last executing test programs: 6m14.705875629s ago: executing program 2 (id=3819): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) read(r0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)) 6m14.211424245s ago: executing program 2 (id=3823): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000540)={0x0, 0x8c7c8f6744f0b74e, 0x8, "d4a911bb11e39d2e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0) 6m13.200716013s ago: executing program 2 (id=3830): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x4c, r1, 0x1, 0x2000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_FRAME={0x2a, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x2}, @device_b, @device_a, @from_mac=@device_b, {0x2, 0x94a}}, 0x8080, 0x101, {0x0, 0x6, @default_ibss_ssid}, @val, @void}}]}, 0x4c}}, 0x0) 6m12.543506253s ago: executing program 2 (id=3836): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x2) 6m12.042661749s ago: executing program 2 (id=3841): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x3c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x20, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xa, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0x10, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000041}, 0x4880) 6m10.999897566s ago: executing program 2 (id=3856): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x25dfdbfc, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7d}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xe}, {}, {0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0xea}, {}, {0x0, 0x0, 0x0, 0x2}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xa3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffa3}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0) 6m8.350888737s ago: executing program 32 (id=3856): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x25dfdbfc, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7d}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xe}, {}, {0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0xea}, {}, {0x0, 0x0, 0x0, 0x2}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xa3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffa3}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0) 5m16.170362447s ago: executing program 5 (id=4084): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1], 0x3c}}, 0x0) socket$packet(0x11, 0xa, 0x300) syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa0088e5"], 0x0) 5m15.146823484s ago: executing program 5 (id=4089): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x27c, &(0x7f0000000600)="$eJzs281qE1EYxvGnH9ov20Sr1VbEF93oZmjjFYTSghhQaiN+gDC1Ew2ZJiUTKhGx3bn1LoTi0p0g3kA3XoELd9247EIc6UxskzaiFXRs8/9tzhvOPOGcnDPhLGY2775aKhUCp+DW1N1l6pX6tSWl1a0exboabXdUH1ezNV0dzX26cPve/RvZXG5mzmw2O38tY2YjF98/ff7m0ofa0J23I+/6tJF+uPkl83ljbGN889v8k2JgxcDKlZq5tlCp1NwF37PFYlByzG75nht4ViwHXrWlv+BXlpfr5pYXhweXq14QmFuuW8mrW61itWrd3MdusWyO49jwoPAr+fW5OTeb9Cjwd1WrWXda0sS+nvx6IgMCAACJanP+X+P83yk4/3eC7fP/g8b924rzPwAAAAAAAAAAAAAAAAAAAAAAh8FWGKbCMEz9aI9J0Rs+YePzgKRBSUOSTkgaljQiKSUpLemkpFOSRiWdlnRG0piks5LOSRpv+q6k54r9kln/gSSnjCbc/52N9e9sTS/u9ktLL1fyK/m4jfuzBRXly9OkUvoarWVDXM9ez81MWiSt80urjfzqSr6nNT+l1PaGaZefivPWmu+L9t1OPqPU9gZrl8+0zffryuWmvKOUPj5SRb4Woz25m38xZTZ9M7cnPxFdd9Q5tqPt+jnOz/rj/AH2x57ft1cTvcnOHVJQf1Zyfd+rUlAcheK1/othHP4i6X8m/Au7i570SAAAAAAAAAAAAAAAAAAAB/GnTwiGq3H+dy5Oeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOz1PQAA//+5gF2o") r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', 0x0) umount2(&(0x7f0000000040)='.\x00', 0x2) close_range(r0, 0xffffffffffffffff, 0x0) 5m14.06226417s ago: executing program 5 (id=4094): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0) 5m12.053018064s ago: executing program 5 (id=4099): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=") mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mkdir(&(0x7f0000000000)='./control\x00', 0x42) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000d80)='./control\x00') 5m10.475053179s ago: executing program 5 (id=4105): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) dup2(r1, r0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x7) mbind(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x7797, 0x3) 5m9.800227074s ago: executing program 5 (id=4107): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000009900000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 5m8.009343558s ago: executing program 33 (id=4107): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000009900000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 7.880992633s ago: executing program 1 (id=5684): bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103000000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000200)={0x44, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x80, 0x1c, {0x100, 0x70, 0x8, 0x1ff, 0x7, 0x100, 0xfeba, 0x2000000, 0x8000, 0x8, 0xb, 0x9}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 6.75424319s ago: executing program 1 (id=5691): timer_create(0x7d012b4cafbe7efb, 0x0, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x110, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, 0x0, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x2, 0x0, 0x106) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00'}, 0x10) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f00000000c0)='./file1\x00', r2, &(0x7f0000000100)='./file0\x00') recvmsg$can_raw(0xffffffffffffffff, 0x0, 0x1) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180)) ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0x800000000000001) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r3, 0x0, 0x8) timer_create(0x1, &(0x7f00000003c0)={0x0, 0x9, 0x0, @thr={&(0x7f0000000240), &(0x7f0000000380)="82d2f8ee56cced57"}}, &(0x7f0000000480)=0x0) timer_getoverrun(r4) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000a40)={0xffffffffffffffff, &(0x7f0000000b00), &(0x7f0000000940)=""/16}, 0x20) 5.568535082s ago: executing program 1 (id=5705): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x9, 0x4) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000c0}, 0x44801) pipe2(&(0x7f0000000800)={0x0, 0x0}, 0x80000) splice(r0, 0x0, r2, 0x0, 0x6c, 0xd) 4.954690791s ago: executing program 0 (id=5698): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = epoll_create1(0x0) sendmsg$alg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000640)="010000000000", 0x6}], 0x1, 0x0, 0x0, 0x4000040}, 0x8105) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x20000005}) 4.318083205s ago: executing program 0 (id=5702): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab070004000523a608463a3f", @ANYRES16=r0], 0xfe33) 3.609817637s ago: executing program 0 (id=5708): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 3.34655054s ago: executing program 6 (id=5710): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0xf3}) 3.246542981s ago: executing program 3 (id=5711): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = syz_io_uring_setup(0x88c, &(0x7f0000000140)={0x0, 0x35a, 0x0, 0x20000002, 0xbfdffffc}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x10, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0) write$P9_RSTATu(r0, &(0x7f00000000c0)=ANY=[], 0x232) 2.977586637s ago: executing program 6 (id=5712): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000f40)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000004) 2.782684392s ago: executing program 4 (id=5713): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendmmsg$inet6(r0, &(0x7f0000001880)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)="8457", 0x2}], 0x1}}], 0x1, 0x4400c800) sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) 2.356786169s ago: executing program 3 (id=5714): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x24008440) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) 2.329354011s ago: executing program 0 (id=5724): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040)=0x999, 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f", 0x6, 0x11, 0x0, 0x0) recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1}, 0x7fff}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000100)=""/198, 0xc6}], 0x1}, 0xfff}], 0x2, 0x0, 0x0) 2.325338615s ago: executing program 4 (id=5725): setgroups(0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) ioctl$TUNSETOFFLOAD(r1, 0x400454ce, 0x3) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) 2.320228686s ago: executing program 6 (id=5715): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000000c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fddbdf251500000008000300", @ANYRES32=r2, @ANYBLOB="0500290040"], 0x28}, 0x1, 0x0, 0x0, 0x23c95238d8c2d42c}, 0xc4) 1.93090588s ago: executing program 4 (id=5716): r0 = syz_clone(0x80048080, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x4, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stack\x00') pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 1.87796592s ago: executing program 3 (id=5717): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)={0x4c, r1, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "403a050c5baee2004ef2b6d713459a7a"}, @NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x860}, 0x0) 1.827217401s ago: executing program 6 (id=5718): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) close(r0) 1.672726388s ago: executing program 1 (id=5719): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") bpf$PROG_LOAD(0x5, 0x0, 0x0) utimes(&(0x7f0000000100)='./file0\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0) 1.266982399s ago: executing program 3 (id=5720): r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}, 0x1e) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x4, @local, 'team_slave_1\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) 1.206248693s ago: executing program 4 (id=5721): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000000)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x1c, r0, 0x7d243a6ea807936d, 0x12, 0x25dfdbf8, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48891}, 0x880) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), r1) 1.048661678s ago: executing program 6 (id=5722): ioctl(0xffffffffffffffff, 0x890b, &(0x7f0000000040)="7ef17527c5c0f635b818aa60aa81203703e5f2322a4f51d378be49dc5effbe6de21744ccc1db54aa40f8fd2d620cb802cf191cce324acbf1204cd327ce29bd7d7334a1f2fcaea1fe936dc8d435") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f0000000400)=ANY=[], 0x1a3) write$binfmt_misc(r0, &(0x7f0000000040)="0db723740d6678af6874bb74fb7875012c7de0568a8315a6736b7635e00126b713064871082ef63a291542a0bbb266ec7c61a508716f1b1ea80046ef", 0xe5c) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x2180) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 1.042447835s ago: executing program 0 (id=5723): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) 863.610139ms ago: executing program 1 (id=5726): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)={[{}, {}, {}, {}]}, 0x1, 0x1cf, &(0x7f00000002c0)="$eJzKKC4s5mdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUfFChopbyUkVp08wsFy3v6bSLMHp8EeewyFJ00GH6YiPR9aMxhLOSVKaYmxsmQpnz3yQX8emcYTh0QrmjXWeeY11halT89LykqqyqrLmTZy4cWZjZ2Pjyol1UWl+qxhbUlw2NXUyMjlsURPYzGyoPslGe8K79lUPkxxYezz8mk8ZK71OZb5kvLBI6tSKqpkTvijNZjT8znCHp2yFhIaGk8QVCYsGE4YjdbYNriAnpjQwpCmEMSapsYm1bTkzJ4SZn81tgUJL8gmm0KMcS2dKWBwQqjr501LzrUOi24xtTx3YzvAcPs6zpqBP0Oi4BIPTQsH/MiBjEhoayjTWMi21XfClSOOvhNdqY6cMBnd7pmWwAGVpAJEroTxZsJ6E5BUeOpqaRinJCQ2bJBKS3AoMlRm27uFcLdDAgBRtKgwMDNsZYXELAddgjFEwCkbBKBgFo2AUjIJRMApGwSgYBSMCAAIAAP//wHCY0w==") msgctl$MSG_STAT_ANY(0x0, 0xd, 0x0) quotactl$Q_SETQUOTA(0x0, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) r0 = fsopen(&(0x7f0000000140)='squashfs\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x8, 0x0, 0x0, 0x0) 598.820978ms ago: executing program 3 (id=5727): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000f40)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x20000004) 534.646029ms ago: executing program 4 (id=5728): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0684113, &(0x7f0000000240)={0x0, 0x7f0c, 0x1000, 0x1, 0xfff, 0x9, 0x2, 0xffffffff, 0x2, 0x218, 0x7}) 454.979028ms ago: executing program 6 (id=5729): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42101, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000121"], 0xffe) 330.56868ms ago: executing program 0 (id=5730): openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x4) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0xffffdffe, 0x1}, 0xc) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000640)={{{@in=@multicast1, @in=@local, 0x4e21, 0x0, 0x2, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x2, 0xfffffffffffffffd, 0x2, 0x1, 0x0, 0x4, 0x1}, {0x0, 0x40000000, 0x0, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {{@in6=@mcast1, 0x0, 0x32}, 0xa, @in=@empty, 0xfffffffe, 0x1}}, 0xe8) sendmmsg$inet6(r1, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0) 234.128062ms ago: executing program 1 (id=5731): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x7, 0x7) vmsplice(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="eec9", 0x2}], 0x1, 0x7) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, 0x0) write(r0, 0x0, 0x0) 13.074558ms ago: executing program 3 (id=5732): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e26, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000) 0s ago: executing program 4 (id=5733): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)={0xe, 0x7, 0x1, {{0x1, '}'}, 0xb8e}}, 0xe) sync() close(r0) kernel console output (not intermixed with test programs): .024158][ T9889] macvlan2: entered promiscuous mode [ 645.874650][ T9925] netlink: 'syz.1.1479': attribute type 1 has an invalid length. [ 646.077348][ T9925] 8021q: adding VLAN 0 to HW filter on device bond7 [ 646.192144][ T9931] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1480'. [ 648.738192][ T9963] netlink: 'syz.0.1494': attribute type 1 has an invalid length. [ 649.026833][ T9966] 8021q: adding VLAN 0 to HW filter on device bond4 [ 651.819538][T10004] netlink: 'syz.4.1510': attribute type 1 has an invalid length. [ 652.619794][T10017] Cache volume key already in use (9p,(null),;dev;ttyS3) [ 653.189991][T10027] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1518'. [ 653.199817][T10027] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1518'. [ 653.334715][T10030] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1519'. [ 654.637862][T10042] netlink: 'syz.4.1526': attribute type 1 has an invalid length. [ 654.825109][T10048] 8021q: adding VLAN 0 to HW filter on device bond5 [ 655.623173][T10058] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1531'. [ 655.633560][T10058] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1531'. [ 655.643197][T10058] sch_tbf: burst 720 is lower than device lo mtu (65550) ! [ 656.525308][T10069] mmap: syz.1.1536 (10069): VmData 37376000 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 657.071272][T10077] warning: `syz.3.1538' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 657.891726][T10085] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1543'. [ 657.937477][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 658.243346][T10088] Cache volume key already in use (9p,(null),;dev;ttyS3) [ 658.676288][T10098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1548'. [ 659.401927][T10107] netlink: 'syz.1.1552': attribute type 1 has an invalid length. [ 659.533028][T10107] 8021q: adding VLAN 0 to HW filter on device bond8 [ 661.126752][T10127] netlink: 'syz.4.1560': attribute type 1 has an invalid length. [ 661.329399][T10129] 8021q: adding VLAN 0 to HW filter on device bond6 [ 663.619521][T10160] Cache volume key already in use (9p,(null),;dev;ttyS3) [ 665.315019][T10182] bridge0: entered promiscuous mode [ 665.354966][T10180] bridge0: left promiscuous mode [ 666.312119][ T2216] IPVS: starting estimator thread 0... [ 666.422050][T10199] IPVS: using max 192 ests per chain, 9600 per kthread [ 670.599251][T10250] bond5: (slave ip6gretap1): Releasing backup interface [ 672.514774][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1624'. [ 672.566091][T10270] netlink: 173 bytes leftover after parsing attributes in process `syz.4.1624'. [ 677.602153][T10324] netlink: 'syz.2.1643': attribute type 7 has an invalid length. [ 680.628585][T10351] sch_tbf: burst 0 is lower than device lo mtu (39799) ! [ 682.311168][T10372] futex_wake_op: syz.0.1661 tries to shift op by 32; fix this program [ 685.222746][T10409] netlink: 'syz.2.1676': attribute type 1 has an invalid length. [ 686.977001][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.653965][T10443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1689'. [ 687.774591][T10448] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1691'. [ 695.339589][T10551] netlink: 'syz.3.1732': attribute type 1 has an invalid length. [ 697.510302][T10580] netlink: 'syz.4.1745': attribute type 11 has an invalid length. [ 698.264254][T10593] netlink: 'syz.4.1750': attribute type 1 has an invalid length. [ 698.463715][T10597] IPv6: Can't replace route, no match found [ 700.229316][T10621] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1761'. [ 701.465365][T10632] netlink: 'syz.4.1766': attribute type 1 has an invalid length. [ 704.497587][T10663] netlink: 'syz.0.1776': attribute type 21 has an invalid length. [ 705.124905][T10670] veth1_macvtap: left promiscuous mode [ 705.214047][T10671] netlink: 666 bytes leftover after parsing attributes in process `syz.3.1779'. [ 709.382307][T10715] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1796'. [ 712.901485][T10747] (unnamed net_device) (uninitialized): option arp_validate: invalid value (117440512) [ 714.162585][T10758] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1814'. [ 717.128768][T10794] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1830'. [ 717.142324][T10794] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1830'. [ 717.711095][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1832'. [ 717.721654][T10800] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1832'. [ 721.453733][T10836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1845'. [ 721.469229][T10836] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1845'. [ 721.838080][ T52] Bluetooth: hci1: unexpected event for opcode 0x0c25 [ 721.913287][ T2216] IPVS: starting estimator thread 0... [ 721.933026][T10839] IPVS: sed: UDP 224.0.0.2:0 - no destination available [ 722.030656][T10844] IPVS: using max 192 ests per chain, 9600 per kthread [ 724.246790][T10873] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1861'. [ 724.257631][T10873] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1861'. [ 724.393033][T10875] netlink: 'syz.0.1862': attribute type 1 has an invalid length. [ 726.811422][T10907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1875'. [ 726.821703][T10907] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1875'. [ 726.882523][T10909] netlink: 'syz.2.1878': attribute type 1 has an invalid length. [ 727.650792][T10919] vxcan1: tx address claim with different name [ 728.376197][T10928] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 728.402006][ T2216] IPVS: starting estimator thread 0... [ 728.504276][T10932] IPVS: using max 192 ests per chain, 9600 per kthread [ 730.165213][T10950] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 730.517443][T10952] netlink: 'syz.3.1894': attribute type 1 has an invalid length. [ 732.295440][T10975] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1903'. [ 732.305847][T10975] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1903'. [ 737.739644][T11039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1932'. [ 737.749984][T11039] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1932'. [ 749.180753][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.190771][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.200393][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.209931][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.219541][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.229136][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.238817][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.248184][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.257768][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 749.268725][T11183] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31 [ 751.829120][T11211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2009'. [ 753.601529][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 756.737342][ T2216] kernel write not supported for file [eventfd] (pid: 2216 comm: kworker/1:2) [ 771.056631][ T4084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 771.065579][ T4084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 771.478235][T11437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2098'. [ 771.501933][T11439] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2099'. [ 771.519051][T11439] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2099'. [ 771.993047][T11444] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2101'. [ 772.002928][T11444] net_ratelimit: 1271 callbacks suppressed [ 772.003010][T11444] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 773.770140][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 773.770227][ T30] audit: type=1326 audit(2000000125.062:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11468 comm="syz.0.2112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 773.947030][ T30] audit: type=1326 audit(2000000125.099:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11468 comm="syz.0.2112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 773.973378][ T30] audit: type=1326 audit(2000000125.099:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11468 comm="syz.0.2112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 773.996925][ T30] audit: type=1326 audit(2000000125.099:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11468 comm="syz.0.2112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 774.749483][T11482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2118'. [ 775.686006][T11495] overlayfs: failed to resolve './file0/file0': -2 [ 776.034766][ T5841] IPVS: starting estimator thread 0... [ 776.139910][T11501] IPVS: using max 192 ests per chain, 9600 per kthread [ 778.442488][T11535] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2137'. [ 782.079039][T11579] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2155'. [ 782.089599][T11579] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2155'. [ 783.474878][T11596] netlink: 'syz.3.2161': attribute type 1 has an invalid length. [ 783.667624][T11601] 8021q: adding VLAN 0 to HW filter on device bond6 [ 787.147214][T11643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2179'. [ 787.158114][T11643] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2179'. [ 787.281889][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 789.420233][T11677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2194'. [ 789.429924][T11677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2194'. [ 790.258552][ T30] audit: type=1326 audit(2000000140.268:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11674 comm="syz.0.2193" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7fc00000 [ 792.081309][T11711] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'. [ 792.095764][T11711] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2207'. [ 797.078597][T11770] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2230'. [ 797.144251][T11770] netlink: 'syz.3.2230': attribute type 10 has an invalid length. [ 806.637875][T11892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2282'. [ 806.665273][T11892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2282'. [ 806.743604][T11894] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2282'. [ 806.754347][T11894] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2282'. [ 810.305788][T11939] bridge0: port 1(vlan3) entered blocking state [ 810.322372][T11939] bridge0: port 1(vlan3) entered disabled state [ 810.331349][T11939] vlan3: entered allmulticast mode [ 810.337679][T11939] bridge0: entered allmulticast mode [ 810.453969][T11939] vlan3: left allmulticast mode [ 810.459953][T11939] bridge0: left allmulticast mode [ 813.501545][T11972] veth0: entered promiscuous mode [ 813.521446][T11972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2313'. [ 813.624140][ T30] audit: type=1326 audit(2000000161.832:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.712739][ T30] audit: type=1326 audit(2000000161.869:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.737221][ T30] audit: type=1326 audit(2000000161.869:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.760603][ T30] audit: type=1326 audit(2000000161.924:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.783988][ T30] audit: type=1326 audit(2000000161.924:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.838968][ T30] audit: type=1326 audit(2000000162.035:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.863502][ T30] audit: type=1326 audit(2000000162.035:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.886786][ T30] audit: type=1326 audit(2000000162.044:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.914047][ T30] audit: type=1326 audit(2000000162.063:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 813.939868][ T30] audit: type=1326 audit(2000000162.118:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 816.098848][T12010] overlayfs: failed to clone lowerpath [ 816.952127][T12021] overlayfs: failed to clone upperpath [ 817.552222][T12027] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 817.560007][T12027] IPv6: NLM_F_CREATE should be set when creating new route [ 817.567513][T12027] IPv6: NLM_F_CREATE should be set when creating new route [ 817.810101][T12029] overlayfs: failed to clone upperpath [ 820.156473][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 822.605619][T12094] Cache volume key already in use (9p,(null),;dev;ttyS3) [ 823.866872][T12105] netlink: 'syz.1.2362': attribute type 1 has an invalid length. [ 823.958763][T12105] 8021q: adding VLAN 0 to HW filter on device bond9 [ 824.095041][T12110] bond9: (slave syz_tun): making interface the new active one [ 824.111970][T12110] bond9: (slave syz_tun): Enslaving as an active interface with an up link [ 824.198666][T12108] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 828.584923][T12169] TCP: TCP_TX_DELAY enabled [ 829.825219][T12187] @: renamed from vlan0 (while UP) [ 830.133008][T12191] 9pnet_fd: Insufficient options for proto=fd [ 830.212846][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 830.212937][ T30] audit: type=1326 audit(2000000433.140:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.250241][ T30] audit: type=1326 audit(2000000433.140:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.273165][ T30] audit: type=1326 audit(2000000433.140:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.296630][ T30] audit: type=1326 audit(2000000433.140:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.319546][ T30] audit: type=1326 audit(2000000433.140:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.367819][ T30] audit: type=1326 audit(2000000433.278:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.391442][ T30] audit: type=1326 audit(2000000433.278:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf745d5a7 code=0x7ffc0000 [ 830.414423][ T30] audit: type=1326 audit(2000000433.278:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.674545][ T30] audit: type=1326 audit(2000000433.361:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 830.697755][ T30] audit: type=1326 audit(2000000433.361:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.2395" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf745d5a7 code=0x7ffc0000 [ 832.819926][T12224] overlayfs: failed to clone lowerpath [ 834.344840][T12239] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 838.444837][T12287] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 839.089662][T12295] netlink: 'syz.3.2432': attribute type 4 has an invalid length. [ 839.216880][T12297] netlink: 'syz.3.2432': attribute type 4 has an invalid length. [ 841.189395][ T30] kauditd_printk_skb: 108 callbacks suppressed [ 841.189491][ T30] audit: type=1800 audit(2000000443.271:290): pid=12321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2441" name="bus" dev="tmpfs" ino=2662 res=0 errno=0 [ 843.341786][T12338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2447'. [ 843.351259][T12338] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2447'. [ 843.397924][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 846.109061][T12371] @: renamed from vlan0 (while UP) [ 846.611714][T12378] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2459'. [ 847.039846][T12381] netlink: 'syz.1.2461': attribute type 4 has an invalid length. [ 847.124456][T12383] netlink: 'syz.1.2461': attribute type 4 has an invalid length. [ 849.200245][T12406] overlayfs: failed to resolve './file0': -2 [ 849.389094][T12409] Invalid ELF header magic: != ELF [ 850.699858][T12423] netlink: 'syz.2.2475': attribute type 4 has an invalid length. [ 850.791133][T12424] netlink: 'syz.2.2475': attribute type 4 has an invalid length. [ 851.159878][T12427] bond9: (slave syz_tun): Releasing active interface [ 852.280000][T12437] overlayfs: failed to clone upperpath [ 853.943808][T12456] overlayfs: failed to clone upperpath [ 854.766529][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2490'. [ 857.084821][T12486] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 857.974087][T12502] overlayfs: failed to clone upperpath [ 860.014394][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2511'. [ 860.078061][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2511'. [ 860.126963][T12521] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2511'. [ 860.136729][T12521] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2511'. [ 862.904845][T12544] netlink: 'syz.4.2520': attribute type 10 has an invalid length. [ 862.984786][T12544] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 863.006435][T12544] batadv0: entered allmulticast mode [ 863.015500][T12544] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 863.168088][T12549] overlayfs: failed to clone upperpath [ 864.242992][T12558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2524'. [ 864.689586][ T30] audit: type=1804 audit(2000000464.919:291): pid=12567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2526" name="file0" dev="tmpfs" ino=2600 res=1 errno=0 [ 864.767693][T12561] overlayfs: failed to resolve './file0': -2 [ 865.759500][T12572] 9pnet_fd: Insufficient options for proto=fd [ 868.585257][T12602] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 868.593355][T12602] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 872.367874][ T30] audit: type=1326 audit(2000000472.033:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.395214][ T30] audit: type=1326 audit(2000000472.033:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.419693][ T30] audit: type=1326 audit(2000000472.042:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=186 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.442755][ T30] audit: type=1326 audit(2000000472.042:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.465702][ T30] audit: type=1326 audit(2000000472.042:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.489727][ T30] audit: type=1326 audit(2000000472.079:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=461 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.517846][ T30] audit: type=1326 audit(2000000472.079:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.542221][ T30] audit: type=1326 audit(2000000472.079:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.565026][ T30] audit: type=1326 audit(2000000472.079:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 872.588082][ T30] audit: type=1326 audit(2000000472.088:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12642 comm="syz.4.2552" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 873.698721][T12653] overlayfs: failed to clone upperpath [ 878.866131][T12703] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 879.652011][T12709] netlink: 'syz.3.2574': attribute type 1 has an invalid length. [ 880.250486][T12714] bond0: (slave batadv0): Releasing backup interface [ 880.335719][T12714] batadv0: left allmulticast mode [ 885.065549][T12761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2591'. [ 885.076349][T12761] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2591'. [ 885.101509][T12763] overlayfs: failed to clone upperpath [ 885.199727][T12764] netlink: 'syz.4.2590': attribute type 1 has an invalid length. [ 886.740591][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 888.255292][T12792] netlink: 'syz.1.2603': attribute type 4 has an invalid length. [ 888.641038][T12794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2604'. [ 888.650634][T12794] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2604'. [ 888.772198][T12794] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2604'. [ 889.651040][T12806] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2608'. [ 893.490411][T12837] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2619'. [ 893.501971][T12837] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2619'. [ 893.630589][T12837] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2619'. [ 894.831333][T12848] overlayfs: failed to clone upperpath [ 898.546794][T12887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2638'. [ 900.870785][T12915] netlink: 'syz.0.2648': attribute type 1 has an invalid length. [ 901.030954][T12915] 8021q: adding VLAN 0 to HW filter on device bond6 [ 901.124659][T12919] bond6: (slave gretap1): making interface the new active one [ 901.149443][T12919] bond6: (slave gretap1): Enslaving as an active interface with an up link [ 904.394591][T12943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2659'. [ 904.467320][T12943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2659'. [ 904.519822][T12943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2659'. [ 906.365752][T12959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2665'. [ 906.729766][T12965] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2667'. [ 906.740195][T12965] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2667'. [ 910.557571][T13009] overlayfs: failed to clone upperpath [ 911.130805][T13023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2685'. [ 911.216318][T13023] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2685'. [ 913.947872][T13051] bridge: RTM_NEWNEIGH with invalid ether address [ 914.196023][T13055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2696'. [ 914.238914][T13055] hsr_slave_0: left promiscuous mode [ 914.266522][T13055] hsr_slave_1: left promiscuous mode [ 918.313537][T13100] bond6: (slave gretap1): Releasing active interface [ 921.092638][T13133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2720'. [ 921.213519][T13137] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2723'. [ 922.677182][T13156] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 922.732073][T13156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2730'. [ 923.811883][T13166] overlayfs: failed to clone lowerpath [ 923.889678][T13166] overlayfs: failed to clone upperpath [ 924.929527][T13174] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.232610][T13174] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.529857][T13174] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.798240][T13174] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 925.819431][T13186] netlink: 'syz.1.2744': attribute type 1 has an invalid length. [ 926.041755][T13189] 8021q: adding VLAN 0 to HW filter on device bond10 [ 926.135171][T13174] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.173537][T13174] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.215337][T13174] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.498970][T13174] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.739928][T13197] IPVS: sed: UDP 224.0.0.2:0 - no destination available [ 926.787705][T13197] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2745'. [ 927.083649][T13202] overlayfs: failed to clone upperpath [ 927.119187][T13204] overlayfs: failed to clone upperpath [ 928.788876][T13224] overlayfs: failed to clone upperpath [ 928.828422][T13223] overlayfs: failed to clone upperpath [ 928.888490][T13224] ref_ctr_offset mismatch. inode: 0xabc offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 931.109818][T13252] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2770'. [ 931.120638][T13252] team0: Mode changed to "roundrobin" [ 931.949403][T13257] netlink: 'syz.4.2773': attribute type 1 has an invalid length. [ 932.167410][T13262] 8021q: adding VLAN 0 to HW filter on device bond10 [ 932.643026][T13268] netlink: 'syz.3.2777': attribute type 4 has an invalid length. [ 932.677097][T13267] overlayfs: failed to clone upperpath [ 932.712887][T13271] netlink: 'syz.3.2777': attribute type 4 has an invalid length. [ 934.667317][T13288] bridge0: port 1(vlan0) entered blocking state [ 934.675381][T13288] bridge0: port 1(vlan0) entered disabled state [ 934.683745][T13288] vlan0: entered allmulticast mode [ 934.690463][T13288] syz_tun: entered allmulticast mode [ 934.702200][T13288] vlan0: entered promiscuous mode [ 934.708348][T13288] syz_tun: entered promiscuous mode [ 934.722249][T13288] bridge0: port 1(vlan0) entered blocking state [ 934.731094][T13288] bridge0: port 1(vlan0) entered forwarding state [ 935.078811][T13296] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2786'. [ 935.589441][T13298] netlink: 'syz.2.2789': attribute type 1 has an invalid length. [ 935.802120][T13298] 8021q: adding VLAN 0 to HW filter on device bond6 [ 938.152078][ T52] Bluetooth: hci1: unexpected event for opcode 0x0c56 [ 938.221443][T13332] netlink: 'syz.1.2801': attribute type 4 has an invalid length. [ 939.147825][T13344] vlan0: left allmulticast mode [ 939.153452][T13344] syz_tun: left allmulticast mode [ 939.159023][T13344] vlan0: left promiscuous mode [ 939.165348][T13344] syz_tun: left promiscuous mode [ 939.173171][T13344] bridge0: port 1(vlan0) entered disabled state [ 939.316140][T13347] netlink: 'syz.1.2805': attribute type 1 has an invalid length. [ 940.823100][T13365] sit0: entered allmulticast mode [ 940.925381][T13367] sit0: entered promiscuous mode [ 942.406176][T13381] ref_ctr increment failed for inode: 0xb72 offset: 0x7 ref_ctr_offset: 0x4 of mm: 0xffff88804d56b980 [ 942.434921][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 942.435010][ T30] audit: type=1804 audit(2000000536.661:304): pid=13381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2815" name="file0" dev="tmpfs" ino=2930 res=1 errno=0 [ 942.510631][T13380] uprobe: syz.4.2815:13380 failed to unregister, leaking uprobe [ 942.960376][ T30] audit: type=1326 audit(2000000537.178:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13382 comm="syz.3.2816" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 943.189015][T13392] netlink: 'syz.4.2819': attribute type 1 has an invalid length. [ 945.638866][T13422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2828'. [ 946.218181][ T30] audit: type=1804 audit(2000000540.186:306): pid=13429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2829" name="file0" dev="tmpfs" ino=3020 res=1 errno=0 [ 947.080728][T13436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2833'. [ 947.133173][T13439] overlayfs: failed to clone upperpath [ 951.672774][T13480] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2847'. [ 951.716025][ C1] vcan0: j1939_session_tx_dat: 0xffff888013866a00: queue data error: -100 [ 951.816682][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804be4ea00: rx timeout, send abort [ 952.367558][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804be4ea00: abort rx timeout. Force session deactivation [ 952.899602][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2853'. [ 952.966332][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2853'. [ 953.054598][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2853'. [ 953.104845][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2853'. [ 953.317874][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 953.850255][ T30] audit: type=1326 audit(2000000547.236:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13503 comm="syz.1.2856" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7fc00000 [ 954.028117][ T30] audit: type=1326 audit(2000000547.392:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13503 comm="syz.1.2856" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff7579 code=0x7fc00000 [ 954.053628][ T30] audit: type=1326 audit(2000000547.392:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13503 comm="syz.1.2856" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff75a7 code=0x7fc00000 [ 954.083878][ T30] audit: type=1326 audit(2000000547.392:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13503 comm="syz.1.2856" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7ff7579 code=0x7fc00000 [ 955.053084][T13520] netlink: 55 bytes leftover after parsing attributes in process `syz.0.2859'. [ 958.198389][T13551] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 958.539482][T13551] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 958.861997][T13551] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 958.932014][T13559] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 959.029490][T13551] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 960.487840][ T30] audit: type=1326 audit(2000000553.344:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.667138][ T30] audit: type=1326 audit(2000000553.381:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.691824][ T30] audit: type=1326 audit(2000000553.418:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.715724][ T30] audit: type=1326 audit(2000000553.418:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.741461][ T30] audit: type=1326 audit(2000000553.427:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.767343][ T30] audit: type=1326 audit(2000000553.427:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.791527][ T30] audit: type=1326 audit(2000000553.446:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.814895][ T30] audit: type=1326 audit(2000000553.446:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.841604][ T30] audit: type=1326 audit(2000000553.446:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 960.867873][ T30] audit: type=1326 audit(2000000553.464:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13574 comm="syz.0.2877" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 961.080318][T13582] netlink: 'syz.2.2880': attribute type 7 has an invalid length. [ 961.093383][T13582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2880'. [ 962.262459][T13597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2886'. [ 962.274214][T13597] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2886'. [ 962.411361][T13597] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2886'. [ 966.107215][T13640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2899'. [ 966.118091][T13640] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2899'. [ 966.189679][T13641] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2899'. [ 966.907979][T13647] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2902'. [ 967.260673][T13654] tipc: Failed to remove unknown binding: 66,1,1/0:1516767592/1516767594 [ 969.849865][T13679] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2913'. [ 969.860609][T13679] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2913'. [ 970.017843][T13680] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2913'. [ 975.732382][T13722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2927'. [ 975.742312][T13722] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2927'. [ 975.828674][T13722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2927'. [ 976.465625][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 976.465714][ T30] audit: type=1326 audit(2000000568.089:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.500359][ T30] audit: type=1326 audit(2000000568.089:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.606677][ T30] audit: type=1326 audit(2000000568.172:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.630027][ T30] audit: type=1326 audit(2000000568.172:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.653679][ T30] audit: type=1326 audit(2000000568.172:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.677406][ T30] audit: type=1326 audit(2000000568.191:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.700976][ T30] audit: type=1326 audit(2000000568.191:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.727717][ T30] audit: type=1326 audit(2000000568.191:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.751776][ T30] audit: type=1326 audit(2000000568.191:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 976.774716][ T30] audit: type=1326 audit(2000000568.191:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.2930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 979.244516][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2942'. [ 979.255212][T13767] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2942'. [ 979.297761][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 979.317975][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2942'. [ 980.617373][T13783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2946'. [ 980.777623][T13788] sch_tbf: burst 4398 is lower than device lo mtu (11337746) ! [ 980.968038][T13792] netlink: 'syz.2.2949': attribute type 1 has an invalid length. [ 981.215507][T13795] 8021q: adding VLAN 0 to HW filter on device bond8 [ 981.233043][T13795] bond7: (slave bond8): making interface the new active one [ 981.243965][T13795] bond7: (slave bond8): Enslaving as an active interface with an up link [ 981.409255][T13792] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2949'. [ 981.421014][T13792] bond7: entered allmulticast mode [ 981.426439][T13792] bond8: entered allmulticast mode [ 981.435359][T13792] 8021q: adding VLAN 0 to HW filter on device bond7 [ 982.235375][T13811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2953'. [ 982.245326][T13811] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2953'. [ 982.329158][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 982.329251][ T30] audit: type=1326 audit(2000000573.487:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.361200][ T30] audit: type=1326 audit(2000000573.487:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.399808][T13811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2953'. [ 982.493616][ T30] audit: type=1326 audit(2000000573.570:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.517703][ T30] audit: type=1326 audit(2000000573.570:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.541118][ T30] audit: type=1326 audit(2000000573.570:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.564136][ T30] audit: type=1326 audit(2000000573.635:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.590646][ T30] audit: type=1326 audit(2000000573.635:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.615069][ T30] audit: type=1326 audit(2000000573.635:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.638088][ T30] audit: type=1326 audit(2000000573.635:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 982.661081][ T30] audit: type=1326 audit(2000000573.644:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13809 comm="syz.2.2954" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 985.971122][T13849] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2967'. [ 985.980880][T13849] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2967'. [ 987.127618][T13865] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2971'. [ 989.409854][T13896] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2981'. [ 989.419854][T13896] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2981'. [ 990.265584][T13907] netlink: 'syz.4.2986': attribute type 11 has an invalid length. [ 990.353149][T13911] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2988'. [ 991.628572][T13927] lo: entered allmulticast mode [ 991.744837][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2995'. [ 991.992313][T13932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2996'. [ 992.002211][T13932] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2996'. [ 993.450417][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 993.450503][ T30] audit: type=1326 audit(2000000583.776:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.483749][ T30] audit: type=1326 audit(2000000583.776:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.509675][ T30] audit: type=1326 audit(2000000583.776:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.533517][ T30] audit: type=1326 audit(2000000583.776:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.562810][ T30] audit: type=1326 audit(2000000583.776:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.624312][ T30] audit: type=1326 audit(2000000583.905:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.648053][ T30] audit: type=1326 audit(2000000583.914:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.671301][ T30] audit: type=1326 audit(2000000583.933:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.697388][ T30] audit: type=1326 audit(2000000583.933:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.722196][ T30] audit: type=1326 audit(2000000583.933:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13933 comm="syz.1.2997" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 993.868110][T13946] bond0 (unregistering): Released all slaves [ 995.331147][T13965] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3008'. [ 996.922564][T13986] overlayfs: failed to clone upperpath [ 1000.019312][T14022] bridge0: port 1(vxlan0) entered blocking state [ 1000.027526][T14022] bridge0: port 1(vxlan0) entered disabled state [ 1000.034942][T14022] vxlan0: entered allmulticast mode [ 1000.045496][T14022] vxlan0: entered promiscuous mode [ 1001.096986][T14035] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1002.555377][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 1002.555472][ T30] audit: type=1326 audit(2000000592.163:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14048 comm="syz.0.3041" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf742d579 code=0x0 [ 1004.235551][T14059] bridge1: entered allmulticast mode [ 1010.436193][T14126] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3066'. [ 1011.177708][T14131] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1013.277275][T14152] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3076'. [ 1014.663172][T14173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3081'. [ 1016.282426][T14196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3090'. [ 1017.003129][T14203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1018.780103][T14218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3098'. [ 1019.118917][T14224] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3100'. [ 1019.129392][T14224] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3100'. [ 1019.356342][T14226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3100'. [ 1019.917448][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1020.026766][T14234] 8021q: VLANs not supported on caif0 [ 1020.118752][T14235] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3103'. [ 1020.130108][T14235] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3103'. [ 1020.140832][T14235] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3103'. [ 1020.150877][T14235] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3103'. [ 1020.381632][T14241] netlink: 'syz.2.3106': attribute type 1 has an invalid length. [ 1020.527103][T14241] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1021.003766][T14249] dummy0: entered promiscuous mode [ 1021.009725][T14249] vlan0: entered promiscuous mode [ 1021.813842][T14257] netlink: 'syz.2.3111': attribute type 5 has an invalid length. [ 1021.822489][T14257] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3111'. [ 1022.625014][T14265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1022.631298][T14263] bridge0: port 1(vlan1) entered blocking state [ 1022.634803][T14265] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1022.641543][T14263] bridge0: port 1(vlan1) entered disabled state [ 1022.642378][T14263] vlan1: entered allmulticast mode [ 1022.642522][T14263] bridge0: entered allmulticast mode [ 1022.718720][T14263] vlan1: left allmulticast mode [ 1022.724408][T14263] bridge0: left allmulticast mode [ 1022.832445][T14267] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1023.556150][T14277] vlan0: entered promiscuous mode [ 1023.561985][T14277] veth0_virt_wifi: entered promiscuous mode [ 1023.570138][T14277] vlan0: entered allmulticast mode [ 1023.575779][T14277] veth0_virt_wifi: entered allmulticast mode [ 1023.642285][ T30] audit: type=1326 audit(2000000611.624:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.670593][ T30] audit: type=1326 audit(2000000611.624:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.709526][ T30] audit: type=1326 audit(2000000611.679:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.733633][ T30] audit: type=1326 audit(2000000611.679:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.761933][ T30] audit: type=1326 audit(2000000611.679:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.787848][ T30] audit: type=1326 audit(2000000611.679:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.811847][ T30] audit: type=1326 audit(2000000611.688:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.835890][ T30] audit: type=1326 audit(2000000611.688:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.860368][ T30] audit: type=1326 audit(2000000611.808:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=339 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1023.888037][ T30] audit: type=1326 audit(2000000611.808:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14274 comm="syz.2.3118" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1024.554161][T14282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3121'. [ 1025.604290][T14300] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1026.263398][T14306] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3128'. [ 1026.272921][T14306] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3128'. [ 1026.345018][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 1026.374888][T14306] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3128'. [ 1030.023982][T14331] overlayfs: failed to clone upperpath [ 1030.287376][T14333] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1030.319568][T14333] CIFS mount error: No usable UNC path provided in device string! [ 1030.319568][T14333] [ 1030.332641][T14333] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1030.427058][T14334] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1031.239425][T14348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3143'. [ 1031.250561][T14348] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3143'. [ 1031.349292][T14348] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3143'. [ 1031.470180][T14351] macsec1: entered promiscuous mode [ 1031.476003][T14351] team0: entered promiscuous mode [ 1031.482514][T14351] macsec1: entered allmulticast mode [ 1031.488660][T14351] team0: entered allmulticast mode [ 1031.585300][T14351] team0: left allmulticast mode [ 1031.590688][T14351] team0: left promiscuous mode [ 1033.481246][T14376] CIFS mount error: No usable UNC path provided in device string! [ 1033.481246][T14376] [ 1033.493383][T14376] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1033.547711][T14376] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1033.741864][T14383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3157'. [ 1033.755504][T14383] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3157'. [ 1033.845331][T14383] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3157'. [ 1034.395271][T14388] netlink: 'syz.4.3159': attribute type 4 has an invalid length. [ 1034.467955][T14390] macsec1: entered promiscuous mode [ 1034.473631][T14390] team0: entered promiscuous mode [ 1034.480682][T14390] macsec1: entered allmulticast mode [ 1034.486397][T14390] team0: entered allmulticast mode [ 1034.644116][T14390] team0: left allmulticast mode [ 1034.649770][T14390] team0: left promiscuous mode [ 1035.158669][T14399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3163'. [ 1037.294344][T14427] CIFS mount error: No usable UNC path provided in device string! [ 1037.294344][T14427] [ 1037.308871][T14427] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1037.461320][T14431] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1038.300503][T14437] netlink: 'syz.1.3174': attribute type 4 has an invalid length. [ 1040.249475][T14460] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3182'. [ 1040.259245][T14460] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3182'. [ 1040.371510][T14460] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3182'. [ 1040.830943][T14471] CIFS mount error: No usable UNC path provided in device string! [ 1040.830943][T14471] [ 1040.841799][T14471] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1040.930214][T14473] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1044.716823][T14526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'. [ 1044.821143][T14526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'. [ 1044.907346][T14526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'. [ 1044.961939][T14528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'. [ 1046.273040][T14507] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1046.282569][T14507] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1046.297394][T14507] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1046.308361][T14507] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1046.622931][T14507] vlan2: left allmulticast mode [ 1046.628686][T14507] bond0: left allmulticast mode [ 1046.901447][T14507] vlan0: left promiscuous mode [ 1046.906774][T14507] veth0_virt_wifi: left promiscuous mode [ 1046.914683][T14507] vlan0: left allmulticast mode [ 1046.919914][T14507] veth0_virt_wifi: left allmulticast mode [ 1049.132734][T14576] netlink: 'syz.0.3220': attribute type 7 has an invalid length. [ 1049.141933][T14576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3220'. [ 1050.090724][T14590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3224'. [ 1050.100690][T14590] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3224'. [ 1050.183006][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 1051.068247][T12550] IPVS: starting estimator thread 0... [ 1051.180690][T14610] IPVS: using max 192 ests per chain, 9600 per kthread [ 1051.684326][T14596] vlan0: left promiscuous mode [ 1051.792416][T14596] vlan2: left allmulticast mode [ 1051.798145][T14596] bond0: left allmulticast mode [ 1052.979882][T14624] netlink: 'syz.4.3234': attribute type 7 has an invalid length. [ 1052.988435][T14624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3234'. [ 1053.830751][T14635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3238'. [ 1053.845195][T14635] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3238'. [ 1053.914974][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 1053.915064][ T30] audit: type=1326 audit(2000000639.564:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.083488][ T30] audit: type=1326 audit(2000000639.601:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.106429][ T30] audit: type=1326 audit(2000000639.619:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.130097][ T30] audit: type=1326 audit(2000000639.619:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.153496][ T30] audit: type=1326 audit(2000000639.619:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.179374][ T30] audit: type=1326 audit(2000000639.619:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.203771][ T30] audit: type=1326 audit(2000000639.629:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.226843][ T30] audit: type=1326 audit(2000000639.629:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.256121][ T30] audit: type=1326 audit(2000000639.638:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.281630][ T30] audit: type=1326 audit(2000000639.638:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14632 comm="syz.0.3237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1054.953583][T14645] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3243'. [ 1055.900117][T14653] batadv0: left promiscuous mode [ 1055.930824][T14653] batadv0: left allmulticast mode [ 1057.847312][T14653] bond7: left allmulticast mode [ 1057.852542][T14653] bond8: left allmulticast mode [ 1058.067912][ T52] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 1058.068217][ T52] Bluetooth: hci1: Malformed LE Event: 0x0d [ 1059.809551][T14702] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3259'. [ 1062.407955][T14710] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1062.418004][T14710] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1062.430125][T14710] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1062.440233][T14710] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1062.731576][T14710] vlan2: left allmulticast mode [ 1062.736779][T14710] bond0: left allmulticast mode [ 1066.464441][ T30] kauditd_printk_skb: 32 callbacks suppressed [ 1066.464528][ T30] audit: type=1326 audit(2000000651.133:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1066.717920][ T30] audit: type=1326 audit(2000000651.373:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14769 comm="syz.0.3287" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1066.741847][ T30] audit: type=1326 audit(2000000651.373:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14769 comm="syz.0.3287" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1066.843635][ T30] audit: type=1326 audit(2000000651.428:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14769 comm="syz.0.3287" exe="/root/syz-executor" sig=0 arch=40000003 syscall=243 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1066.867760][ T30] audit: type=1326 audit(2000000651.437:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14769 comm="syz.0.3287" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1067.109816][ T30] audit: type=1326 audit(2000000651.714:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1067.133878][ T30] audit: type=1326 audit(2000000651.714:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1067.158301][ T30] audit: type=1326 audit(2000000651.714:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1067.181536][ T30] audit: type=1326 audit(2000000651.714:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1067.204951][ T30] audit: type=1326 audit(2000000651.714:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.4.3286" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7fc00000 [ 1067.745608][T14780] netlink: 'syz.0.3291': attribute type 1 has an invalid length. [ 1067.949306][T14784] 8021q: adding VLAN 0 to HW filter on device bond8 [ 1067.966727][T14784] bond7: (slave bond8): making interface the new active one [ 1067.977178][T14784] bond7: (slave bond8): Enslaving as an active interface with an up link [ 1068.006737][T14780] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3291'. [ 1068.018508][T14780] bond7: entered allmulticast mode [ 1068.024632][T14780] bond8: entered allmulticast mode [ 1068.032406][T14780] 8021q: adding VLAN 0 to HW filter on device bond7 [ 1073.419941][T14823] sit0: left promiscuous mode [ 1073.425252][T14823] sit0: left allmulticast mode [ 1074.524160][T14844] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3315'. [ 1075.182486][T14823] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1075.192811][T14823] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1075.202214][T14823] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1075.211356][T14823] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1075.318677][T14823] vlan2: left allmulticast mode [ 1075.325427][T14823] bond0: left allmulticast mode [ 1075.434874][T14823] bridge1: left allmulticast mode [ 1075.470975][T14823] bond7: left allmulticast mode [ 1075.476826][T14823] bond8: left allmulticast mode [ 1080.596633][T14928] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3351'. [ 1084.334482][T14980] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3372'. [ 1084.792311][T14992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3377'. [ 1084.803859][T14992] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3377'. [ 1085.605682][T15004] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3381'. [ 1086.498728][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1087.361435][T15029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3391'. [ 1087.371370][T15029] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3391'. [ 1087.421887][ T52] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 1088.277556][T15037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3395'. [ 1090.404937][T15061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3404'. [ 1090.414722][T15061] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3404'. [ 1092.058647][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 1092.058739][ T30] audit: type=1326 audit(2000000674.764:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.089056][ T30] audit: type=1326 audit(2000000674.764:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.112305][ T30] audit: type=1326 audit(2000000674.764:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.135099][ T30] audit: type=1326 audit(2000000674.764:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.157638][ T30] audit: type=1326 audit(2000000674.764:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.181230][ T30] audit: type=1326 audit(2000000674.773:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=339 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.204056][ T30] audit: type=1326 audit(2000000674.773:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.226755][ T30] audit: type=1326 audit(2000000674.773:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.249742][ T30] audit: type=1326 audit(2000000674.773:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.272740][ T30] audit: type=1326 audit(2000000674.773:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3417" exe="/root/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1092.445517][T15089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3419'. [ 1092.455200][T15089] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3419'. [ 1092.989002][T15094] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3421'. [ 1093.002346][T15097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3430'. [ 1093.011838][T15097] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3430'. [ 1095.568934][T15135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3438'. [ 1097.587015][T15172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3455'. [ 1098.425407][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 1098.425500][ T30] audit: type=1326 audit(2000000680.623:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15183 comm="syz.2.3461" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1098.455651][ T30] audit: type=1326 audit(2000000680.623:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15183 comm="syz.2.3461" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1098.570790][ T30] audit: type=1326 audit(2000000680.678:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15183 comm="syz.2.3461" exe="/root/syz-executor" sig=0 arch=40000003 syscall=170 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1098.594281][ T30] audit: type=1326 audit(2000000680.678:512): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=15183 comm="syz.2.3461" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1098.617656][ T30] audit: type=1326 audit(2000000680.678:513): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=15183 comm="syz.2.3461" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745d579 code=0x7ffc0000 [ 1102.862349][T15259] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3496'. [ 1103.607707][T15270] IPv6: Can't replace route, no match found [ 1105.055346][T15289] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3512'. [ 1112.075439][T15391] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3561'. [ 1112.085797][T15391] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3561'. [ 1115.041872][T15421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3575'. [ 1115.052833][T15421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3575'. [ 1118.811043][T15470] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3597'. [ 1127.865343][T15585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3647'. [ 1128.858558][T15598] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3654'. [ 1131.194467][T15637] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode [ 1131.246438][T15638] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3670'. [ 1133.359189][T15666] netlink: 136 bytes leftover after parsing attributes in process `syz.3.3684'. [ 1134.597213][T15686] ptrace attach of "./syz-executor exec"[5796] was attempted by "è [ 1138.235068][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3716'. [ 1138.837458][T15740] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3721'. [ 1138.848593][T15740] IPVS: Unknown mcast interface: vcan0 [ 1140.690940][T15768] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3734'. [ 1142.694514][T15792] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3745'. [ 1142.754244][T15791] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1144.299248][T15817] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3757'. [ 1144.736119][T15823] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3770'. [ 1144.873294][T15828] netlink: 'syz.2.3762': attribute type 14 has an invalid length. [ 1144.873366][T15827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3759'. [ 1145.027224][T15830] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3763'. [ 1146.397605][T15853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3775'. [ 1146.770762][T15858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3776'. [ 1148.304253][T15876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3786'. [ 1150.972658][T15913] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3802'. [ 1151.986401][ T30] audit: type=1326 audit(2000000730.054:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15929 comm="syz.2.3810" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf745d579 code=0x0 [ 1152.780347][ T52] Bluetooth: hci1: Malformed MSFT vendor event: 0x02 [ 1153.077452][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1156.258810][T15994] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3838'. [ 1157.749449][ T4142] bond1 (unregistering): Released all slaves [ 1157.775467][ T4142] bond2 (unregistering): Released all slaves [ 1157.808208][ T4142] bond3 (unregistering): Released all slaves [ 1157.850804][ T4142] bond4 (unregistering): Released all slaves [ 1157.876193][ T4142] bond5 (unregistering): Released all slaves [ 1157.902341][ T4142] bond6 (unregistering): Released all slaves [ 1157.932514][ T4142] bond7 (unregistering): (slave bond8): Releasing backup interface [ 1158.070812][ T4142] bond7 (unregistering): Released all slaves [ 1158.096436][ T4142] bond8 (unregistering): Released all slaves [ 1158.123016][ T4142] bond0 (unregistering): Released all slaves [ 1158.392406][ T4142] tipc: Disabling bearer [ 1158.398541][ T4142] tipc: Left network mode [ 1161.165532][T16039] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1161.197859][T16039] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1161.218737][T16039] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1161.266684][T16039] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1161.295974][T16039] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1163.645564][ T52] Bluetooth: hci0: command tx timeout [ 1163.864713][T16036] chnl_net:caif_netlink_parms(): no params data found [ 1164.372056][T16075] netlink: 'syz.0.3865': attribute type 3 has an invalid length. [ 1165.419335][T16036] bridge0: port 1(bridge_slave_0) entered blocking state [ 1165.427807][T16036] bridge0: port 1(bridge_slave_0) entered disabled state [ 1165.435992][T16036] bridge_slave_0: entered allmulticast mode [ 1165.447123][T16036] bridge_slave_0: entered promiscuous mode [ 1165.492179][T16036] bridge0: port 2(bridge_slave_1) entered blocking state [ 1165.500458][T16036] bridge0: port 2(bridge_slave_1) entered disabled state [ 1165.509422][T16036] bridge_slave_1: entered allmulticast mode [ 1165.520421][T16036] bridge_slave_1: entered promiscuous mode [ 1165.890779][ T52] Bluetooth: hci0: command tx timeout [ 1165.956188][T16036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1166.084565][T16036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1166.413534][T16036] team0: Port device team_slave_0 added [ 1166.479552][T16036] team0: Port device team_slave_1 added [ 1166.791086][T16036] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1166.798680][T16036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1166.827861][T16036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1167.027918][T16036] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1167.035607][T16036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1167.062825][T16036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1167.588831][T16036] hsr_slave_0: entered promiscuous mode [ 1167.600549][T16036] hsr_slave_1: entered promiscuous mode [ 1167.611373][T16036] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1167.620048][T16036] Cannot create hsr debugfs directory [ 1167.877453][T16121] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3880'. [ 1168.154118][ T52] Bluetooth: hci0: command tx timeout [ 1169.351818][T16036] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1169.402373][T16036] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1169.522065][T16036] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1169.625017][T16036] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1170.401130][ T52] Bluetooth: hci0: command tx timeout [ 1171.448211][T16036] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1171.701977][T16036] 8021q: adding VLAN 0 to HW filter on device team0 [ 1171.796083][ T3552] bridge0: port 1(bridge_slave_0) entered blocking state [ 1171.804314][ T3552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1171.910763][ T3552] bridge0: port 2(bridge_slave_1) entered blocking state [ 1171.918913][ T3552] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1174.270011][T16036] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1176.021246][ T30] audit: type=1326 audit(2000000752.218:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16228 comm="syz.1.3910" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 1176.045300][ T30] audit: type=1326 audit(2000000752.218:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16228 comm="syz.1.3910" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 1176.070631][ T30] audit: type=1326 audit(2000000752.218:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16228 comm="syz.1.3910" exe="/root/syz-executor" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 1176.094051][ T30] audit: type=1326 audit(2000000752.218:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16228 comm="syz.1.3910" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000 [ 1176.822415][T16036] veth0_vlan: entered promiscuous mode [ 1177.024779][T16036] veth1_vlan: entered promiscuous mode [ 1177.428506][T16036] veth0_macvtap: entered promiscuous mode [ 1177.546804][T16036] veth1_macvtap: entered promiscuous mode [ 1177.680892][T16252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3915'. [ 1177.861756][T16036] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1177.988023][T16036] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1178.086872][T16036] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1178.096730][T16036] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1178.108222][T16036] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1178.118179][T16036] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.816694][ T1328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.825144][ T1328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1185.184195][ T1328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1185.192538][ T1328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1189.183026][T16417] loop5: detected capacity change from 0 to 2048 [ 1189.459694][T16417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1189.577704][T16417] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1189.674410][T16417] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 1189.687592][T16417] EXT4-fs (loop5): This should not happen!! Data will be lost [ 1189.687592][T16417] [ 1189.697847][T16417] EXT4-fs (loop5): Total free blocks count 0 [ 1189.704323][T16417] EXT4-fs (loop5): Free/Dirty block details [ 1189.710533][T16417] EXT4-fs (loop5): free_blocks=2415919104 [ 1189.716967][T16417] EXT4-fs (loop5): dirty_blocks=32 [ 1189.722755][T16417] EXT4-fs (loop5): Block reservation details [ 1189.729255][T16417] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 1190.022725][ T3552] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 1192.048069][T16466] loop5: detected capacity change from 0 to 2048 [ 1192.262504][T16473] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1192.824129][T16473] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 1192.836687][T16473] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 1192.959030][T16473] Remounting filesystem read-only [ 1193.007335][T16036] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer [ 1193.107219][ T52] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 1193.846114][T16491] loop5: detected capacity change from 0 to 128 [ 1195.056230][T16509] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4001'. [ 1196.800804][T16538] loop5: detected capacity change from 0 to 1024 [ 1197.147146][ T30] audit: type=1800 audit(2000000771.724:519): pid=16538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4012" name="bus" dev="loop5" ino=26 res=0 errno=0 [ 1197.537272][ T52] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 1197.546249][ T52] Bluetooth: hci1: Injecting HCI hardware error event [ 1197.557104][ T52] Bluetooth: hci1: hardware error 0x00 [ 1197.795666][ T4863] hfsplus: b-tree write err: -5, ino 4 [ 1199.869887][ T52] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1201.258257][T14518] kernel write not supported for file [eventfd] (pid: 14518 comm: kworker/1:15) [ 1202.080379][T16608] overlayfs: failed to resolve './file0': -2 [ 1203.246493][T16621] netlink: 'syz.5.4042': attribute type 7 has an invalid length. [ 1204.662040][T16643] overlayfs: failed to clone lowerpath [ 1204.868043][T16646] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4051'. [ 1205.747349][T16658] loop5: detected capacity change from 0 to 512 [ 1205.767378][T16658] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1205.828746][T16658] EXT4-fs (loop5): 1 truncate cleaned up [ 1205.837636][T16658] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1206.417191][T16036] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1206.994021][T16678] 9pnet_fd: Insufficient options for proto=fd [ 1209.237330][T16708] trusted_key: syz.4.4071 sent an empty control message without MSG_MORE. [ 1209.367846][T16710] loop5: detected capacity change from 0 to 256 [ 1213.248584][T16759] loop5: detected capacity change from 0 to 128 [ 1214.283786][T16769] sch_tbf: burst 19872 is lower than device lo mtu (39799) ! [ 1216.586068][T16791] loop5: detected capacity change from 0 to 1024 [ 1216.636882][T16791] EXT4-fs: Ignoring removed bh option [ 1216.799874][T16791] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 1217.967720][T16036] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 1219.662437][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1220.981097][T16039] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1221.004493][T16039] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1221.022034][T16039] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1221.043047][T16039] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1221.056624][T16039] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1222.208467][T16844] chnl_net:caif_netlink_parms(): no params data found [ 1223.276701][T16039] Bluetooth: hci0: command tx timeout [ 1224.127816][T16844] bridge0: port 1(bridge_slave_0) entered blocking state [ 1224.136332][T16844] bridge0: port 1(bridge_slave_0) entered disabled state [ 1224.147885][T16844] bridge_slave_0: entered allmulticast mode [ 1224.160106][T16844] bridge_slave_0: entered promiscuous mode [ 1224.281019][T16844] bridge0: port 2(bridge_slave_1) entered blocking state [ 1224.296425][T16844] bridge0: port 2(bridge_slave_1) entered disabled state [ 1224.304769][T16844] bridge_slave_1: entered allmulticast mode [ 1224.315716][T16844] bridge_slave_1: entered promiscuous mode [ 1224.817015][T16844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1224.922650][T16844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1225.285201][T16844] team0: Port device team_slave_0 added [ 1225.358532][T16844] team0: Port device team_slave_1 added [ 1225.531183][T16039] Bluetooth: hci0: command tx timeout [ 1225.772096][T16844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1225.779984][T16844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1225.807466][T16844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1225.831749][T16844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1225.842908][T16844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1225.870638][T16844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1226.385517][T16844] hsr_slave_0: entered promiscuous mode [ 1226.401374][T16844] hsr_slave_1: entered promiscuous mode [ 1226.412253][T16844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1226.420555][T16844] Cannot create hsr debugfs directory [ 1227.784658][T16844] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1227.784992][T16039] Bluetooth: hci0: command tx timeout [ 1227.818213][T16844] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1227.918799][T16844] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1228.013652][T16844] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1229.140476][T16844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1229.404775][T16844] 8021q: adding VLAN 0 to HW filter on device team0 [ 1229.512116][ T1328] bridge0: port 1(bridge_slave_0) entered blocking state [ 1229.520194][ T1328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1229.619239][ T1328] bridge0: port 2(bridge_slave_1) entered blocking state [ 1229.627221][ T1328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1230.055397][T16039] Bluetooth: hci0: command tx timeout [ 1231.483160][T16844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1233.543580][T16844] veth0_vlan: entered promiscuous mode [ 1233.653854][T16844] veth1_vlan: entered promiscuous mode [ 1234.035547][T16844] veth0_macvtap: entered promiscuous mode [ 1234.120916][T16844] veth1_macvtap: entered promiscuous mode [ 1234.282414][T16844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1234.294974][T16844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.313340][T16844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1234.501624][T16844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1234.512929][T16844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.530569][T16844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1234.746765][T16844] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.756869][T16844] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.766233][T16844] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.775735][T16844] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1240.935448][ T2964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1240.943991][ T2964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1241.358891][ T3725] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1241.369221][ T3725] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1245.926719][T17127] loop6: detected capacity change from 0 to 64 [ 1246.015976][T17128] overlayfs: failed to clone lowerpath [ 1247.135691][T17141] overlayfs: failed to clone upperpath [ 1251.927369][T14402] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1252.141608][T14402] usb 7-1: Using ep0 maxpacket: 8 [ 1252.173408][T14402] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1252.220648][T14402] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1252.230308][T14402] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1252.241135][T14402] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1252.304533][T14402] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1252.315033][T14402] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.324157][T14402] usb 7-1: Product: syz [ 1252.328777][T14402] usb 7-1: Manufacturer: 毺 [ 1252.333921][T14402] usb 7-1: SerialNumber: syz [ 1252.700667][T14402] usb 7-1: 0:2 : does not exist [ 1252.897299][T14402] usb 7-1: USB disconnect, device number 2 [ 1253.265356][T17207] udevd[17207]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1254.278380][T17222] netlink: 'syz.6.4244': attribute type 2 has an invalid length. [ 1257.539167][T17264] loop6: detected capacity change from 0 to 256 [ 1258.503571][T17277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4264'. [ 1258.514043][T17277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4264'. [ 1258.524222][T17277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4264'. [ 1258.548071][T17278] overlayfs: failed to clone upperpath [ 1259.929527][T14518] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 1260.175427][T14518] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1260.187475][T14518] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1260.198047][T14518] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1260.207958][T14518] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1260.290931][T14518] usb 7-1: config 0 descriptor?? [ 1263.223446][T14518] usbhid 7-1:0.0: can't add hid device: -71 [ 1263.230346][T14518] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1263.322042][T14518] usb 7-1: USB disconnect, device number 3 [ 1264.612688][T17346] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4289'. [ 1264.810057][T17349] 9pnet: p9_errstr2errno: server reported unknown error ÿÿÿ [ 1266.318748][T17371] overlayfs: failed to clone lowerpath [ 1272.071783][T17483] overlayfs: failed to clone upperpath [ 1273.325593][T17500] overlayfs: failed to clone upperpath [ 1273.581920][T17502] af_packet: tpacket_rcv: packet too big, clamped from 32820 to 3952. macoff=96 [ 1276.211253][T17541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4337'. [ 1276.741595][T17549] netlink: 'syz.6.4340': attribute type 11 has an invalid length. [ 1279.258259][T17584] overlayfs: failed to clone lowerpath [ 1279.940159][T17593] overlayfs: failed to clone upperpath [ 1283.266724][T17632] overlayfs: failed to resolve './file0': -2 [ 1284.055280][T17643] fuse: Bad value for 'fd' [ 1284.825324][T17652] overlayfs: failed to clone upperpath [ 1286.254231][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1286.508450][T17673] netlink: 136 bytes leftover after parsing attributes in process `syz.0.4391'. [ 1289.961798][T17719] syz_tun: entered allmulticast mode [ 1289.987486][T17719] syz_tun: left allmulticast mode [ 1290.656958][T17725] overlayfs: failed to clone upperpath [ 1291.708136][T17740] batadv_slave_1: entered promiscuous mode [ 1291.744531][T17740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4423'. [ 1291.817770][T17740] batadv_slave_1 (unregistering): left promiscuous mode [ 1293.926434][T17772] netlink: 'syz.4.4435': attribute type 4 has an invalid length. [ 1293.966556][T17772] netlink: 'syz.4.4435': attribute type 4 has an invalid length. [ 1294.815447][T17784] overlayfs: failed to clone upperpath [ 1298.421281][T17827] netlink: 'syz.0.4455': attribute type 4 has an invalid length. [ 1301.722360][T17881] fuse: Bad value for 'fd' [ 1302.438747][T17888] overlayfs: failed to resolve './file1': -2 [ 1303.258957][T17896] bridge: RTM_NEWNEIGH with invalid ether address [ 1305.094986][T17921] overlayfs: failed to clone upperpath [ 1306.097049][T17936] overlayfs: failed to clone upperpath [ 1309.862369][T17989] overlayfs: failed to clone upperpath [ 1310.751551][T17998] fuse: Bad value for 'fd' [ 1311.081464][T18004] tipc: Enabling of bearer rejected, failed to enable media [ 1312.636996][T18029] tipc: Enabling of bearer rejected, failed to enable media [ 1314.703479][T18057] netlink: 'syz.0.4548': attribute type 27 has an invalid length. [ 1315.082025][T18058] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1315.101950][T18058] 8021q: adding VLAN 0 to HW filter on device team0 [ 1315.201753][ T4142] unregister_netdevice: waiting for batadv0 to become free. Usage count = 4 [ 1315.211372][ T4142] unregister_netdevice: waiting for lo to become free. Usage count = 5 [ 1315.222422][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1315.222422][ T4142] dst_init+0xff/0x370 [ 1315.222422][ T4142] dst_alloc+0x1e6/0x240 [ 1315.222422][ T4142] ip6_pol_route+0x14ac/0x1fc0 [ 1315.222422][ T4142] ip6_pol_route_output+0x69/0x90 [ 1315.222422][ T4142] fib6_rule_lookup+0x427/0xaa0 [ 1315.222422][ T4142] ip6_route_output_flags+0x4a1/0x720 [ 1315.222422][ T4142] ip6_dst_lookup_tail+0x228/0x1f80 [ 1315.222422][ T4142] ip6_sk_dst_lookup_flow+0xf45/0x1260 [ 1315.222422][ T4142] udpv6_sendmsg+0x34af/0x40f0 [ 1315.222422][ T4142] inet6_sendmsg+0x1fc/0x280 [ 1315.222422][ T4142] __sock_sendmsg+0x143/0x380 [ 1315.222422][ T4142] ____sys_sendmsg+0x890/0xda0 [ 1315.222422][ T4142] ___sys_sendmsg+0x28d/0x3c0 [ 1315.222422][ T4142] __sys_sendmsg+0x1b6/0x300 [ 1315.222422][ T4142] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 1315.222422][ T4142] ia32_sys_call+0x3526/0x41f0 [ 1315.222422][ T4142] [ 1315.316576][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1315.316576][ T4142] dst_init+0xff/0x370 [ 1315.316576][ T4142] dst_alloc+0x1e6/0x240 [ 1315.316576][ T4142] ip6_pol_route+0x14ac/0x1fc0 [ 1315.316576][ T4142] ip6_pol_route_output+0x69/0x90 [ 1315.316576][ T4142] fib6_rule_lookup+0x427/0xaa0 [ 1315.316576][ T4142] ip6_route_output_flags+0x4a1/0x720 [ 1315.316576][ T4142] ip6_dst_lookup_tail+0x14c/0x1f80 [ 1315.316576][ T4142] ip6_dst_lookup_flow+0x81/0x170 [ 1315.316576][ T4142] tipc_udp_xmit+0x42d/0xb40 [ 1315.316576][ T4142] tipc_udp_send_msg+0x4a7/0x570 [ 1315.316576][ T4142] tipc_bearer_xmit_skb+0x3ac/0x480 [ 1315.316576][ T4142] tipc_disc_timeout+0x938/0xa20 [ 1315.316576][ T4142] call_timer_fn+0x49/0x580 [ 1315.316576][ T4142] __run_timer_base+0x851/0xe90 [ 1315.316576][ T4142] run_timer_softirq+0x3a/0x70 [ 1315.316576][ T4142] handle_softirqs+0x1a0/0x7c0 [ 1315.316576][ T4142] [ 1315.410209][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1315.410209][ T4142] netdev_get_by_index+0xf9/0x190 [ 1315.410209][ T4142] fib6_nh_init+0x1a8/0x2e20 [ 1315.410209][ T4142] rtm_new_nexthop+0x5d91/0xcd10 [ 1315.410209][ T4142] rtnetlink_rcv_msg+0x1067/0x1420 [ 1315.410209][ T4142] netlink_rcv_skb+0x375/0x650 [ 1315.410209][ T4142] rtnetlink_rcv+0x34/0x40 [ 1315.410209][ T4142] netlink_unicast+0xf52/0x1260 [ 1315.410209][ T4142] netlink_sendmsg+0x10da/0x11e0 [ 1315.410209][ T4142] __sock_sendmsg+0x30f/0x380 [ 1315.410209][ T4142] ____sys_sendmsg+0x890/0xda0 [ 1315.410209][ T4142] ___sys_sendmsg+0x28d/0x3c0 [ 1315.410209][ T4142] __sys_sendmsg+0x1b6/0x300 [ 1315.410209][ T4142] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 1315.410209][ T4142] ia32_sys_call+0x3526/0x41f0 [ 1315.410209][ T4142] __do_fast_syscall_32+0xb0/0x110 [ 1315.410209][ T4142] do_fast_syscall_32+0x38/0x80 [ 1315.410209][ T4142] [ 1315.502392][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1315.502392][ T4142] ipv6_add_dev+0xac4/0x1f50 [ 1315.502392][ T4142] addrconf_notify+0x7c9/0x1c40 [ 1315.502392][ T4142] raw_notifier_call_chain+0xe8/0x440 [ 1315.502392][ T4142] call_netdevice_notifiers_info+0x1be/0x2b0 [ 1315.502392][ T4142] register_netdevice+0x21d8/0x24a0 [ 1315.502392][ T4142] register_netdev+0xa5/0xe0 [ 1315.502392][ T4142] loopback_net_init+0xcf/0x2d0 [ 1315.502392][ T4142] ops_init+0x2ba/0x970 [ 1315.502392][ T4142] setup_net+0x305/0x12b0 [ 1315.502392][ T4142] copy_net_ns+0x4d4/0xaa0 [ 1315.502392][ T4142] create_new_namespaces+0x717/0xdb0 [ 1315.502392][ T4142] unshare_nsproxy_namespaces+0x17c/0x2b0 [ 1315.502392][ T4142] ksys_unshare+0x939/0x1290 [ 1315.502392][ T4142] __ia32_sys_unshare+0x47/0x70 [ 1315.502392][ T4142] ia32_sys_call+0x2fe6/0x41f0 [ 1315.502392][ T4142] __do_fast_syscall_32+0xb0/0x110 [ 1315.502392][ T4142] [ 1315.602519][T18058] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1317.882155][T18081] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4556'. [ 1317.892587][T18081] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4556'. [ 1317.921646][T18081] netdevsim netdevsim6 netdevsim0: entered promiscuous mode [ 1317.937330][T18081] syz_tun: entered promiscuous mode [ 1317.947864][T18081] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 1317.956281][T18081] Cannot create hsr debugfs directory [ 1318.246927][ T30] audit: type=1800 audit(2000000883.467:520): pid=18087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4560" name="file2" dev="tmpfs" ino=4964 res=0 errno=0 [ 1319.433477][T18100] tipc: Enabling of bearer rejected, failed to enable media [ 1320.420508][T18111] overlayfs: failed to clone upperpath [ 1320.737277][ T30] audit: type=1326 audit(2000000885.756:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18114 comm="syz.4.4571" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa2579 code=0x0 [ 1322.043493][T18136] overlayfs: failed to clone upperpath [ 1324.382358][T18164] syz_tun: entered allmulticast mode [ 1324.411071][T18163] syz_tun: left allmulticast mode [ 1325.533716][T18168] Process accounting resumed [ 1329.288486][T18212] overlayfs: failed to clone lowerpath [ 1329.521234][T18216] syz_tun (unregistering): left promiscuous mode [ 1332.223512][T18245] overlayfs: failed to clone upperpath [ 1333.292612][T18259] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 1336.649621][T18304] overlayfs: failed to clone upperpath [ 1337.033546][T18310] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1337.134767][T18311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4646'. [ 1337.149556][T18311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4646'. [ 1337.162244][T18311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4646'. [ 1338.089726][T18323] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 1339.003824][T18333] overlayfs: failed to clone upperpath [ 1340.527525][T18346] overlayfs: failed to clone upperpath [ 1342.373453][T18368] tipc: Started in network mode [ 1342.380416][T18368] tipc: Node identity 4, cluster identity 4711 [ 1342.386882][T18368] tipc: Node number set to 4 [ 1347.861714][ T30] audit: type=1326 audit(2000000910.780:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1347.885698][ T30] audit: type=1326 audit(2000000910.798:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1347.909252][ T30] audit: type=1326 audit(2000000910.798:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1347.932156][ T30] audit: type=1326 audit(2000000910.808:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.029757][T18435] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4690'. [ 1348.061854][T18435] bond0: entered promiscuous mode [ 1348.071137][T18435] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 1348.207725][T18437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4691'. [ 1348.297971][T18435] bond0: left promiscuous mode [ 1348.381794][ T30] audit: type=1326 audit(2000000910.891:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.405706][ T30] audit: type=1326 audit(2000000910.891:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.429466][ T30] audit: type=1326 audit(2000000910.918:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.452855][ T30] audit: type=1326 audit(2000000910.918:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.476124][ T30] audit: type=1326 audit(2000000910.918:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1348.500523][ T30] audit: type=1326 audit(2000000911.001:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.4.4685" exe="/root/syz-executor" sig=0 arch=40000003 syscall=339 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 1349.094408][T18446] overlayfs: failed to clone upperpath [ 1351.170877][T18467] macvlan2: entered promiscuous mode [ 1351.177283][T18467] macvlan2: entered allmulticast mode [ 1352.394667][T18479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4707'. [ 1352.404954][T18479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4707'. [ 1352.648358][T18481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4708'. [ 1352.710564][T18482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4708'. [ 1352.757691][T18481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4708'. [ 1352.844438][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1355.059311][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 1357.840504][T18550] overlayfs: failed to clone upperpath [ 1358.737031][T18560] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4739'. [ 1359.434661][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 1359.434760][ T30] audit: type=1800 audit(2000000921.465:534): pid=18569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4744" name="file2" dev="tmpfs" ino=5063 res=0 errno=0 [ 1359.590700][T18565] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4742'. [ 1359.601762][T18565] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1359.762594][T18565] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1360.176241][T18578] overlayfs: failed to clone upperpath [ 1360.390115][T18587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4745'. [ 1361.937217][T18606] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4753'. [ 1363.813362][T18634] 8021q: VLANs not supported on caif0 [ 1364.730344][T18647] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1364.839459][T18650] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4766'. [ 1364.849287][T18650] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4766'. [ 1364.859167][T18650] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4766'. [ 1364.869032][T18650] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4766'. [ 1366.267427][T18668] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 1366.415498][T18668] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1367.828146][T18674] overlayfs: missing 'lowerdir' [ 1370.529865][T18717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4791'. [ 1370.594867][T18717] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4791'. [ 1370.606204][T18717] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4791'. [ 1372.892822][T18745] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1375.331919][T18775] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay' [ 1377.937896][T18807] overlayfs: failed to clone upperpath [ 1389.903311][T18968] netlink: 'syz.3.4906': attribute type 6 has an invalid length. [ 1394.805705][T19040] No control pipe specified [ 1396.790668][T19070] No control pipe specified [ 1396.796293][T19071] IPv6: NLM_F_CREATE should be specified when creating new route [ 1398.771841][T19104] No control pipe specified [ 1398.878559][ T30] audit: type=1326 audit(2000000957.867:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19105 comm="syz.6.4970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1398.976423][ T30] audit: type=1326 audit(2000000957.904:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19105 comm="syz.6.4970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1399.000476][ T30] audit: type=1326 audit(2000000957.913:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19105 comm="syz.6.4970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1399.023842][ T30] audit: type=1326 audit(2000000957.913:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19105 comm="syz.6.4970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1399.047732][ T30] audit: type=1326 audit(2000000957.913:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19105 comm="syz.6.4970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1400.161392][T19125] ip6tnl0: entered promiscuous mode [ 1400.875783][T19137] netlink: 'syz.6.4984': attribute type 7 has an invalid length. [ 1403.567228][ T30] audit: type=1326 audit(2000000962.195:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19174 comm="syz.3.5002" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1403.590534][ T30] audit: type=1326 audit(2000000962.195:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19174 comm="syz.3.5002" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1403.617292][ T30] audit: type=1326 audit(2000000962.222:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19174 comm="syz.3.5002" exe="/root/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1403.640874][ T30] audit: type=1326 audit(2000000962.222:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19174 comm="syz.3.5002" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1404.889223][T19194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5011'. [ 1419.416536][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1422.188261][T19441] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5129'. [ 1423.733106][T19468] netlink: 'syz.4.5142': attribute type 1 has an invalid length. [ 1423.747483][T19468] netlink: 3 bytes leftover after parsing attributes in process `syz.4.5142'. [ 1426.569485][T19509] syz_tun: entered allmulticast mode [ 1430.186944][T19558] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5182'. [ 1435.231041][T19630] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5211'. [ 1435.895047][T19636] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5214'. [ 1437.324050][T19648] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5220'. [ 1441.420310][T19687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1442.931165][T19712] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5251'. [ 1443.002560][T19715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5251'. [ 1447.829916][T19780] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5284'. [ 1448.358442][T19787] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5287'. [ 1449.716020][ T30] audit: type=1326 audit(2000001004.779:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19803 comm="syz.3.5295" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 1456.240821][T19898] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5336'. [ 1456.250907][T19898] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 1457.914594][T19920] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5347'. [ 1459.860779][T19948] batadv_slave_1: entered promiscuous mode [ 1459.869091][T19948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5359'. [ 1464.683159][T20017] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 1466.741265][ T30] audit: type=1326 audit(2000001020.474:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.764126][ T30] audit: type=1326 audit(2000001020.474:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.787222][ T30] audit: type=1326 audit(2000001020.520:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.810513][ T30] audit: type=1326 audit(2000001020.520:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.834080][ T30] audit: type=1326 audit(2000001020.530:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=303 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.857333][ T30] audit: type=1326 audit(2000001020.530:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1466.881641][ T30] audit: type=1326 audit(2000001020.530:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.0.5401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 1467.551040][ T4142] unregister_netdevice: waiting for batadv0 to become free. Usage count = 4 [ 1467.560800][ T4142] unregister_netdevice: waiting for lo to become free. Usage count = 5 [ 1467.572381][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1467.572381][ T4142] dst_init+0xff/0x370 [ 1467.572381][ T4142] dst_alloc+0x1e6/0x240 [ 1467.572381][ T4142] ip6_pol_route+0x14ac/0x1fc0 [ 1467.572381][ T4142] ip6_pol_route_output+0x69/0x90 [ 1467.572381][ T4142] fib6_rule_lookup+0x427/0xaa0 [ 1467.572381][ T4142] ip6_route_output_flags+0x4a1/0x720 [ 1467.572381][ T4142] ip6_dst_lookup_tail+0x228/0x1f80 [ 1467.572381][ T4142] ip6_sk_dst_lookup_flow+0xf45/0x1260 [ 1467.572381][ T4142] udpv6_sendmsg+0x34af/0x40f0 [ 1467.572381][ T4142] inet6_sendmsg+0x1fc/0x280 [ 1467.572381][ T4142] __sock_sendmsg+0x143/0x380 [ 1467.572381][ T4142] ____sys_sendmsg+0x890/0xda0 [ 1467.572381][ T4142] ___sys_sendmsg+0x28d/0x3c0 [ 1467.572381][ T4142] __sys_sendmsg+0x1b6/0x300 [ 1467.572381][ T4142] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 1467.572381][ T4142] ia32_sys_call+0x3526/0x41f0 [ 1467.572381][ T4142] [ 1467.665401][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1467.665401][ T4142] dst_init+0xff/0x370 [ 1467.665401][ T4142] dst_alloc+0x1e6/0x240 [ 1467.665401][ T4142] ip6_pol_route+0x14ac/0x1fc0 [ 1467.665401][ T4142] ip6_pol_route_output+0x69/0x90 [ 1467.665401][ T4142] fib6_rule_lookup+0x427/0xaa0 [ 1467.665401][ T4142] ip6_route_output_flags+0x4a1/0x720 [ 1467.665401][ T4142] ip6_dst_lookup_tail+0x14c/0x1f80 [ 1467.665401][ T4142] ip6_dst_lookup_flow+0x81/0x170 [ 1467.665401][ T4142] tipc_udp_xmit+0x42d/0xb40 [ 1467.665401][ T4142] tipc_udp_send_msg+0x4a7/0x570 [ 1467.665401][ T4142] tipc_bearer_xmit_skb+0x3ac/0x480 [ 1467.665401][ T4142] tipc_disc_timeout+0x938/0xa20 [ 1467.665401][ T4142] call_timer_fn+0x49/0x580 [ 1467.665401][ T4142] __run_timer_base+0x851/0xe90 [ 1467.665401][ T4142] run_timer_softirq+0x3a/0x70 [ 1467.665401][ T4142] handle_softirqs+0x1a0/0x7c0 [ 1467.665401][ T4142] [ 1467.758636][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1467.758636][ T4142] netdev_get_by_index+0xf9/0x190 [ 1467.758636][ T4142] fib6_nh_init+0x1a8/0x2e20 [ 1467.758636][ T4142] rtm_new_nexthop+0x5d91/0xcd10 [ 1467.758636][ T4142] rtnetlink_rcv_msg+0x1067/0x1420 [ 1467.758636][ T4142] netlink_rcv_skb+0x375/0x650 [ 1467.758636][ T4142] rtnetlink_rcv+0x34/0x40 [ 1467.758636][ T4142] netlink_unicast+0xf52/0x1260 [ 1467.758636][ T4142] netlink_sendmsg+0x10da/0x11e0 [ 1467.758636][ T4142] __sock_sendmsg+0x30f/0x380 [ 1467.758636][ T4142] ____sys_sendmsg+0x890/0xda0 [ 1467.758636][ T4142] ___sys_sendmsg+0x28d/0x3c0 [ 1467.758636][ T4142] __sys_sendmsg+0x1b6/0x300 [ 1467.758636][ T4142] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 1467.758636][ T4142] ia32_sys_call+0x3526/0x41f0 [ 1467.758636][ T4142] __do_fast_syscall_32+0xb0/0x110 [ 1467.758636][ T4142] do_fast_syscall_32+0x38/0x80 [ 1467.758636][ T4142] [ 1467.853569][ T4142] ref_tracker: lo@ffff888048c70550 has 1/4 users at [ 1467.853569][ T4142] ipv6_add_dev+0xac4/0x1f50 [ 1467.853569][ T4142] addrconf_notify+0x7c9/0x1c40 [ 1467.853569][ T4142] raw_notifier_call_chain+0xe8/0x440 [ 1467.853569][ T4142] call_netdevice_notifiers_info+0x1be/0x2b0 [ 1467.853569][ T4142] register_netdevice+0x21d8/0x24a0 [ 1467.853569][ T4142] register_netdev+0xa5/0xe0 [ 1467.853569][ T4142] loopback_net_init+0xcf/0x2d0 [ 1467.853569][ T4142] ops_init+0x2ba/0x970 [ 1467.853569][ T4142] setup_net+0x305/0x12b0 [ 1467.853569][ T4142] copy_net_ns+0x4d4/0xaa0 [ 1467.853569][ T4142] create_new_namespaces+0x717/0xdb0 [ 1467.853569][ T4142] unshare_nsproxy_namespaces+0x17c/0x2b0 [ 1467.853569][ T4142] ksys_unshare+0x939/0x1290 [ 1467.853569][ T4142] __ia32_sys_unshare+0x47/0x70 [ 1467.853569][ T4142] ia32_sys_call+0x2fe6/0x41f0 [ 1467.853569][ T4142] __do_fast_syscall_32+0xb0/0x110 [ 1467.853569][ T4142] [ 1469.162673][T20075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5415'. [ 1483.564973][T16039] Bluetooth: hci0: unexpected event for opcode 0x080f [ 1486.021173][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1487.969838][T16039] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 1487.978651][T16039] Bluetooth: hci0: Injecting HCI hardware error event [ 1487.987232][T16039] Bluetooth: hci0: hardware error 0x00 [ 1489.348563][ T30] audit: type=1326 audit(2000001041.328:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.372468][ T30] audit: type=1326 audit(2000001041.328:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.638691][ T30] audit: type=1326 audit(2000001041.402:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.664037][ T30] audit: type=1326 audit(2000001041.420:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.687301][ T30] audit: type=1326 audit(2000001041.420:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.711118][ T30] audit: type=1326 audit(2000001041.439:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.734236][ T30] audit: type=1326 audit(2000001041.439:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.758398][ T30] audit: type=1326 audit(2000001041.439:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1489.781647][ T30] audit: type=1326 audit(2000001041.439:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf740d5a7 code=0x7ffc0000 [ 1489.804306][ T30] audit: type=1326 audit(2000001041.439:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20335 comm="syz.6.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 1490.236101][T16039] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1492.591938][T20377] 9pnet_fd: Insufficient options for proto=fd [ 1496.004381][T20416] overlayfs: failed to resolve './file0': -2 [ 1500.779381][T20484] overlayfs: failed to clone upperpath [ 1500.802395][T20485] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5580'. [ 1506.162502][T20554] bridge0: port 1(team0) entered blocking state [ 1506.171171][T20554] bridge0: port 1(team0) entered disabled state [ 1506.179152][T20554] team0: entered allmulticast mode [ 1506.232104][T20557] overlayfs: failed to resolve './file0': -2 [ 1506.443730][T20563] 9pnet_fd: Insufficient options for proto=fd [ 1507.096222][T20570] netlink: 148 bytes leftover after parsing attributes in process `syz.1.5610'. [ 1507.106178][T20570] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 1507.865215][T20579] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1509.468302][T20597] overlayfs: failed to resolve './file0': -2 [ 1510.946088][T20617] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5632'. [ 1512.223117][T20636] overlayfs: failed to resolve './file0': -2 [ 1513.454879][T20650] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5647'. [ 1517.161344][T20693] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5665'. [ 1528.082194][T20855] ===================================================== [ 1528.090324][T20855] BUG: KMSAN: uninit-value in xfrm_state_find+0x23e2/0xab10 [ 1528.098213][T20855] xfrm_state_find+0x23e2/0xab10 [ 1528.105809][T20855] xfrm_resolve_and_create_bundle+0x829/0x59e0 [ 1528.113402][T20855] xfrm_lookup_with_ifid+0x457/0x3790 [ 1528.119181][T20855] xfrm_lookup_route+0x63/0x2b0 [ 1528.124570][T20855] ip6_sk_dst_lookup_flow+0x1044/0x1260 [ 1528.134137][T20855] udpv6_sendmsg+0x34af/0x40f0 [ 1528.140197][T20855] inet6_sendmsg+0x1fc/0x280 [ 1528.145939][T20855] __sock_sendmsg+0x143/0x380 [ 1528.150916][T20855] ____sys_sendmsg+0x91b/0xda0 [ 1528.156282][T20855] ___sys_sendmsg+0x28d/0x3c0 [ 1528.162076][T20855] __sys_sendmmsg+0x41d/0x880 [ 1528.167573][T20855] __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 1528.173700][T20855] ia32_sys_call+0x3ffa/0x41f0 [ 1528.178912][T20855] __do_fast_syscall_32+0xb0/0x110 [ 1528.184329][T20855] do_fast_syscall_32+0x38/0x80 [ 1528.189729][T20855] do_SYSENTER_32+0x1f/0x30 [ 1528.194589][T20855] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1528.203455][T20855] [ 1528.205941][T20855] Local variable tmp.i.i created at: [ 1528.211587][T20855] xfrm_resolve_and_create_bundle+0x373/0x59e0 [ 1528.218326][T20855] xfrm_lookup_with_ifid+0x457/0x3790 [ 1528.224090][T20855] [ 1528.226573][T20855] CPU: 1 UID: 0 PID: 20855 Comm: syz.0.5730 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(undef) [ 1528.239875][T20855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1528.254346][T20855] ===================================================== [ 1528.262442][T20855] Disabling lock debugging due to kernel taint [ 1528.268961][T20855] Kernel panic - not syncing: kmsan.panic set ... [ 1528.275801][T20855] CPU: 1 UID: 0 PID: 20855 Comm: syz.0.5730 Tainted: G B 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(undef) [ 1528.290107][T20855] Tainted: [B]=BAD_PAGE [ 1528.294444][T20855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1528.304858][T20855] Call Trace: [ 1528.308314][T20855] [ 1528.311506][T20855] dump_stack_lvl+0x216/0x2d0 [ 1528.317128][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.323711][T20855] dump_stack+0x1e/0x24 [ 1528.328560][T20855] panic+0x4e5/0xcf0 [ 1528.332940][T20855] ? kmsan_internal_poison_memory+0x90/0x90 [ 1528.339408][T20855] kmsan_report+0x2ca/0x2d0 [ 1528.344245][T20855] ? __msan_warning+0x95/0x120 [ 1528.349369][T20855] ? xfrm_state_find+0x23e2/0xab10 [ 1528.355376][T20855] ? xfrm_resolve_and_create_bundle+0x829/0x59e0 [ 1528.362138][T20855] ? xfrm_lookup_with_ifid+0x457/0x3790 [ 1528.368126][T20855] ? xfrm_lookup_route+0x63/0x2b0 [ 1528.374111][T20855] ? ip6_sk_dst_lookup_flow+0x1044/0x1260 [ 1528.380252][T20855] ? udpv6_sendmsg+0x34af/0x40f0 [ 1528.385453][T20855] ? inet6_sendmsg+0x1fc/0x280 [ 1528.390807][T20855] ? __sock_sendmsg+0x143/0x380 [ 1528.396338][T20855] ? ____sys_sendmsg+0x91b/0xda0 [ 1528.401594][T20855] ? ___sys_sendmsg+0x28d/0x3c0 [ 1528.406946][T20855] ? __sys_sendmmsg+0x41d/0x880 [ 1528.412361][T20855] ? __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 1528.418469][T20855] ? ia32_sys_call+0x3ffa/0x41f0 [ 1528.423653][T20855] ? __do_fast_syscall_32+0xb0/0x110 [ 1528.429316][T20855] ? do_fast_syscall_32+0x38/0x80 [ 1528.434974][T20855] ? do_SYSENTER_32+0x1f/0x30 [ 1528.440039][T20855] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1528.446822][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.452403][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.458479][T20855] ? xfrm_state_find+0x19a/0xab10 [ 1528.463830][T20855] ? filter_irq_stacks+0x60/0x1b0 [ 1528.469267][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.474970][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.481135][T20855] ? __xfrm_dst_hash+0x341/0x640 [ 1528.486459][T20855] __msan_warning+0x95/0x120 [ 1528.491398][T20855] xfrm_state_find+0x23e2/0xab10 [ 1528.496602][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.502715][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.508269][T20855] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1528.514886][T20855] xfrm_resolve_and_create_bundle+0x829/0x59e0 [ 1528.521546][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.527742][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.534104][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.539615][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.545833][T20855] xfrm_lookup_with_ifid+0x457/0x3790 [ 1528.551589][T20855] ? filter_irq_stacks+0x60/0x1b0 [ 1528.557024][T20855] xfrm_lookup_route+0x63/0x2b0 [ 1528.562163][T20855] ip6_sk_dst_lookup_flow+0x1044/0x1260 [ 1528.568127][T20855] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 1528.574785][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.580256][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.586359][T20855] udpv6_sendmsg+0x34af/0x40f0 [ 1528.591344][T20855] ? udp_lib_get_port+0x27c0/0x2ab0 [ 1528.596963][T20855] ? __pfx_udplite_getfrag+0x10/0x10 [ 1528.602539][T20855] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1528.607888][T20855] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1528.613235][T20855] inet6_sendmsg+0x1fc/0x280 [ 1528.618053][T20855] ? __pfx_inet6_sendmsg+0x10/0x10 [ 1528.623410][T20855] __sock_sendmsg+0x143/0x380 [ 1528.628376][T20855] ____sys_sendmsg+0x91b/0xda0 [ 1528.633525][T20855] ___sys_sendmsg+0x28d/0x3c0 [ 1528.638577][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.644811][T20855] ? __rcu_read_unlock+0x7b/0xe0 [ 1528.649997][T20855] ? __fget_files+0x443/0x520 [ 1528.655008][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.660467][T20855] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1528.666558][T20855] __sys_sendmmsg+0x41d/0x880 [ 1528.671507][T20855] ? do_futex+0x343/0x4a0 [ 1528.676156][T20855] ? kmsan_get_metadata+0x13e/0x1c0 [ 1528.681766][T20855] __ia32_compat_sys_sendmmsg+0xc8/0x140 [ 1528.687823][T20855] ia32_sys_call+0x3ffa/0x41f0 [ 1528.692826][T20855] __do_fast_syscall_32+0xb0/0x110 [ 1528.698330][T20855] ? irqentry_exit+0x16/0x60 [ 1528.703316][T20855] do_fast_syscall_32+0x38/0x80 [ 1528.708429][T20855] do_SYSENTER_32+0x1f/0x30 [ 1528.713354][T20855] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1528.719954][T20855] RIP: 0023:0xf742d579 [ 1528.724323][T20855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1528.744271][T20855] RSP: 002b:00000000f50b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159 [ 1528.753185][T20855] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000300 [ 1528.761536][T20855] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1528.769884][T20855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1528.778045][T20855] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1528.786215][T20855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1528.794516][T20855] [ 1528.798313][T20855] Kernel Offset: disabled [ 1528.802835][T20855] Rebooting in 86400 seconds..