ T28] audit: type=1326 audit(1759551613.617:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12585 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 515.272983][ T28] audit: type=1326 audit(1759551613.617:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12585 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 515.330582][ T28] audit: type=1326 audit(1759551613.617:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12585 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 515.361916][ T28] audit: type=1326 audit(1759551613.617:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12585 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 515.384908][ T28] audit: type=1326 audit(1759551613.617:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12585 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b098eec9 code=0x7ffc0000 [ 515.478101][ T28] audit: type=1326 audit(1759551613.617:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 515.524231][ T28] audit: type=1326 audit(1759551613.617:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 515.555529][ T28] audit: type=1326 audit(1759551613.617:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195e18eec9 code=0x7ffc0000 [ 515.622430][T12568] bridge0: port 1(bridge_slave_0) entered blocking state [ 515.627177][ T5798] Bluetooth: hci3: command tx timeout [ 515.675342][T12568] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.720012][T12568] bridge_slave_0: entered allmulticast mode [ 515.781147][T12568] bridge_slave_0: entered promiscuous mode [ 515.843467][T12568] bridge0: port 2(bridge_slave_1) entered blocking state [ 515.850708][T12568] bridge0: port 2(bridge_slave_1) entered disabled state [ 515.899152][T12568] bridge_slave_1: entered allmulticast mode [ 515.907484][T12568] bridge_slave_1: entered promiscuous mode [ 516.106674][T12568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 516.317140][T12568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 517.018839][T12568] team0: Port device team_slave_0 added [ 517.061619][T12568] team0: Port device team_slave_1 added [ 517.423365][T12568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 517.430399][T12568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 517.499125][T12568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 517.536872][T12568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 517.556504][T12568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 517.604848][ T5798] Bluetooth: hci3: command tx timeout [ 517.643638][T12568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 517.857175][T12568] hsr_slave_0: entered promiscuous mode [ 517.868386][T12568] hsr_slave_1: entered promiscuous mode [ 517.885913][T12568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 517.896263][T12568] Cannot create hsr debugfs directory [ 518.385984][ T11] tipc: Disabling bearer [ 518.426128][ T11] tipc: Left network mode [ 519.001037][T12646] syz.3.2391[12646] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 519.001209][T12646] syz.3.2391[12646] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 519.585414][ T5798] Bluetooth: hci3: command tx timeout [ 519.868654][T12668] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2398'. [ 519.963520][T12568] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 520.004204][T12568] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 520.088184][T12568] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 520.282066][T12568] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 520.705049][ T11] hsr_slave_0: left promiscuous mode [ 520.726240][ T11] hsr_slave_1: left promiscuous mode [ 520.827414][ T11] bond4 (unregistering): Released all slaves [ 520.994076][ T11] bond3 (unregistering): Released all slaves [ 521.435346][ T11] bond2 (unregistering): Released all slaves [ 521.470336][ T11] bond1 (unregistering): Released all slaves [ 521.566248][ T5798] Bluetooth: hci3: command tx timeout [ 521.867174][T12721] 9pnet_fd: Insufficient options for proto=fd [ 523.284609][ T11] $Hÿ (unregistering): Released all slaves [ 523.380740][ T6674] lo speed is unknown, defaulting to 1000 [ 523.382353][T12700] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2406'. [ 523.636362][T12568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 523.708562][T12755] random: crng reseeded on system resumption [ 523.733671][T12568] 8021q: adding VLAN 0 to HW filter on device team0 [ 523.780059][ T135] bridge0: port 1(bridge_slave_0) entered blocking state [ 523.787318][ T135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 523.831100][ T135] bridge0: port 2(bridge_slave_1) entered blocking state [ 523.838393][ T135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 524.446077][T12772] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2435'. [ 524.742472][T12568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 524.924839][T12780] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2439'. [ 525.091083][T12568] veth0_vlan: entered promiscuous mode [ 525.497065][T12786] loop3: detected capacity change from 0 to 1024 [ 525.525806][T12786] EXT4-fs: Ignoring removed orlov option [ 525.538560][T12786] EXT4-fs: Ignoring removed nomblk_io_submit option [ 525.601290][T12786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 525.870846][T12046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 530.033622][T12796] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2444'. [ 530.210958][T12568] veth1_vlan: entered promiscuous mode [ 530.337344][T12568] veth0_macvtap: entered promiscuous mode [ 530.371846][T12568] veth1_macvtap: entered promiscuous mode [ 530.517674][T12568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 530.536097][T12568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 530.553592][T12568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 530.576263][T12568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 530.600525][T12568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 530.628018][T12568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 530.652037][T12822] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2454'. [ 530.659450][T12568] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.680311][T12568] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.697341][T12568] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.706621][T12568] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 531.227621][T12828] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2457'. [ 531.412591][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 531.440693][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 531.519126][T12832] 8021q: adding VLAN 0 to HW filter on device bond1 [ 531.538670][T12832] bond0: (slave bond1): Enslaving as an active interface with an up link [ 531.615539][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 531.641520][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 531.893336][T12849] netlink: 'syz.1.2359': attribute type 10 has an invalid length. [ 531.965943][T12852] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2463'. [ 532.492534][T12849] team0 (unregistering): Port device team_slave_0 removed [ 532.542050][T12849] team0 (unregistering): Port device team_slave_1 removed [ 533.337929][T12889] netlink: 'syz.4.2472': attribute type 10 has an invalid length. [ 533.368914][T12889] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2472'. [ 533.390435][T12889] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 533.451361][T12897] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2474'. [ 533.794923][T12907] netlink: 'syz.4.2477': attribute type 10 has an invalid length. [ 533.814603][T12907] team0: Port device dummy0 added [ 533.840461][T12907] netlink: 'syz.4.2477': attribute type 10 has an invalid length. [ 533.892182][T12907] team0: Port device dummy0 removed [ 533.910782][T12907] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 534.144118][T12921] netlink: 'syz.4.2479': attribute type 10 has an invalid length. [ 534.757045][T12937] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2482'. [ 534.767636][T12937] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 534.775315][T12937] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 534.785271][T12937] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 534.806354][T12937] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 535.105861][T12953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2484'. [ 535.441972][T12965] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2487'. [ 535.564372][T12969] loop1: detected capacity change from 0 to 1024 [ 535.574358][T12969] EXT4-fs: Ignoring removed orlov option [ 535.581588][T12969] EXT4-fs: Ignoring removed nomblk_io_submit option [ 535.610733][T12969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 535.729967][T12568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.865759][T12982] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2490'. [ 536.798467][T13020] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2501'. [ 536.909509][T13024] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2503'. [ 537.049251][T13028] syz.4.2505[13028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.049404][T13028] syz.4.2505[13028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.088726][T13030] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 537.109949][T13030] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 537.119096][T13030] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 537.127928][T13030] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 537.139956][T13032] syz.4.2507[13032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.140102][T13032] syz.4.2507[13032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.492595][T13043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2512'. [ 538.500490][T13053] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2516'. [ 539.109621][T13065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2521'. [ 539.185251][T13067] loop1: detected capacity change from 0 to 2048 [ 539.214566][T13067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 539.269968][T12568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.867312][T13090] loop1: detected capacity change from 0 to 128 [ 539.903972][ T28] kauditd_printk_skb: 72 callbacks suppressed [ 539.903989][ T28] audit: type=1800 audit(1759551639.810:1765): pid=13090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2531" name="file2" dev="loop1" ino=1048633 res=0 errno=0 [ 539.936352][T13090] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 539.946218][T13090] FAT-fs (loop1): Filesystem has been set read-only [ 539.954037][T13090] syz.1.2531: attempt to access beyond end of device [ 539.954037][T13090] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 539.968927][T13090] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 539.977491][T13090] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 539.992317][T13090] syz.1.2531: attempt to access beyond end of device [ 539.992317][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.005886][T13090] syz.1.2531: attempt to access beyond end of device [ 540.005886][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.022020][T13090] syz.1.2531: attempt to access beyond end of device [ 540.022020][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.035553][T13090] syz.1.2531: attempt to access beyond end of device [ 540.035553][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.055785][T13090] syz.1.2531: attempt to access beyond end of device [ 540.055785][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.070512][T13090] syz.1.2531: attempt to access beyond end of device [ 540.070512][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.086450][T13090] syz.1.2531: attempt to access beyond end of device [ 540.086450][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.100060][T13090] syz.1.2531: attempt to access beyond end of device [ 540.100060][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.115935][T13090] syz.1.2531: attempt to access beyond end of device [ 540.115935][T13090] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.737688][ T28] audit: type=1326 audit(1759551640.681:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.766122][ T28] audit: type=1326 audit(1759551640.713:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.796300][ T28] audit: type=1326 audit(1759551640.713:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.822622][ T28] audit: type=1326 audit(1759551640.713:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.837330][T13086] warn_alloc: 3 callbacks suppressed [ 540.837353][T13086] syz.4.2530: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 540.849081][ T28] audit: type=1326 audit(1759551640.713:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.851810][T13086] ,cpuset= [ 540.868616][ T28] audit: type=1326 audit(1759551640.713:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.889516][T13086] syz4 [ 540.900107][ T28] audit: type=1326 audit(1759551640.713:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.916083][T13086] ,mems_allowed=0-1 [ 540.921209][ T28] audit: type=1326 audit(1759551640.713:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.941519][T13086] [ 540.969597][ T28] audit: type=1326 audit(1759551640.734:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13091 comm="syz.1.2532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 540.984318][T13086] CPU: 1 PID: 13086 Comm: syz.4.2530 Not tainted syzkaller #0 [ 540.999513][T13086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 541.009589][T13086] Call Trace: [ 541.012884][T13086] [ 541.015835][T13086] dump_stack_lvl+0x16c/0x230 [ 541.020550][T13086] ? show_regs_print_info+0x20/0x20 [ 541.025771][T13086] ? load_image+0x3b0/0x3b0 [ 541.030291][T13086] ? __rcu_read_unlock+0x7c/0xd0 [ 541.035262][T13086] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 541.041707][T13086] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 541.048239][T13086] warn_alloc+0x210/0x300 [ 541.052605][T13086] ? zone_watermark_ok_safe+0x230/0x230 [ 541.058198][T13086] ? _raw_spin_unlock+0x28/0x40 [ 541.063073][T13086] __vmalloc_node_range+0x662/0x1320 [ 541.068417][T13086] ? free_vm_area+0x50/0x50 [ 541.072942][T13086] ? _raw_spin_unlock+0x28/0x40 [ 541.077831][T13086] ? __kasan_kmalloc+0x8f/0xa0 [ 541.082711][T13086] __vmalloc_node_range+0x568/0x1320 [ 541.088112][T13086] ? hash_netiface_create+0x361/0xff0 [ 541.093516][T13086] ? __asan_memset+0x22/0x40 [ 541.098149][T13086] ? free_vm_area+0x50/0x50 [ 541.102673][T13086] ? kvmalloc_node+0x70/0x180 [ 541.107486][T13086] ? rcu_is_watching+0x15/0xb0 [ 541.112345][T13086] ? kvmalloc_node+0x70/0x180 [ 541.117056][T13086] ? trace_kmalloc+0x1f/0xa0 [ 541.121678][T13086] kvmalloc_node+0x13f/0x180 [ 541.126382][T13086] ? hash_netiface_create+0x361/0xff0 [ 541.131778][T13086] hash_netiface_create+0x361/0xff0 [ 541.137040][T13086] ? __lock_acquire+0x7c80/0x7c80 [ 541.142186][T13086] ? __nla_parse+0x40/0x50 [ 541.146718][T13086] ? hash_netport6_gc+0x570/0x570 [ 541.151790][T13086] ip_set_create+0xa87/0x18e0 [ 541.156600][T13086] ? ip_set_create+0x4b2/0x18e0 [ 541.161493][T13086] ? ip_set_protocol+0x5d0/0x5d0 [ 541.166458][T13086] ? trace_contention_end+0x39/0xe0 [ 541.171752][T13086] nfnetlink_rcv_msg+0xb49/0x1130 [ 541.176818][T13086] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 541.182909][T13086] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 541.188145][T13086] ? nfnetlink_unbind+0x160/0x160 [ 541.193299][T13086] ? __dev_queue_xmit+0x1a64/0x35a0 [ 541.198518][T13086] ? __netlink_deliver_tap+0x5ab/0x830 [ 541.203999][T13086] ? netlink_deliver_tap+0x19c/0x1b0 [ 541.209306][T13086] ? netlink_unicast+0x72c/0x8d0 [ 541.214263][T13086] ? netlink_sendmsg+0x8c1/0xbe0 [ 541.219235][T13086] ? ____sys_sendmsg+0x5bf/0x950 [ 541.224197][T13086] ? ___sys_sendmsg+0x220/0x290 [ 541.229070][T13086] ? __se_sys_sendmsg+0x1a5/0x270 [ 541.234155][T13086] ? do_syscall_64+0x55/0xb0 [ 541.238784][T13086] netlink_rcv_skb+0x216/0x480 [ 541.243599][T13086] ? nfnetlink_unbind+0x160/0x160 [ 541.248645][T13086] ? netlink_ack+0x1110/0x1110 [ 541.253443][T13086] ? apparmor_capable+0x137/0x1a0 [ 541.258488][T13086] ? bpf_lsm_capable+0x9/0x10 [ 541.263188][T13086] ? security_capable+0x89/0xb0 [ 541.268065][T13086] nfnetlink_rcv+0x274/0x2180 [ 541.272862][T13086] ? __local_bh_enable_ip+0x12e/0x1c0 [ 541.278250][T13086] ? lockdep_hardirqs_on+0x98/0x150 [ 541.283472][T13086] ? __local_bh_enable_ip+0x12e/0x1c0 [ 541.288884][T13086] ? _local_bh_enable+0xa0/0xa0 [ 541.293754][T13086] ? __dev_queue_xmit+0x245/0x35a0 [ 541.298887][T13086] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 541.304576][T13086] ? __dev_queue_xmit+0x245/0x35a0 [ 541.309729][T13086] ? ref_tracker_free+0x634/0x7d0 [ 541.314769][T13086] ? __copy_skb_header+0xa7/0x550 [ 541.319838][T13086] ? refcount_inc+0x70/0x70 [ 541.324360][T13086] ? __skb_clone+0x63/0x790 [ 541.328891][T13086] ? __skb_clone+0x480/0x790 [ 541.333520][T13086] ? __netlink_deliver_tap+0x7e8/0x830 [ 541.339010][T13086] ? netlink_deliver_tap+0x2e/0x1b0 [ 541.344301][T13086] ? __lock_acquire+0x7c80/0x7c80 [ 541.349440][T13086] ? netlink_deliver_tap+0x2e/0x1b0 [ 541.354664][T13086] netlink_unicast+0x751/0x8d0 [ 541.359476][T13086] netlink_sendmsg+0x8c1/0xbe0 [ 541.364273][T13086] ? netlink_getsockopt+0x580/0x580 [ 541.369498][T13086] ? aa_sock_msg_perm+0x94/0x150 [ 541.374469][T13086] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 541.379779][T13086] ? security_socket_sendmsg+0x80/0xa0 [ 541.385260][T13086] ? netlink_getsockopt+0x580/0x580 [ 541.390488][T13086] ____sys_sendmsg+0x5bf/0x950 [ 541.395282][T13086] ? __asan_memset+0x22/0x40 [ 541.399904][T13086] ? __sys_sendmsg_sock+0x30/0x30 [ 541.404964][T13086] ? __import_iovec+0x5f2/0x860 [ 541.410026][T13086] ? import_iovec+0x73/0xa0 [ 541.414568][T13086] ___sys_sendmsg+0x220/0x290 [ 541.419274][T13086] ? __sys_sendmsg+0x270/0x270 [ 541.424111][T13086] ? debug_mutex_init+0x38/0x70 [ 541.429004][T13086] __se_sys_sendmsg+0x1a5/0x270 [ 541.433884][T13086] ? __x64_sys_sendmsg+0x80/0x80 [ 541.439039][T13086] ? lockdep_hardirqs_on+0x98/0x150 [ 541.444272][T13086] do_syscall_64+0x55/0xb0 [ 541.448723][T13086] ? clear_bhb_loop+0x40/0x90 [ 541.453420][T13086] ? clear_bhb_loop+0x40/0x90 [ 541.458117][T13086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 541.464023][T13086] RIP: 0033:0x7f799258eec9 [ 541.468468][T13086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.488117][T13086] RSP: 002b:00007f799343b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 541.496639][T13086] RAX: ffffffffffffffda RBX: 00007f79927e5fa0 RCX: 00007f799258eec9 [ 541.504625][T13086] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 541.512616][T13086] RBP: 00007f7992611f91 R08: 0000000000000000 R09: 0000000000000000 [ 541.520603][T13086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.528591][T13086] R13: 00007f79927e6038 R14: 00007f79927e5fa0 R15: 00007fffd7659c48 [ 541.536595][T13086] [ 541.550059][T13086] Mem-Info: [ 541.553462][T13086] active_anon:25690 inactive_anon:0 isolated_anon:0 [ 541.553462][T13086] active_file:2453 inactive_file:52381 isolated_file:0 [ 541.553462][T13086] unevictable:768 dirty:83 writeback:0 [ 541.553462][T13086] slab_reclaimable:10792 slab_unreclaimable:97912 [ 541.553462][T13086] mapped:24286 shmem:17765 pagetables:602 [ 541.553462][T13086] sec_pagetables:0 bounce:0 [ 541.553462][T13086] kernel_misc_reclaimable:0 [ 541.553462][T13086] free:1281785 free_pcp:12979 free_cma:0 [ 541.599705][T13086] Node 0 active_anon:102760kB inactive_anon:0kB active_file:9812kB inactive_file:209320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97144kB dirty:332kB writeback:0kB shmem:69524kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11092kB pagetables:2408kB sec_pagetables:0kB all_unreclaimable? no [ 541.632492][T13086] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 541.663041][T13086] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 541.692359][T13086] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 541.700841][T13086] Node 0 DMA32 free:1225152kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:102700kB inactive_anon:0kB active_file:9812kB inactive_file:208000kB unevictable:1536kB writepending:332kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:25620kB local_pcp:12928kB free_cma:0kB [ 541.731925][T13086] lowmem_reserve[]: 0 0 1 1 1 [ 541.736743][T13086] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 541.770287][T13086] lowmem_reserve[]: 0 0 0 0 0 [ 541.775111][T13086] Node 1 Normal free:3886616kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:26896kB local_pcp:12896kB free_cma:0kB [ 541.804951][T13086] lowmem_reserve[]: 0 0 0 0 0 [ 541.809811][T13086] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 541.822829][T13086] Node 0 DMA32: 989*4kB (UME) 1006*8kB (ME) 668*16kB (UME) 287*32kB (ME) 333*64kB (UME) 92*128kB (ME) 41*256kB (ME) 27*512kB (ME) 13*1024kB (UME) 4*2048kB (ME) 272*4096kB (M) = 1224900kB [ 541.842930][T13086] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 541.863985][T13086] Node 1 Normal: 156*4kB (UE) 65*8kB (U) 40*16kB (U) 57*32kB (UE) 12*64kB (UME) 6*128kB (UM) 2*256kB (UM) 2*512kB (UE) 1*1024kB (E) 2*2048kB (UE) 946*4096kB (M) = 3886616kB [ 541.882593][T13086] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 541.893596][T13086] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 541.904022][T13086] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 541.914209][T13086] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 541.924498][T13086] 72602 total pagecache pages [ 541.929222][T13086] 0 pages in swap cache [ 541.933982][T13086] Free swap = 124644kB [ 541.938290][T13086] Total swap = 124996kB [ 541.943824][T13086] 2097051 pages RAM [ 541.947686][T13086] 0 pages HighMem/MovableOnly [ 541.953750][T13086] 416136 pages reserved [ 541.957946][T13086] 0 pages cma reserved [ 542.025513][T13097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2534'. [ 543.157072][T13111] loop1: detected capacity change from 0 to 128 [ 544.670160][T13122] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2543'. [ 544.779182][ T28] kauditd_printk_skb: 53 callbacks suppressed [ 544.779199][ T28] audit: type=1326 audit(1759551644.922:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.1.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 544.814129][ T28] audit: type=1326 audit(1759551644.954:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.1.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 544.846388][ T28] audit: type=1326 audit(1759551644.985:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="syz.1.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 544.903616][ T28] audit: type=1326 audit(1759551644.985:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 544.961838][ T28] audit: type=1326 audit(1759551644.985:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 544.998010][ T28] audit: type=1326 audit(1759551644.985:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 545.027193][ T28] audit: type=1326 audit(1759551644.985:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 545.052261][ T28] audit: type=1326 audit(1759551644.985:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 545.079855][ T28] audit: type=1326 audit(1759551644.985:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 545.102539][ T28] audit: type=1326 audit(1759551644.985:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13125 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9801b8eec9 code=0x7ffc0000 [ 545.168005][T13132] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2548'. [ 546.643770][T13153] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2558'. [ 548.445600][T13182] rdma_op ffff88807bd121f0 conn xmit_rdma 0000000000000000 [ 550.246241][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 550.255172][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 550.622249][ C1] hrtimer: interrupt took 101081 ns [ 552.224873][T13228] 9pnet: p9_errstr2errno: server reported unknown error [ 608.750260][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 608.756843][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 667.274058][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 667.280594][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 681.903869][ T29] INFO: task kworker/1:9:6672 blocked for more than 143 seconds. [ 681.911830][ T29] Not tainted syzkaller #0 [ 681.916822][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 681.925604][ T29] task:kworker/1:9 state:D stack:20944 pid:6672 ppid:2 flags:0x00004000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 681.949699][ T29] Workqueue: events rfkill_global_led_trigger_worker [ 681.971737][ T29] Call Trace: [ 681.975445][ T29] [ 681.987576][ T29] __schedule+0x14d2/0x44d0 [ 681.992277][ T29] ? mark_lock+0x94/0x320 [ 681.996663][ T29] ? asan.module_dtor+0x20/0x20 [ 682.016246][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 682.021551][ T29] schedule+0xbd/0x170 [ 682.035354][ T29] schedule_preempt_disabled+0x13/0x20 [ 682.040915][ T29] __mutex_lock+0x6b7/0xcc0 [ 682.059860][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 682.065349][ T29] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 682.071845][ T29] ? mutex_lock_nested+0x20/0x20 [ 682.077345][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 682.087311][ T29] ? read_lock_is_recursive+0x20/0x20 [ 682.093123][ T29] ? process_scheduled_works+0x957/0x15b0 [ 682.099019][ T29] rfkill_global_led_trigger_worker+0x27/0xd0 [ 682.105637][ T29] ? process_scheduled_works+0x957/0x15b0 [ 682.111829][ T29] process_scheduled_works+0xa45/0x15b0 [ 682.117555][ T29] ? assign_work+0x400/0x400 [ 682.122660][ T29] ? assign_work+0x39e/0x400 [ 682.127351][ T29] worker_thread+0xa55/0xfc0 [ 682.132507][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 682.138468][ T29] ? _raw_spin_unlock+0x40/0x40 [ 682.159028][ T29] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 682.165036][ T29] kthread+0x2fa/0x390 [ 682.178033][ T29] ? pr_cont_work+0x560/0x560 [ 682.182891][ T29] ? kthread_blkcg+0xd0/0xd0 [ 682.187524][ T29] ret_from_fork+0x48/0x80 [ 682.196068][ T29] ? kthread_blkcg+0xd0/0xd0 [ 682.244779][ T29] ret_from_fork_asm+0x11/0x20 [ 682.249684][ T29] [ 682.252816][ T29] INFO: task syz.3.2458:12830 blocked for more than 143 seconds. [ 682.311414][ T29] Not tainted syzkaller #0 [ 682.316631][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 682.349668][ T29] task:syz.3.2458 state:D stack:25320 pid:12830 ppid:12046 flags:0x00004006 [ 682.368563][ T29] Call Trace: [ 682.371912][ T29] [ 682.374878][ T29] __schedule+0x14d2/0x44d0 [ 682.387581][ T29] ? asan.module_dtor+0x20/0x20 [ 682.392543][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 682.407028][ T29] ? __mutex_trylock_common+0x84/0x250 [ 682.412582][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 682.421541][ T29] schedule+0xbd/0x170 [ 682.426088][ T29] schedule_preempt_disabled+0x13/0x20 [ 682.431616][ T29] __mutex_lock+0x6b7/0xcc0 [ 682.441378][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 682.447895][ T29] ? nfc_rfkill_set_block+0x50/0x2e0 [ 682.453282][ T29] ? mutex_lock_nested+0x20/0x20 [ 682.461157][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 682.466735][ T29] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 682.472703][ T29] ? _raw_spin_unlock+0x40/0x40 [ 682.480443][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 682.487403][ T29] nfc_rfkill_set_block+0x50/0x2e0 [ 682.497244][ T29] ? nfc_unregister_device+0x2a0/0x2a0 [ 682.503105][ T29] rfkill_set_block+0x1c6/0x420 [ 682.508489][ T29] rfkill_fop_write+0x45c/0x570 [ 682.516621][ T29] ? end_current_label_crit_section+0x149/0x170 [ 682.523442][ T29] ? rfkill_fop_read+0x4b0/0x4b0 [ 682.528458][ T29] ? fsnotify_perm+0x5d/0x5e0 [ 682.539886][ T29] ? security_file_permission+0x79/0xa0 [ 682.545602][ T29] do_iter_write+0x50e/0xc70 [ 682.565077][ T29] ? rfkill_fop_read+0x4b0/0x4b0 [ 682.578391][ T29] ? vfs_iter_write+0xa0/0xa0 [ 682.583163][ T29] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 682.606862][ T29] ? file_start_write+0x10a/0x250 [ 682.611993][ T29] do_writev+0x252/0x410 [ 682.625785][ T29] ? do_readv+0x3e0/0x3e0 [ 682.630234][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 682.654497][ T29] ? lock_chain_count+0x20/0x20 [ 682.659454][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 682.673342][ T29] do_syscall_64+0x55/0xb0 [ 682.677946][ T29] ? clear_bhb_loop+0x40/0x90 [ 682.682667][ T29] ? clear_bhb_loop+0x40/0x90 [ 682.690076][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 682.697193][ T29] RIP: 0033:0x7fe2b098eec9 [ 682.701661][ T29] RSP: 002b:00007fe2b183b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 682.712750][ T29] RAX: ffffffffffffffda RBX: 00007fe2b0be5fa0 RCX: 00007fe2b098eec9 [ 682.720787][ T29] RDX: 0000000000000002 RSI: 0000200000000500 RDI: 000000000000000e [ 682.728944][ T29] RBP: 00007fe2b0a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 682.739642][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.748453][ T29] R13: 00007fe2b0be6038 R14: 00007fe2b0be5fa0 R15: 00007ffe5dbe2868 [ 682.759354][ T29] [ 682.806764][ T29] INFO: task syz.2.2461:12837 blocked for more than 144 seconds. [ 682.814583][ T29] Not tainted syzkaller #0 [ 682.822066][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 682.839084][ T29] task:syz.2.2461 state:D stack:27016 pid:12837 ppid:5787 flags:0x00004006 [ 682.851424][ T29] Call Trace: [ 682.855103][ T29] [ 682.858619][ T29] __schedule+0x14d2/0x44d0 [ 682.863194][ T29] ? __kernfs_remove+0x720/0x840 [ 682.871407][ T29] ? asan.module_dtor+0x20/0x20 [ 682.879972][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 682.887517][ T29] ? __mutex_trylock_common+0x84/0x250 [ 682.893429][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 682.899757][ T29] schedule+0xbd/0x170 [ 682.908259][ T29] schedule_preempt_disabled+0x13/0x20 [ 682.914148][ T29] __mutex_lock+0x6b7/0xcc0 [ 682.918730][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 682.926296][ T29] ? rfkill_unregister+0xc8/0x220 [ 682.931779][ T29] ? mutex_lock_nested+0x20/0x20 [ 682.936798][ T29] ? kill_device+0x160/0x160 [ 682.944493][ T29] ? nfc_genl_device_removed+0x22e/0x320 [ 682.950607][ T29] ? destroy_workqueue+0x898/0xf20 [ 682.955796][ T29] ? nfc_genl_setup_device_added+0x320/0x320 [ 682.964746][ T29] ? destroy_workqueue+0xd80/0xf20 [ 682.970300][ T29] ? destroy_workqueue+0x898/0xf20 [ 682.975486][ T29] rfkill_unregister+0xc8/0x220 [ 682.987954][ T29] nfc_unregister_device+0x96/0x2a0 [ 682.993254][ T29] ? virtual_ncidev_open+0x1a0/0x1a0 [ 683.001567][ T29] virtual_ncidev_close+0x59/0x90 [ 683.007012][ T29] __fput+0x234/0x970 [ 683.011074][ T29] task_work_run+0x1ce/0x250 [ 683.015717][ T29] ? task_work_cancel+0x240/0x240 [ 683.025204][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 683.031108][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 683.039135][ T29] exit_to_user_mode_prepare+0xf6/0x180 [ 683.044759][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 683.052980][ T29] do_syscall_64+0x61/0xb0 [ 683.060310][ T29] ? clear_bhb_loop+0x40/0x90 [ 683.065397][ T29] ? clear_bhb_loop+0x40/0x90 [ 683.070133][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 683.079046][ T29] RIP: 0033:0x7f195e18eec9 [ 683.084061][ T29] RSP: 002b:00007fff8a79ddb8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 683.098886][ T29] RAX: 0000000000000000 RBX: 00007f195e3e7da0 RCX: 00007f195e18eec9 [ 683.107412][ T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 683.118172][ T29] RBP: 00007f195e3e7da0 R08: 00000000000014f4 R09: 000000098a79e0af [ 683.128454][ T29] R10: 00000000003fe8e8 R11: 0000000000000246 R12: 0000000000085703 [ 683.139219][ T29] R13: 00007f195e3e6090 R14: ffffffffffffffff R15: 00007fff8a79ded0 [ 683.147640][ T29] [ 683.153605][ T29] [ 683.153605][ T29] Showing all locks held in the system: [ 683.163683][ T29] 1 lock held by khungtaskd/29: [ 683.168996][ T29] #0: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 683.181701][ T29] 2 locks held by getty/5550: [ 683.186523][ T29] #0: ffff88814cf4a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 683.197095][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 683.214494][ T29] 3 locks held by kworker/1:9/6672: [ 683.220124][ T29] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 683.235328][ T29] #1: ffffc9000436fd00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 683.249450][ T29] #2: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 683.261588][ T29] 2 locks held by syz-executor/7171: [ 683.267398][ T29] 1 lock held by syz-executor/12568: [ 683.272805][ T29] #0: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 683.283628][ T29] 2 locks held by syz.3.2458/12830: [ 683.288984][ T29] #0: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a2/0x570 [ 683.299689][ T29] #1: ffff88807d2ec100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 683.309900][ T29] 2 locks held by syz.2.2461/12837: [ 683.315659][ T29] #0: ffff88807d2ec100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0 [ 683.325935][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc8/0x220 [ 683.336620][ T29] 2 locks held by syz-executor/13154: [ 683.343572][ T29] #0: ffff88807d0ef918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.354254][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.364682][ T29] 2 locks held by syz-executor/13168: [ 683.370548][ T29] #0: ffff88805e007118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.381064][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.391453][ T29] 2 locks held by syz-executor/13238: [ 683.396872][ T29] #0: ffff88802183b918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.407574][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.418584][ T29] 2 locks held by syz-executor/13241: [ 683.425062][ T29] #0: ffff88807d9b9118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.440155][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.452248][ T29] 2 locks held by syz-executor/13250: [ 683.460399][ T29] #0: ffff8880774d0918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.470928][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.484022][ T29] 2 locks held by syz-executor/13253: [ 683.489461][ T29] #0: ffff88807dbcc918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x650 [ 683.514449][ T29] #1: ffffffff8e296e68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x37/0x8e0 [ 683.530882][ T29] [ 683.533361][ T29] ============================================= [ 683.533361][ T29] [ 683.563817][ T29] NMI backtrace for cpu 0 [ 683.568216][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 683.575454][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 683.585553][ T29] Call Trace: [ 683.588906][ T29] [ 683.591859][ T29] dump_stack_lvl+0x16c/0x230 [ 683.596571][ T29] ? preempt_count_add+0x91/0x1a0 [ 683.601632][ T29] ? show_regs_print_info+0x20/0x20 [ 683.606872][ T29] ? load_image+0x3b0/0x3b0 [ 683.611516][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 683.616501][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 683.622684][ T29] ? _printk+0xd0/0x110 [ 683.626886][ T29] ? load_image+0x3b0/0x3b0 [ 683.631421][ T29] ? load_image+0x3b0/0x3b0 [ 683.635940][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 683.642084][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 683.648130][ T29] watchdog+0xf41/0xf80 [ 683.652327][ T29] ? watchdog+0x1e1/0xf80 [ 683.656682][ T29] kthread+0x2fa/0x390 [ 683.660792][ T29] ? hungtask_pm_notify+0x90/0x90 [ 683.665861][ T29] ? kthread_blkcg+0xd0/0xd0 [ 683.670538][ T29] ret_from_fork+0x48/0x80 [ 683.674982][ T29] ? kthread_blkcg+0xd0/0xd0 [ 683.679591][ T29] ret_from_fork_asm+0x11/0x20 [ 683.684393][ T29] [ 683.688017][ T29] Sending NMI from CPU 0 to CPUs 1: [ 683.693429][ C1] NMI backtrace for cpu 1 [ 683.693441][ C1] CPU: 1 PID: 6080 Comm: kworker/u4:10 Not tainted syzkaller #0 [ 683.693459][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 683.693469][ C1] Workqueue: bat_events batadv_nc_worker [ 683.693505][ C1] RIP: 0010:batadv_nc_worker+0x216/0x610 [ 683.693532][ C1] Code: c7 4e f7 e8 dc ab 37 00 89 c3 31 ff 89 c6 e8 d1 ca 4e f7 85 db 74 15 e8 d8 d0 38 f7 84 c0 74 18 e8 0f c7 4e f7 48 8b 5c 24 08 65 e8 03 c7 4e f7 48 8b 5c 24 08 eb 59 e8 a7 ab 37 00 89 c3 31 [ 683.693547][ C1] RSP: 0018:ffffc90005097b60 EFLAGS: 00000293 [ 683.693560][ C1] RAX: ffffffff8a36c3e1 RBX: ffff8880278ebf00 RCX: ffff88802761bc00 [ 683.693573][ C1] RDX: 0000000000000000 RSI: ffffffff8afc63a0 RDI: ffffffff8afc6360 [ 683.693585][ C1] RBP: fffffffffffffe38 R08: dffffc0000000000 R09: 1ffffffff21b4ea0 [ 683.693596][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: dffffc0000000000 [ 683.693609][ C1] R13: ffffffff8a36c2a2 R14: ffff88802e468c80 R15: 0000000000000281 [ 683.693621][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 683.693634][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 683.693645][ C1] CR2: 000056225d84ecd0 CR3: 000000002d10f000 CR4: 00000000003506e0 [ 683.693660][ C1] Call Trace: [ 683.693666][ C1] [ 683.693676][ C1] ? process_scheduled_works+0x957/0x15b0 [ 683.693699][ C1] process_scheduled_works+0xa45/0x15b0 [ 683.693735][ C1] ? assign_work+0x400/0x400 [ 683.693758][ C1] ? assign_work+0x39e/0x400 [ 683.693779][ C1] worker_thread+0xa55/0xfc0 [ 683.693799][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 683.693817][ C1] ? _raw_spin_unlock+0x40/0x40 [ 683.693844][ C1] kthread+0x2fa/0x390 [ 683.693859][ C1] ? pr_cont_work+0x560/0x560 [ 683.693878][ C1] ? kthread_blkcg+0xd0/0xd0 [ 683.693893][ C1] ret_from_fork+0x48/0x80 [ 683.693913][ C1] ? kthread_blkcg+0xd0/0xd0 [ 683.693928][ C1] ret_from_fork_asm+0x11/0x20 [ 683.693959][ C1] [ 683.705022][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 683.705043][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 683.705068][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 683.705083][ T29] Call Trace: [ 683.705100][ T29] [ 683.705111][ T29] dump_stack_lvl+0x16c/0x230 [ 683.705153][ T29] ? show_regs_print_info+0x20/0x20 [ 683.705183][ T29] ? load_image+0x3b0/0x3b0 [ 683.705222][ T29] panic+0x2c0/0x710 [ 683.705242][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 683.705287][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 683.705309][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 683.705350][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 683.705391][ T29] watchdog+0xf80/0xf80 [ 683.705422][ T29] ? watchdog+0x1e1/0xf80 [ 683.705458][ T29] kthread+0x2fa/0x390 [ 683.705481][ T29] ? hungtask_pm_notify+0x90/0x90 [ 683.705511][ T29] ? kthread_blkcg+0xd0/0xd0 [ 683.705532][ T29] ret_from_fork+0x48/0x80 [ 683.705559][ T29] ? kthread_blkcg+0xd0/0xd0 [ 683.705583][ T29] ret_from_fork_asm+0x11/0x20 [ 683.705631][ T29] [ 683.706875][ T29] Kernel Offset: disabled [ 684.012167][ T29] Rebooting in 86400 seconds..