last executing test programs: 3.342908626s ago: executing program 4 (id=3463): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) rmdir(&(0x7f0000000100)='./file1\x00') chdir(&(0x7f00000001c0)='./bus\x00') utime(&(0x7f0000000000)='./file0\x00', 0x0) 3.261963687s ago: executing program 1 (id=3465): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) read(r0, &(0x7f00000001c0)=""/36, 0x24) close_range(r0, 0xffffffffffffffff, 0x0) 3.081842453s ago: executing program 4 (id=3468): mknod$loop(&(0x7f0000000340)='./file0\x00', 0x2480, 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$packet(0x11, 0x2, 0x300) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socket(0x18, 0x4, 0x4000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0) 2.788582079s ago: executing program 0 (id=3470): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x4, 0x0, 0x1) 2.788273259s ago: executing program 1 (id=3471): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) 1.857764478s ago: executing program 1 (id=3473): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000180)=@file={0x1}, 0x6e) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) connect$unix(0xffffffffffffffff, &(0x7f0000000000)=@file={0x1}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1}, 0x6e) close(r0) 1.856902037s ago: executing program 4 (id=3476): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x2}, 0x8) sendto$inet(r0, 0x0, 0x0, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) 1.709047454s ago: executing program 0 (id=3478): r0 = fsopen(&(0x7f00000025c0)='f2fs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000040)='\xe3U\xa7j\x11\xa1\xbe\x18', 0x0, 0x0) 1.639920103s ago: executing program 4 (id=3480): syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x4a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2f, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fc, 0x84, 0x9, 0x3, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0x5, 0x4, 0x2, 0x81, 0x0, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x200, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x4, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb87, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0) 1.639651883s ago: executing program 1 (id=3481): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYRES8=r0], 0xfc}, 0x1, 0x0, 0x0, 0x41}, 0x4) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000040)={0x6c2e8d59, 0x2}) r1 = socket$rds(0x15, 0x5, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000004c0)={0x0, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e24, @private=0xa010101}, {0x2, 0x4e24, @broadcast}, 0x8, 0x0, 0x0, 0x0, 0x8001, &(0x7f0000000300)='veth1_to_hsr\x00', 0x8001, 0xc9b, 0x71}) sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@cswp={0x58, 0x114, 0x7, {{0x14, 0x3}, &(0x7f0000000380)=0x4, &(0x7f0000000480)=0x28000000000, 0x4, 0x8, 0x9, 0x8, 0x4, 0x8000000000000000}}], 0x58, 0x4000054}, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "bc5ec28f", "b200"}, 0x38) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x4, &(0x7f0000000100)=@gcm_256={{}, "2474794233890da1", "d830005894bf527ae179a7173985202bbfb61b36f3678de8ea2d0d6616076243", "5615d9f5", "7c5cec21291a43fe"}, 0x38) 1.598914264s ago: executing program 3 (id=3482): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000280)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030020"], 0xfdef) 1.44720294s ago: executing program 0 (id=3484): connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/24, 0xfd90}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @tick=0xb, {0x0, 0xb8}, {0x4, 0x6}, @control={0x9, 0x0, 0xb}}, {0x0, 0x0, 0x0, 0x4, @time={0x10001, 0x3ff}, {0x6, 0x4}, {}, @result={0xd, 0x4}}], 0x38) 1.444733104s ago: executing program 1 (id=3485): openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000200)={0x2000000b}) 1.267854123s ago: executing program 1 (id=3487): syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$kcm(0x11, 0x3, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x282, 0x4) setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r1, &(0x7f0000000040)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x12}, 0x80, &(0x7f0000000240)=[{&(0x7f00000006c0)="62042712590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e549966c1106a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f90856112be7f0a54b39a3f66cc4c39544300093158af39cdde429f50d8c750", 0x114}, {&(0x7f0000000a40)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb4714219a2d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000840)="6f4720baeb54", 0x6}, {&(0x7f00000005c0)="5450c709bc5ac46db74f6aa8d6b90f3b18ae2fecdfee865d0761624f26ace5836bc87fbdede55a30842c56267f9fc275151d6bc33c840971b147b384163397004b40e0d41bdd1a00fcaf6719e3acfdbbcbdfacd8c28511bfa474aa61e8724e83558ac239585af6239010f4fe33c8b020e8f4b5a4d82b28363662e2521803d27388ed8c42e2e9892c13990011b4d9815092e419b5c772b45e7d79c0d26bcd857b776e2d3bf5b892c775532172d00baf472e7da3ab8f5590ebcea1d0df85", 0xbd}, {&(0x7f00000013c0)="08004a14b0338a823783503b8578ed0a17369abfe06800b36cda1d4e66a04ada2230558d73bb30ca41167a1f13235895fead9c26f78ea5e31b298d73b6db955ccb636acb60a361f2d98e9fb45504328ae855eb1d367f9afe8244a5f1c5a8c9e7161356deb94ba4347ceaea352608074f628ee63e8fb961e1bdd71fc640794655f469e3599034213fe128994a00c280e6f2b4c3d261cf93a525422d89984d4db49c0f08a26b3aa98d70c47d2e8f25d1acd42d650e279ed1a3b3e835a70652fde7ca787ece7f7c420196948a9b5aeec7fc877d0812b9f4dc53b661e320eb4a3b81392b6b94f4d0af590acbbcc4c671a8f4a84ba2ead7a24e825d1b9dea719116c3dd6421b7225b39925794deeff23830cbabf4f16b84872ff534b878f0be852bc6230acb7272071655b196b4aea026b4ac5fc60880c16decd723fa0fa7816689d5b99c6fa847dc0c6444e1fc69d5f5f6c046909449ef81721817ff91ce770e9f8d713265b9acd9b07fccd97847b95ba31197041cf7deba350cc2bda36a31cf013cf1f21a4f391ee64e6024c5e8621b238be5ab1d2c792476189786d102394a7fd436babe7f2d253c4bf58feb0442a8896663ccfce790f298b0eed314a3da75a83c7554ea53f482cf56cf090fb546c8c81205353cbb5288edf4484a19a0cff1ee133d685224efd4f4d8031e7ac6cde9060661e6032e1a068f54ceb42ca53714f5fd7e6a84fb44cec6df925119d1b222b1ffb89309f9e24b916ff439e7f6f3c4abb8b93736d3550eb4428f34ca2cca40d6bdab3cc092e5266693ce71691f7c25a12b1a8d01fd385334622b456ddfb231aeb8525c47fffed8c7da0514c181f6cbe8ffc090a4447d7a03aa9c673b17476418b7c30cf14622ac8c1d5ae927dfe70336c541ec9190b30e8577233ddcb78d8a64ffe98d1912dedf010177ed987bc4f778efef50777ed0db164fa6373a26076bd5672a22d7f4ffc824bf909a81b1ac0c8fa079b9abb6333526149bd8083aabe2c40bca5c927a0c56638d2eefd04f2e8d1dbc7ce88fccf074c8ce1de1951a634fd8e1c7003ab3f38379191b31a713141a9ea31669886e68c39300194be3bcca08c1c92ae479ab9a167279c7c8f82024af0a7c7836618875254c28037ed541e4bac13236c149f0c831626ba37255b57705c210e917d0b4629580705e8a36309124194976bd77d9a087d5927dc82fde70c9f48c1d74146a5b376a1e6fe304b3b9269793f3b2fb29ccac6f38631458fa9d722b3bc18f7f644e38023eb40e98c8059bb0968c4a6d52fea0e5a87132e45e1e175f1d9b593560eeea4346e373566d70bab8be7f839967ff43f32e4f3806b134a6f947998fdb84cdaf48f09809e13b0c501d27a496b189706842e8d13f423a0aad1fb6fde5abcb98f3a4c3b1f3d8336a521903689a1509f1668c6054eee4ce64e2230f9b857f67d930cf6fa90635eabb9e81026f12511960017482d32defbe327245361d15376e2d696c4283d77d3fe8ecc20fb1b4f2b411631a95731c1fa433d3cdfe9a88e539c4bc0a65891e39229f7d0b23f6ec45ebbaf1e94e258b2f6e44862198b4fab9bba8666668e3979ae10022c8ac1f266df7b5eda65e5857daf77765df50cb2986503781effe6d2d40223b7330d6788121658bb4ccd0b01d2e14eea7c7ca238d47a5a6320210eede12978fcdd0b27ae2593339b5c5495aa4f54d3959b9794e24c716e102ed8f968a504d164d5dbd538bd6fe3159cca2d9c0e8c93f43165f1435266597f6df6526aef6d0c46ead094317f789ab9af51bb14a6f9c2be3410853e018e6e507b532978f14eb3a3a494d31727a7f30fdef5f092bb8e2f64b3efabc1bc8844e86150f5adb689ba0f77d1093b09044c490f69b315426abcc06a93ef84181e228d9313776083682f40bb495fed53bd9bd3ed5259630324d3d3e20218c7e5aaeae4ef202990847f97706504c7c2da653d11ae02e30dcb7bf910b9e40e381aee31d0215aadd2e98bfb13998151214194e819aec9371c2e3b827fd8419ed493683fa0b242a5ae64dbf3808f03e889b67e82c7cc57fd91dbc83608459ed268e4cb46ba3d4352c5f57af73d1edac2b4a4d94c3513a50a4ee85edbf41881f4cd3ef2536339880b17188ed65efd9a2a9818824057d9e51980a0d15e8248c48627978e574eee1d88e08b8e056e3a1c18bed471729d836056b9d4049923381e3dd0df7472e78ee8868eb66c5321472e2916da439ed906fe74e9d167249bfad7bf53e7c29376954a88e0a8791fee50a12d90e4a7249b43986255ad79b64181b501a7e3d150a8cad7f2ccc1aedebbf409034de97bbaf22d0c53089c67a6cbd3d6d62b39cd3bc3e5d6305ae1c9fac531a50f5d535bf46379789c7fcd2cc927f37339df84ede0a8bff75b1aae5823533217a053334f175e45949b6895592465aa0a53841570f4e93e5a91674ffbda629307914948602a211012d8c0656cf145321b8d6b29b8515b250a77de510c061f01800a16d387bd90203489ee08676942cbafd2ff1262f57088e8d2faaa29de2b8d6062bbcadb19b39383b7d8355f239105df0e5530428191668cc8fbbea5696f0f0d56eb40b28a1fb1ac84851b4a60848738718b7d33c2fccf69596456edae1f6c8f193edc827c32c8405f3fea6b2743fee5df3f1f42f7affe7d0163a4611d6ae664cc295fd6d12faecb7aae4ae11382ab9fcabfd62e642c5312aa198256671eacdd01ef2f76064b3d98fb72b5ae8a65692139276b85e99786e0d91fe7fc7d847143608d9d20b1de0b196a6e3f823c15655aef960e1e23f67e7f352fe83cd9896a71cd3df95282a2fc11585cd3391c8456a13fbc277a304b7bcdf5b25c50808ad6834cdf0001d1f0245c16a609d38bee50a064ad8f03286fe2d5e2feba0bf7e856a439897d953ab1d8868aaec2e02213ca6fd9578701854706f649bd432c9c326bd893b33e7c77954660cba14a9aa981f0f3ca85ed9425c397bcc3ad03e1a96e1eb1d08a1dcd9b9ce1d8ea0a35b56fe6e3e2b6a0cd33c16a504130eabdefd961600794b3a091d08b004526d5683d84457914459badd2be5018254a211aae025ab0c4b6a4f374f76b1ac80c8b70b6e261e66c20f9a1b2fcab85c68993fbd58ceb0686b21dde90113d2ff94686899e4dff3972fb446eedc97ca60de62c0d1e4e202e6898c901b91040f2d177d1878ef8ad6040ad06fb252678792c7c4a26de0e4e3965fe93082beda9b4183dc2ef158883fe0062c1bcf0aa91f77f76c50e3d26bdf600f397ec96617e048e4e7847ee61a1f2aa385efa628e790c69edcaaaad42c51b5ba921c7a132a569efb6bf2a3471ce5df933bd6b9fd7acafce3f1cad50b9ab120b0aae0d9b3455f8219acc047d34650df1b0e2fd034e1485c4d3943403d0fd5756ae718be6e764ee08297639e180ef307e6cc4f632334717c940e58ad1ac8352d00f865e27f2700c9caa657b8b229993224033e8b671c6c4742c63692ed64ee10fab0d7c2df5b4ebe4f6740f13198bc0e5c5d160d6300faa315ceae7a709245405ac4b1b301d684820bc310d1090e9cff9287ef775d56363aceb0a27feada58a622fcc8d0170541174af31e8a143677f728d6a18f1c3649a9d2815bf6caa09c75e9e0fe26eceb5ab51ddb6573a428c08d59701b6009cdfed39ae26b52177cc13bfe821a18d057a8a64c6c103b73199665b07d0abf7ecae636fa2131fbacf48519ac843cf3d8ffc08b66438f0293f1a5b76a889b1360b273bdb1054c7fc659b19378b2e8827b5269b0063967466179b6d20ae2583013dfe5b37c56ca2d613fcb7d4219b417dd779a7d36a9b8024639d872d55fd2a73eb9a2cc039be5714e9414b63bc6e01745363afbe8e6228d915ba3197b068314d8846062ccfb453e87489936599666331513054d116c5287bfc724899a14a2dd980258d9251d6df1f7b51be769e1be3eed0f02b70386bc11a508401bb6bc18f79ad062aab18ab07759c49fe31905bfa3a2ef36dd113b1b40d5be37cc2a2fcfdbbeb64b3817deac4a55a60f4a19ea8bad6519fb1650b35b5adced80cc0c6d356c8058ea706beedaf02057aff54fe100c89a1a0b691229138983ebd58c46c753469cf776b7f8b626626e7251b4f1e852012a40fb57a536833299e58455186758116a0c18088db1e33c72b32f7164275c6b5a6a7de11e6efa124a471e5fb919d2b191a7737e6f017ec39df759881cb53986ed9e3bbc78c3e3b8b89e732fc56a9615f98e9288342b265f9d66d00e0193c4f18b2765e2fa30995e4c7b4f7f03a8f98967868f995c691a6c50f4f52582fff7210499cc237f7cd51f1a90e840eaa86d255b5a57457e3a18a97694193bcb8e7ef753e98eb111f17be10f16d3fb402f1222a49d924bacc0b58bd31afe9290dbe3d0b1423856fc28b0b659f2a5a1d10861e9039c54cac7f33345353494a2c8d53d4d72c26f35638979ee27984ed8ccf0701dffe3c3deea6e1fdd2a2061bf6c45ee3f32f7ad94935d2acb8a2fffaa250d495bcf2914963a10889bae5b2182d83380296813b365759eec57560819e0ef6fe6db3641a078024f69a607cf61cae3f50cabb05233dac2ff0311b442afc411b7c99938605cecc2c443a9126a32ebe1aded1267623f99c19c7188d95339dbf05ac4d7d170dae139c45dfb9d18f99299b8c0d6010204c642146c60a62866ca8455a735daa765cfbe64ee23b42f462306cabfb35b96553f2ba0c7a90419ae94414ea2577cb34b5bac5730032aa84d2c92a7632836a9eba4b8ff487553f8a498a732b97bd30a1b5d736919a86c74d90f8390474ef9065457508304d84e764f4a5fe1ccd81dd46c21bf1300d3b3c67b67de8b94130c35c1d51a05aef49b62ec8bee3b21adf67d30c5733fa880719a791994b0baae75ca3f6449956b65882f272eef0e9f018253831e544f8f0dae05fe68c1ef3780f542aab2a115d9ed92dc5ca892363ca9a327092b91e861728305f7a0ac63b9f3da33b8012246f7dc8f96c04b533abe571f806bcc4aa5d8e33c09c49e024dc51f424f52f95033d6a742bb77b2ab6c69527e758074c7c0d8095700b18380bddb94d41563dd93a11da7c2285f0c8d9cdfb841ee1e8a6a52006410d427af2706402d7ee195458b46b67c7f792850d58b31cbafc643470dd26c9869481d27989e54bd14a02d9bda4889343854b4c4b7f1b6a3a9504cd392692c7a6d67b11ad9ddd91fc1ac867e123bf50fe986c2bc97f0ae38b09f816e96d091820f9af47d67d10cd3ef2ed42ced24f60172173b4b22f59abd4bc99406577cdba09a1dd1f0032d5c12c3f288e6a8cd3eb6a5fcdeca59320d3764b9219521", 0xec8}], 0x6}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000"], 0x1c}}, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"}) ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000d40)={0x1d4, r5, 0x405, 0x70bd27, 0x25dfdbfb, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r6}, {0x16c, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xec54}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x4000401}, 0x46084) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0) 1.267739117s ago: executing program 0 (id=3488): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x4, 0x0, 0x1) 1.061447859s ago: executing program 3 (id=3489): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x0) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xfe3b) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xa}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x2}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040001}, 0x4000004) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@delchain={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xfff1}, {0xe}}}, 0x24}}, 0x0) 1.02831562s ago: executing program 2 (id=3490): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[0x0], 0x1}) r2 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f0000000000)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000500)={r1, 0x0, r4, 0x4, 0x7fff, 0x2, 0x0, 0x101, 0x6, 0x7fffffff, 0x4, 0x2}) 859.375732ms ago: executing program 0 (id=3491): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x53, 0x101, 0x870, {0x10, 0x1}, {0x46, 0x2}, @rumble={0x7ffd, 0xd1}}) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 859.181523ms ago: executing program 2 (id=3492): prlimit64(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x7fffffff, 0x6, 0x9}}}}]}, 0x44}}, 0x44080) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000) 857.48571ms ago: executing program 3 (id=3493): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private2, @in=@multicast2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x8, 0x0, 0x7fffffffffffffff, 0x0, 0xffffffff}, {0x0, 0x0, 0x1}}, {{@in=@broadcast}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x3507, 0x0, 0x0, 0x0, 0xfffffffe, 0x4000000}}, 0xe8) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f00000001c0)={"0300", 0x0, 0x6, 0x3, 0x6, 0x0, "01cff78ea77000ebff00", "000200", '\x00\x00(\x00', "798a202d", ["c2fffedbff00ffdfffffffff", "1f0008000000000000042371", "070500110800c1024b00", "38a70ed483d94574c99b9f16"]}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x3, 0x4006, 0x5, 0x0, [{0x80, 0x9, 0x0, '\x00', 0xd7}, {0x0, 0xff, 0x0, '\x00', 0x2}, {0x4, 0x2, 0x8, '\x00', 0x7}, {0xf4, 0x2, 0xa2, '\x00', 0x5}, {0xd, 0x8, 0x5, '\x00', 0xd}, {0x4, 0x0, 0x20, '\x00', 0x4}, {0x3, 0x65, 0x10, '\x00', 0x4}, {0x5, 0xe8, 0x9, '\x00', 0xfd}, {0x7, 0xd, 0x8, '\x00', 0xb9}, {0xb0, 0x8, 0x6b, '\x00', 0xa}, {0x8, 0x59, 0x5, '\x00', 0x8}, {0x5, 0x4, 0xb, '\x00', 0x2}, {0x81, 0x0, 0x1, '\x00', 0xe8}, {0x4, 0xb, 0x1, '\x00', 0x8}, {0x8, 0xf0, 0x40, '\x00', 0xd}, {0x8, 0x8, 0xf7, '\x00', 0x8}, {0xbb, 0xd, 0x9, '\x00', 0x4}, {0x6, 0x5, 0x81, '\x00', 0x1}, {0x6, 0x3, 0x4, '\x00', 0x8}, {0x4, 0x7, 0x5, '\x00', 0x71}, {0x50, 0x3, 0x4, '\x00', 0x9}, {0x51, 0x0, 0x1, '\x00', 0x6}, {0xc0, 0x6, 0x9}, {0x1, 0x4, 0x2, '\x00', 0xd5}]}}) 706.676551ms ago: executing program 2 (id=3494): socket$inet6(0xa, 0x3, 0x84) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) close(r0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mq_open(0x0, 0x42, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'netpci0\x00'}) connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, 0x0, 0x0) sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/12, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x0) socket(0x1e, 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000}) close_range(r7, 0xffffffffffffffff, 0x0) 647.992639ms ago: executing program 0 (id=3495): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYRES8=r0], 0xfc}, 0x1, 0x0, 0x0, 0x41}, 0x4) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000040)={0x6c2e8d59, 0x2}) r1 = socket$rds(0x15, 0x5, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000004c0)={0x0, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e24, @private=0xa010101}, {0x2, 0x4e24, @broadcast}, 0x8, 0x0, 0x0, 0x0, 0x8001, &(0x7f0000000300)='veth1_to_hsr\x00', 0x8001, 0xc9b, 0x71}) sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@cswp={0x58, 0x114, 0x7, {{0x14, 0x3}, &(0x7f0000000380)=0x4, &(0x7f0000000480)=0x28000000000, 0x4, 0x8, 0x9, 0x8, 0x4, 0x8000000000000000}}], 0x58, 0x4000054}, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "bc5ec28f", "b200"}, 0x38) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x4, &(0x7f0000000100)=@gcm_256={{}, "2474794233890da1", "d830005894bf527ae179a7173985202bbfb61b36f3678de8ea2d0d6616076243", "5615d9f5", "7c5cec21291a43fe"}, 0x38) 507.752582ms ago: executing program 3 (id=3496): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4) bind$ax25(r0, &(0x7f0000000080)={{0x3, @default, 0x8}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null]}, 0x48) 440.593176ms ago: executing program 2 (id=3497): r0 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/access\x00', 0x2, 0x0) pwritev(r0, &(0x7f0000000140)=[{0x0}], 0x1, 0x3ff, 0x0) 317.916892ms ago: executing program 3 (id=3498): openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000200)={0x2000000b}) 232.034479ms ago: executing program 2 (id=3499): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0xa2465) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000080)) 219.082404ms ago: executing program 4 (id=3500): socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'ip_vti0\x00', 0x0}) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0443050c"], 0x7) r0 = open(0x0, 0x0, 0x140) fcntl$setlease(r0, 0x400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 138.589399ms ago: executing program 2 (id=3501): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x4}, 0x18) r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {&(0x7f0000001140)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000020000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r3, 0x1, &(0x7f0000000300)={{0x77359400}, {0x0, 0x989680}}, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}}}, 0x48) 138.331096ms ago: executing program 3 (id=3502): ioctl$FITHAW(0xffffffffffffffff, 0xc0045878) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012"], 0x50}}, 0x0) r1 = semget$private(0x0, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008038, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c93012000e00050015020a00040009000200dd000300284c9a45b6fb3a4a2c63f19e3822d7304479a54501e1d66949e4a23b825eef415dab1917318a8c46085d70823891aab36497eb0392adceafa9ab5e6b72fc9bd61005f02446073c5fe8bdaab64aee083a7e6266ae287bbc330c5606209bba624a3fa00f8366f36a759e2aa55ce848ecdec069b0b8ce567d3c0c920bbdf383b7751c09d5d2b7405ededbb4888a6b013265c900cb51481a4c713b323659483de809d3fa96c1d54711aeab"], 0x17) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB='\x00'/28], 0x48) migrate_pages(0x0, 0x3, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa) semtimedop(r1, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='ocfs2\x00', 0x0, 0x0) 0s ago: executing program 4 (id=3503): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x7, 0x13, r2, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) kernel console output (not intermixed with test programs): 9.747360][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 210.685379][ T9169] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 210.685379][ T9169] The task syz.2.1235 (9169) triggered the difference, watch for misbehavior. [ 210.775241][ T9171] bridge0: entered promiscuous mode [ 210.787826][ T9171] macvlan2: entered promiscuous mode [ 210.794887][ T9171] bridge0: port 3(macvlan2) entered blocking state [ 210.801726][ T9171] bridge0: port 3(macvlan2) entered disabled state [ 210.808709][ T9171] macvlan2: entered allmulticast mode [ 210.814132][ T9171] bridge0: entered allmulticast mode [ 210.824020][ T9173] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 210.901425][ T9171] macvlan2: left allmulticast mode [ 210.906883][ T9171] bridge0: left allmulticast mode [ 210.913833][ T9171] bridge0: left promiscuous mode [ 211.162742][ T9179] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1242'. [ 211.290561][ T9181] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1243'. [ 211.829883][ T5838] Bluetooth: hci0: command 0x0406 tx timeout [ 211.836193][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 211.836218][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 211.842237][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 211.848491][ T5835] Bluetooth: hci4: command 0x0406 tx timeout [ 212.105637][ T9210] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1255'. [ 212.125215][ T30] kauditd_printk_skb: 44 callbacks suppressed [ 212.125237][ T30] audit: type=1326 audit(1744564226.878:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.237763][ T9215] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1254'. [ 212.241789][ T30] audit: type=1326 audit(1744564226.878:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.359446][ T30] audit: type=1326 audit(1744564226.878:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.477822][ T30] audit: type=1326 audit(1744564226.878:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.538096][ T30] audit: type=1326 audit(1744564226.878:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.589718][ T30] audit: type=1326 audit(1744564227.248:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.658602][ T30] audit: type=1326 audit(1744564227.248:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9207 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 212.844805][ T8989] Set syz1 is full, maxelem 65536 reached [ 213.443690][ T5885] kernel write not supported for file bpf-prog (pid: 5885 comm: kworker/0:6) [ 213.815467][ T9270] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1282'. [ 214.208584][ T30] audit: type=1326 audit(1744564228.968:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9277 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 214.295952][ T30] audit: type=1326 audit(1744564228.968:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9277 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 214.416082][ T30] audit: type=1326 audit(1744564228.988:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9277 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 214.499384][ T9280] syzkaller0: entered promiscuous mode [ 214.517669][ T9280] syzkaller0: entered allmulticast mode [ 216.253628][ T9289] netlink: 'syz.3.1290': attribute type 6 has an invalid length. [ 217.960085][ T9259] Set syz1 is full, maxelem 65536 reached [ 218.495423][ T9306] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1298'. [ 218.811647][ T9316] macvlan2: entered promiscuous mode [ 218.823828][ T9316] bridge0: entered promiscuous mode [ 218.830623][ T9316] bridge0: port 3(macvlan2) entered blocking state [ 218.843528][ T9316] bridge0: port 3(macvlan2) entered disabled state [ 218.850789][ T9316] macvlan2: entered allmulticast mode [ 218.861558][ T9316] macvlan2: left allmulticast mode [ 218.876104][ T9316] bridge0: left promiscuous mode [ 219.474172][ T9338] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1312'. [ 220.155381][ T9363] ip6_vti0: entered allmulticast mode [ 220.202177][ T9363] ip6_vti0: left allmulticast mode [ 220.259324][ T9363] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1322'. [ 223.595178][ T9389] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.888511][ T9389] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.952860][ T9389] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.001312][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 224.001329][ T30] audit: type=1326 audit(1744564238.758:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 224.036699][ T30] audit: type=1326 audit(1744564238.788:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 224.062797][ T30] audit: type=1326 audit(1744564238.788:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 224.071178][ T9389] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.108589][ T30] audit: type=1326 audit(1744564238.788:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 224.163924][ T30] audit: type=1326 audit(1744564238.788:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 224.303258][ T9410] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1338'. [ 224.600748][ T9419] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1343'. [ 224.885590][ T30] audit: type=1326 audit(1744564239.638:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 225.062575][ T30] audit: type=1326 audit(1744564239.638:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9398 comm="syz.1.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 225.507790][ T9442] netlink: 'syz.2.1353': attribute type 7 has an invalid length. [ 225.523668][ T9443] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1354'. [ 225.526142][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1353'. [ 226.550852][ T30] audit: type=1326 audit(1744564241.308:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9476 comm="syz.2.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 226.600696][ T30] audit: type=1326 audit(1744564241.308:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9476 comm="syz.2.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 226.639057][ T30] audit: type=1326 audit(1744564241.328:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9476 comm="syz.2.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 226.920651][ T9491] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1375'. [ 227.042255][ T9498] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1377'. [ 227.741976][ T9527] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1392'. [ 227.828116][ T9530] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1393'. [ 228.185452][ T9546] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 228.209897][ T9546] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 228.413692][ T9556] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1406'. [ 228.463638][ T9555] netlink: 'syz.0.1405': attribute type 10 has an invalid length. [ 228.480266][ T9555] team0: Device hsr_slave_0 failed to register rx_handler [ 229.268047][ T9589] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1420'. [ 229.565267][ T9602] netlink: 'syz.0.1425': attribute type 13 has an invalid length. [ 229.803162][ T9602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.862483][ T9602] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.903426][ T9602] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 230.229865][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.442637][ T9625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1434'. [ 232.084033][ T9670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1455'. [ 232.214416][ T9675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1457'. [ 232.235967][ T9675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1457'. [ 233.065136][ T9695] sd 0:0:1:0: device reset [ 233.542054][ T9711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1469'. [ 233.616718][ T9713] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1472'. [ 237.498742][ T9801] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1514'. [ 237.536096][ T9801] tipc: Started in network mode [ 237.559330][ T9801] tipc: Node identity 1, cluster identity 4711 [ 237.575957][ T9801] tipc: Node number set to 1 [ 237.649059][ T9565] Set syz1 is full, maxelem 65536 reached [ 237.898717][ T9812] usb usb8: usbfs: process 9812 (syz.4.1518) did not claim interface 0 before use [ 239.086230][ T9857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1536'. [ 239.278412][ T9860] netlink: 'syz.0.1538': attribute type 1 has an invalid length. [ 239.310040][ T9865] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1540'. [ 239.487560][ T9860] 8021q: adding VLAN 0 to HW filter on device bond4 [ 239.508499][ T9868] sctp: [Deprecated]: syz.2.1541 (pid 9868) Use of int in maxseg socket option. [ 239.508499][ T9868] Use struct sctp_assoc_value instead [ 242.319539][ T9957] tun0: tun_chr_ioctl cmd 1074025675 [ 242.324903][ T9957] tun0: persist enabled [ 242.594928][ T9964] hub 9-0:1.0: USB hub found [ 242.602518][ T9964] hub 9-0:1.0: 1 port detected [ 243.310986][ T9969] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1582'. [ 243.474773][ T9976] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1586'. [ 244.150741][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 244.150760][ T30] audit: type=1326 audit(1744564258.888:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.260328][ T30] audit: type=1326 audit(1744564258.888:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.366161][ T30] audit: type=1326 audit(1744564258.888:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.405676][ T30] audit: type=1326 audit(1744564258.888:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.454114][ T30] audit: type=1326 audit(1744564258.898:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.514627][T10000] netlink: 'syz.0.1597': attribute type 1 has an invalid length. [ 244.551012][ T30] audit: type=1326 audit(1744564258.898:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.584041][T10000] 8021q: adding VLAN 0 to HW filter on device bond5 [ 244.611825][ T30] audit: type=1326 audit(1744564258.898:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.634089][ T30] audit: type=1326 audit(1744564258.898:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.657307][ T30] audit: type=1326 audit(1744564258.898:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 244.680651][ T30] audit: type=1326 audit(1744564258.898:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9989 comm="syz.0.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 246.253507][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1603'. [ 246.813238][T10034] IPv6: NLM_F_CREATE should be specified when creating new route [ 247.548753][ T9804] Set syz1 is full, maxelem 65536 reached [ 247.997713][T10077] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 248.068922][T10082] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1629'. [ 248.336614][T10093] $Hÿ: renamed from bond0 (while UP) [ 248.379741][T10093] $Hÿ: entered promiscuous mode [ 248.384852][T10093] bond_slave_0: entered promiscuous mode [ 248.415596][T10093] bond_slave_1: entered promiscuous mode [ 248.971136][T10126] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1650'. [ 249.525525][T10147] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1659'. [ 249.613002][T10154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1661'. [ 249.742461][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 249.742484][ T30] audit: type=1326 audit(1744564264.488:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 249.804496][ T30] audit: type=1326 audit(1744564264.498:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 249.839140][ T30] audit: type=1326 audit(1744564264.508:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 249.913406][T10160] usb usb8: usbfs: process 10160 (syz.0.1663) did not claim interface 0 before use [ 249.956072][ T30] audit: type=1326 audit(1744564264.508:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 249.985750][ T30] audit: type=1326 audit(1744564264.508:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.135305][ T30] audit: type=1326 audit(1744564264.508:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.376061][ T30] audit: type=1326 audit(1744564264.518:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.399322][ T30] audit: type=1326 audit(1744564264.558:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.422736][ T30] audit: type=1326 audit(1744564264.558:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.448117][ T30] audit: type=1326 audit(1744564264.598:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10158 comm="syz.2.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 250.707179][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 251.450307][T10188] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1675'. [ 252.120596][T10206] netlink: '+}[@': attribute type 10 has an invalid length. [ 252.236951][T10207] hub 9-0:1.0: USB hub found [ 252.243751][T10207] hub 9-0:1.0: 1 port detected [ 252.798673][T10206] batman_adv: batadv0: Adding interface: team0 [ 252.835583][T10206] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.940155][T10206] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 253.221962][T10218] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1682'. [ 253.586427][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1687'. [ 253.706392][T10234] usb usb8: usbfs: process 10234 (syz.2.1688) did not claim interface 0 before use [ 255.922811][T10298] usb usb8: usbfs: process 10298 (syz.0.1714) did not claim interface 0 before use [ 257.927455][T10345] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1733'. [ 258.519227][T10366] usb usb8: usbfs: process 10366 (syz.3.1742) did not claim interface 0 before use [ 258.993082][T10381] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1749'. [ 259.306941][T10395] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1757'. [ 259.324992][T10394] usb usb8: usbfs: process 10394 (syz.4.1756) did not claim interface 0 before use [ 259.910935][T10424] usb usb8: usbfs: process 10424 (syz.4.1765) did not claim interface 0 before use [ 260.198449][T10436] usb usb8: usbfs: process 10436 (syz.4.1771) did not claim interface 0 before use [ 260.463029][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 260.463049][ T30] audit: type=1326 audit(1744564275.218:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.463254][T10449] netlink: 268 bytes leftover after parsing attributes in process `kfree'. [ 260.491277][ T30] audit: type=1326 audit(1744564275.218:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.491339][ T30] audit: type=1326 audit(1744564275.218:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.491387][ T30] audit: type=1326 audit(1744564275.218:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.491436][ T30] audit: type=1326 audit(1744564275.218:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.491486][ T30] audit: type=1326 audit(1744564275.218:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.635113][T10451] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1777'. [ 260.646027][T10449] unsupported nla_type 65024 [ 260.653353][ T30] audit: type=1326 audit(1744564275.408:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.689585][T10453] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.702342][ T30] audit: type=1326 audit(1744564275.408:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="kfree" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 260.960892][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.978864][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.956548][T10496] netlink: 'syz.2.1796': attribute type 1 has an invalid length. [ 262.162674][T10496] 8021q: adding VLAN 0 to HW filter on device bond2 [ 262.268541][T10501] bond2: (slave veth9): Enslaving as an active interface with a down link [ 262.883266][T10539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1814'. [ 262.884857][T10540] usb usb8: usbfs: process 10540 (syz.4.1812) did not claim interface 0 before use [ 263.054753][T10543] netlink: 'syz.1.1815': attribute type 1 has an invalid length. [ 263.107678][T10543] 8021q: adding VLAN 0 to HW filter on device bond1 [ 263.254728][T10551] bond1: (slave veth3): Enslaving as an active interface with a down link [ 263.624505][T10577] usb usb8: usbfs: process 10577 (syz.1.1828) did not claim interface 0 before use [ 263.707685][T10583] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1831'. [ 263.921363][T10591] netlink: 'syz.1.1835': attribute type 1 has an invalid length. [ 263.953813][T10591] 8021q: adding VLAN 0 to HW filter on device bond2 [ 263.993753][T10591] bond2: (slave veth5): Enslaving as an active interface with a down link [ 264.114771][T10599] bridge0: entered promiscuous mode [ 264.120490][T10599] macvlan2: entered promiscuous mode [ 264.129125][T10599] bridge0: port 3(macvlan2) entered blocking state [ 264.140195][T10599] bridge0: port 3(macvlan2) entered disabled state [ 264.147695][T10599] macvlan2: entered allmulticast mode [ 264.153292][T10599] bridge0: entered allmulticast mode [ 264.166378][T10599] macvlan2: left allmulticast mode [ 264.171574][T10599] bridge0: left allmulticast mode [ 264.182482][T10599] bridge0: left promiscuous mode [ 264.437499][T10609] usb usb8: usbfs: process 10609 (syz.0.1842) did not claim interface 0 before use [ 264.562591][T10620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1843'. [ 264.604673][T10622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1845'. [ 264.741708][T10626] netlink: 'syz.0.1847': attribute type 1 has an invalid length. [ 264.851864][T10626] 8021q: adding VLAN 0 to HW filter on device bond6 [ 264.935008][ T30] audit: type=1326 audit(1744564279.688:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10637 comm="syz.2.1852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 265.014609][ T30] audit: type=1326 audit(1744564279.688:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10637 comm="syz.2.1852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x7ffc0000 [ 265.051540][T10629] bond6: (slave veth7): Enslaving as an active interface with a down link [ 265.566022][T10663] netlink: 160 bytes leftover after parsing attributes in process `GPL'. [ 265.599151][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1863'. [ 265.781816][T10675] usb usb8: usbfs: process 10675 (syz.3.1866) did not claim interface 0 before use [ 266.892706][T10724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.379074][T10744] bridge0: entered promiscuous mode [ 267.408217][T10744] macvlan2: entered promiscuous mode [ 267.446781][T10744] bridge0: port 1(macvlan2) entered blocking state [ 267.453471][T10744] bridge0: port 1(macvlan2) entered disabled state [ 267.466742][T10744] macvlan2: entered allmulticast mode [ 267.472502][T10744] bridge0: entered allmulticast mode [ 267.493013][T10744] macvlan2: left allmulticast mode [ 267.508209][T10744] bridge0: left allmulticast mode [ 267.519383][T10744] bridge0: left promiscuous mode [ 267.536365][T10748] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1896'. [ 268.092487][T10773] netlink: 'syz.4.1908': attribute type 1 has an invalid length. [ 268.139809][T10773] 8021q: adding VLAN 0 to HW filter on device bond2 [ 268.183714][T10777] bond2: (slave veth5): Enslaving as an active interface with a down link [ 268.350921][T10781] bridge0: entered promiscuous mode [ 268.384027][T10781] macvlan2: entered promiscuous mode [ 268.404218][T10781] bridge0: port 1(macvlan2) entered blocking state [ 268.433279][T10781] bridge0: port 1(macvlan2) entered disabled state [ 268.465267][T10781] macvlan2: entered allmulticast mode [ 268.476258][T10781] bridge0: entered allmulticast mode [ 268.504194][T10785] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1913'. [ 268.524855][T10785] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1913'. [ 268.566869][T10781] macvlan2: left allmulticast mode [ 268.572633][T10781] bridge0: left allmulticast mode [ 268.633236][T10781] bridge0: left promiscuous mode [ 269.286990][T10807] netlink: 'syz.4.1923': attribute type 1 has an invalid length. [ 269.340338][T10807] 8021q: adding VLAN 0 to HW filter on device bond3 [ 269.483988][T10812] bond3: (slave veth7): Enslaving as an active interface with a down link [ 270.570198][T10854] netlink: 'syz.3.1940': attribute type 1 has an invalid length. [ 270.774323][T10854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 270.965614][T10859] bond0: (slave veth7): Enslaving as an active interface with a down link [ 271.002909][T10862] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1943'. [ 271.339164][T10876] bridge0: entered promiscuous mode [ 271.344537][T10876] macvlan2: entered promiscuous mode [ 271.379112][T10876] bridge0: port 3(macvlan2) entered blocking state [ 271.401367][T10876] bridge0: port 3(macvlan2) entered disabled state [ 271.416231][T10876] macvlan2: entered allmulticast mode [ 271.438301][T10876] bridge0: entered allmulticast mode [ 271.491203][T10876] macvlan2: left allmulticast mode [ 271.513465][T10876] bridge0: left allmulticast mode [ 271.524947][T10876] bridge0: left promiscuous mode [ 271.724884][T10888] usb usb8: usbfs: process 10888 (syz.2.1956) did not claim interface 0 before use [ 271.904253][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 271.904275][ T30] audit: type=1326 audit(1744564286.658:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 271.985156][ T30] audit: type=1326 audit(1744564286.658:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 272.050115][ T30] audit: type=1326 audit(1744564286.718:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 272.142965][ T30] audit: type=1326 audit(1744564286.718:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 272.198464][ T30] audit: type=1326 audit(1744564286.718:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff7a9d84127 code=0x7ffc0000 [ 272.287002][ T30] audit: type=1326 audit(1744564286.718:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff7a9d29359 code=0x7ffc0000 [ 272.357070][ T30] audit: type=1326 audit(1744564286.718:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 272.459722][ T30] audit: type=1326 audit(1744564286.718:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 272.549960][ T30] audit: type=1326 audit(1744564286.728:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff7a9d84127 code=0x7ffc0000 [ 272.635958][ T30] audit: type=1326 audit(1744564286.728:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10894 comm="syz.4.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff7a9d29359 code=0x7ffc0000 [ 272.868516][T10926] usb usb8: usbfs: process 10926 (syz.3.1970) did not claim interface 0 before use [ 272.868702][T10924] bridge0: entered promiscuous mode [ 272.922511][T10924] macvlan2: entered promiscuous mode [ 272.949339][T10924] bridge0: port 1(macvlan2) entered blocking state [ 272.973911][T10924] bridge0: port 1(macvlan2) entered disabled state [ 272.990791][T10924] macvlan2: entered allmulticast mode [ 273.006753][T10924] bridge0: entered allmulticast mode [ 273.047779][T10924] macvlan2: left allmulticast mode [ 273.054273][T10924] bridge0: left allmulticast mode [ 273.120723][T10924] bridge0: left promiscuous mode [ 273.139376][T10936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1974'. [ 273.292497][T10942] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1978'. [ 273.614255][T10958] usb usb8: usbfs: process 10958 (syz.2.1984) did not claim interface 0 before use [ 273.896215][T10967] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1990'. [ 277.454661][T11105] ip6_vti0: entered allmulticast mode [ 280.430866][T11214] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2093'. [ 280.440610][T11214] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2093'. [ 284.617579][T11318] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2141'. [ 284.626933][T11318] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2141'. [ 285.443287][T11329] ALSA: seq fatal error: cannot create timer (-22) [ 285.607970][ T30] kauditd_printk_skb: 60 callbacks suppressed [ 285.607991][ T30] audit: type=1326 audit(1744564300.368:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.685626][ T30] audit: type=1326 audit(1744564300.368:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.742526][ T30] audit: type=1326 audit(1744564300.398:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.770523][ T30] audit: type=1326 audit(1744564300.398:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.875317][ T30] audit: type=1326 audit(1744564300.398:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.900907][ T30] audit: type=1326 audit(1744564300.398:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.931467][ T30] audit: type=1326 audit(1744564300.398:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 285.964165][ T30] audit: type=1326 audit(1744564300.398:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11324 comm="syz.4.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 286.078913][T11354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.224633][T11380] bridge0: entered promiscuous mode [ 287.247668][T11380] macvlan2: entered promiscuous mode [ 287.329797][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2169'. [ 287.954114][T11406] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 288.280250][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2184'. [ 291.790612][T11508] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2213'. [ 292.721139][T11522] Set syz1 is full, maxelem 65536 reached [ 293.338196][T11565] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2239'. [ 293.536381][T11572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2243'. [ 293.706800][T11579] smc: net device bond0 applied user defined pnetid SYZ0 [ 293.722234][T11579] smc: net device bond0 erased user defined pnetid SYZ0 [ 294.082437][T11598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2253'. [ 294.174761][T11601] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in; [ 294.174761][T11601] program syz.1.2255 not setting count and/or reply_len properly [ 294.297243][T11608] netlink: 788 bytes leftover after parsing attributes in process `syz.0.2258'. [ 294.450177][ T30] audit: type=1326 audit(1744564309.208:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa508384127 code=0x7ffc0000 [ 294.478777][T11615] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2262'. [ 294.518453][ T30] audit: type=1326 audit(1744564309.208:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa508329359 code=0x7ffc0000 [ 294.944922][ T30] audit: type=1326 audit(1744564309.208:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa508384127 code=0x7ffc0000 [ 295.057159][ T30] audit: type=1326 audit(1744564309.208:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa508329359 code=0x7ffc0000 [ 295.105031][ T30] audit: type=1326 audit(1744564309.208:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa508384127 code=0x7ffc0000 [ 295.167681][ T30] audit: type=1326 audit(1744564309.208:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa508329359 code=0x7ffc0000 [ 295.250337][ T30] audit: type=1326 audit(1744564309.208:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa508384127 code=0x7ffc0000 [ 295.353750][ T30] audit: type=1326 audit(1744564309.208:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa508329359 code=0x7ffc0000 [ 295.469111][ T30] audit: type=1326 audit(1744564309.208:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa508384127 code=0x7ffc0000 [ 295.495224][ T30] audit: type=1326 audit(1744564309.208:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11612 comm="syz.2.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa508329359 code=0x7ffc0000 [ 296.142366][T11673] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2283'. [ 296.167292][T11674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2280'. [ 296.799685][T11703] pim6reg1: entered promiscuous mode [ 296.805196][T11703] pim6reg1: entered allmulticast mode [ 297.461915][T11729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2307'. [ 297.855690][T11744] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.992656][T11749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2316'. [ 298.523637][T11763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2323'. [ 299.000014][T11789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2329'. [ 299.312148][T11800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2335'. [ 299.854503][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 299.854524][ T30] audit: type=1804 audit(1744564314.608:1760): pid=11826 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.2349" name="/newroot/473/file0" dev="tmpfs" ino=2428 res=1 errno=0 [ 299.921148][T11826] ref_ctr_offset mismatch. inode: 0x97c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 300.067640][T11839] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2347'. [ 300.271655][T11826] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1 [ 300.280822][T11826] ref_ctr decrement failed for inode: 0x97c offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88807b700000 [ 300.306846][T11826] uprobe: syz.0.2349:11826 failed to unregister, leaking uprobe [ 301.473091][T11885] netlink: 'syz.0.2371': attribute type 12 has an invalid length. [ 301.508753][T11885] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2371'. [ 302.939685][T11942] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2394'. [ 304.163825][T11993] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2416'. [ 304.817489][T12020] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2429'. [ 305.271171][ T30] audit: type=1326 audit(1744564320.028:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.336399][ T30] audit: type=1326 audit(1744564320.028:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.362431][ T30] audit: type=1326 audit(1744564320.088:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.437057][ T30] audit: type=1326 audit(1744564320.088:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.506203][ T30] audit: type=1326 audit(1744564320.088:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.576296][ T30] audit: type=1326 audit(1744564320.088:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.681587][ T30] audit: type=1326 audit(1744564320.088:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.775921][ T30] audit: type=1326 audit(1744564320.098:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.890257][ T30] audit: type=1326 audit(1744564320.098:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 305.951803][ T30] audit: type=1326 audit(1744564320.148:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12041 comm="syz.1.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 306.784122][T12086] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2457'. [ 307.851686][T12126] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2476'. [ 309.464303][T12167] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2493'. [ 310.281232][ T30] kauditd_printk_skb: 19 callbacks suppressed [ 310.281253][ T30] audit: type=1326 audit(1744564325.038:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.320979][ T30] audit: type=1326 audit(1744564325.038:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.397363][ T30] audit: type=1326 audit(1744564325.088:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.476406][ T30] audit: type=1326 audit(1744564325.088:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.540151][ T30] audit: type=1326 audit(1744564325.088:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.628922][ T30] audit: type=1326 audit(1744564325.088:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.710295][ T30] audit: type=1326 audit(1744564325.088:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.802539][ T30] audit: type=1326 audit(1744564325.088:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.897576][ T30] audit: type=1326 audit(1744564325.098:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 310.945656][ T30] audit: type=1326 audit(1744564325.098:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.1.2511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 311.472116][T12257] ieee802154 phy0 wpan0: encryption failed: -22 [ 312.830808][T12296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2551'. [ 313.943537][T12331] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2563'. [ 315.334109][T12355] ref_ctr_offset mismatch. inode: 0xa88 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6 [ 315.610916][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 315.610937][ T30] audit: type=1326 audit(1744564330.368:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12367 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 315.701514][ T30] audit: type=1326 audit(1744564330.368:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12367 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 315.781841][ T30] audit: type=1326 audit(1744564330.398:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12367 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 315.860287][ T30] audit: type=1326 audit(1744564330.398:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12367 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 315.966196][ T30] audit: type=1326 audit(1744564330.398:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12367 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a9d8d169 code=0x7ffc0000 [ 316.016252][T12381] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2584'. [ 316.583725][T12399] ref_ctr_offset mismatch. inode: 0xa98 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6 [ 317.879924][T12414] tipc: Enabled bearer , priority 0 [ 317.946668][T12414] €Â: renamed from syzkaller0 [ 318.107609][T12414] tipc: Disabling bearer [ 320.326877][T12454] x_tables: unsorted underflow at hook 2 [ 320.352059][T12454] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 320.411397][T12454] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 321.734368][T12503] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.862567][T12503] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.027947][T12503] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.218731][T12503] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.391789][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.394617][T12538] netlink: 'syz.2.2646': attribute type 39 has an invalid length. [ 322.398467][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.434754][T12503] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.457372][T12503] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.575188][T12503] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.613952][T12503] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.990312][T12553] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2653'. [ 323.372265][T12572] x_tables: duplicate underflow at hook 3 [ 323.604583][T12588] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2666'. [ 324.379606][T12625] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2681'. [ 325.133031][T12655] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2695'. [ 325.649146][T12675] wireguard0: entered promiscuous mode [ 325.654796][T12675] wireguard0: entered allmulticast mode [ 325.947003][T12689] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2709'. [ 326.174950][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.208723][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.218100][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.238106][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.261107][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.273803][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.285842][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.303772][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.314400][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 326.323927][ C1] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 327.505637][T12756] atomic_op ffff88807abb2198 conn xmit_atomic 0000000000000000 [ 329.362303][T12824] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2768'. [ 330.045697][T12843] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2777'. [ 330.536215][ T5821] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 330.697017][ T5821] usb 5-1: device descriptor read/64, error -71 [ 330.714700][T12872] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2790'. [ 330.734890][T12872] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2790'. [ 330.863757][T12876] netlink: 'syz.0.2792': attribute type 13 has an invalid length. [ 330.936190][ T5821] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 331.096533][ T5821] usb 5-1: device descriptor read/64, error -71 [ 331.207028][ T5821] usb usb5-port1: attempt power cycle [ 331.218213][ T30] audit: type=1326 audit(1744564345.978:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.269721][ T30] audit: type=1326 audit(1744564345.998:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.332038][ T30] audit: type=1326 audit(1744564345.998:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.376606][ T30] audit: type=1326 audit(1744564345.998:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.425958][ T30] audit: type=1326 audit(1744564345.998:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.479281][ T30] audit: type=1326 audit(1744564345.998:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.585437][ T30] audit: type=1326 audit(1744564345.998:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.608339][ T5821] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 331.647660][ T5821] usb 5-1: device descriptor read/8, error -71 [ 331.654611][ T30] audit: type=1326 audit(1744564345.998:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.702341][T12901] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2803'. [ 331.730786][ T30] audit: type=1326 audit(1744564345.998:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.733359][T12901] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2803'. [ 331.825969][ T30] audit: type=1326 audit(1744564345.998:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12887 comm="syz.0.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 331.926374][ T5821] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 331.979035][ T5821] usb 5-1: device descriptor read/8, error -71 [ 332.113225][T12913] net_ratelimit: 252 callbacks suppressed [ 332.113249][T12913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.136429][ T5821] usb usb5-port1: unable to enumerate USB device [ 332.627083][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.718797][T12924] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2812'. [ 334.132789][T12953] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 336.398961][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 336.398983][ T30] audit: type=1804 audit(1744564351.158:1835): pid=13015 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.2844" name="/newroot/550/file0" dev="tmpfs" ino=2815 res=1 errno=0 [ 336.641588][T13015] ref_ctr_offset mismatch. inode: 0xaff offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6 [ 337.421766][T13034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 337.532707][T13039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2853'. [ 338.128168][ T30] audit: type=1326 audit(1744564352.888:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.175881][ T30] audit: type=1326 audit(1744564352.888:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.214350][ T30] audit: type=1326 audit(1744564352.888:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.311940][ T30] audit: type=1326 audit(1744564352.968:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.393047][ T30] audit: type=1326 audit(1744564352.968:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.450954][ T30] audit: type=1326 audit(1744564352.968:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13052 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc418d169 code=0x7ffc0000 [ 338.622800][T13060] bridge0: port 3(bond0) entered blocking state [ 338.689979][T13060] bridge0: port 3(bond0) entered disabled state [ 338.720952][T13060] bond0: entered allmulticast mode [ 338.736100][T13060] bond_slave_0: entered allmulticast mode [ 338.746295][T13060] bond_slave_1: entered allmulticast mode [ 338.786014][T13060] bond0: entered promiscuous mode [ 338.798813][T13064] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2862'. [ 338.816199][T13060] bond_slave_0: entered promiscuous mode [ 338.846143][T13060] bond_slave_1: entered promiscuous mode [ 339.043149][ T5141] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 339.057589][ T5141] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 339.065701][ T5141] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 339.074105][ T5141] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 339.099115][ T5141] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 339.138096][T13073] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2867'. [ 339.179186][ T3019] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.278839][ T3019] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.370464][ T3019] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.506378][ T3019] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.604907][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2874'. [ 339.713794][ T30] audit: type=1326 audit(1744564354.458:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13097 comm="syz.1.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 339.776020][ T30] audit: type=1326 audit(1744564354.458:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13097 comm="syz.1.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 339.845865][ T30] audit: type=1326 audit(1744564354.468:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13097 comm="syz.1.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa2f558d169 code=0x7ffc0000 [ 339.882567][ T3019] bridge_slave_1: left allmulticast mode [ 339.895891][ T3019] bridge_slave_1: left promiscuous mode [ 339.910780][ T3019] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.930172][ T3019] bridge_slave_0: left allmulticast mode [ 339.936725][ T3019] bridge_slave_0: left promiscuous mode [ 339.942544][ T3019] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.650100][ T3019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 340.678598][T13135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2888'. [ 340.702521][ T3019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 340.741300][ T3019] bond0 (unregistering): Released all slaves [ 340.883786][ T3019] bond1 (unregistering): (slave veth3): Releasing active interface [ 340.895415][ T3019] bond1 (unregistering): Released all slaves [ 341.032199][ T3019] bond2 (unregistering): (slave veth5): Releasing active interface [ 341.043757][ T3019] bond2 (unregistering): Released all slaves [ 341.160390][ T3019] bond3 (unregistering): (slave veth7): Releasing active interface [ 341.171375][ T3019] bond3 (unregistering): Released all slaves [ 341.186337][ T5836] Bluetooth: hci3: command tx timeout [ 341.404415][ T3019] tipc: Left network mode [ 341.480336][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 341.480357][ T30] audit: type=1326 audit(1744564356.238:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 341.565903][ T30] audit: type=1326 audit(1744564356.238:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 341.589180][ T30] audit: type=1326 audit(1744564356.238:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 341.611939][ T30] audit: type=1326 audit(1744564356.258:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13153 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcd961bfa25 code=0x7ffc0000 [ 341.634484][ T3019] IPVS: stopping backup sync thread 7656 ... [ 341.635248][ T30] audit: type=1326 audit(1744564356.258:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 341.725050][ T30] audit: type=1326 audit(1744564356.258:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 341.999977][T13071] chnl_net:caif_netlink_parms(): no params data found [ 342.007073][ T30] audit: type=1326 audit(1744564356.268:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 342.029039][ T30] audit: type=1326 audit(1744564356.268:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 342.029109][T13166] bridge0: port 1(bond0) entered blocking state [ 342.051709][ T30] audit: type=1326 audit(1744564356.268:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 342.051770][ T30] audit: type=1326 audit(1744564356.268:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13150 comm="syz.3.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 342.110057][T13166] bridge0: port 1(bond0) entered disabled state [ 342.118539][T13166] bond0: entered allmulticast mode [ 342.125169][T13166] bond0: entered promiscuous mode [ 342.394210][T13071] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.424463][T13071] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.437648][T13071] bridge_slave_0: entered allmulticast mode [ 342.468125][T13071] bridge_slave_0: entered promiscuous mode [ 342.484869][T13071] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.500292][T13071] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.507783][T13071] bridge_slave_1: entered allmulticast mode [ 342.518994][T13071] bridge_slave_1: entered promiscuous mode [ 342.636207][T13177] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.662759][ T3019] hsr_slave_0: left promiscuous mode [ 342.679015][ T3019] hsr_slave_1: left promiscuous mode [ 342.686943][ T3019] batman_adv: batadv0: Removing interface: team0 [ 342.700442][ T3019] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 342.708249][ T3019] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 342.717179][ T3019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 342.725028][ T3019] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 342.775615][ T3019] veth1_macvtap: left promiscuous mode [ 342.785626][ T3019] veth0_macvtap: left promiscuous mode [ 342.798869][ T3019] veth1_vlan: left promiscuous mode [ 342.804544][ T3019] veth0_vlan: left promiscuous mode [ 342.956636][T13188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2902'. [ 343.270546][ T5836] Bluetooth: hci3: command tx timeout [ 343.697526][ T3019] team0 (unregistering): Port device team_slave_1 removed [ 343.799850][ T3019] team0 (unregistering): Port device team_slave_0 removed [ 344.276749][T13071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.294214][T13071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 344.335496][T13204] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2910'. [ 344.491532][T13071] team0: Port device team_slave_0 added [ 344.527124][T13071] team0: Port device team_slave_1 added [ 344.638416][T13071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 344.654199][T13071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 344.722475][T13071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 344.757205][T13071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 344.784622][T13071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 344.829759][T13071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.035267][T13071] hsr_slave_0: entered promiscuous mode [ 345.062504][T13071] hsr_slave_1: entered promiscuous mode [ 345.084430][T13071] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 345.107896][T13071] Cannot create hsr debugfs directory [ 345.351364][ T5836] Bluetooth: hci3: command tx timeout [ 345.375708][T13242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2922'. [ 346.454332][T13071] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 346.480269][T13071] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 346.514750][T13071] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 346.533600][T13071] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 346.661068][T13277] netlink: 216 bytes leftover after parsing attributes in process `syz.1.2937'. [ 346.697658][T13277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2937'. [ 346.823177][T13071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.881651][T13071] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.931645][ T8994] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.938868][ T8994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 347.070315][ T8994] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.077551][ T8994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 347.096931][T13289] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.378346][T13299] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2947'. [ 347.437853][ T5836] Bluetooth: hci3: command tx timeout [ 347.595499][T13071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 348.351875][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 348.351895][ T30] audit: type=1804 audit(1744564363.108:1878): pid=13327 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2955" name="/newroot/594/file0" dev="tmpfs" ino=3046 res=1 errno=0 [ 348.522752][T13071] veth0_vlan: entered promiscuous mode [ 348.580834][T13071] veth1_vlan: entered promiscuous mode [ 348.643921][T13335] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2959'. [ 348.802989][T13071] veth0_macvtap: entered promiscuous mode [ 348.830317][T13071] veth1_macvtap: entered promiscuous mode [ 348.933818][T13071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 348.974459][T13071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.013468][T13071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.055997][T13071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.087699][T13071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.135193][T13071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.204150][T13071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.228529][T13071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.253293][T13071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.312013][T13071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.453100][T13071] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.504807][T13071] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.561756][ T30] audit: type=1804 audit(1744564364.308:1879): pid=13358 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2969" name="/newroot/598/file0" dev="tmpfs" ino=3068 res=1 errno=0 [ 349.591227][T13071] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.646760][T13071] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.893065][ T1329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.932672][ T1329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 350.132086][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 350.133329][T13369] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2972'. [ 350.161216][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.721465][ T5141] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 352.882310][ T5141] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 352.890777][ T5141] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 352.901471][ T5141] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 352.912647][ T5141] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 353.047483][T13412] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2986'. [ 353.453079][T13418] C: renamed from team_slave_0 (while UP) [ 353.469267][T13418] netlink: 'syz.2.2989': attribute type 1 has an invalid length. [ 353.479056][T13418] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2989'. [ 353.504193][T13418] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 353.675946][T13422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.051470][T13405] chnl_net:caif_netlink_parms(): no params data found [ 354.284362][T13405] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.295507][T13405] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.306728][T13405] bridge_slave_0: entered allmulticast mode [ 354.320380][T13405] bridge_slave_0: entered promiscuous mode [ 354.329675][T13405] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.338754][T13405] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.346384][T13405] bridge_slave_1: entered allmulticast mode [ 354.354884][T13405] bridge_slave_1: entered promiscuous mode [ 354.482519][T13405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 354.527659][T13405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 354.703076][T13405] team0: Port device team_slave_0 added [ 354.729082][T13405] team0: Port device team_slave_1 added [ 354.853886][T13405] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 354.869866][T13405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 354.906538][T13405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 354.955354][T13405] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 354.971100][T13405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 355.026409][ T5141] Bluetooth: hci5: command tx timeout [ 355.045692][T13405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 355.284476][T13405] hsr_slave_0: entered promiscuous mode [ 355.295419][T13405] hsr_slave_1: entered promiscuous mode [ 355.311374][T13405] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 355.341516][T13405] Cannot create hsr debugfs directory [ 355.391336][T13472] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.067116][T13405] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 357.108919][T13405] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 357.136477][T13405] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 357.157134][ T5141] Bluetooth: hci5: command tx timeout [ 357.180224][T13405] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 357.393078][T13405] 8021q: adding VLAN 0 to HW filter on device bond0 [ 357.453688][T13405] 8021q: adding VLAN 0 to HW filter on device team0 [ 357.492520][ T1306] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.499834][ T1306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 357.564902][ T1306] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.572187][ T1306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 358.317481][T13405] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 358.618285][T13405] veth0_vlan: entered promiscuous mode [ 358.618869][T13537] random: crng reseeded on system resumption [ 358.906166][ T30] audit: type=1326 audit(1744564373.588:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13536 comm="syz.2.3029" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa50838d169 code=0x0 [ 359.253792][ T5141] Bluetooth: hci5: command tx timeout [ 359.564908][T13405] veth1_vlan: entered promiscuous mode [ 359.632437][T13405] veth0_macvtap: entered promiscuous mode [ 359.644098][T13405] veth1_macvtap: entered promiscuous mode [ 359.715130][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.746137][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.765913][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.808848][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.834444][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.862949][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.885616][T13405] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 359.909211][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.920062][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.937502][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.962662][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.985558][T13405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.996715][T13405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 360.009330][T13405] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 360.056578][T13405] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.077651][T13405] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.117118][T13405] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.137158][T13405] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.403480][T13498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.423409][T13498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 360.504778][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.510097][T13569] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3040'. [ 360.531024][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 361.245560][ T30] audit: type=1804 audit(1744564375.998:1881): pid=13579 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.2980" name="/newroot/0/file0" dev="tmpfs" ino=18 res=1 errno=0 [ 361.272841][ T5141] Bluetooth: hci5: command tx timeout [ 362.140525][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 362.150305][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 362.158980][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 362.167950][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 362.176187][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 362.983302][ T30] audit: type=1804 audit(1744564377.738:1882): pid=13621 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.3060" name="/newroot/22/file0" dev="tmpfs" ino=130 res=1 errno=0 [ 363.411076][T13607] chnl_net:caif_netlink_parms(): no params data found [ 363.474764][T13626] x_tables: unsorted underflow at hook 2 [ 363.797290][T13612] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 363.885628][T13607] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.909838][T13607] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.936709][T13607] bridge_slave_0: entered allmulticast mode [ 363.972081][T13607] bridge_slave_0: entered promiscuous mode [ 364.017585][T13607] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.052811][T13607] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.071174][T13607] bridge_slave_1: entered allmulticast mode [ 364.087939][T13607] bridge_slave_1: entered promiscuous mode [ 364.226717][ T5836] Bluetooth: hci0: command tx timeout [ 364.239921][T13607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.292629][T13607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.596178][T13641] wireguard0: entered promiscuous mode [ 364.601810][T13641] wireguard0: entered allmulticast mode [ 364.766079][T13607] team0: Port device team_slave_0 added [ 364.814119][T13607] team0: Port device team_slave_1 added [ 365.061808][T13607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 365.125609][T13607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.235337][T13607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 365.249144][T13607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 365.256581][T13607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.392338][T13607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.937018][T13607] hsr_slave_0: entered promiscuous mode [ 366.353639][ T5836] Bluetooth: hci0: command tx timeout [ 366.557063][T13607] hsr_slave_1: entered promiscuous mode [ 366.563548][T13607] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 366.629083][T13607] Cannot create hsr debugfs directory [ 366.870079][T13665] 8021q: adding VLAN 0 to HW filter on device bond1 [ 367.491146][T13607] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.743575][T13607] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.827575][T13607] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.943872][T13607] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.244492][T13607] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 368.311907][T13607] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 368.373525][T13607] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 368.385916][ T5836] Bluetooth: hci0: command tx timeout [ 368.430636][T13607] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 368.726708][T13696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3081'. [ 368.770461][T13607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.341440][T13607] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.373420][ T1306] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.380701][ T1306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.416896][ T30] audit: type=1326 audit(1744564384.178:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13704 comm="syz.0.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9043d8d169 code=0x7ffc0000 [ 369.487530][ T1306] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.495813][ T1306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 369.516099][ T30] audit: type=1326 audit(1744564384.208:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13704 comm="syz.0.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f9043d8d169 code=0x7ffc0000 [ 369.603959][ T30] audit: type=1326 audit(1744564384.208:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13704 comm="syz.0.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9043d8d169 code=0x7ffc0000 [ 369.664189][T13709] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 370.183243][T13607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 370.309907][T13607] veth0_vlan: entered promiscuous mode [ 370.374545][T13607] veth1_vlan: entered promiscuous mode [ 370.405562][ T974] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 370.448164][ T974] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 370.472283][ T5836] Bluetooth: hci0: command tx timeout [ 370.513495][T13607] veth0_macvtap: entered promiscuous mode [ 370.592103][T13607] veth1_macvtap: entered promiscuous mode [ 370.643591][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.706155][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.726684][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.740268][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.750470][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.761235][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.821280][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.833465][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.845394][T13607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 370.858465][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.928873][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.939921][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.953977][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.964465][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.022489][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.037688][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.048991][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.062619][T13607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.123386][T13607] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.136247][T13738] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3095'. [ 371.143986][T13607] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.174555][T13607] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.183730][T13607] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.530587][ T1306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.550853][ T1306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.603582][ T1306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.616841][ T1306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.114278][T13643] Set syz1 is full, maxelem 65536 reached [ 372.960616][ T30] audit: type=1326 audit(1744564387.718:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.088899][ T30] audit: type=1326 audit(1744564387.758:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.181095][ T30] audit: type=1326 audit(1744564387.768:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.307684][ T30] audit: type=1326 audit(1744564387.768:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.420514][ T5141] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 373.430326][ T5141] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 373.441918][ T5141] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 373.451396][ T5141] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 373.460185][ T5141] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 373.479919][ T30] audit: type=1326 audit(1744564387.768:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.512314][ T30] audit: type=1326 audit(1744564387.768:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.672839][ T30] audit: type=1326 audit(1744564387.768:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13776 comm="syz.3.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 373.820115][T13791] pim6reg: entered allmulticast mode [ 374.048765][T13797] pim6reg: left allmulticast mode [ 375.094529][T13824] IPv6: NLM_F_CREATE should be specified when creating new route [ 375.160376][T13827] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3129'. [ 375.263981][T13832] block device autoloading is deprecated and will be removed. [ 375.296982][T13832] syz.2.3131: attempt to access beyond end of device [ 375.296982][T13832] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 375.336372][T13834] random: crng reseeded on system resumption [ 375.586344][ T5141] Bluetooth: hci2: command tx timeout [ 376.602874][T13786] chnl_net:caif_netlink_parms(): no params data found [ 377.104102][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 377.104124][ T30] audit: type=1326 audit(1744564391.838:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13849 comm="syz.4.3138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 377.250085][ T30] audit: type=1326 audit(1744564391.838:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13849 comm="syz.4.3138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 377.276921][ T30] audit: type=1326 audit(1744564391.838:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13849 comm="syz.4.3138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 377.303271][ T30] audit: type=1326 audit(1744564391.838:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13849 comm="syz.4.3138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 377.403302][T13854] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.470257][T13866] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3144'. [ 377.542366][T13854] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.678311][ T5141] Bluetooth: hci2: command tx timeout [ 377.710540][T13786] bridge0: port 1(bridge_slave_0) entered blocking state [ 377.725981][T13786] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.733521][T13786] bridge_slave_0: entered allmulticast mode [ 377.741765][T13786] bridge_slave_0: entered promiscuous mode [ 377.758866][T13786] bridge0: port 2(bridge_slave_1) entered blocking state [ 377.768594][T13786] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.776086][T13786] bridge_slave_1: entered allmulticast mode [ 377.794378][T13786] bridge_slave_1: entered promiscuous mode [ 377.888655][T13854] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.041975][T13873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3147'. [ 378.056945][T13786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 378.224285][T13786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 378.367890][T13854] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.530683][T13786] team0: Port device team_slave_0 added [ 378.554251][T13786] team0: Port device team_slave_1 added [ 378.686804][T13786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 378.693823][T13786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 378.734691][T13786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 378.784535][T13854] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.806996][T13786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 378.825209][T13786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 378.973477][T13786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 379.008886][T13854] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.038890][T13854] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.087949][T13854] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.264926][T13786] hsr_slave_0: entered promiscuous mode [ 379.280268][T13786] hsr_slave_1: entered promiscuous mode [ 379.291455][ T30] audit: type=1326 audit(1744564394.038:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.317240][T13786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 379.333017][T13786] Cannot create hsr debugfs directory [ 379.355101][ T30] audit: type=1326 audit(1744564394.038:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.409114][ T30] audit: type=1326 audit(1744564394.088:1904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.448211][ T30] audit: type=1326 audit(1744564394.088:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.473003][ T30] audit: type=1326 audit(1744564394.088:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.495490][ T30] audit: type=1326 audit(1744564394.088:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13904 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe40238d169 code=0x7ffc0000 [ 379.534240][T13913] 9pnet_fd: Insufficient options for proto=fd [ 379.746181][ T5141] Bluetooth: hci2: command tx timeout [ 379.754332][T13917] sd 0:0:1:0: device reset [ 379.891701][T13786] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.964814][T13923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3169'. [ 379.981507][T13923] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3169'. [ 380.063004][T13786] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.191982][T13786] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.232829][T13929] netlink: 'syz.0.3172': attribute type 10 has an invalid length. [ 380.330251][T13929] batman_adv: batadv0: Adding interface: team0 [ 380.355491][T13929] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 380.356545][T13934] netlink: 'syz.0.3172': attribute type 10 has an invalid length. [ 380.433404][T13929] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 380.456383][T13936] random: crng reseeded on system resumption [ 380.496633][T13934] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3172'. [ 380.510976][T13786] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.551384][T13934] team0: entered promiscuous mode [ 380.571198][T13934] team_slave_0: entered promiscuous mode [ 380.614866][T13934] team_slave_1: entered promiscuous mode [ 380.646654][T13934] 8021q: adding VLAN 0 to HW filter on device team0 [ 380.663348][T13934] batman_adv: batadv0: Interface activated: team0 [ 380.715030][T13934] batman_adv: batadv0: Interface deactivated: team0 [ 380.726491][T13934] batman_adv: batadv0: Removing interface: team0 [ 380.759974][T13934] bridge0: port 3(team0) entered blocking state [ 380.785744][T13934] bridge0: port 3(team0) entered disabled state [ 380.802437][T13934] team0: entered allmulticast mode [ 380.825961][T13934] team_slave_0: entered allmulticast mode [ 380.832003][T13934] team_slave_1: entered allmulticast mode [ 380.867120][T13934] bridge0: port 3(team0) entered blocking state [ 380.873623][T13934] bridge0: port 3(team0) entered forwarding state [ 381.229726][T13786] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 381.272781][T13786] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 381.310600][T13786] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 381.370125][T13786] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 381.772252][T13786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 381.860376][T13786] 8021q: adding VLAN 0 to HW filter on device team0 [ 381.885055][ T1312] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.892321][ T1312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 381.899508][ T5141] Bluetooth: hci2: command tx timeout [ 381.922759][T13968] random: crng reseeded on system resumption [ 381.993641][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 382.001023][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 383.733529][T13786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 383.868557][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.875156][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.092716][T13786] veth0_vlan: entered promiscuous mode [ 384.188089][T13786] veth1_vlan: entered promiscuous mode [ 384.368359][T13786] veth0_macvtap: entered promiscuous mode [ 384.422368][T13786] veth1_macvtap: entered promiscuous mode [ 384.612239][T14009] random: crng reseeded on system resumption [ 384.668407][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.693696][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.727645][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.754267][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.785512][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.810894][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.833379][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.854917][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.875270][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 384.896044][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 384.917771][T13786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 384.999045][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.059655][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.079226][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.101479][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.124775][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.175893][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.199050][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.215737][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.245834][T13786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.265907][T13786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.383127][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 385.383189][ T30] audit: type=1326 audit(1744564400.108:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14016 comm="syz.3.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.432519][T13786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 385.446299][T14018] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3209'. [ 385.482949][T13786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.524807][T13786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.525895][ T30] audit: type=1326 audit(1744564400.108:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14016 comm="syz.3.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.575857][T13786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.584633][T13786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.647113][ T30] audit: type=1326 audit(1744564400.108:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14016 comm="syz.3.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.725961][ T30] audit: type=1326 audit(1744564400.108:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14016 comm="syz.3.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.832421][ T30] audit: type=1326 audit(1744564400.388:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.913533][ T30] audit: type=1326 audit(1744564400.388:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 385.974410][ T30] audit: type=1326 audit(1744564400.388:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 386.015527][ T8994] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.041342][ T8994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.065069][ T30] audit: type=1326 audit(1744564400.398:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 386.113866][T14038] random: crng reseeded on system resumption [ 386.124998][ T30] audit: type=1326 audit(1744564400.398:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 386.161571][T14041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3218'. [ 386.209863][ T1312] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.253152][ T1312] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.356025][ T30] audit: type=1326 audit(1744564400.398:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14023 comm="syz.3.3212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9618d169 code=0x7ffc0000 [ 386.757118][T14052] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3222'. [ 387.715330][T14052] openvswitch: netlink: Flow key attr not present in new flow. [ 388.064343][T14059] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3223'. [ 388.317321][T14066] atomic_op ffff8880304cc998 conn xmit_atomic 0000000000000000 [ 389.311661][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 389.346297][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 389.367787][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 389.382513][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 389.395291][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 390.148570][T14092] hub 9-0:1.0: USB hub found [ 390.156377][T14092] hub 9-0:1.0: 1 port detected [ 390.214927][T14092] Invalid source name [ 390.219091][T14092] UBIFS error (pid: 14092): cannot open "./file0", error -22 [ 390.301416][T14091] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3236'. [ 391.356203][T14103] random: crng reseeded on system resumption [ 391.400766][T14077] chnl_net:caif_netlink_parms(): no params data found [ 391.426092][ T5836] Bluetooth: hci1: command tx timeout [ 391.938213][T14077] bridge0: port 1(bridge_slave_0) entered blocking state [ 391.945543][T14077] bridge0: port 1(bridge_slave_0) entered disabled state [ 391.953627][T14077] bridge_slave_0: entered allmulticast mode [ 391.982441][T14077] bridge_slave_0: entered promiscuous mode [ 392.037791][T14077] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.056235][T14077] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.063572][T14077] bridge_slave_1: entered allmulticast mode [ 392.097964][T14077] bridge_slave_1: entered promiscuous mode [ 392.303399][T14077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 392.339396][T14077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 392.542573][T14077] team0: Port device team_slave_0 added [ 392.603104][T14077] team0: Port device team_slave_1 added [ 392.813267][T14077] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 392.848134][T14077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 392.911304][T14077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 393.017527][T14077] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 393.024540][T14077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 393.124215][T14077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 393.443941][T14077] hsr_slave_0: entered promiscuous mode [ 393.506032][ T5836] Bluetooth: hci1: command tx timeout [ 393.512933][T14077] hsr_slave_1: entered promiscuous mode [ 393.532836][T14077] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 393.562224][T14077] Cannot create hsr debugfs directory [ 393.597041][T13957] Set syz1 is full, maxelem 65536 reached [ 393.730154][T14139] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3253'. [ 393.763803][T14138] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3253'. [ 395.332100][T14077] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 395.585879][ T5836] Bluetooth: hci1: command tx timeout [ 395.595420][T14077] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.088322][T14077] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.391057][T14077] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.755124][T14077] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 396.874238][T14077] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 396.912066][T14077] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 396.968389][T14077] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 397.311136][T14077] 8021q: adding VLAN 0 to HW filter on device bond0 [ 397.405709][T14077] 8021q: adding VLAN 0 to HW filter on device team0 [ 397.450739][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 397.457982][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 397.478196][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 397.485487][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 397.667161][ T5836] Bluetooth: hci1: command tx timeout [ 397.709765][T14192] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3274'. [ 398.926325][T14077] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 399.256365][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 399.336776][T14077] veth0_vlan: entered promiscuous mode [ 399.407035][T14077] veth1_vlan: entered promiscuous mode [ 399.486379][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 399.508378][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 399.545026][T14214] hub 9-0:1.0: USB hub found [ 399.550219][T14214] hub 9-0:1.0: 1 port detected [ 399.565567][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 399.577139][T14077] veth0_macvtap: entered promiscuous mode [ 399.582395][T14077] veth1_macvtap: entered promiscuous mode [ 399.624222][ T9] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 399.643125][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.655932][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.674622][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.677808][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 399.685461][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.715230][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 399.728570][ T9] usb 2-1: SerialNumber: syz [ 399.745924][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.756911][ T9] cdc_acm 2-1:1.0: skipping garbage [ 399.772574][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.793199][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.820694][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.845926][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.862934][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.882875][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.894840][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.928120][T14077] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 399.950432][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 399.970482][ T10] usb 2-1: USB disconnect, device number 4 [ 399.990105][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.002208][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.015129][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.025119][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.040037][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.075231][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.104744][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.127553][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.146248][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.163585][T14077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 400.175263][T14077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.199172][T14077] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 400.240002][T14077] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.257799][T14077] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.266773][T14077] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.275535][T14077] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.614446][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.615550][ T8994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.644757][ T8994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.662429][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.877521][T14250] 9pnet_virtio: no channels available for device syz [ 400.919103][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 400.919124][ T30] audit: type=1326 audit(1744564415.678:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14249 comm="syz.2.3298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd62a58d169 code=0x0 [ 401.088633][ T30] audit: type=1326 audit(1744564415.848:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.143199][ T30] audit: type=1326 audit(1744564415.878:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.200730][ T30] audit: type=1326 audit(1744564415.878:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.283509][ T30] audit: type=1326 audit(1744564415.878:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.354398][ T30] audit: type=1326 audit(1744564415.878:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.415087][ T30] audit: type=1326 audit(1744564415.878:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.475563][T14271] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 401.504645][ T30] audit: type=1326 audit(1744564415.878:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.623561][ T30] audit: type=1326 audit(1744564415.878:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 401.814018][ T30] audit: type=1326 audit(1744564415.878:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14260 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fe0acf8d169 code=0x7ffc0000 [ 402.325890][ T5908] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 402.499027][ T5908] usb 1-1: Using ep0 maxpacket: 16 [ 402.531586][ T5908] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 402.547816][T14324] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 402.575877][ T5908] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.609569][ T5908] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 402.638949][ T5908] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 402.655201][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 402.683815][ T5908] usb 1-1: SerialNumber: syz [ 402.707502][ T5908] cdc_acm 1-1:1.0: skipping garbage [ 402.918246][ T5821] usb 1-1: USB disconnect, device number 2 [ 403.090245][T14350] program syz.3.3319 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 403.972315][T14388] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3337'. [ 404.285892][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 404.416886][ T5821] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 404.456154][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 404.473016][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 404.484055][ T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.499133][ T10] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 404.517536][ T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 404.529973][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 404.538419][ T10] usb 3-1: SerialNumber: syz [ 404.552393][ T10] cdc_acm 3-1:1.0: skipping garbage [ 404.610515][ T5821] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 404.624592][ T5821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.657114][ T5821] usb 2-1: config 0 descriptor?? [ 404.764256][ T10] usb 3-1: USB disconnect, device number 2 [ 404.879350][ T5821] usbhid 2-1:0.0: can't add hid device: -71 [ 404.886495][ T5821] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 404.897489][ T5821] usb 2-1: USB disconnect, device number 5 [ 405.341238][ T5821] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 405.397585][T14430] atomic_op ffff888059871998 conn xmit_atomic 0000000000000000 [ 405.442421][T14432] ======================================================= [ 405.442421][T14432] WARNING: The mand mount option has been deprecated and [ 405.442421][T14432] and is ignored by this kernel. Remove the mand [ 405.442421][T14432] option from the mount to silence this warning. [ 405.442421][T14432] ======================================================= [ 405.492074][T14432] 9pnet_virtio: no channels available for device syz [ 405.509406][ T5821] usb 2-1: Using ep0 maxpacket: 32 [ 405.522044][ T5821] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 405.570421][ T5821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.594333][ T5821] usb 2-1: config 0 descriptor?? [ 405.603247][ T5821] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 405.622341][ T5821] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 405.814356][ T5821] usb 2-1: USB disconnect, device number 6 [ 405.848321][ T5821] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 406.228722][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 406.318618][T14462] atomic_op ffff8880253aa998 conn xmit_atomic 0000000000000000 [ 406.387690][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 406.412122][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 406.429281][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.455348][ T24] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 406.483390][ T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 406.494507][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 406.518125][ T24] usb 1-1: SerialNumber: syz [ 406.539817][ T24] cdc_acm 1-1:1.0: skipping garbage [ 406.770250][ T5821] usb 1-1: USB disconnect, device number 3 [ 407.422898][T14505] netlink: 112 bytes leftover after parsing attributes in process `syz.1.3388'. [ 407.911046][T14526] Bluetooth: MGMT ver 1.23 [ 407.917775][T14526] Bluetooth: hci0: invalid len left 7, exp >= 11 [ 408.547866][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 408.716035][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 408.732926][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 408.755278][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 197, changing to 11 [ 408.766530][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 33373, setting to 1024 [ 408.791617][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 408.802985][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.825827][ T9] usb 2-1: Product: syz [ 408.830061][ T9] usb 2-1: Manufacturer: syz [ 408.834680][ T9] usb 2-1: SerialNumber: syz [ 408.842512][ T9] usb 2-1: config 0 descriptor?? [ 409.117533][ T9] appledisplay 2-1:0.0: Error while getting initial brightness: -110 [ 409.141432][ C0] usb 2-1: appledisplay_complete - usb_submit_urb failed with result -1 [ 409.153790][ T9] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -110 [ 409.177404][T14546] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.184042][T14546] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 409.186135][ T5141] Bluetooth: hci4: command 0x1003 tx timeout [ 409.191321][ T5836] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 409.217096][T14546] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 409.235393][T14546] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 409.241861][T14546] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 409.250494][T14546] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 409.262119][T14546] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.269221][T14546] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 409.280655][T14546] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 409.290544][T14546] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.297108][T14546] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 409.305285][T14546] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 409.316251][T14546] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.323472][T14546] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 409.338461][T14546] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 409.362367][ T9] usb 2-1: USB disconnect, device number 7 [ 409.534909][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 409.534929][ T30] audit: type=1326 audit(1744564424.288:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14569 comm="syz.3.3417" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0acf8d169 code=0x0 [ 410.473707][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 410.930223][T14625] Invalid source name [ 410.934367][T14625] UBIFS error (pid: 14625): cannot open "./file0", error -22 [ 411.326250][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 411.340367][ T5141] Bluetooth: hci5: command 0x0c1a tx timeout [ 411.358025][ T5836] Bluetooth: hci2: command 0x0c1a tx timeout [ 411.367614][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 411.706761][T14630] netlink: 112 bytes leftover after parsing attributes in process `syz.0.3439'. [ 411.742788][T14637] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 411.931564][T14644] loop6: detected capacity change from 0 to 524287999 [ 412.509243][T14665] Invalid source name [ 412.513432][T14665] UBIFS error (pid: 14665): cannot open "./file0", error -22 [ 412.546237][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 413.391320][T14676] netlink: 112 bytes leftover after parsing attributes in process `syz.1.3457'. [ 413.433457][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 413.439814][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 413.445938][ T5141] Bluetooth: hci5: command 0x0c1a tx timeout [ 413.505890][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 413.519120][T14682] loop2: detected capacity change from 0 to 7 [ 413.579276][T14686] warning: `syz.3.3464' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 413.594313][T14682] Dev loop2: unable to read RDB block 7 [ 413.611385][T14682] loop2: AHDI p1 p2 [ 413.616091][T14682] loop2: partition table partially beyond EOD, truncated [ 413.623882][T14682] loop2: p1 size 4227858431 extends beyond EOD, truncated [ 413.647832][T14685] evm: overlay not supported [ 413.820658][T14696] atomic_op ffff8880354f1998 conn xmit_atomic 0000000000000000 [ 414.157483][T14704] Invalid source name [ 414.161584][T14704] UBIFS error (pid: 14704): cannot open "./file0", error -22 [ 414.757578][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 415.009187][ T5845] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 415.285922][T14725] atomic_op ffff888064538998 conn xmit_atomic 0000000000000000 [ 415.508193][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 415.514417][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 415.520695][ T5141] Bluetooth: hci5: command 0x0c1a tx timeout [ 415.586271][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 416.184332][T14758] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3494'. [ 416.186129][T14739] team0: No ports can be present during mode change [ 416.208697][T14759] atomic_op ffff88806bb11198 conn xmit_atomic 0000000000000000 [ 416.248606][T14739] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3487'. [ 416.701674][ T5845] Bluetooth: hci3: unexpected event for opcode 0x0c05 [ 416.763716][T14739] team0 (unregistering): Port device team_slave_0 removed [ 416.784765][T14739] team0 (unregistering): Port device team_slave_1 removed [ 416.964878][T14778] ------------[ cut here ]------------ [ 416.970963][T14778] WARNING: CPU: 1 PID: 14778 at ./include/linux/memcontrol.h:361 folio_memcg+0x1a6/0x310 [ 416.980961][T14778] Modules linked in: [ 416.985269][T14778] CPU: 1 UID: 0 PID: 14778 Comm: syz.4.3503 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 416.997494][T14778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.009397][T14778] RIP: 0010:folio_memcg+0x1a6/0x310 [ 417.014734][ T5845] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 417.024068][T14778] Code: 42 80 3c 28 00 74 08 4c 89 ff e8 e5 a7 1d 00 4d 8b 3f 4c 89 f8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 3b ff b5 ff 90 <0f> 0b 90 eb c6 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ff fe ff ff [ 417.044033][T14778] RSP: 0018:ffffc9000b33f178 EFLAGS: 00010283 [ 417.050667][T14778] RAX: ffffffff820d4535 RBX: 0000000000000000 RCX: 0000000000080000 [ 417.058763][T14778] RDX: ffffc9001c739000 RSI: 00000000000021be RDI: 00000000000021bf [ 417.066893][T14778] RBP: 0000000000000000 R08: ffffffff820d44f8 R09: 1ffffd4000095630 [ 417.074935][T14778] R10: dffffc0000000000 R11: fffff94000095631 R12: ffffea00004ab1b0 [ 417.083075][T14778] R13: dffffc0000000000 R14: ffffea00004ab180 R15: ffff888026f03a00 [ 417.091151][T14778] FS: 00007fe4032b56c0(0000) GS:ffff8881250c9000(0000) knlGS:0000000000000000 [ 417.100187][T14778] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 417.107080][T14778] CR2: 0000000000000000 CR3: 00000000633ea000 CR4: 00000000003526f0 [ 417.116755][T14778] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 417.126172][T14778] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 417.134380][T14778] Call Trace: [ 417.137850][T14778] [ 417.140869][T14778] workingset_activation+0x5f/0x4b0 [ 417.146213][T14778] ? folio_mark_accessed+0x6e1/0xa40 [ 417.151557][T14778] folio_mark_accessed+0x73e/0xa40 [ 417.156811][T14778] ? folio_mark_accessed+0x2d2/0xa40 [ 417.162188][T14778] kvm_release_page_clean+0x9b/0xe0 [ 417.167576][T14778] kvm_tdp_page_fault+0x304/0x3a0 [ 417.172676][T14778] kvm_mmu_do_page_fault+0x579/0xb50 [ 417.178126][T14778] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 417.184012][T14778] ? vmx_vcpu_run+0x16cf/0x2780 [ 417.189002][T14778] kvm_mmu_page_fault+0x2e5/0xc70 [ 417.194113][T14778] ? __pfx_kvm_mmu_load+0x10/0x10 [ 417.199276][T14778] ? __pfx_kvm_mmu_page_fault+0x10/0x10 [ 417.204893][T14778] ? rcu_is_watching+0x15/0xb0 [ 417.209788][T14778] ? handle_ept_violation+0x35b/0x690 [ 417.216890][T14778] ? __pfx_handle_ept_violation+0x10/0x10 [ 417.224162][T14778] vmx_handle_exit+0x1076/0x1b20 [ 417.229274][T14778] ? vcpu_run+0x4cbf/0x7ad0 [ 417.233833][T14778] vcpu_run+0x5ecb/0x7ad0 [ 417.238347][T14778] ? vcpu_run+0x4cbf/0x7ad0 [ 417.240425][T14780] syz.3.3502: attempt to access beyond end of device [ 417.240425][T14780] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 417.242982][T14778] ? __pfx_vcpu_run+0x10/0x10 [ 417.257469][T14780] (syz.3.3502,14780,0):ocfs2_get_sector:1714 ERROR: status = -5 [ 417.261096][T14778] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 417.261171][T14778] kvm_arch_vcpu_ioctl_run+0x1047/0x1910 [ 417.269296][T14780] (syz.3.3502,14780,0):ocfs2_sb_probe:753 ERROR: status = -5 [ 417.269331][T14780] (syz.3.3502,14780,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 417.269353][T14780] (syz.3.3502,14780,0):ocfs2_fill_super:1177 ERROR: status = -5 [ 417.306005][T14778] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1910 [ 417.311828][T14778] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 417.319645][T14778] ? __pfx___mutex_trylock_common+0x10/0x10 [ 417.326977][T14778] ? rcu_is_watching+0x15/0xb0 [ 417.331817][T14778] ? look_up_lock_class+0x7b/0x170 [ 417.337067][T14778] ? register_lock_class+0x54/0x330 [ 417.342355][T14778] ? __lock_acquire+0xad5/0xd80 [ 417.347351][T14778] ? do_raw_write_lock+0x14a/0x4f0 [ 417.352555][T14778] kvm_vcpu_ioctl+0xa24/0x1030 [ 417.357482][T14778] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 417.362736][T14778] ? __lock_acquire+0xad5/0xd80 [ 417.367730][T14778] ? __asan_memset+0x23/0x50 [ 417.372380][T14778] ? smack_file_ioctl+0x361/0x3b0 [ 417.377598][T14778] ? __pfx_smack_file_ioctl+0x10/0x10 [ 417.383044][T14778] ? __fget_files+0x2a/0x420 [ 417.387796][T14778] ? __fget_files+0x2a/0x420 [ 417.392477][T14778] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 417.397822][T14778] __se_sys_ioctl+0xf1/0x160 [ 417.402468][T14778] do_syscall_64+0xf3/0x230 [ 417.407156][T14778] ? clear_bhb_loop+0x45/0xa0 [ 417.411890][T14778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.419511][T14778] RIP: 0033:0x7fe40238d169 [ 417.425864][T14778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.445688][T14778] RSP: 002b:00007fe4032b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 417.454230][T14778] RAX: ffffffffffffffda RBX: 00007fe4025a5fa0 RCX: 00007fe40238d169 [ 417.462389][T14778] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 417.470473][T14778] RBP: 00007fe40240e990 R08: 0000000000000000 R09: 0000000000000000 [ 417.478597][T14778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.486677][T14778] R13: 0000000000000000 R14: 00007fe4025a5fa0 R15: 00007ffecad57058 [ 417.494723][T14778] [ 417.497905][T14778] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 417.505226][T14778] CPU: 1 UID: 0 PID: 14778 Comm: syz.4.3503 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 417.517331][T14778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.527406][T14778] Call Trace: [ 417.530696][T14778] [ 417.533642][T14778] dump_stack_lvl+0x241/0x360 [ 417.538342][T14778] ? __pfx_dump_stack_lvl+0x10/0x10 [ 417.543568][T14778] ? __pfx__printk+0x10/0x10 [ 417.548198][T14778] ? vscnprintf+0x5d/0x90 [ 417.552551][T14778] panic+0x349/0x880 [ 417.556506][T14778] ? __warn+0x174/0x4d0 [ 417.560699][T14778] ? __pfx_panic+0x10/0x10 [ 417.565155][T14778] __warn+0x344/0x4d0 [ 417.569155][T14778] ? folio_memcg+0x1a6/0x310 [ 417.573768][T14778] report_bug+0x2b3/0x500 [ 417.578110][T14778] ? folio_memcg+0x1a6/0x310 [ 417.582722][T14778] ? folio_memcg+0x1a6/0x310 [ 417.587334][T14778] ? folio_memcg+0x1a8/0x310 [ 417.591941][T14778] handle_bug+0x89/0x170 [ 417.596204][T14778] exc_invalid_op+0x1a/0x50 [ 417.600740][T14778] asm_exc_invalid_op+0x1a/0x20 [ 417.605606][T14778] RIP: 0010:folio_memcg+0x1a6/0x310 [ 417.610838][T14778] Code: 42 80 3c 28 00 74 08 4c 89 ff e8 e5 a7 1d 00 4d 8b 3f 4c 89 f8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 3b ff b5 ff 90 <0f> 0b 90 eb c6 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ff fe ff ff [ 417.630469][T14778] RSP: 0018:ffffc9000b33f178 EFLAGS: 00010283 [ 417.636561][T14778] RAX: ffffffff820d4535 RBX: 0000000000000000 RCX: 0000000000080000 [ 417.644714][T14778] RDX: ffffc9001c739000 RSI: 00000000000021be RDI: 00000000000021bf [ 417.652695][T14778] RBP: 0000000000000000 R08: ffffffff820d44f8 R09: 1ffffd4000095630 [ 417.660674][T14778] R10: dffffc0000000000 R11: fffff94000095631 R12: ffffea00004ab1b0 [ 417.668656][T14778] R13: dffffc0000000000 R14: ffffea00004ab180 R15: ffff888026f03a00 [ 417.676648][T14778] ? folio_memcg+0x168/0x310 [ 417.681263][T14778] ? folio_memcg+0x1a5/0x310 [ 417.685877][T14778] ? folio_memcg+0x1a5/0x310 [ 417.690507][T14778] workingset_activation+0x5f/0x4b0 [ 417.695798][T14778] ? folio_mark_accessed+0x6e1/0xa40 [ 417.701126][T14778] folio_mark_accessed+0x73e/0xa40 [ 417.706259][T14778] ? folio_mark_accessed+0x2d2/0xa40 [ 417.711569][T14778] kvm_release_page_clean+0x9b/0xe0 [ 417.716813][T14778] kvm_tdp_page_fault+0x304/0x3a0 [ 417.721863][T14778] kvm_mmu_do_page_fault+0x579/0xb50 [ 417.727194][T14778] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 417.733226][T14778] ? vmx_vcpu_run+0x16cf/0x2780 [ 417.738097][T14778] kvm_mmu_page_fault+0x2e5/0xc70 [ 417.743140][T14778] ? __pfx_kvm_mmu_load+0x10/0x10 [ 417.748177][T14778] ? __pfx_kvm_mmu_page_fault+0x10/0x10 [ 417.753745][T14778] ? rcu_is_watching+0x15/0xb0 [ 417.758545][T14778] ? handle_ept_violation+0x35b/0x690 [ 417.763974][T14778] ? __pfx_handle_ept_violation+0x10/0x10 [ 417.769725][T14778] vmx_handle_exit+0x1076/0x1b20 [ 417.774688][T14778] ? vcpu_run+0x4cbf/0x7ad0 [ 417.779206][T14778] vcpu_run+0x5ecb/0x7ad0 [ 417.783572][T14778] ? vcpu_run+0x4cbf/0x7ad0 [ 417.788136][T14778] ? __pfx_vcpu_run+0x10/0x10 [ 417.792843][T14778] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 417.798598][T14778] kvm_arch_vcpu_ioctl_run+0x1047/0x1910 [ 417.804255][T14778] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1910 [ 417.809990][T14778] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 417.815985][T14778] ? __pfx___mutex_trylock_common+0x10/0x10 [ 417.821893][T14778] ? rcu_is_watching+0x15/0xb0 [ 417.826680][T14778] ? look_up_lock_class+0x7b/0x170 [ 417.831811][T14778] ? register_lock_class+0x54/0x330 [ 417.837034][T14778] ? __lock_acquire+0xad5/0xd80 [ 417.841911][T14778] ? do_raw_write_lock+0x14a/0x4f0 [ 417.847057][T14778] kvm_vcpu_ioctl+0xa24/0x1030 [ 417.851842][T14778] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 417.857057][T14778] ? __lock_acquire+0xad5/0xd80 [ 417.861962][T14778] ? __asan_memset+0x23/0x50 [ 417.866595][T14778] ? smack_file_ioctl+0x361/0x3b0 [ 417.871664][T14778] ? __pfx_smack_file_ioctl+0x10/0x10 [ 417.877077][T14778] ? __fget_files+0x2a/0x420 [ 417.881712][T14778] ? __fget_files+0x2a/0x420 [ 417.886338][T14778] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 417.891590][T14778] __se_sys_ioctl+0xf1/0x160 [ 417.896249][T14778] do_syscall_64+0xf3/0x230 [ 417.900779][T14778] ? clear_bhb_loop+0x45/0xa0 [ 417.905482][T14778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.911397][T14778] RIP: 0033:0x7fe40238d169 [ 417.915828][T14778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.935460][T14778] RSP: 002b:00007fe4032b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 417.943900][T14778] RAX: ffffffffffffffda RBX: 00007fe4025a5fa0 RCX: 00007fe40238d169 [ 417.951884][T14778] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 417.960039][T14778] RBP: 00007fe40240e990 R08: 0000000000000000 R09: 0000000000000000 [ 417.968023][T14778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.976001][T14778] R13: 0000000000000000 R14: 00007fe4025a5fa0 R15: 00007ffecad57058 [ 417.983999][T14778] [ 417.987304][T14778] Kernel Offset: disabled [ 417.991630][T14778] Rebooting in 86400 seconds..