last executing test programs: 13.86034226s ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='ext4_ext_remove_space_done\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a80)={r2, 0x58, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x79}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x80) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x0, 0xfffffffffff7bbfe, 0x0, 0x0, 0x0, 0x7fffffdf}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xc5}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000010c0)="86", &(0x7f0000001040), 0x6, r4}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61157400000000006113380000000000bfa000000000000007000000080000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09af626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383144bff7115f440e059bdfb739d7c285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df5d3a00f9d70b5b2de3f10a4dc32bae403901ba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c358900"/2038], &(0x7f0000000100)='GPL\x00'}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) 13.196138202s ago: executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x6, 0x17, 0x0, 0x4) 13.085046269s ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x66}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 12.282207824s ago: executing program 4: openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='N-N:N/'], 0x6a) 11.879820186s ago: executing program 4: socket$kcm(0x29, 0x5, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x7f, 0x42, 0x40}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x12}, [], {0x95, 0x0, 0x5a5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0x4, 0x4, 0xc}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r0}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r1, &(0x7f0000000300), 0x20000000}, 0x20) 11.714520091s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) write$cgroup_devices(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e03400e3c5c9801288763608646667011"], 0xffdd) 2.103263826s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@printk={@x}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) 1.979925414s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x0, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x6, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000380)=']', 0x1}], 0x1}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x0, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001418) ioctl$TUNSETOFFLOAD(r1, 0xc008744c, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000100), 0x1001) 1.858689733s ago: executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102033200fe08000e40000200875a65969ff57b00fec0"], 0xfdef) 1.829930678s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x1, 0x0, 0x0, &(0x7f0000000740)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8941, 0x0) 1.740752572s ago: executing program 2: r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000140)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f00000001c0)="02000000590200000600002fb96dbcf710e1050000008864", 0x18}], 0x1}, 0x0) 1.404467653s ago: executing program 2: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020022003503d25a806f8c6394f90335fc60040011", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000190091c8b14a0778a8123d181d"], 0xfe33) 1.136772045s ago: executing program 2: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000500)=ANY=[@ANYBLOB='b *:', @ANYRESOCT], 0xa) 1.041460179s ago: executing program 3: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040200000000800000000015001000142603600e1209000d2000000401a80016000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92954b43370e970100", 0xd8}], 0x1}, 0x0) 906.67216ms ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@printk={@x}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) 879.390785ms ago: executing program 2: bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000006d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 839.077571ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x13, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x4a}, [@ldst={0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfdce, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a) 762.706152ms ago: executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='ext4_ext_remove_space_done\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a80)={r2, 0x58, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x79}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x80) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x0, 0xfffffffffff7bbfe, 0x0, 0x0, 0x0, 0x7fffffdf}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xc5}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000010c0)="86", &(0x7f0000001040), 0x6, r4}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61157400000000006113380000000000bfa000000000000007000000080000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09af626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383144bff7115f440e059bdfb739d7c285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df5d3a00f9d70b5b2de3f10a4dc32bae403901ba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c358900"/2038], &(0x7f0000000100)='GPL\x00'}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) 716.492249ms ago: executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0xa, 0x0, 0x0) 711.86804ms ago: executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xe, 0x4, 0x8, 0x4f63}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000380)={r0, &(0x7f0000000040), &(0x7f0000000040)=""/25, 0x2}, 0x20) socket$kcm(0x29, 0x5, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="b40000000000000061173c00000000001e070000000000009500000000000000ba5820d0cd598fabbcedda5dd0c29060df4cf6ec7bccd0d4fe3ce07bffd18a2e0095cd86cae93e39698cb446fce2e8b50a909526affd00e0b323fbd41261f13a5d436965ca1c4ea927ee73074289d0dca421acf156da6844a564d4e79fc908cd27217fe1264d255e8cc5d74b2f69f5e70688cd028c20314d53da304257f53db2db4756913b27a2305adfb5ecd7cb50105a575c6b0ad4b94a391aeb74cf6323d0f4e15e3e29c6e43f227f9f5386edd352a7d79394b32fd366b02e21c20af5a6a6013cf17ddef173c5eb98b5111ed64cff4b4a11efc39edc10e11d"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$kcm(0xa, 0x6, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r2, 0x10d, 0xa, &(0x7f0000000000)=r3, 0x4) 671.552246ms ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000010000000000000000007110ac000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) 540.519667ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 401.226688ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071122a00000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x13, &(0x7f0000000100)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xc}, @ringbuf_output, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xb81, 0xc}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='ext4_free_inode\x00', r2}, 0x10) unlink(&(0x7f0000000140)='./cgroup\x00') r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0185879, &(0x7f0000000040)) 349.496266ms ago: executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d80000001e0081054e81f782db4cb904021d080006007c09e8fe08a1180011800a00142603600e1208000f0000000406a80016c0080009400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0x12b}], 0x1}, 0x0) 294.085505ms ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000280)='jbd2_update_log_tail\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000280)='jbd2_update_log_tail\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(r0, 0x40086607, 0x20001419) 276.115647ms ago: executing program 0: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x401c5820, &(0x7f0000000000)=0x8000) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x1919b) close(r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0x0, 0x3, 0x0, 0x0}, 0x90) 171.282624ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00') ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0xb701, 0xffffffffffffffff) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) gettid() perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x6, &(0x7f0000000280)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000240)={'ip6gretap0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080)) 103.282664ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r3}, 0x10) 17.413067ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x13, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x4a}, [@ldst={0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfdce, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a) 0s ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000006d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): [ 59.972301][ T3577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.982372][ T3577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.993231][ T3577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.003273][ T3577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.013978][ T3577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.029957][ T3577] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.079621][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.088690][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.117560][ T3667] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.125741][ T3667] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.158295][ T3577] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.167922][ T3577] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.177173][ T3577] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.188147][ T3577] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.207934][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.223738][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.280119][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.337004][ T3638] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.390427][ T3638] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.484302][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.546715][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.576199][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.590526][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.656869][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.668985][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.709545][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.851002][ T3576] Bluetooth: hci0: command tx timeout [ 60.918009][ T3686] device syzkaller0 entered promiscuous mode [ 60.937742][ T3696] Driver unsupported XDP return value 0 on prog (id 17) dev N/A, expect packet loss! [ 61.034249][ T3572] Bluetooth: hci1: command tx timeout [ 61.034258][ T3576] Bluetooth: hci2: command tx timeout [ 61.100567][ T3572] Bluetooth: hci4: command tx timeout [ 61.106024][ T3572] Bluetooth: hci3: command tx timeout [ 61.481361][ T3704] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.488977][ T3704] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.571136][ T3707] tap0: tun_chr_ioctl cmd 1074025675 [ 61.602312][ T3707] tap0: persist enabled [ 61.733146][ T3688] tap0: tun_chr_ioctl cmd 1074025675 [ 61.760599][ T27] audit: type=1800 audit(1718516283.468:2): pid=3693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="memory.events" dev="sda1" ino=1960 res=0 errno=0 [ 61.800632][ T3688] tap0: persist enabled [ 62.195998][ T3722] tun0: tun_chr_ioctl cmd 2147767519 [ 62.989601][ T3762] tun0: tun_chr_ioctl cmd 2147767519 [ 63.301524][ T3755] tap0: tun_chr_ioctl cmd 1074025675 [ 63.331365][ T3755] tap0: persist enabled [ 63.341996][ T3755] tap0: tun_chr_ioctl cmd 1074025675 [ 63.360395][ T3755] tap0: persist enabled [ 63.439142][ T27] audit: type=1800 audit(1718516285.148:3): pid=3760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="memory.events" dev="sda1" ino=1944 res=0 errno=0 [ 63.851968][ T3800] tun0: tun_chr_ioctl cmd 2147767519 [ 64.486762][ T3831] tap0: tun_chr_ioctl cmd 1074025675 [ 64.520952][ T3831] tap0: persist enabled [ 64.565184][ T3832] tap0: tun_chr_ioctl cmd 1074025675 [ 64.648309][ T3832] tap0: persist enabled [ 64.725807][ T27] audit: type=1800 audit(1718516286.438:4): pid=3828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="memory.events" dev="sda1" ino=1953 res=0 errno=0 [ 64.918134][ T3838] device syzkaller0 entered promiscuous mode [ 65.306952][ T3866] EXT4-fs warning (device sda1): verify_group_input:175: Bad blocks count 0 [ 65.845522][ T3882] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 65.889619][ T3882] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 65.961347][ T3882] device ipvlan1 entered promiscuous mode [ 65.996949][ T3882] bridge0: port 3(ipvlan1) entered blocking state [ 66.015102][ T3882] bridge0: port 3(ipvlan1) entered disabled state [ 66.069609][ T3882] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 66.430302][ T3894] tap1: tun_chr_ioctl cmd 1074025675 [ 66.435645][ T3894] tap1: persist enabled [ 66.440812][ T3898] tap1: tun_chr_ioctl cmd 1074025675 [ 66.459429][ T27] audit: type=1800 audit(1718516288.168:5): pid=3880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="memory.events" dev="sda1" ino=1947 res=0 errno=0 [ 66.500809][ T3898] tap1: persist enabled [ 66.624055][ T3895] device syzkaller0 entered promiscuous mode [ 66.631689][ T3908] EXT4-fs warning (device sda1): verify_group_input:175: Bad blocks count 0 [ 69.097865][ T4002] EXT4-fs warning (device sda1): verify_group_input:175: Bad blocks count 0 [ 69.809462][ T4027] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 69.878250][ T4027] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 69.902458][ T4027] bridge0: port 3(ipvlan1) entered blocking state [ 69.963891][ T4027] bridge0: port 3(ipvlan1) entered disabled state [ 70.010679][ T4027] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 70.810520][ T4067] EXT4-fs warning (device sda1): verify_group_input:175: Bad blocks count 0 [ 71.253966][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.260527][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.636385][ T4104] EXT4-fs warning (device sda1): verify_group_input:175: Bad blocks count 0 [ 72.244222][ T4140] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 72.300603][ T4140] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 72.321616][ T4140] device ipvlan1 entered promiscuous mode [ 72.366176][ T4140] bridge0: port 3(ipvlan1) entered blocking state [ 72.471066][ T4140] bridge0: port 3(ipvlan1) entered disabled state [ 72.495543][ T4140] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 73.424589][ T4180] device syzkaller0 entered promiscuous mode [ 73.469373][ T4188] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 73.518522][ T4188] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 73.558894][ T4188] device ipvlan1 entered promiscuous mode [ 73.595851][ T4188] bridge0: port 3(ipvlan1) entered blocking state [ 73.617863][ T4188] bridge0: port 3(ipvlan1) entered disabled state [ 73.631818][ T4188] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 75.822664][ T4279] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 75.831029][ T4279] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 75.841868][ T4279] bridge0: port 3(syz_tun) entered blocking state [ 75.848443][ T4279] bridge0: port 3(syz_tun) entered disabled state [ 75.871670][ T4279] device syz_tun entered promiscuous mode [ 75.885558][ T4279] bridge0: port 3(syz_tun) entered blocking state [ 75.892157][ T4279] bridge0: port 3(syz_tun) entered forwarding state [ 76.372271][ T26] cfg80211: failed to load regulatory.db [ 77.588755][ T4331] device syzkaller0 entered promiscuous mode [ 77.598129][ T4333] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 77.610638][ T4333] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 77.646464][ T4333] device ipvlan1 entered promiscuous mode [ 77.703395][ T4333] bridge0: port 3(ipvlan1) entered blocking state [ 77.739742][ T4333] bridge0: port 3(ipvlan1) entered disabled state [ 77.778796][ T4333] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 78.469229][ T4379] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 78.477692][ T4379] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 78.487967][ T4379] bridge0: port 3(syz_tun) entered blocking state [ 78.496386][ T4379] bridge0: port 3(syz_tun) entered disabled state [ 78.505031][ T4379] device syz_tun entered promiscuous mode [ 78.626090][ T4381] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 78.676296][ T4381] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 78.721131][ T4381] bridge0: port 3(ipvlan1) entered blocking state [ 78.733727][ T4381] bridge0: port 3(ipvlan1) entered disabled state [ 78.756695][ T4381] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 78.898239][ T4390] device syzkaller0 entered promiscuous mode [ 80.306574][ T4428] device syzkaller0 entered promiscuous mode [ 80.927372][ T4451] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 80.964656][ T4451] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 80.980939][ T4451] bridge0: port 3(syz_tun) entered blocking state [ 80.987439][ T4451] bridge0: port 3(syz_tun) entered disabled state [ 81.132210][ T4451] device syz_tun entered promiscuous mode [ 82.307421][ T4506] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 84.069256][ T4553] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 84.086559][ T4553] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 84.115577][ T4553] bridge0: port 4(ipvlan1) entered blocking state [ 84.129499][ T4553] bridge0: port 4(ipvlan1) entered disabled state [ 84.156717][ T4553] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 85.153821][ T4580] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 85.174202][ T4580] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 85.216141][ T4582] syz-executor.1 (4582) used greatest stack depth: 18904 bytes left [ 85.227433][ T4580] bridge0: port 4(ipvlan1) entered blocking state [ 85.237644][ T4580] bridge0: port 4(ipvlan1) entered disabled state [ 85.298072][ T4580] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 85.772077][ T4604] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 86.063413][ T4616] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 86.101850][ T4616] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 86.156945][ T4616] device ipvlan1 entered promiscuous mode [ 86.253765][ T4616] bridge0: port 4(ipvlan1) entered blocking state [ 86.276879][ T4616] bridge0: port 4(ipvlan1) entered disabled state [ 86.368181][ T4616] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 86.501407][ T4616] syz-executor.3 (4616) used greatest stack depth: 17288 bytes left [ 87.228314][ T4658] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 87.269301][ T4658] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.4'. [ 87.718604][ T3572] Bluetooth: hci1: Malformed HCI Event: 0x22 [ 88.219693][ T4706] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 88.259288][ T4706] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 88.308337][ T4706] bridge0: port 4(ipvlan1) entered blocking state [ 88.327572][ T4706] bridge0: port 4(ipvlan1) entered disabled state [ 88.403681][ T4706] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 88.689992][ T4715] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.3'. [ 88.928789][ T4725] netlink: 763 bytes leftover after parsing attributes in process `syz-executor.1'. [ 88.998441][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.045663][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.070587][ T4730] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.079718][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.119736][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.233951][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.265674][ T4727] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 89.465429][ T3572] Bluetooth: hci3: Malformed HCI Event: 0x22 [ 90.122983][ T4783] netlink: 763 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.741706][ T4813] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 90.802482][ T4813] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 90.814844][ T4818] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 90.867096][ T4821] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 90.938433][ T4813] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 93.404568][ T4895] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'. [ 94.565733][ T4967] validate_nla: 18 callbacks suppressed [ 94.565749][ T4967] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 94.586242][ T27] audit: type=1804 audit(1718516316.298:6): pid=4963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/118/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 94.684580][ T27] audit: type=1800 audit(1718516316.338:7): pid=4963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1950 res=0 errno=0 [ 95.124020][ T5000] netlink: 'syz-executor.2': attribute type 21 has an invalid length. [ 95.843628][ T5024] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 95.899622][ T5024] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 95.926742][ T27] audit: type=1804 audit(1718516317.638:8): pid=5023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir172200347/syzkaller.BXkQa8/114/memory.events" dev="sda1" ino=1947 res=1 errno=0 [ 95.988539][ T5028] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 96.027818][ T5031] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 96.040383][ T27] audit: type=1800 audit(1718516317.678:9): pid=5023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1947 res=0 errno=0 [ 96.102695][ T5024] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 96.165819][ T5028] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 96.198705][ T5036] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 96.237345][ T5024] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 97.543929][ T5117] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 98.053755][ T5148] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'. [ 98.652929][ T5178] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 99.675712][ T27] audit: type=1804 audit(1718516321.388:10): pid=5238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3031569973/syzkaller.noP1lE/135/memory.events" dev="sda1" ino=1965 res=1 errno=0 [ 99.745550][ T27] audit: type=1800 audit(1718516321.428:11): pid=5238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1965 res=0 errno=0 [ 100.692867][ T27] audit: type=1804 audit(1718516322.408:12): pid=5291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir172200347/syzkaller.BXkQa8/137/memory.events" dev="sda1" ino=1952 res=1 errno=0 [ 100.994452][ T27] audit: type=1800 audit(1718516322.408:13): pid=5291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1952 res=0 errno=0 [ 102.303634][ T27] audit: type=1804 audit(1718516324.018:14): pid=5347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir172200347/syzkaller.BXkQa8/140/memory.events" dev="sda1" ino=1959 res=1 errno=0 [ 102.510286][ T27] audit: type=1800 audit(1718516324.018:15): pid=5347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1959 res=0 errno=0 [ 105.560534][ T5496] validate_nla: 7 callbacks suppressed [ 105.560551][ T5496] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 105.574941][ T5496] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 107.443205][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.794391][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.008877][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.229166][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.349563][ T5611] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 108.397971][ T5611] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 108.484414][ T5618] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.539324][ T3582] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 108.548256][ T3582] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 108.556128][ T3582] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 108.575394][ T3582] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 108.595851][ T3582] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 108.604352][ T3582] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 108.604370][ T5618] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.728857][ T5623] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.738608][ T5618] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.863620][ T5618] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.873775][ T5623] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 108.990531][ T5633] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 109.895984][ T5619] chnl_net:caif_netlink_parms(): no params data found [ 110.424218][ T5619] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.446214][ T5619] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.476341][ T5619] device bridge_slave_0 entered promiscuous mode [ 110.505922][ T5619] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.526014][ T5619] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.544599][ T5619] device bridge_slave_1 entered promiscuous mode [ 110.692303][ T3572] Bluetooth: hci4: command tx timeout [ 111.006561][ T5714] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 111.016612][ T5714] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 111.080604][ T5619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.085258][ T5729] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.135404][ T5729] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.152359][ T5619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 111.207648][ T5730] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.221154][ T5729] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.272088][ T5733] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 111.292904][ T5729] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.344660][ T5619] team0: Port device team_slave_0 added [ 111.371954][ T5730] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 111.423438][ T5619] team0: Port device team_slave_1 added [ 111.447809][ T9] device hsr_slave_0 left promiscuous mode [ 111.507288][ T9] device hsr_slave_1 left promiscuous mode [ 111.544195][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.579108][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.628310][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.671040][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.755608][ T9] device bridge_slave_1 left promiscuous mode [ 111.776648][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.817357][ T9] device bridge_slave_0 left promiscuous mode [ 111.832607][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.863897][ T9] device veth1_macvtap left promiscuous mode [ 111.884346][ T9] device veth0_macvtap left promiscuous mode [ 111.892174][ T9] device veth1_vlan left promiscuous mode [ 111.908395][ T9] device veth0_vlan left promiscuous mode [ 112.403134][ T9] team0 (unregistering): Port device team_slave_1 removed [ 112.425414][ T9] team0 (unregistering): Port device team_slave_0 removed [ 112.451027][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.476822][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.575477][ T9] bond0 (unregistering): Released all slaves [ 112.653996][ T5729] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 112.687300][ T5776] tun0: tun_chr_ioctl cmd 1074025677 [ 112.695087][ T5776] tun0: linktype set to 768 [ 112.724535][ T5619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.742027][ T5619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.770611][ T3572] Bluetooth: hci4: command tx timeout [ 112.811080][ T5619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.837016][ T5619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.853956][ T5619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.890154][ T5619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.017048][ T5619] device hsr_slave_0 entered promiscuous mode [ 113.046593][ T5619] device hsr_slave_1 entered promiscuous mode [ 113.075095][ T5619] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 113.096357][ T5619] Cannot create hsr debugfs directory [ 113.116882][ T5798] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'. [ 113.528081][ T5809] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 113.549883][ T5809] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 114.216480][ T5837] tun0: tun_chr_ioctl cmd 1074025677 [ 114.237633][ T5837] tun0: linktype set to 768 [ 114.733207][ T5867] netlink: 202920 bytes leftover after parsing attributes in process `syz-executor.2'. [ 114.850356][ T3572] Bluetooth: hci4: command tx timeout [ 114.888701][ T5619] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 114.916887][ T5619] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 114.972911][ T5619] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 115.014439][ T5619] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 115.371260][ T5619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 115.435726][ T5890] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 115.485453][ T5619] 8021q: adding VLAN 0 to HW filter on device team0 [ 115.505180][ T5896] netlink: 65039 bytes leftover after parsing attributes in process `syz-executor.4'. [ 115.520798][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 115.532033][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 115.632263][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 115.680941][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 115.689414][ T3615] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.697301][ T3615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 115.740814][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 115.764845][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 115.779927][ T3615] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.787144][ T3615] bridge0: port 2(bridge_slave_1) entered forwarding state [ 115.821582][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 115.842402][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 115.872345][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 115.901352][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 115.973950][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 115.991978][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 116.008076][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 116.043720][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 116.069286][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 116.092828][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 116.118219][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 116.147514][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 116.176093][ T5619] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 116.318175][ T5929] tun0: tun_chr_ioctl cmd 1074025677 [ 116.347123][ T5929] tun0: linktype set to 768 [ 116.476033][ T5935] validate_nla: 2 callbacks suppressed [ 116.476092][ T5935] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 116.568897][ T5935] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 116.704080][ T5935] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 116.748532][ T5935] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 116.793783][ T5935] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 116.930546][ T3572] Bluetooth: hci4: command tx timeout [ 117.002416][ T5946] netlink: 202920 bytes leftover after parsing attributes in process `syz-executor.2'. [ 117.275715][ T5619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.354218][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 117.365821][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 117.443176][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 117.470020][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 117.524096][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 117.556123][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 117.609814][ T5619] device veth0_vlan entered promiscuous mode [ 117.650372][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 117.666791][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 117.703718][ T5619] device veth1_vlan entered promiscuous mode [ 118.044905][ T5984] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 118.588656][ T5984] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 118.629717][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 118.642702][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 118.682250][ T5986] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 118.728265][ T5988] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 118.802815][ T5619] device veth0_macvtap entered promiscuous mode [ 118.831397][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 118.846938][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 118.867265][ T5989] netlink: 'syz-executor.4': attribute type 29 has an invalid length. [ 118.949907][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 119.082077][ T5619] device veth1_macvtap entered promiscuous mode [ 119.187913][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.214243][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.225685][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.309288][ T6018] netlink: 202920 bytes leftover after parsing attributes in process `syz-executor.4'. [ 119.310209][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.358932][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.387403][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.407193][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 119.438735][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.461916][ T5619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 119.469702][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 119.484588][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 119.505917][ T3609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 119.516766][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.547165][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.563427][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.595540][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.606039][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.622654][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.637214][ T5619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.659330][ T5619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.687147][ T5619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 119.711141][ T6028] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 119.732983][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 119.755451][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 119.777861][ T5619] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.821801][ T5619] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.853758][ T5619] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.866553][ T5619] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.087325][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.160393][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.221156][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 120.251849][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.259864][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.306916][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 120.679681][ T6076] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 121.682040][ T6098] validate_nla: 11 callbacks suppressed [ 121.682075][ T6098] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 121.732071][ T6098] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 121.769016][ T6100] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 121.869562][ T6098] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 121.922473][ T6098] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 122.241762][ T6123] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 122.250156][ T6123] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 123.239257][ T6143] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 123.296108][ T6143] netlink: 'syz-executor.1': attribute type 7 has an invalid length. [ 125.038094][ T6194] device syzkaller0 entered promiscuous mode [ 125.056122][ T6200] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 125.116953][ T6200] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 125.534352][ T6225] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 126.140432][ T6262] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 126.336077][ T6259] device syzkaller0 entered promiscuous mode [ 126.581995][ T6282] device pim6reg1 entered promiscuous mode [ 127.234699][ T6319] device syzkaller0 entered promiscuous mode [ 127.265041][ T6328] validate_nla: 14 callbacks suppressed [ 127.265058][ T6328] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 127.294687][ T6327] device pim6reg1 entered promiscuous mode [ 127.304220][ T6328] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 127.472551][ T3575] device syz_tun left promiscuous mode [ 127.478225][ T3575] bridge0: port 3(syz_tun) entered disabled state [ 127.774580][ T3576] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 127.811849][ T3576] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 127.817438][ T3946] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.822806][ T3576] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 127.839630][ T3576] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 127.857672][ T3576] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 127.865048][ T3576] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 127.888526][ T6352] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 128.000631][ T3946] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.071535][ T6358] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 128.085741][ T6358] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 128.120907][ T6355] device syzkaller0 entered promiscuous mode [ 128.139088][ T3946] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.272571][ T6344] chnl_net:caif_netlink_parms(): no params data found [ 128.294715][ T3946] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.578651][ T6386] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 128.586969][ T6386] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 128.798213][ T6384] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 128.806758][ T6344] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.840327][ T6344] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.848469][ T6344] device bridge_slave_0 entered promiscuous mode [ 128.912455][ T6384] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 128.960854][ T6397] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 128.991702][ T6344] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.998826][ T6344] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.004728][ T6397] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 129.017576][ T6344] device bridge_slave_1 entered promiscuous mode [ 129.049773][ T6390] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 129.061616][ T6396] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 129.164190][ T6398] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 129.216035][ T6405] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 129.329403][ T6344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.403409][ T6344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.425546][ T3576] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 129.435878][ T3576] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 129.446282][ T3576] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 129.456364][ T3576] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 129.464684][ T3576] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 129.474715][ T3576] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 129.543163][ T6405] device syzkaller0 entered promiscuous mode [ 129.691834][ T6344] team0: Port device team_slave_0 added [ 129.766442][ T6344] team0: Port device team_slave_1 added [ 129.890393][ T3576] Bluetooth: hci3: command tx timeout [ 129.952920][ T6344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.959897][ T6344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.003890][ T6439] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 130.030224][ T6439] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.2'. [ 130.048040][ T6344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.107909][ T6344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.139633][ T6344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.223057][ T6344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.273589][ T6449] sctp: [Deprecated]: syz-executor.3 (pid 6449) Use of struct sctp_assoc_value in delayed_ack socket option. [ 130.273589][ T6449] Use struct sctp_sack_info instead [ 130.471145][ T6460] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 130.493885][ T6344] device hsr_slave_0 entered promiscuous mode [ 130.515495][ T6344] device hsr_slave_1 entered promiscuous mode [ 130.524968][ T6344] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 130.533074][ T6344] Cannot create hsr debugfs directory [ 130.753848][ T6460] device syzkaller0 entered promiscuous mode [ 131.064422][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 131.184643][ T6416] chnl_net:caif_netlink_parms(): no params data found [ 131.404339][ T3946] device hsr_slave_0 left promiscuous mode [ 131.463806][ T3946] device hsr_slave_1 left promiscuous mode [ 131.474899][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.488061][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 131.502879][ T3576] Bluetooth: hci4: command tx timeout [ 131.517135][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 131.534989][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 131.552968][ T3946] device bridge_slave_1 left promiscuous mode [ 131.559197][ T3946] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.577125][ T3946] device bridge_slave_0 left promiscuous mode [ 131.591246][ T3946] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.634165][ T3946] device veth1_macvtap left promiscuous mode [ 131.645327][ T3946] device veth0_macvtap left promiscuous mode [ 131.667441][ T3946] device veth1_vlan left promiscuous mode [ 131.966436][ T3946] team0 (unregistering): Port device team_slave_1 removed [ 131.978201][ T3576] Bluetooth: hci3: command tx timeout [ 131.993655][ T3946] team0 (unregistering): Port device team_slave_0 removed [ 132.008219][ T3946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.027193][ T3946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.139460][ T3946] bond0 (unregistering): Released all slaves [ 132.491694][ T6520] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 132.597945][ T6525] validate_nla: 1 callbacks suppressed [ 132.597961][ T6525] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 132.621187][ T6525] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 132.692538][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.698888][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.751492][ T6416] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.758605][ T6416] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.788825][ T6416] device bridge_slave_0 entered promiscuous mode [ 132.930386][ T6533] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 132.939461][ T6416] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.968565][ T6416] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.013129][ T6416] device bridge_slave_1 entered promiscuous mode [ 133.311021][ T6416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.375466][ T6416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.537750][ T6555] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 26347 (only 8 groups) [ 133.570326][ T3576] Bluetooth: hci4: command tx timeout [ 133.649846][ T6416] team0: Port device team_slave_0 added [ 133.689163][ T6344] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 133.752253][ T6344] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 133.777101][ T6416] team0: Port device team_slave_1 added [ 133.791042][ T6558] bridge0: port 3(syz_tun) entered blocking state [ 133.797588][ T6558] bridge0: port 3(syz_tun) entered forwarding state [ 133.804644][ T6558] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.811799][ T6558] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.819154][ T6558] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.826312][ T6558] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.890898][ T6558] device bridge0 entered promiscuous mode [ 133.902537][ T6564] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 133.922716][ T6344] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 134.027154][ T6564] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 134.045988][ T6344] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 134.060352][ T3576] Bluetooth: hci3: command tx timeout [ 134.114814][ T6569] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 134.129751][ T6574] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 134.139108][ T6564] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 134.173281][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 134.188721][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.336335][ T6416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 134.369746][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 134.412375][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.492355][ T6416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 134.527615][ T6587] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 134.569022][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 134.606212][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 134.615775][ T6595] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 26347 (only 8 groups) [ 134.951972][ T6416] device hsr_slave_0 entered promiscuous mode [ 135.000683][ T6416] device hsr_slave_1 entered promiscuous mode [ 135.024059][ T6416] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.045646][ T6416] Cannot create hsr debugfs directory [ 135.089729][ T6604] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 135.449558][ T6344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.457593][ T6621] sctp: [Deprecated]: syz-executor.3 (pid 6621) Use of struct sctp_assoc_value in delayed_ack socket option. [ 135.457593][ T6621] Use struct sctp_sack_info instead [ 135.535542][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 135.556570][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 135.583463][ T6344] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.632996][ T6416] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.660425][ T3576] Bluetooth: hci4: command tx timeout [ 135.780434][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 135.789182][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 135.803190][ T6634] netlink: 134744 bytes leftover after parsing attributes in process `syz-executor.1'. [ 135.805917][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.819980][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.869156][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 135.892626][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 135.909816][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 135.936350][ T6634] netlink: zone id is out of range [ 135.936440][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.948632][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.974115][ T6634] netlink: zone id is out of range [ 135.979273][ T6634] netlink: zone id is out of range [ 135.994974][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 136.005113][ T6634] netlink: get zone limit has 4 unknown bytes [ 136.031187][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 136.059418][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 136.081600][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 136.115051][ T6416] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.138246][ T3576] Bluetooth: hci3: command tx timeout [ 136.163156][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 136.176631][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 136.241332][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 136.245035][ T6652] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 136.285432][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 136.316367][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 136.340765][ T6650] bridge0: port 3(syz_tun) entered disabled state [ 136.347337][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.354551][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.399748][ T6650] device bridge0 left promiscuous mode [ 136.449714][ T6344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 136.462811][ T6344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 136.511097][ T6416] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.551371][ T6641] bridge0: port 3(syz_tun) entered blocking state [ 136.557885][ T6641] bridge0: port 3(syz_tun) entered forwarding state [ 136.564703][ T6641] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.571871][ T6641] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.579179][ T6641] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.586354][ T6641] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.727039][ T6641] device bridge0 entered promiscuous mode [ 136.759355][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 136.798213][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 136.822558][ T6671] sctp: [Deprecated]: syz-executor.1 (pid 6671) Use of struct sctp_assoc_value in delayed_ack socket option. [ 136.822558][ T6671] Use struct sctp_sack_info instead [ 136.828990][ T6416] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.041360][ T6678] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 137.275558][ T6678] device syzkaller0 entered promiscuous mode [ 137.301670][ T6416] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 137.444727][ T6416] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 137.476927][ T6416] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 137.531704][ T6416] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 137.596540][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 137.631752][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 137.661962][ T6344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.730327][ T3576] Bluetooth: hci4: command tx timeout [ 137.898715][ T6416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.027793][ T6416] 8021q: adding VLAN 0 to HW filter on device team0 [ 138.033570][ T6712] netlink: 134744 bytes leftover after parsing attributes in process `syz-executor.2'. [ 138.045308][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 138.054847][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 138.093888][ T6712] netlink: zone id is out of range [ 138.100091][ T6712] netlink: zone id is out of range [ 138.117979][ T6712] netlink: zone id is out of range [ 138.121309][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 138.135053][ T6712] netlink: get zone limit has 4 unknown bytes [ 138.137420][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 138.161267][ T3612] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.168427][ T3612] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.249498][ T6711] device syzkaller0 entered promiscuous mode [ 138.271703][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 138.286543][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 138.312454][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 138.327401][ T3611] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.334552][ T3611] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.342677][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 138.503817][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 138.523182][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 138.555403][ T6726] validate_nla: 5 callbacks suppressed [ 138.555440][ T6726] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 138.568300][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 138.587022][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 138.597296][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 138.609293][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 138.618395][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 138.646216][ T6726] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 138.678330][ T6733] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 138.695441][ T6416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 138.716147][ T6416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 138.727179][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 138.736021][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 138.754252][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 138.763578][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 138.773607][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 138.786252][ T6728] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 138.819694][ T6734] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.827200][ T6734] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.870935][ T6726] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 138.888200][ T6344] device veth0_vlan entered promiscuous mode [ 138.897789][ T6729] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.904979][ T6729] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.912419][ T6729] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.919516][ T6729] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.934368][ T6729] device bridge0 entered promiscuous mode [ 138.953332][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 138.967660][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 138.988528][ T6731] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 139.024061][ T6344] device veth1_vlan entered promiscuous mode [ 139.055623][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 139.065638][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 139.195548][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 139.259952][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 139.331041][ T6344] device veth0_macvtap entered promiscuous mode [ 139.382129][ T6344] device veth1_macvtap entered promiscuous mode [ 139.527753][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 139.560978][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 139.569128][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 139.689675][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 139.754021][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.793895][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.813590][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.813682][ T6766] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 139.825233][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.845453][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.856687][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.867702][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.878586][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.896115][ T6344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 139.913578][ T6416] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.941194][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 139.960911][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 139.973026][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.012360][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.033456][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.045778][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.055916][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.066713][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.076592][ T6344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.087174][ T6344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.099384][ T6344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.186143][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 140.204089][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 140.232634][ T6344] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.242607][ T6344] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.252983][ T6344] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.261992][ T6344] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.298831][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 140.318084][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 140.382124][ T3946] device hsr_slave_0 left promiscuous mode [ 140.413983][ T3946] device hsr_slave_1 left promiscuous mode [ 140.446206][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 140.460844][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 140.478276][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 140.479646][ T6784] netlink: 134744 bytes leftover after parsing attributes in process `syz-executor.1'. [ 140.495907][ T6784] netlink: zone id is out of range [ 140.501354][ T6784] netlink: zone id is out of range [ 140.502384][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 140.549641][ T3946] device bridge_slave_1 left promiscuous mode [ 140.564753][ T3946] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.576575][ T3946] device bridge_slave_0 left promiscuous mode [ 140.583556][ T3946] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.604666][ T3946] device veth1_macvtap left promiscuous mode [ 140.611974][ T3946] device veth0_macvtap left promiscuous mode [ 140.618855][ T3946] device veth1_vlan left promiscuous mode [ 140.625310][ T3946] device veth0_vlan left promiscuous mode [ 140.779952][ T3946] team0 (unregistering): Port device team_slave_1 removed [ 140.801400][ T3946] team0 (unregistering): Port device team_slave_0 removed [ 140.815018][ T3946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 140.829020][ T3946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 140.882619][ T3946] bond0 (unregistering): Released all slaves [ 140.960089][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 140.968516][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 141.000878][ T6793] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.008069][ T6793] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.052133][ T6793] device bridge0 left promiscuous mode [ 141.070807][ T6794] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.077900][ T6794] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.085306][ T6794] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.092445][ T6794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.126627][ T6794] device bridge0 entered promiscuous mode [ 141.140979][ T6416] device veth0_vlan entered promiscuous mode [ 141.154578][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 141.163258][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 141.197961][ T6416] device veth1_vlan entered promiscuous mode [ 141.248531][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 141.342524][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.363814][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.402064][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 141.414389][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 141.431192][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 141.466916][ T6416] device veth0_macvtap entered promiscuous mode [ 141.519974][ T6416] device veth1_macvtap entered promiscuous mode [ 141.552802][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.562701][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.609653][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 141.639601][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 141.662494][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 141.672739][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.706657][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.740358][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.771520][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.813142][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.844630][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.865864][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.886659][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.930084][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.945525][ T6815] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 142.064618][ T6809] device syzkaller0 entered promiscuous mode [ 142.089760][ T6835] syz-executor.2[6835] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.089911][ T6835] syz-executor.2[6835] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.113257][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 142.192580][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 142.213846][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.249281][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.266034][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.304264][ T6844] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 142.305872][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.330622][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.346748][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.368350][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.381382][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.398083][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.486941][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 142.499054][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 142.563817][ T6845] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.571266][ T6845] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.680620][ T6847] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.688211][ T6847] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.695914][ T6847] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.703228][ T6847] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.723841][ T6847] device bridge0 entered promiscuous mode [ 142.739423][ T6416] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.748788][ T6416] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.764423][ T6416] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.775062][ T6416] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.025609][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.078413][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.122147][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 143.186035][ T5605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.208938][ T5605] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.271363][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 143.511748][ T6887] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.518926][ T6887] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.619178][ T6887] device bridge0 left promiscuous mode [ 143.720567][ T6896] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.727719][ T6896] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.735169][ T6896] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.742572][ T6896] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.873319][ T6896] device bridge0 entered promiscuous mode [ 144.576074][ T6926] device syzkaller0 entered promiscuous mode [ 144.606511][ T6936] syz-executor.2[6936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 144.606652][ T6936] syz-executor.2[6936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 144.864087][ T6950] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 144.904644][ T6951] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 145.097026][ T6955] device syzkaller0 entered promiscuous mode [ 146.514902][ T7007] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 146.927199][ T7033] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 147.086028][ T7040] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 147.298544][ T7045] device syzkaller0 entered promiscuous mode [ 147.584797][ T7065] tun0: tun_chr_ioctl cmd 21731 [ 147.616191][ T7053] device veth0_vlan left promiscuous mode [ 147.646483][ T7053] device veth0_vlan entered promiscuous mode [ 148.024453][ T7089] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 148.047510][ T7089] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 148.075553][ T7089] netlink: 194488 bytes leftover after parsing attributes in process `syz-executor.0'. [ 148.127059][ T7096] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 148.772897][ T7096] device syzkaller0 entered promiscuous mode [ 149.283854][ T7120] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 149.396682][ T7127] netlink: 519 bytes leftover after parsing attributes in process `syz-executor.4'. [ 149.436341][ T7129] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 149.467405][ T7129] netlink: 'syz-executor.2': attribute type 19 has an invalid length. [ 149.484919][ T7129] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.2'. [ 149.547658][ T7135] tun0: tun_chr_ioctl cmd 21731 [ 149.650671][ T7135] device veth0_vlan left promiscuous mode [ 149.668225][ T7139] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 3279 (only 8 groups) [ 149.689572][ T7135] device veth0_vlan entered promiscuous mode [ 149.713262][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 149.737914][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 149.751384][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 151.037990][ T7163] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 151.090988][ T7163] netlink: 'syz-executor.1': attribute type 7 has an invalid length. [ 151.137981][ T7163] netlink: 194488 bytes leftover after parsing attributes in process `syz-executor.1'. [ 152.171775][ T7198] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 152.216264][ T7198] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 152.247106][ T7198] netlink: 194488 bytes leftover after parsing attributes in process `syz-executor.2'. [ 152.908169][ T7205] tun0: tun_chr_ioctl cmd 21731 [ 152.949609][ T7205] device veth0_vlan left promiscuous mode [ 152.975148][ T7205] device veth0_vlan entered promiscuous mode [ 153.095924][ T7220] netlink: 519 bytes leftover after parsing attributes in process `syz-executor.1'. [ 153.177397][ T7224] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 153.197594][ T7224] netlink: 'syz-executor.0': attribute type 19 has an invalid length. [ 153.222692][ T7224] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 154.577930][ T7266] netlink: 519 bytes leftover after parsing attributes in process `syz-executor.0'. [ 154.707657][ T7269] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 154.756795][ T7269] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 154.815968][ T7269] netlink: 194488 bytes leftover after parsing attributes in process `syz-executor.4'. [ 155.317002][ T7288] netlink: 'syz-executor.1': attribute type 58 has an invalid length. [ 155.341769][ T7288] netlink: 'syz-executor.1': attribute type 58 has an invalid length. [ 155.601200][ T7301] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 156.865362][ T7365] device syzkaller0 entered promiscuous mode [ 156.881427][ T3002] udevd[3002]: worker [3555] terminated by signal 33 (Unknown signal 33) [ 156.895304][ T3002] udevd[3002]: worker [3555] failed while handling '/devices/virtual/block/loop1' [ 156.945747][ T7374] validate_nla: 3 callbacks suppressed [ 156.945762][ T7374] netlink: 'syz-executor.4': attribute type 58 has an invalid length. [ 157.073282][ T3576] Bluetooth: hci0: unexpected event 0x35 length: 15 > 6 [ 157.075246][ T7374] netlink: 'syz-executor.4': attribute type 58 has an invalid length. [ 157.123701][ T7378] netlink: 'syz-executor.4': attribute type 58 has an invalid length. [ 157.544853][ T7396] device syzkaller0 entered promiscuous mode [ 157.578789][ T7403] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 157.611265][ T7403] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 157.640055][ T7403] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 157.658726][ T7403] net_ratelimit: 2 callbacks suppressed [ 157.658741][ T7403] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 158.012126][ T7421] netlink: 'syz-executor.1': attribute type 58 has an invalid length. [ 158.050066][ T7421] netlink: 'syz-executor.1': attribute type 58 has an invalid length. [ 158.095853][ T7426] netlink: 'syz-executor.1': attribute type 58 has an invalid length. [ 158.166433][ T7428] netlink: 'syz-executor.0': attribute type 16 has an invalid length. [ 158.219692][ T7428] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 158.263257][ T7428] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 158.342964][ T7440] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 158.373808][ T7440] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 158.438927][ T3576] Bluetooth: hci0: unexpected event 0x35 length: 15 > 6 [ 158.592789][ T7455] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.1'. [ 158.859260][ T7472] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'. [ 158.896215][ T7472] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 159.016898][ T3576] Bluetooth: hci3: unexpected event 0x35 length: 15 > 6 [ 159.237869][ T7483] device syzkaller0 entered promiscuous mode [ 159.265394][ T7489] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.4'. [ 159.626743][ T7505] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 159.638730][ T7505] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 159.814961][ T3576] Bluetooth: hci0: unexpected event 0x35 length: 15 > 6 [ 159.899774][ T7520] netlink: 39 bytes leftover after parsing attributes in process `syz-executor.3'. [ 160.145039][ T7527] device syzkaller0 entered promiscuous mode [ 160.373773][ T7540] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 160.405811][ T7540] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 160.649519][ T3576] Bluetooth: hci4: unexpected event 0x17 length: 15 > 6 [ 160.734954][ T7554] device veth0 entered promiscuous mode [ 161.312872][ T7576] device syzkaller0 entered promiscuous mode [ 161.487027][ T7581] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 161.511886][ T7581] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 162.105848][ T3576] Bluetooth: hci1: unexpected event 0x17 length: 15 > 6 [ 162.231885][ T7601] validate_nla: 12 callbacks suppressed [ 162.231901][ T7601] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 162.283333][ T7601] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 162.312626][ T7601] netlink: 39 bytes leftover after parsing attributes in process `syz-executor.2'. [ 162.681346][ T7617] device veth0 entered promiscuous mode [ 162.924127][ T3576] Bluetooth: hci0: unexpected event 0x17 length: 15 > 6 [ 163.126155][ T7637] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 163.182544][ T7637] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 163.889233][ T7660] device syzkaller0 entered promiscuous mode [ 164.284982][ T7674] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled. [ 165.555823][ T7715] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled. [ 166.237353][ T7742] __nla_validate_parse: 1 callbacks suppressed [ 166.237371][ T7742] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.3'. [ 166.888405][ T7756] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled. [ 167.203315][ T7772] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'. [ 167.677496][ T7791] device syzkaller0 entered promiscuous mode [ 167.828793][ T7800] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 167.848094][ T7800] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 168.678748][ T7803] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.0'. [ 168.927954][ T7818] device syzkaller0 entered promiscuous mode [ 169.228799][ T7835] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.0'. [ 169.627431][ T7856] syz-executor.2[7856] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.627580][ T7856] syz-executor.2[7856] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.880943][ T7862] device syzkaller0 entered promiscuous mode [ 169.911125][ T7864] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.0'. [ 170.383671][ T7886] syz-executor.3[7886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 170.383820][ T7886] syz-executor.3[7886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.016366][ T7889] tap1: tun_chr_ioctl cmd 1074025677 [ 171.047314][ T7889] tap1: linktype set to 0 [ 171.057713][ T7891] tap1: tun_chr_ioctl cmd 35108 [ 171.288225][ T7919] syz-executor.2[7919] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.288368][ T7919] syz-executor.2[7919] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 172.298785][ T7958] syz-executor.2[7958] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 172.362367][ T7958] syz-executor.2[7958] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 172.709204][ T7969] device syzkaller0 entered promiscuous mode [ 172.850778][ T7979] netlink: 'syz-executor.3': attribute type 33 has an invalid length. [ 172.874400][ T7979] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 173.164256][ T7987] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 173.220491][ T7987] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 173.955138][ T7996] syz-executor.2[7996] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 173.955276][ T7996] syz-executor.2[7996] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.267388][ T8011] netlink: 'syz-executor.4': attribute type 33 has an invalid length. [ 174.330435][ T8011] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 174.377863][ T8016] device syzkaller0 entered promiscuous mode [ 174.484683][ T8020] netlink: 'syz-executor.3': attribute type 9 has an invalid length. [ 174.505784][ T8020] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 174.963734][ T8028] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 175.001217][ T8028] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 176.200425][ T3576] Bluetooth: hci1: command 0x0406 tx timeout [ 176.206543][ T3576] Bluetooth: hci2: command 0x0406 tx timeout [ 176.212904][ T3572] Bluetooth: hci0: command 0x0406 tx timeout [ 178.317892][ T8054] netlink: 'syz-executor.2': attribute type 33 has an invalid length. [ 178.357459][ T8054] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'. [ 178.478706][ T8063] device veth0 entered promiscuous mode [ 178.502275][ T8066] netlink: 'syz-executor.1': attribute type 9 has an invalid length. [ 178.518786][ T8066] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 179.525249][ T8079] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 179.614730][ T8079] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'. [ 180.862916][ T8112] netlink: 'syz-executor.3': attribute type 9 has an invalid length. [ 180.986316][ T8112] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 181.851176][ T8125] device veth0 entered promiscuous mode [ 182.297535][ T8148] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 182.336291][ T8148] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 182.443552][ T8158] netlink: 'syz-executor.1': attribute type 9 has an invalid length. [ 182.482591][ T8158] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 188.499150][ T8238] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 188.622159][ T8238] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.2'. [ 188.741200][ T8241] device syzkaller0 entered promiscuous mode [ 189.659992][ T8265] device syzkaller0 entered promiscuous mode [ 190.065535][ T8292] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 190.133864][ T8292] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 190.210132][ T8297] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 190.246017][ T8297] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 191.191121][ T8308] device syzkaller0 entered promiscuous mode [ 191.514028][ T8341] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 191.580463][ T8341] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 191.710148][ T8354] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 191.764086][ T8354] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 192.584516][ T8353] netlink: 'syz-executor.0': attribute type 39 has an invalid length. [ 192.594064][ T8353] device veth0_macvtap left promiscuous mode [ 192.729730][ T8369] device syzkaller0 entered promiscuous mode [ 193.036407][ T8397] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 193.092022][ T8397] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 193.205555][ T8406] netlink: 'syz-executor.1': attribute type 39 has an invalid length. [ 193.231930][ T8406] device veth0_macvtap left promiscuous mode [ 193.368621][ T8410] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 193.407063][ T8410] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 193.947124][ T8433] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 194.054923][ T8433] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 194.141685][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.148041][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.452522][ T8444] netlink: 'syz-executor.1': attribute type 39 has an invalid length. [ 194.836811][ T8469] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 194.855758][ T8469] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 194.908703][ T8472] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 195.070600][ T8472] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.2'. [ 195.818183][ T8481] netlink: 'syz-executor.3': attribute type 39 has an invalid length. [ 195.832171][ T8481] device veth0_macvtap left promiscuous mode [ 196.190052][ T8512] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 196.238857][ T8512] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 196.375071][ T8520] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 196.418066][ T8520] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 197.139147][ T8534] netlink: 'syz-executor.3': attribute type 39 has an invalid length. [ 197.318229][ T8554] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 197.392366][ T8554] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 197.645015][ T8569] device syzkaller0 entered promiscuous mode [ 198.034250][ T8594] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 198.080460][ T8594] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 199.342656][ T8645] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 199.357118][ T8645] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'. [ 199.455323][ T8653] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 199.496812][ T8653] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'. [ 199.920369][ T8677] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 199.939007][ T8677] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 200.090912][ T8686] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 200.133197][ T8686] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 200.833618][ T8699] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 200.851639][ T8699] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 201.434450][ T8723] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 201.494656][ T8719] device syzkaller0 entered promiscuous mode [ 201.610902][ T8723] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 201.854752][ T8732] netlink: 'syz-executor.2': attribute type 25 has an invalid length. [ 201.863068][ T8732] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 202.455498][ T8766] netlink: 'syz-executor.2': attribute type 25 has an invalid length. [ 202.530641][ T8766] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 203.145795][ T8780] device syzkaller0 entered promiscuous mode [ 205.020913][ T8859] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 205.027719][ T8859] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 205.272854][ T8861] netlink: 'syz-executor.4': attribute type 25 has an invalid length. [ 205.281158][ T8861] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 206.064342][ T8891] device syzkaller0 entered promiscuous mode [ 207.168658][ T8935] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 207.175233][ T8935] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 207.991353][ T8960] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 207.997832][ T8960] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 208.855680][ T8998] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 208.862983][ T8998] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 209.737246][ T27] audit: type=1804 audit(1718516431.448:16): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/470/memory.events" dev="sda1" ino=1948 res=1 errno=0 [ 209.800820][ T27] audit: type=1800 audit(1718516431.518:17): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="memory.events" dev="sda1" ino=1948 res=0 errno=0 [ 210.453046][ T9067] batman_adv: batadv0: adding TT local entry 06:c8:2b:92:00:00 to non-existent VLAN 3855 [ 210.999401][ T27] audit: type=1804 audit(1718516432.708:18): pid=9081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/481/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 211.087003][ T27] audit: type=1800 audit(1718516432.798:19): pid=9081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1950 res=0 errno=0 [ 211.247163][ T9098] batman_adv: batadv0: adding TT local entry 06:c8:2b:92:00:00 to non-existent VLAN 3855 [ 211.894907][ T27] audit: type=1804 audit(1718516433.608:20): pid=9122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/485/memory.events" dev="sda1" ino=1960 res=1 errno=0 [ 211.971961][ T27] audit: type=1800 audit(1718516433.668:21): pid=9122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1960 res=0 errno=0 [ 212.122852][ T9135] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 212.141808][ T9135] batman_adv: batadv0: Adding interface: wlan0 [ 212.147993][ T9135] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.220939][ T9135] batman_adv: batadv0: Interface activated: wlan0 [ 212.913609][ T27] audit: type=1804 audit(1718516434.628:22): pid=9159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/478/memory.events" dev="sda1" ino=1962 res=1 errno=0 [ 213.405910][ T9173] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 213.473512][ T9173] batman_adv: batadv0: Adding interface: wlan0 [ 213.483564][ T9173] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.518237][ T9173] batman_adv: batadv0: Interface activated: wlan0 [ 213.961438][ T9190] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 213.972343][ T9192] batman_adv: batadv0: adding TT local entry 06:c8:2b:92:00:00 to non-existent VLAN 3855 [ 213.999851][ T9190] netlink: 1033 bytes leftover after parsing attributes in process `syz-executor.2'. [ 214.085460][ T27] audit: type=1804 audit(1718516435.798:23): pid=9197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/482/memory.events" dev="sda1" ino=1940 res=1 errno=0 [ 214.240584][ T27] audit: type=1800 audit(1718516435.958:24): pid=9197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="memory.events" dev="sda1" ino=1940 res=0 errno=0 [ 214.567656][ T9226] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 214.600671][ T9226] netlink: 1033 bytes leftover after parsing attributes in process `syz-executor.3'. [ 214.845514][ T27] audit: type=1804 audit(1718516436.558:25): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2799091299/syzkaller.v6Amt0/195/memory.events" dev="sda1" ino=1961 res=1 errno=0 [ 215.150520][ T27] audit: type=1800 audit(1718516436.558:26): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1961 res=0 errno=0 [ 215.172542][ T27] audit: type=1804 audit(1718516436.808:27): pid=9241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/485/memory.events" dev="sda1" ino=1953 res=1 errno=0 [ 215.659441][ T9262] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 215.929229][ T27] audit: type=1804 audit(1718516437.638:28): pid=9277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/494/memory.events" dev="sda1" ino=1947 res=1 errno=0 [ 216.007034][ T27] audit: type=1800 audit(1718516437.718:29): pid=9277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1947 res=0 errno=0 [ 217.318988][ T27] audit: type=1804 audit(1718516439.028:30): pid=9319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/498/memory.events" dev="sda1" ino=1952 res=1 errno=0 [ 217.395154][ T27] audit: type=1800 audit(1718516439.108:31): pid=9319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1952 res=0 errno=0 [ 217.646347][ T9331] mac80211_hwsim hwsim17 €Â: renamed from wlan1 [ 218.528014][ T27] audit: type=1804 audit(1718516440.238:32): pid=9367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/504/memory.events" dev="sda1" ino=1964 res=1 errno=0 [ 218.588609][ T27] audit: type=1800 audit(1718516440.238:33): pid=9367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1964 res=0 errno=0 [ 218.874731][ T27] audit: type=1804 audit(1718516440.588:34): pid=9386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/506/memory.events" dev="sda1" ino=1960 res=1 errno=0 [ 219.127814][ T9395] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 219.143657][ T9395] netlink: 2418 bytes leftover after parsing attributes in process `syz-executor.2'. [ 219.921286][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 219.921300][ T27] audit: type=1804 audit(1718516441.638:36): pid=9427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/504/memory.events" dev="sda1" ino=1964 res=1 errno=0 [ 219.925963][ T9426] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 219.944929][ T27] audit: type=1800 audit(1718516441.638:37): pid=9427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1964 res=0 errno=0 [ 219.996831][ T9426] netlink: 2418 bytes leftover after parsing attributes in process `syz-executor.2'. [ 220.450929][ T27] audit: type=1804 audit(1718516442.168:38): pid=9457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/507/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 220.630550][ T27] audit: type=1800 audit(1718516442.168:39): pid=9457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1950 res=0 errno=0 [ 221.235226][ T27] audit: type=1804 audit(1718516442.948:40): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2799091299/syzkaller.v6Amt0/215/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 221.344727][ T27] audit: type=1800 audit(1718516442.988:41): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1950 res=0 errno=0 [ 221.492198][ T9509] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.2'. [ 221.961020][ T9528] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 221.976695][ T9528] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 222.020590][ T9529] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 222.036473][ T9528] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 222.075997][ T9537] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.0'. [ 222.096947][ T9528] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 222.222708][ T27] audit: type=1804 audit(1718516443.938:42): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2799091299/syzkaller.v6Amt0/218/memory.events" dev="sda1" ino=1960 res=1 errno=0 [ 222.283134][ T27] audit: type=1800 audit(1718516443.968:43): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1960 res=0 errno=0 [ 223.505883][ T27] audit: type=1804 audit(1718516445.218:44): pid=9586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/527/memory.events" dev="sda1" ino=1948 res=1 errno=0 [ 223.541433][ T27] audit: type=1800 audit(1718516445.258:45): pid=9586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1948 res=0 errno=0 [ 223.695035][ T9590] netlink: 'syz-executor.3': attribute type 21 has an invalid length. [ 223.728095][ T9590] netlink: 'syz-executor.3': attribute type 5 has an invalid length. [ 223.765255][ T9596] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 223.774002][ T9590] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 224.045377][ T9611] netlink: 35347 bytes leftover after parsing attributes in process `syz-executor.2'. [ 224.455293][ T9632] netlink: 40227 bytes leftover after parsing attributes in process `syz-executor.2'. [ 224.648807][ T9645] netlink: 35347 bytes leftover after parsing attributes in process `syz-executor.4'. [ 224.785029][ T9653] bridge0: port 3(syz_tun) entered disabled state [ 224.791715][ T9653] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.799143][ T9653] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.848027][ T9653] device syz_tun left promiscuous mode [ 224.901978][ T9653] bridge0: port 3(syz_tun) entered disabled state [ 224.935965][ T9653] device bridge_slave_1 left promiscuous mode [ 224.957708][ T9653] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.991445][ T9653] device bridge_slave_0 left promiscuous mode [ 225.005347][ T9653] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.123944][ T9670] netlink: 40227 bytes leftover after parsing attributes in process `syz-executor.4'. [ 225.899838][ T9713] netlink: 35840 bytes leftover after parsing attributes in process `syz-executor.3'. [ 226.517758][ T9734] netlink: 40227 bytes leftover after parsing attributes in process `syz-executor.4'. [ 226.879515][ T9743] device syzkaller0 entered promiscuous mode [ 226.932582][ T9764] validate_nla: 4 callbacks suppressed [ 226.932597][ T9764] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 226.999820][ T9764] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 227.016299][ T9764] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'. [ 227.443952][ T9793] netlink: 35840 bytes leftover after parsing attributes in process `syz-executor.1'. [ 227.808331][ T9818] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 227.942354][ T9810] device syzkaller0 entered promiscuous mode [ 228.183383][ T9840] netlink: 35840 bytes leftover after parsing attributes in process `syz-executor.0'. [ 228.520634][ T9859] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 231.827545][T10019] device syzkaller0 entered promiscuous mode [ 232.956403][T10079] sctp: [Deprecated]: syz-executor.4 (pid 10079) Use of int in maxseg socket option. [ 232.956403][T10079] Use struct sctp_assoc_value instead [ 233.887660][T10107] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 233.897892][T10107] netlink: 'syz-executor.0': attribute type 12 has an invalid length. [ 234.779044][T10135] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 234.795373][T10135] netlink: 'syz-executor.3': attribute type 12 has an invalid length. [ 235.223844][ T3576] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 235.233613][ T3576] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 235.243487][ T3576] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 235.253178][ T3582] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 235.264950][ T3582] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 235.273566][ T3582] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 235.534392][T10149] chnl_net:caif_netlink_parms(): no params data found [ 235.707085][T10172] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 235.745194][T10172] netlink: 'syz-executor.0': attribute type 12 has an invalid length. [ 235.761787][T10149] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.768971][T10149] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.828808][T10149] device bridge_slave_0 entered promiscuous mode [ 235.866122][T10149] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.874060][T10149] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.883380][T10149] device bridge_slave_1 entered promiscuous mode [ 236.008046][T10149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 236.048465][T10149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 236.252223][T10149] team0: Port device team_slave_0 added [ 236.306510][T10149] team0: Port device team_slave_1 added [ 236.458233][T10149] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 236.498640][T10149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 236.629872][T10149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 236.689660][T10149] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 236.714035][T10197] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 236.722143][T10149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 236.722171][T10149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 236.759275][T10197] netlink: 116376 bytes leftover after parsing attributes in process `syz-executor.4'. [ 236.777716][T10198] sctp: [Deprecated]: syz-executor.2 (pid 10198) Use of int in maxseg socket option. [ 236.777716][T10198] Use struct sctp_assoc_value instead [ 236.823407][T10149] device hsr_slave_0 entered promiscuous mode [ 236.840824][T10149] device hsr_slave_1 entered promiscuous mode [ 236.880717][T10149] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 236.890662][T10149] Cannot create hsr debugfs directory [ 237.330773][ T3582] Bluetooth: hci0: command tx timeout [ 237.371491][T10149] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.003066][T10149] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.153186][T10149] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.246052][T10149] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.770653][T10149] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 238.815422][T10149] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 238.866406][T10149] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 238.885235][T10149] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 239.138865][T10149] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.162602][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 239.181911][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 239.228745][T10149] 8021q: adding VLAN 0 to HW filter on device team0 [ 239.253035][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 239.262274][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 239.275185][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.282327][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.343013][T10280] device syzkaller0 entered promiscuous mode [ 239.364366][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 239.382724][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 239.398279][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 239.407141][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.414281][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.430405][ T3582] Bluetooth: hci0: command tx timeout [ 239.451130][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 239.461170][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 239.472908][T10284] bridge0: port 3(syz_tun) entered disabled state [ 239.479538][T10284] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.486820][T10284] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.494877][T10284] device bridge0 left promiscuous mode [ 239.592912][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 239.618836][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 239.745823][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 239.758092][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 239.780968][ T27] audit: type=1800 audit(1718516461.498:46): pid=10300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1950 res=0 errno=0 [ 239.806299][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 239.815126][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 239.840436][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 239.847477][ T27] audit: type=1804 audit(1718516461.548:47): pid=10300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/577/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 239.849006][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 239.880824][ T27] audit: type=1804 audit(1718516461.548:48): pid=10300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1825965085/syzkaller.XN1tY4/577/memory.events" dev="sda1" ino=1950 res=1 errno=0 [ 239.948394][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 239.977099][T10149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 240.859972][T10149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.896681][T10335] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 240.919170][ T27] audit: type=1800 audit(1718516462.628:49): pid=10337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1948 res=0 errno=0 [ 240.948515][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 240.990854][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 241.000521][ T27] audit: type=1804 audit(1718516462.658:50): pid=10337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/592/memory.events" dev="sda1" ino=1948 res=1 errno=0 [ 241.081603][T10335] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 241.129402][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 241.150064][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 241.161130][ T27] audit: type=1804 audit(1718516462.678:51): pid=10337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1540762386/syzkaller.Huvov6/592/memory.events" dev="sda1" ino=1948 res=1 errno=0 [ 241.208006][T10338] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 241.220975][T10340] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 241.245604][T10149] device veth0_vlan entered promiscuous mode [ 241.278230][T10342] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 241.305013][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 241.337447][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 241.368782][T10149] device veth1_vlan entered promiscuous mode [ 241.414293][T10350] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 241.423596][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 241.439747][T10350] netlink: 116376 bytes leftover after parsing attributes in process `syz-executor.3'. [ 241.457060][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 241.477440][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 241.490692][ T3582] Bluetooth: hci0: command tx timeout [ 241.547011][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 241.612898][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 241.637467][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 241.653468][T10149] device veth0_macvtap entered promiscuous mode [ 241.742065][T10149] device veth1_macvtap entered promiscuous mode [ 241.791726][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 241.824848][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 241.856787][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 241.873540][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 241.883825][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 241.904987][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 241.915209][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 241.925838][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 241.942940][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 241.975932][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.003074][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 242.013888][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.026313][T10149] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 242.037659][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 242.070860][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 242.083831][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 242.120952][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.147803][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 242.162186][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.165048][ T27] audit: type=1800 audit(1718516463.868:52): pid=10382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1941 res=0 errno=0 [ 242.172591][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 242.220121][ T27] audit: type=1804 audit(1718516463.878:53): pid=10382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2799091299/syzkaller.v6Amt0/300/memory.events" dev="sda1" ino=1941 res=1 errno=0 [ 242.223791][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.259435][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 242.274324][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.286744][T10149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 242.318968][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.331686][T10149] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 242.342238][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 242.350488][ T27] audit: type=1804 audit(1718516464.058:54): pid=10386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2799091299/syzkaller.v6Amt0/300/memory.events" dev="sda1" ino=1941 res=1 errno=0 [ 242.384637][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 242.405952][T10149] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.430606][T10149] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.439360][T10149] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.467829][T10149] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.629478][T10149] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0 [ 242.697485][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.730346][T10149] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0 [ 242.740014][T10149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.849029][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.910367][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.934237][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 242.941717][ T5605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.949720][ T5605] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.994544][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 243.289222][T10430] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 243.348075][T10430] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 243.371066][T10434] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 243.435015][T10438] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 243.571062][ T3582] Bluetooth: hci0: command tx timeout [ 246.139603][T10541] validate_nla: 2 callbacks suppressed [ 246.139618][T10541] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 247.573354][T10563] device syzkaller0 entered promiscuous mode [ 247.586308][T10570] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 248.748800][ T3578] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 248.781087][ T3578] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 248.789887][ T3578] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 248.798696][ T3578] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 248.807646][ T3578] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 248.815648][ T3578] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 249.618344][T10619] device syzkaller0 entered promiscuous mode [ 249.917239][ T3946] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.978306][ T3946] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.004745][T10604] chnl_net:caif_netlink_parms(): no params data found [ 250.070283][T10604] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.100436][T10604] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.122035][T10604] device bridge_slave_0 entered promiscuous mode [ 250.149751][T10604] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.176001][T10604] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.204928][T10604] device bridge_slave_1 entered promiscuous mode [ 250.251411][T10644] syz-executor.3[10644] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.251556][T10644] syz-executor.3[10644] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.278988][ T3946] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.392807][T10604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.433313][ T3946] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.477340][T10604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.850522][ T3578] Bluetooth: hci3: command tx timeout [ 251.091815][T10604] team0: Port device team_slave_0 added [ 251.115232][T10604] team0: Port device team_slave_1 added [ 251.525865][T10667] device syzkaller0 entered promiscuous mode [ 251.543192][T10604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.564323][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.591316][T10604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.728258][T10604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.760424][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.797398][T10604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.009983][T10604] device hsr_slave_0 entered promiscuous mode [ 252.052342][T10604] device hsr_slave_1 entered promiscuous mode [ 252.084062][T10604] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.106629][T10604] Cannot create hsr debugfs directory [ 252.530610][ T3578] Bluetooth: hci4: command 0x0406 tx timeout [ 252.543038][T10710] device syzkaller0 entered promiscuous mode [ 252.930343][ T3582] Bluetooth: hci3: command tx timeout [ 253.888179][T10759] device syzkaller0 entered promiscuous mode [ 254.002001][T10765] syz-executor.1[10765] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 254.002139][T10765] syz-executor.1[10765] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 254.125889][T10771] netlink: 14568 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.186553][ T3946] batman_adv: batadv0: Interface deactivated: wlan0 [ 254.242417][ T3946] batman_adv: batadv0: Removing interface: wlan0 [ 254.404528][ T3946] device hsr_slave_0 left promiscuous mode [ 254.500692][ T3946] device hsr_slave_1 left promiscuous mode [ 254.535607][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 254.590495][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 254.685299][ T3946] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 254.747230][ T3946] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 254.779095][ T3946] device bridge_slave_1 left promiscuous mode [ 254.847461][ T3946] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.906810][ T3946] device bridge_slave_0 left promiscuous mode [ 254.940345][ T3946] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.011185][ T3582] Bluetooth: hci3: command tx timeout [ 255.051738][ T3946] device veth1_macvtap left promiscuous mode [ 255.084556][ T3946] device veth0_macvtap left promiscuous mode [ 255.148220][ T3946] device veth1_vlan left promiscuous mode [ 255.192729][ T3946] device veth0_vlan left promiscuous mode [ 255.572455][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.578828][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.089919][ T3946] team0 (unregistering): Port device team_slave_1 removed [ 256.188168][ T3946] team0 (unregistering): Port device team_slave_0 removed [ 256.212197][ T3946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 256.282188][ T3946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 256.477436][ T3946] bond0 (unregistering): Released all slaves [ 256.776564][T10842] device syzkaller0 entered promiscuous mode [ 256.803931][T10604] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 256.849764][T10604] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 257.044156][T10604] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 257.090522][ T3582] Bluetooth: hci3: command tx timeout [ 257.092436][T10604] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 258.000975][T10604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.056312][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 258.099972][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 258.119087][T10889] netlink: 'syz-executor.3': attribute type 22 has an invalid length. [ 258.139378][T10889] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 258.162698][T10604] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.187198][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 258.201824][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 258.249719][ T152] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.256894][ T152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.355705][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 258.378086][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 258.400874][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 258.434332][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.441537][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.490716][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 258.499614][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 258.509286][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 258.520493][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 258.530050][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 258.540019][ T3015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 258.555944][T10604] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 258.668252][T10604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 258.753773][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 258.779178][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 258.820591][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 258.845873][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 258.868821][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 258.890721][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 259.010887][ T3570] [ 259.013238][ T3570] ====================================================== [ 259.020241][ T3570] WARNING: possible circular locking dependency detected [ 259.027239][ T3570] 6.1.93-syzkaller #0 Not tainted [ 259.032238][ T3570] ------------------------------------------------------ [ 259.039235][ T3570] syz-executor.2/3570 is trying to acquire lock: [ 259.045540][ T3570] ffff8880b9935e90 (lock#10){+.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x84/0x670 [ 259.055908][ T3570] [ 259.055908][ T3570] but task is already holding lock: [ 259.063251][ T3570] ffff8880b993aa18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 259.072701][ T3570] [ 259.072701][ T3570] which lock already depends on the new lock. [ 259.072701][ T3570] [ 259.083074][ T3570] [ 259.083074][ T3570] the existing dependency chain (in reverse order) is: [ 259.092054][ T3570] [ 259.092054][ T3570] -> #3 (&rq->__lock){-.-.}-{2:2}: [ 259.099318][ T3570] lock_acquire+0x1f8/0x5a0 [ 259.104320][ T3570] _raw_spin_lock_nested+0x2d/0x40 [ 259.109932][ T3570] raw_spin_rq_lock_nested+0x26/0x140 [ 259.115800][ T3570] task_fork_fair+0x5d/0x350 [ 259.120886][ T3570] sched_cgroup_fork+0x374/0x400 [ 259.126318][ T3570] copy_process+0x2442/0x4060 [ 259.131490][ T3570] kernel_clone+0x222/0x920 [ 259.136486][ T3570] user_mode_thread+0x12e/0x190 [ 259.141833][ T3570] rest_init+0x23/0x300 [ 259.146482][ T3570] start_kernel+0x0/0x53f [ 259.151304][ T3570] start_kernel+0x496/0x53f [ 259.156299][ T3570] secondary_startup_64_no_verify+0xcf/0xdb [ 259.162685][ T3570] [ 259.162685][ T3570] -> #2 (&p->pi_lock){-.-.}-{2:2}: [ 259.169952][ T3570] lock_acquire+0x1f8/0x5a0 [ 259.174976][ T3570] _raw_spin_lock_irqsave+0xd1/0x120 [ 259.180761][ T3570] try_to_wake_up+0xad/0x12e0 [ 259.185954][ T3570] complete_signal+0x796/0xbd0 [ 259.191218][ T3570] __send_signal_locked+0xb1a/0xdc0 [ 259.196931][ T3570] do_notify_parent+0xe2b/0x1100 [ 259.202365][ T3570] do_exit+0x172e/0x26a0 [ 259.207102][ T3570] do_group_exit+0x202/0x2b0 [ 259.212188][ T3570] __x64_sys_exit_group+0x3b/0x40 [ 259.217710][ T3570] do_syscall_64+0x3b/0xb0 [ 259.222624][ T3570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 259.229047][ T3570] [ 259.229047][ T3570] -> #1 (&sighand->siglock){-.-.}-{2:2}: [ 259.236852][ T3570] lock_acquire+0x1f8/0x5a0 [ 259.241852][ T3570] _raw_spin_lock_irqsave+0xd1/0x120 [ 259.247633][ T3570] __lock_task_sighand+0x145/0x2d0 [ 259.253240][ T3570] group_send_sig_info+0x26c/0x300 [ 259.258848][ T3570] bpf_send_signal_common+0x2d8/0x420 [ 259.264715][ T3570] bpf_send_signal_thread+0x12/0x20 [ 259.270407][ T3570] bpf_prog_536196b47c375ca5+0x49/0x50 [ 259.276372][ T3570] bpf_trace_run4+0x3c3/0x470 [ 259.281540][ T3570] __mmap_lock_do_trace_acquire_returned+0x5e3/0x670 [ 259.288711][ T3570] lock_mm_and_find_vma+0x219/0x2e0 [ 259.294406][ T3570] exc_page_fault+0x169/0x620 [ 259.299582][ T3570] asm_exc_page_fault+0x22/0x30 [ 259.304931][ T3570] [ 259.304931][ T3570] -> #0 (lock#10){+.+.}-{2:2}: [ 259.311855][ T3570] validate_chain+0x1661/0x5950 [ 259.317201][ T3570] __lock_acquire+0x125b/0x1f80 [ 259.322547][ T3570] lock_acquire+0x1f8/0x5a0 [ 259.327545][ T3570] __mmap_lock_do_trace_acquire_returned+0x9d/0x670 [ 259.334624][ T3570] stack_map_get_build_id_offset+0x99e/0x9c0 [ 259.341102][ T3570] __bpf_get_stack+0x495/0x570 [ 259.346363][ T3570] bpf_get_stack_raw_tp+0x1b2/0x220 [ 259.352057][ T3570] bpf_prog_ec3b2eefa702d8d3+0x3a/0x3e [ 259.358044][ T3570] bpf_trace_run2+0x361/0x410 [ 259.363216][ T3570] trace_tlb_flush+0x151/0x1a0 [ 259.368480][ T3570] switch_mm_irqs_off+0x84a/0xc20 [ 259.373999][ T3570] __schedule+0x1140/0x4550 [ 259.379002][ T3570] schedule+0xbf/0x180 [ 259.383567][ T3570] do_nanosleep+0x192/0x5f0 [ 259.388563][ T3570] hrtimer_nanosleep+0x24d/0x490 [ 259.393994][ T3570] __se_sys_clock_nanosleep+0x323/0x3b0 [ 259.400034][ T3570] do_syscall_64+0x3b/0xb0 [ 259.404968][ T3570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 259.411358][ T3570] [ 259.411358][ T3570] other info that might help us debug this: [ 259.411358][ T3570] [ 259.421555][ T3570] Chain exists of: [ 259.421555][ T3570] lock#10 --> &p->pi_lock --> &rq->__lock [ 259.421555][ T3570] [ 259.433168][ T3570] Possible unsafe locking scenario: [ 259.433168][ T3570] [ 259.440590][ T3570] CPU0 CPU1 [ 259.445927][ T3570] ---- ---- [ 259.451262][ T3570] lock(&rq->__lock); [ 259.455320][ T3570] lock(&p->pi_lock); [ 259.461881][ T3570] lock(&rq->__lock); [ 259.468441][ T3570] lock(lock#10); [ 259.472139][ T3570] [ 259.472139][ T3570] *** DEADLOCK *** [ 259.472139][ T3570] [ 259.480253][ T3570] 3 locks held by syz-executor.2/3570: [ 259.485678][ T3570] #0: ffff8880b993aa18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 259.495581][ T3570] #1: ffffffff8d12acc0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x110/0x410 [ 259.504954][ T3570] #2: ffff888075851f58 (&mm->mmap_lock){++++}-{3:3}, at: stack_map_get_build_id_offset+0x232/0x9c0 [ 259.515712][ T3570] [ 259.515712][ T3570] stack backtrace: [ 259.521588][ T3570] CPU: 1 PID: 3570 Comm: syz-executor.2 Not tainted 6.1.93-syzkaller #0 [ 259.529891][ T3570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 259.539930][ T3570] Call Trace: [ 259.543191][ T3570] [ 259.546118][ T3570] dump_stack_lvl+0x1e3/0x2cb [ 259.550781][ T3570] ? nf_tcp_handle_invalid+0x642/0x642 [ 259.556239][ T3570] ? print_circular_bug+0x12b/0x1a0 [ 259.561412][ T3570] check_noncircular+0x2fa/0x3b0 [ 259.566323][ T3570] ? add_chain_block+0x850/0x850 [ 259.571245][ T3570] ? lockdep_lock+0x11f/0x2a0 [ 259.575909][ T3570] validate_chain+0x1661/0x5950 [ 259.580777][ T3570] ? unwind_next_frame+0x1a3f/0x2220 [ 259.586052][ T3570] ? reacquire_held_locks+0x660/0x660 [ 259.591422][ T3570] ? reacquire_held_locks+0x660/0x660 [ 259.596791][ T3570] ? preempt_count_add+0x8f/0x180 [ 259.601797][ T3570] ? validate_chain+0x112/0x5950 [ 259.606722][ T3570] ? stack_trace_save+0x1c0/0x1c0 [ 259.611734][ T3570] ? mark_lock+0x9a/0x340 [ 259.616100][ T3570] __lock_acquire+0x125b/0x1f80 [ 259.620937][ T3570] lock_acquire+0x1f8/0x5a0 [ 259.625422][ T3570] ? __mmap_lock_do_trace_acquire_returned+0x84/0x670 [ 259.632163][ T3570] ? read_lock_is_recursive+0x10/0x10 [ 259.637514][ T3570] ? validate_chain+0x112/0x5950 [ 259.642432][ T3570] ? exc_int3+0xa/0x70 [ 259.646472][ T3570] ? asm_exc_int3+0x35/0x40 [ 259.650952][ T3570] ? __mmap_lock_do_trace_acquire_returned+0x84/0x670 [ 259.657687][ T3570] __mmap_lock_do_trace_acquire_returned+0x9d/0x670 [ 259.664248][ T3570] ? __mmap_lock_do_trace_acquire_returned+0x84/0x670 [ 259.670995][ T3570] ? stack_map_get_build_id_offset+0x982/0x9c0 [ 259.677143][ T3570] stack_map_get_build_id_offset+0x99e/0x9c0 [ 259.683112][ T3570] ? __lock_acquire+0x125b/0x1f80 [ 259.688119][ T3570] ? __bpf_get_stackid+0x910/0x910 [ 259.693210][ T3570] __bpf_get_stack+0x495/0x570 [ 259.697955][ T3570] ? stack_map_get_build_id_offset+0x9c0/0x9c0 [ 259.704088][ T3570] ? __cant_sleep+0x270/0x270 [ 259.708744][ T3570] bpf_get_stack_raw_tp+0x1b2/0x220 [ 259.713920][ T3570] bpf_prog_ec3b2eefa702d8d3+0x3a/0x3e [ 259.719353][ T3570] bpf_trace_run2+0x361/0x410 [ 259.724005][ T3570] ? bpf_trace_run2+0x110/0x410 [ 259.728825][ T3570] ? bpf_trace_run1+0x3d0/0x3d0 [ 259.733646][ T3570] ? __perf_event_task_sched_out+0xb19/0xc60 [ 259.739599][ T3570] trace_tlb_flush+0x151/0x1a0 [ 259.744338][ T3570] switch_mm_irqs_off+0x84a/0xc20 [ 259.749335][ T3570] ? psi_task_switch+0x340/0x770 [ 259.754244][ T3570] ? switch_mm+0x190/0x190 [ 259.758639][ T3570] __schedule+0x1140/0x4550 [ 259.763121][ T3570] ? do_nanosleep+0x153/0x5f0 [ 259.767778][ T3570] ? __sched_text_start+0x8/0x8 [ 259.772604][ T3570] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 259.778469][ T3570] ? _raw_spin_unlock+0x40/0x40 [ 259.783291][ T3570] schedule+0xbf/0x180 [ 259.787336][ T3570] do_nanosleep+0x192/0x5f0 [ 259.791811][ T3570] ? do_nanosleep+0x7c/0x5f0 [ 259.796391][ T3570] ? usleep_range_state+0x1c0/0x1c0 [ 259.801562][ T3570] ? memset+0x1f/0x40 [ 259.805519][ T3570] ? __hrtimer_init+0x181/0x260 [ 259.810344][ T3570] hrtimer_nanosleep+0x24d/0x490 [ 259.815258][ T3570] ? nanosleep_copyout+0x120/0x120 [ 259.820343][ T3570] ? __remove_hrtimer+0x4b0/0x4b0 [ 259.825340][ T3570] ? timespec64_add_safe+0x220/0x220 [ 259.830600][ T3570] ? restore_fpregs_from_fpstate+0xfc/0x230 [ 259.836471][ T3570] __se_sys_clock_nanosleep+0x323/0x3b0 [ 259.841990][ T3570] ? __x64_sys_clock_nanosleep+0xa0/0xa0 [ 259.847592][ T3570] ? syscall_enter_from_user_mode+0x2e/0x230 [ 259.853543][ T3570] ? lockdep_hardirqs_on+0x94/0x130 [ 259.858727][ T3570] ? syscall_enter_from_user_mode+0x2e/0x230 [ 259.864685][ T3570] do_syscall_64+0x3b/0xb0 [ 259.869256][ T3570] ? clear_bhb_loop+0x45/0xa0 [ 259.873911][ T3570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 259.879784][ T3570] RIP: 0033:0x7f621d0a82b5 [ 259.884191][ T3570] Code: Unable to access opcode bytes at 0x7f621d0a828b. [ 259.891195][ T3570] RSP: 002b:00007ffce802aa50 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 259.899583][ T3570] RAX: ffffffffffffffda RBX: 00000000000005bd RCX: 00007f621d0a82b5 2024/06/16 05:41:21 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 259.907527][ T3570] RDX: 00007ffce802aa90 RSI: 0000000000000000 RDI: 0000000000000000 [ 259.915471][ T3570] RBP: 00007ffce802ab0c R08: 0000000000000000 R09: 0000000000000010 [ 259.923503][ T3570] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032 [ 259.931449][ T3570] R13: 000000000003f3a4 R14: 000000000003f358 R15: 000000000000000f [ 259.939397][ T3570]