last executing test programs: 5m35.20039181s ago: executing program 0 (id=130): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 5m34.123297506s ago: executing program 0 (id=132): socket(0x400000000010, 0x3, 0x0) socket(0xa, 0x3, 0x3a) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x80000) socket$netlink(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x803, 0x0) r2 = socket$kcm(0xa, 0x1, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=r2], 0x48) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x8916, &(0x7f0000000000)={r3}) 5m33.82334057s ago: executing program 0 (id=134): connect$inet(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = getpid() setpriority(0x0, r0, 0x72b) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) read$FUSE(r1, &(0x7f0000002c80)={0x2020}, 0xfffffdb2) 5m32.259958581s ago: executing program 0 (id=142): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 5m31.246890394s ago: executing program 0 (id=146): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) shutdown(r0, 0x1) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e20, 0x0, @loopback, 0x10006}}, 0x0, 0x0, 0x47, 0x0, "09be2271b78506e6dd938d324c415acd403a4480fd1afa34432bcdfa64d957e93efafd27ad06a6f589bb643f167cf0fcd370239aaa93f6ded3c5032c96ead0cdc68474d402ab73e482db7ec1e0a57489"}, 0xd8) bind$inet6(r0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffff1, @empty, 0x2}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0xa, @empty, 0x9f}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) 5m30.102468146s ago: executing program 0 (id=155): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000140)='./file0/file1\x00') symlink(0x0, 0x0) open$dir(&(0x7f0000000b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20, 0x0) 5m28.493947247s ago: executing program 32 (id=155): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000140)='./file0/file1\x00') symlink(0x0, 0x0) open$dir(&(0x7f0000000b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20, 0x0) 2m41.475691334s ago: executing program 3 (id=1146): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2) readv(r1, &(0x7f0000000180)=[{&(0x7f00000015c0)=""/4096, 0xfe4e}], 0x1) 2m41.252383129s ago: executing program 3 (id=1149): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x50) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x2, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0}, 0x0) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 2m40.969157954s ago: executing program 3 (id=1153): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x201, 0x4800003e, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x3e, 0xffffffeb, 0x7c, 0x40, 0x0, 0x0, 0x9, 0x38, 0x1, 0xfffe, 0x2, 0x3}, [{0x3, 0xf97, 0x8, 0xd, 0x0, 0xe5, 0x1, 0x3}], "", ['\x00']}, 0x55) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 2m40.73969788s ago: executing program 3 (id=1156): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) capset(&(0x7f0000000000)={0x20080522}, 0x0) sendmmsg$inet6(r1, &(0x7f0000001c80)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x8000001, @private0, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000440)="14", 0x1}], 0x1}}], 0x1, 0x931766f6319eed40) shutdown(r1, 0x1) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x7ffe}, 0x90) 2m40.451652358s ago: executing program 3 (id=1159): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2) readv(r1, &(0x7f0000000180)=[{&(0x7f00000015c0)=""/4096, 0xfe4e}], 0x1) 2m40.24485327s ago: executing program 3 (id=1161): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40042, 0x21) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0) pwritev2(r3, &(0x7f0000000200)=[{&(0x7f0000000340)="1f", 0xf000}], 0x1, 0x8, 0x7, 0x17) utime(&(0x7f00000000c0)='./file0\x00', 0x0) 2m24.207520671s ago: executing program 33 (id=1161): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40042, 0x21) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0) pwritev2(r3, &(0x7f0000000200)=[{&(0x7f0000000340)="1f", 0xf000}], 0x1, 0x8, 0x7, 0x17) utime(&(0x7f00000000c0)='./file0\x00', 0x0) 7.641214314s ago: executing program 1 (id=2443): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) syz_clone(0x8111, 0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() r0 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 6.268961409s ago: executing program 2 (id=2459): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x2, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x884, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x9, 0x8}, {}, {0xb, 0x3}}, [@filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x2, 0xe0, 0x4636, 0xd6, 0xc8, 0x81, 0x8001, 0x6, 0xbf5c, 0x7, 0x1, 0x1, 0x1, 0x7, 0xff, 0x2, 0x4, 0x5, 0x80000000, 0x1000, 0xfffffffb, 0xcfb, 0x2, 0x7fff, 0x95, 0x15e5, 0x3, 0xff, 0x3, 0x81, 0xfffffffe, 0x3, 0x1c, 0x4, 0x0, 0x0, 0x2, 0x101, 0x30, 0x0, 0x100, 0x1, 0xf4, 0x6, 0x200, 0x1, 0xfffffffd, 0xffffffff, 0x3, 0x1ff, 0x4, 0x8a03, 0x6, 0x1, 0x2, 0x9, 0x2, 0x9c8, 0x9, 0x200, 0x2321, 0xfff, 0xf, 0x0, 0x7, 0x8000, 0x5, 0x8, 0x2, 0xfffffffb, 0x2, 0x4, 0x7fffffff, 0x5, 0x9, 0x6, 0x6, 0x9, 0xae, 0x2, 0x103, 0x4, 0x0, 0x0, 0x1000, 0x0, 0x7, 0xfffffffe, 0x8, 0x800d, 0x64b, 0x1efe, 0x6e1c, 0xfffffff9, 0x2, 0x1, 0x5, 0x96, 0x3, 0x5, 0x1, 0x9, 0x0, 0xfffff6e4, 0xec0, 0x7, 0x8, 0x7e, 0xd081, 0x1, 0x1, 0x8, 0x7, 0x7, 0x7fff, 0x7, 0x8, 0x2f, 0x8, 0x9, 0x2, 0x7ff, 0xa38, 0x6, 0x327, 0x101, 0x2, 0x2, 0x1, 0x3, 0xd46, 0x5, 0x338, 0x40, 0x1b8beb60, 0x20000, 0x80240, 0x7, 0x4000, 0x0, 0x6, 0x8, 0x1, 0x3f0, 0x40, 0x0, 0x0, 0x1, 0xfffffe01, 0x3, 0xfffffffd, 0x2, 0x0, 0x98, 0x8, 0x200, 0x40, 0x4, 0x6, 0x8, 0x4, 0x9, 0x8, 0xf1b, 0x0, 0xfffffffe, 0x10000, 0x0, 0x81, 0x9, 0x3, 0x3, 0x3, 0x5, 0xfffffff7, 0x7, 0x5, 0x5, 0x9, 0x1ff, 0x2, 0x1000, 0x80000000, 0xfffffffc, 0x5, 0xff, 0x40, 0x7f, 0x9, 0xfffffc01, 0x0, 0x7f, 0x200, 0x8, 0x7, 0x5, 0x6, 0x8, 0x40, 0x1, 0x7, 0x7, 0x7fff, 0x301, 0x9, 0x4, 0x7f, 0x80000000, 0xd, 0x3, 0x101, 0x6e, 0x6, 0x3, 0x40000000, 0x3, 0x0, 0x9, 0x0, 0xfffffff8, 0x90b, 0xfe, 0x200, 0x2000000, 0x3, 0x200, 0xffffff01, 0x7, 0xfffffff1, 0x80000000, 0x1000, 0x0, 0x4, 0x2, 0x6e3000, 0x4, 0x6, 0x3, 0xdda, 0x4, 0x6, 0xfffffffd, 0x5, 0x80, 0x1000, 0x1, 0x0, 0x2, 0x7ff, 0x6, 0xfffffff8, 0xc, 0x2, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x592, 0xc6a3, 0x4, 0x81, 0x120, 0x40, 0x2, 0x3, 0x6, 0xc0000000, 0xe, 0x8, 0xf, 0x1000, 0x48e, 0x6, 0x1, 0x4, 0x1b70, 0xff, 0x1, 0xffffffff, 0x1, 0x0, 0xdd6, 0x80000001, 0xffff, 0x0, 0x4, 0x80000000, 0xfff, 0x7fff, 0x136d, 0x9, 0x5, 0xfffffffa, 0x7, 0x0, 0x8, 0x8, 0xa97b, 0x81, 0x0, 0x8, 0x1, 0x1b93d89b, 0x2400000, 0xfffffffa, 0xff52, 0x6, 0x6, 0x1, 0x670, 0x7ff, 0x7, 0xbb7, 0x5, 0x8, 0x7fff, 0x1, 0x3, 0x6, 0xfffffff7, 0x4, 0x764, 0x1, 0x80000000, 0x7fffffff, 0x80000001, 0x2, 0xfc69, 0xffff0000, 0x0, 0x7, 0x400, 0x8, 0x1, 0x8, 0xa8d, 0x1, 0xffff7fff, 0x0, 0x5, 0xfffffff7, 0x94, 0x4, 0x8, 0xffff, 0x8, 0xfffffff5, 0x200, 0x9, 0x6, 0x3, 0x800, 0xf, 0x1, 0xfffffff0, 0x3, 0xffff, 0x80, 0xae0, 0x4, 0x1, 0xfffffffe, 0x800, 0xcc, 0xfffffffe, 0x4, 0x9, 0x10001, 0x7, 0xe, 0x2, 0x6, 0x4, 0x5f3, 0x5, 0x4, 0x8, 0x2, 0x6, 0x7, 0x7, 0xfffdffff, 0x97e9, 0x9, 0x400, 0x7, 0xfffffff7, 0x5, 0x15, 0x1000, 0x100, 0x9, 0x9, 0x0, 0xe, 0x3ff, 0x0, 0x4, 0x79, 0x3, 0x5, 0x3, 0x3, 0x401, 0x1, 0xffffff80, 0xda29, 0x9, 0x200, 0x3, 0x2, 0x4, 0x800, 0x87, 0x1, 0x2, 0x8d, 0xa0, 0x80000001, 0x8, 0x5, 0x0, 0x8, 0x1, 0x32a0, 0x2, 0x0, 0x7f, 0x7d, 0x9, 0x10, 0x8, 0x5, 0x9, 0x1, 0x0, 0x7, 0x1, 0x1, 0x200, 0x10, 0x3, 0x3, 0x8000, 0x0, 0xf, 0x8, 0x7, 0x101, 0x8, 0x637, 0x1, 0xfff, 0x3, 0x4, 0x94c0, 0x10001, 0x7fff, 0x9, 0x7, 0xf, 0x10001, 0x0, 0x101, 0x79a1, 0x3ef, 0x5, 0x4, 0x2, 0xffffff01, 0x3, 0xf, 0x8, 0x5, 0xb, 0x0, 0x8001, 0x80, 0x9, 0x80000001, 0x7, 0x6, 0x0, 0xffffffff, 0xfffffff7, 0x4, 0x8, 0x2, 0x7, 0x7, 0x80000000, 0x2, 0x3, 0x200, 0x8, 0x133, 0x3ff, 0x2, 0x6, 0x1, 0x7, 0x3, 0x4d800, 0x4d4, 0x7, 0xe, 0x7, 0x0, 0x9, 0x80000001, 0xbd8, 0xd]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x7, 0x9, 0x9, 0x4, {0x6, 0x0, 0x6b, 0xffc0, 0x5, 0xb}, {0x7, 0x0, 0x800, 0x6, 0x8001, 0x7}, 0xffffff01, 0x7, 0x3}}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x124fc}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0x10}, 0x408c014) 5.813628224s ago: executing program 2 (id=2466): connect$inet(0xffffffffffffffff, 0x0, 0x0) listen(0xffffffffffffffff, 0xda90) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x19}, 0x94) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[], 0x54}}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xe134d17ad3ee4def, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0xd) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 2.907980293s ago: executing program 2 (id=2485): r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r1, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14) syz_emit_ethernet(0x4e, &(0x7f0000000780)=ANY=[], 0x0) 2.571299886s ago: executing program 2 (id=2488): bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x5, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 2.223600103s ago: executing program 2 (id=2492): getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20}, 0x4000000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x7, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x0, 0x40000}]}, 0x10) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) 1.93520763s ago: executing program 5 (id=2497): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0) recvmmsg(r0, &(0x7f0000003bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/17, 0x11}, 0x7}, {{0x0, 0x0, 0x0}, 0x100006}], 0x2, 0x0, 0x0) 1.888588879s ago: executing program 1 (id=2498): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f00000004c0)='./file0\x00') prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setuid(0xee01) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000240)='hugetlbfs\x00', 0x2200890, 0x0) 1.760123462s ago: executing program 5 (id=2499): rseq(&(0x7f0000000300), 0x20, 0x0, 0x0) r0 = msgget$private(0x0, 0x193) msgsnd(r0, &(0x7f0000000100)=ANY=[@ANYRES16], 0xfd1, 0x0) msgctl$IPC_RMID(r0, 0x0) 1.547723181s ago: executing program 1 (id=2501): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={0x0, r0, 0x0, 0x6}, 0x18) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) 1.509167164s ago: executing program 6 (id=2502): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x13, 0x0, 0x0, 0xa, 0x1016, &(0x7f0000001880)=""/4118, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x790, 0x80000000002, 0x180, 0x400000004, 0xffffffffffffffff, 0xf1, 0x3, 0xfffffffffffffd7e, 0x45, 0x0, 0x3b9, 0xfffffffffffffffe, 0x0, 0x0, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.438426648s ago: executing program 5 (id=2504): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000000)=0x6) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x6) write(r2, 0x0, 0x0) 1.295280196s ago: executing program 6 (id=2506): sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000002440)={0x0, 0x0, &(0x7f00000023c0)=[{&(0x7f0000000040)="08ccb2323913a7b444b5e761c881308d06203096a4e635fc", 0x18}], 0x1, 0x0, 0x0, 0x24040000}, 0xc0) syz_emit_ethernet(0xbe, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0xffffffff9673e35d]}}) 1.153689337s ago: executing program 2 (id=2507): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000100000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000440)=ANY=[@ANYBLOB="20000000010a054bf600"], 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4804) 1.13400854s ago: executing program 5 (id=2508): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x408, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000480)='./file1\x00', 0x2000, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="0200000001000600000000000400050000000000100007000000000020"], 0x24, 0x2) 1.046111075s ago: executing program 4 (id=2509): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioprio_set$pid(0x2, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x9) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffffffffffff) 1.029512215s ago: executing program 6 (id=2510): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x4c2a5e7a3ce689cd, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xdc}}, 0x0) 900.997416ms ago: executing program 4 (id=2511): r0 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) shutdown(r0, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, 0x0, 0x0) sendto$inet6(r0, &(0x7f00000001c0)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c) sendmsg$sock(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000200)="ea4a12907e6f558b57ac3ef5a2613fb1f93e71628123ee77379053573dc98bfde15d9d53d8ebcb0dc221a5a5742fcf80fa5eb133622af78c70", 0x39}], 0x1}, 0xc884) close(r0) 834.453434ms ago: executing program 1 (id=2512): ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x4a, 0x3, 0x0, 0x5, 0x0, 0x2, 0x6c, 0x87a, 0x6, 0x7, 0x0, 0x3, 0x1, 0x3, 0x8ca, 0x8005], 0x2000, 0x1f2a15}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000008000080"]) 818.008373ms ago: executing program 5 (id=2513): openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0xc0100, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x50) io_setup(0xea, &(0x7f00000000c0)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='fd/3\x00') r2 = fanotify_init(0x0, 0x2) fanotify_mark(r2, 0x1, 0x8000039, r1, 0x0) io_submit(r0, 0x1, &(0x7f0000000940)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x7, 0x8, r1, 0x0}]) 634.876919ms ago: executing program 4 (id=2514): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2}) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000400)}], 0x1) 547.586725ms ago: executing program 6 (id=2515): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x2, &(0x7f0000000000)=[{0x30, 0x1, 0xfd, 0x5ae9}, {0x6, 0x40, 0x7, 0x2002}]}, 0x10) sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0) 547.186773ms ago: executing program 5 (id=2516): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x240}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000003c0)={{&(0x7f0000a66000/0x4000)=nil, 0x4000}}) 451.590596ms ago: executing program 4 (id=2517): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x2, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x884, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9, 0x8}, {}, {0xb, 0x3}}, [@filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x2, 0xe0, 0x4636, 0xd6, 0xc8, 0x81, 0x8001, 0x6, 0xbf5c, 0x7, 0x1, 0x1, 0x1, 0x7, 0xff, 0x2, 0x4, 0x5, 0x80000000, 0x1000, 0xfffffffb, 0xcfb, 0x2, 0x7fff, 0x95, 0x15e5, 0x3, 0xff, 0x3, 0x81, 0xfffffffe, 0x3, 0x1c, 0x4, 0x0, 0x0, 0x2, 0x101, 0x30, 0x0, 0x100, 0x1, 0xf4, 0x6, 0x200, 0x1, 0xfffffffd, 0xffffffff, 0x3, 0x1ff, 0x4, 0x8a03, 0x6, 0x1, 0x2, 0x9, 0x2, 0x9c8, 0x9, 0x200, 0x2321, 0xfff, 0xf, 0x0, 0x7, 0x8000, 0x5, 0x8, 0x2, 0xfffffffb, 0x2, 0x4, 0x7fffffff, 0x5, 0x9, 0x6, 0x6, 0x9, 0xae, 0x2, 0x103, 0x4, 0x0, 0x0, 0x1000, 0x0, 0x7, 0xfffffffe, 0x8, 0x800d, 0x64b, 0x1efe, 0x6e1c, 0xfffffff9, 0x2, 0x1, 0x5, 0x96, 0x3, 0x5, 0x1, 0x9, 0x0, 0xfffff6e4, 0xec0, 0x7, 0x8, 0x7e, 0xd081, 0x1, 0x1, 0x8, 0x7, 0x7, 0x7fff, 0x7, 0x8, 0x2f, 0x8, 0x9, 0x2, 0x7ff, 0xa38, 0x6, 0x327, 0x101, 0x2, 0x2, 0x1, 0x3, 0xd46, 0x5, 0x338, 0x40, 0x1b8beb60, 0x20000, 0x80240, 0x7, 0x4000, 0x0, 0x6, 0x8, 0x1, 0x3f0, 0x40, 0x0, 0x0, 0x1, 0xfffffe01, 0x3, 0xfffffffd, 0x2, 0x0, 0x98, 0x8, 0x200, 0x40, 0x4, 0x6, 0x8, 0x4, 0x9, 0x8, 0xf1b, 0x0, 0xfffffffe, 0x10000, 0x0, 0x81, 0x9, 0x3, 0x3, 0x3, 0x5, 0xfffffff7, 0x7, 0x5, 0x5, 0x9, 0x1ff, 0x2, 0x1000, 0x80000000, 0xfffffffc, 0x5, 0xff, 0x40, 0x7f, 0x9, 0xfffffc01, 0x0, 0x7f, 0x200, 0x8, 0x7, 0x5, 0x6, 0x8, 0x40, 0x1, 0x7, 0x7, 0x7fff, 0x301, 0x9, 0x4, 0x7f, 0x80000000, 0xd, 0x3, 0x101, 0x6e, 0x6, 0x3, 0x40000000, 0x3, 0x0, 0x9, 0x0, 0xfffffff8, 0x90b, 0xfe, 0x200, 0x2000000, 0x3, 0x200, 0xffffff01, 0x7, 0xfffffff1, 0x80000000, 0x1000, 0x0, 0x4, 0x2, 0x6e3000, 0x4, 0x6, 0x3, 0xdda, 0x4, 0x6, 0xfffffffd, 0x5, 0x80, 0x1000, 0x1, 0x0, 0x2, 0x7ff, 0x6, 0xfffffff8, 0xc, 0x2, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x592, 0xc6a3, 0x4, 0x81, 0x120, 0x40, 0x2, 0x3, 0x6, 0xc0000000, 0xe, 0x8, 0xf, 0x1000, 0x48e, 0x6, 0x1, 0x4, 0x1b70, 0xff, 0x1, 0xffffffff, 0x1, 0x0, 0xdd6, 0x80000001, 0xffff, 0x0, 0x4, 0x80000000, 0xfff, 0x7fff, 0x136d, 0x9, 0x5, 0xfffffffa, 0x7, 0x0, 0x8, 0x8, 0xa97b, 0x81, 0x0, 0x8, 0x1, 0x1b93d89b, 0x2400000, 0xfffffffa, 0xff52, 0x6, 0x6, 0x1, 0x670, 0x7ff, 0x7, 0xbb7, 0x5, 0x8, 0x7fff, 0x1, 0x3, 0x6, 0xfffffff7, 0x4, 0x764, 0x1, 0x80000000, 0x7fffffff, 0x80000001, 0x2, 0xfc69, 0xffff0000, 0x0, 0x7, 0x400, 0x8, 0x1, 0x8, 0xa8d, 0x1, 0xffff7fff, 0x0, 0x5, 0xfffffff7, 0x94, 0x4, 0x8, 0xffff, 0x8, 0xfffffff5, 0x200, 0x9, 0x6, 0x3, 0x800, 0xf, 0x1, 0xfffffff0, 0x3, 0xffff, 0x80, 0xae0, 0x4, 0x1, 0xfffffffe, 0x800, 0xcc, 0xfffffffe, 0x4, 0x9, 0x10001, 0x7, 0xe, 0x2, 0x6, 0x4, 0x5f3, 0x5, 0x4, 0x8, 0x2, 0x6, 0x7, 0x7, 0xfffdffff, 0x97e9, 0x9, 0x400, 0x7, 0xfffffff7, 0x5, 0x15, 0x1000, 0x100, 0x9, 0x9, 0x0, 0xe, 0x3ff, 0x0, 0x4, 0x79, 0x3, 0x5, 0x3, 0x3, 0x401, 0x1, 0xffffff80, 0xda29, 0x9, 0x200, 0x3, 0x2, 0x4, 0x800, 0x87, 0x1, 0x2, 0x8d, 0xa0, 0x80000001, 0x8, 0x5, 0x0, 0x8, 0x1, 0x32a0, 0x2, 0x0, 0x7f, 0x7d, 0x9, 0x10, 0x8, 0x5, 0x9, 0x1, 0x0, 0x7, 0x1, 0x1, 0x200, 0x10, 0x3, 0x3, 0x8000, 0x0, 0xf, 0x8, 0x7, 0x101, 0x8, 0x637, 0x1, 0xfff, 0x3, 0x4, 0x94c0, 0x10001, 0x7fff, 0x9, 0x7, 0xf, 0x10001, 0x0, 0x101, 0x79a1, 0x3ef, 0x5, 0x4, 0x2, 0xffffff01, 0x3, 0xf, 0x8, 0x5, 0xb, 0x0, 0x8001, 0x80, 0x9, 0x80000001, 0x7, 0x6, 0x0, 0xffffffff, 0xfffffff7, 0x4, 0x8, 0x2, 0x7, 0x7, 0x80000000, 0x2, 0x3, 0x200, 0x8, 0x133, 0x3ff, 0x2, 0x6, 0x1, 0x7, 0x3, 0x4d800, 0x4d4, 0x7, 0xe, 0x7, 0x0, 0x9, 0x80000001, 0xbd8, 0xd]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x7, 0x9, 0x9, 0x4, {0x6, 0x0, 0x6b, 0xffc0, 0x5, 0xb}, {0x7, 0x0, 0x800, 0x6, 0x8001, 0x7}, 0xffffff01, 0x7, 0x3}}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x124fc}]}}]}, 0x884}, 0x1, 0x0, 0x0, 0x10}, 0x408c014) 369.940153ms ago: executing program 1 (id=2518): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000000)=0x6) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x6) write(r2, 0x0, 0x0) 235.313732ms ago: executing program 4 (id=2519): sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000010240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008090}, 0x4054) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x5836, 0x8, 0x7, 0x4000000000000e52, 0x1, 0x5479, 0x1041, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0x100000000, 0x1, 0x40000000009, 0x8000000000005, 0x800040068], 0x2000, 0x80}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 190.838618ms ago: executing program 6 (id=2520): setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = getpgid(0x0) rt_tgsigqueueinfo(r3, r3, 0x24, &(0x7f0000000040)={0x1f, 0x8a, 0x299}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[]) 27.656489ms ago: executing program 1 (id=2521): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioprio_set$pid(0x2, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x9) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffffffffffff) 27.272232ms ago: executing program 6 (id=2522): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x1}) io_setup(0xff, &(0x7f0000000180)=0x0) r2 = eventfd2(0x10000, 0x0) io_submit(r1, 0x1, &(0x7f0000000740)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x40, r0, &(0x7f0000000540)="20520fdd26bf4a7ce6cdc9edc2aa5590c42900eee3a1669387719013f6366a5c", 0x20, 0x0, 0x0, 0x3, r2}]) 0s ago: executing program 4 (id=2523): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={0x0, r0, 0x0, 0x6}, 0x18) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.189' (ED25519) to the list of known hosts. [ 86.842061][ T983] cfg80211: failed to load regulatory.db [ 89.416098][ T5823] cgroup: Unknown subsys name 'net' [ 89.664969][ T5823] cgroup: Unknown subsys name 'cpuset' [ 89.719935][ T5823] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.630298][ T5823] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.359057][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.399557][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.419514][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.440543][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.441300][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.693965][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.696482][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.708149][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.711927][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.712199][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.714704][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.717033][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.717483][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.718964][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.721363][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.760834][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.782047][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.784025][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.785239][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.786029][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.800026][ T5155] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 94.801458][ T5155] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 94.802237][ T5155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 94.881064][ T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 94.881852][ T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.544393][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 95.944417][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 95.961543][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 96.131377][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 96.421235][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.422082][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.422689][ T5835] bridge_slave_0: entered allmulticast mode [ 96.425786][ T5835] bridge_slave_0: entered promiscuous mode [ 96.429854][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 96.510272][ T5837] Bluetooth: hci0: command tx timeout [ 96.559529][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.559650][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.559769][ T5835] bridge_slave_1: entered allmulticast mode [ 96.561561][ T5835] bridge_slave_1: entered promiscuous mode [ 96.749454][ T5837] Bluetooth: hci2: command tx timeout [ 96.829661][ T5837] Bluetooth: hci3: command tx timeout [ 96.909599][ T59] Bluetooth: hci1: command tx timeout [ 96.909973][ T5837] Bluetooth: hci4: command tx timeout [ 97.124053][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.273682][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.273869][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.274011][ T5839] bridge_slave_0: entered allmulticast mode [ 97.275863][ T5839] bridge_slave_0: entered promiscuous mode [ 97.292119][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.293201][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.293343][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.294312][ T5840] bridge_slave_0: entered allmulticast mode [ 97.300482][ T5840] bridge_slave_0: entered promiscuous mode [ 97.471581][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.471804][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.471987][ T5840] bridge_slave_1: entered allmulticast mode [ 97.475185][ T5840] bridge_slave_1: entered promiscuous mode [ 97.580755][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.580893][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.581056][ T5839] bridge_slave_1: entered allmulticast mode [ 97.583770][ T5839] bridge_slave_1: entered promiscuous mode [ 97.585547][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.585686][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.586182][ T5847] bridge_slave_0: entered allmulticast mode [ 97.589272][ T5847] bridge_slave_0: entered promiscuous mode [ 97.981495][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.981716][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.981895][ T5847] bridge_slave_1: entered allmulticast mode [ 97.984626][ T5847] bridge_slave_1: entered promiscuous mode [ 97.987405][ T5835] team0: Port device team_slave_0 added [ 98.070639][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.070772][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.070933][ T5838] bridge_slave_0: entered allmulticast mode [ 98.073691][ T5838] bridge_slave_0: entered promiscuous mode [ 98.223109][ T5835] team0: Port device team_slave_1 added [ 98.227256][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.228881][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.229003][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.229134][ T5838] bridge_slave_1: entered allmulticast mode [ 98.238918][ T5838] bridge_slave_1: entered promiscuous mode [ 98.268760][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.349279][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.493801][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.496792][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.594035][ T5837] Bluetooth: hci0: command tx timeout [ 98.804410][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.829436][ T5837] Bluetooth: hci2: command tx timeout [ 98.892645][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.892660][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.892677][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.897330][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.909460][ T5837] Bluetooth: hci3: command tx timeout [ 98.999853][ T59] Bluetooth: hci1: command tx timeout [ 98.999943][ T5837] Bluetooth: hci4: command tx timeout [ 99.282870][ T5840] team0: Port device team_slave_0 added [ 99.285502][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.285518][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.285546][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.291288][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.294055][ T5839] team0: Port device team_slave_0 added [ 99.402569][ T5840] team0: Port device team_slave_1 added [ 99.493096][ T5839] team0: Port device team_slave_1 added [ 99.494982][ T5847] team0: Port device team_slave_0 added [ 99.734128][ T5847] team0: Port device team_slave_1 added [ 99.795406][ T5838] team0: Port device team_slave_0 added [ 99.957992][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.958006][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.958025][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.053356][ T5838] team0: Port device team_slave_1 added [ 100.054893][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.054906][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.054931][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.175901][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.175917][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.175942][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.331448][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.331467][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.331496][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.333226][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.333240][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.333268][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.483306][ T5835] hsr_slave_0: entered promiscuous mode [ 100.484725][ T5835] hsr_slave_1: entered promiscuous mode [ 100.577953][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.577971][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.577990][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.587089][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.587105][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.587134][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.613878][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.613914][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.613944][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.669771][ T5837] Bluetooth: hci0: command tx timeout [ 100.909631][ T5837] Bluetooth: hci2: command tx timeout [ 100.990714][ T5837] Bluetooth: hci3: command tx timeout [ 101.069827][ T59] Bluetooth: hci1: command tx timeout [ 101.069973][ T5837] Bluetooth: hci4: command tx timeout [ 101.140052][ T5840] hsr_slave_0: entered promiscuous mode [ 101.142707][ T5840] hsr_slave_1: entered promiscuous mode [ 101.143406][ T5840] debugfs: 'hsr0' already exists in 'hsr' [ 101.143492][ T5840] Cannot create hsr debugfs directory [ 101.235200][ T5839] hsr_slave_0: entered promiscuous mode [ 101.236265][ T5839] hsr_slave_1: entered promiscuous mode [ 101.236842][ T5839] debugfs: 'hsr0' already exists in 'hsr' [ 101.236864][ T5839] Cannot create hsr debugfs directory [ 101.410681][ T5847] hsr_slave_0: entered promiscuous mode [ 101.412094][ T5847] hsr_slave_1: entered promiscuous mode [ 101.412837][ T5847] debugfs: 'hsr0' already exists in 'hsr' [ 101.412859][ T5847] Cannot create hsr debugfs directory [ 101.772739][ T5838] hsr_slave_0: entered promiscuous mode [ 101.773965][ T5838] hsr_slave_1: entered promiscuous mode [ 101.774612][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 101.774635][ T5838] Cannot create hsr debugfs directory [ 102.749568][ T5837] Bluetooth: hci0: command tx timeout [ 102.990317][ T5837] Bluetooth: hci2: command tx timeout [ 103.080007][ T5837] Bluetooth: hci3: command tx timeout [ 103.149513][ T59] Bluetooth: hci1: command tx timeout [ 103.149552][ T5837] Bluetooth: hci4: command tx timeout [ 103.180361][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 103.226290][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 103.257463][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 103.327172][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 103.446177][ T5840] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 103.495514][ T5840] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 103.527286][ T5840] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 103.590740][ T5840] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 103.722381][ T5839] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 103.773516][ T5839] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 103.823801][ T5839] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 103.876892][ T5839] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.037263][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.091310][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.142166][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.197746][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.405675][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 104.446207][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 104.477576][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 104.524602][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.526908][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 104.631871][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.687569][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.733048][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.733671][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.772319][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.792622][ T3225] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.792840][ T3225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.835663][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.835809][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.868424][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.892558][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.892714][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.002560][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.052306][ T3225] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.052933][ T3225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.085072][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.116159][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.116365][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.248236][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.336506][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.355874][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.356030][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.428412][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.428553][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.516074][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.623500][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.623728][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.704691][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.709526][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.801606][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.006213][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.242433][ T5835] veth0_vlan: entered promiscuous mode [ 106.273890][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.305393][ T5835] veth1_vlan: entered promiscuous mode [ 106.568084][ T5835] veth0_macvtap: entered promiscuous mode [ 106.593998][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.622843][ T5835] veth1_macvtap: entered promiscuous mode [ 106.669996][ T5839] veth0_vlan: entered promiscuous mode [ 106.751105][ T5839] veth1_vlan: entered promiscuous mode [ 106.782215][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.818295][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.876970][ T57] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.896080][ T57] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.916784][ T57] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.936268][ T57] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.965255][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.032416][ T5847] veth0_vlan: entered promiscuous mode [ 107.112773][ T5839] veth0_macvtap: entered promiscuous mode [ 107.147970][ T5840] veth0_vlan: entered promiscuous mode [ 107.156116][ T5839] veth1_macvtap: entered promiscuous mode [ 107.202538][ T5847] veth1_vlan: entered promiscuous mode [ 107.286832][ T5840] veth1_vlan: entered promiscuous mode [ 107.359038][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.382490][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.382516][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.451426][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.515443][ T5838] veth0_vlan: entered promiscuous mode [ 107.516496][ T206] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.516602][ T206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.516616][ T206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.555196][ T87] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.572024][ T87] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.590672][ T87] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.617233][ T5847] veth0_macvtap: entered promiscuous mode [ 107.695289][ T5838] veth1_vlan: entered promiscuous mode [ 107.700585][ T5847] veth1_macvtap: entered promiscuous mode [ 107.714972][ T5840] veth0_macvtap: entered promiscuous mode [ 107.790011][ T5840] veth1_macvtap: entered promiscuous mode [ 107.963656][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.076563][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.088009][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.119062][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.119082][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.158788][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.196690][ T1130] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.215496][ T1130] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.224018][ T1130] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.260756][ T5838] veth0_macvtap: entered promiscuous mode [ 108.266690][ T1130] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.331279][ T1130] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.348533][ T3225] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.396660][ T5838] veth1_macvtap: entered promiscuous mode [ 108.409870][ T3225] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.455724][ T3225] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.464255][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.464280][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.761957][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.957666][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.110811][ T206] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.110834][ T206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.117748][ T3225] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.156979][ T3225] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.173985][ T3225] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.216044][ T3225] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.413297][ T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.413317][ T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.486604][ T5965] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.782073][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.782095][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.878790][ T206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.878810][ T206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.088541][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.088562][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.230567][ T206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.230586][ T206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.389334][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 112.509369][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 113.229316][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 113.269325][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 113.515928][ T6006] : renamed from bond_slave_0 (while UP) [ 114.475440][ T6027] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 117.152542][ T6049] overlayfs: failed to resolve './bus/file0': -89 [ 118.220439][ T6062] : renamed from bond_slave_0 (while UP) [ 120.395285][ T6091] overlayfs: failed to resolve './bus/file0': -89 [ 124.999380][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.009333][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.019330][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.029342][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.039318][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.049317][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 126.772416][ T6169] netlink: 28 bytes leftover after parsing attributes in process `syz.0.76'. [ 126.772542][ T6169] netlink: 'syz.0.76': attribute type 7 has an invalid length. [ 126.772557][ T6169] netlink: 'syz.0.76': attribute type 8 has an invalid length. [ 126.772570][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.76'. [ 126.835246][ T6169] bond0: entered promiscuous mode [ 126.835273][ T6169] bond_slave_0: entered promiscuous mode [ 126.835559][ T6169] bond_slave_1: entered promiscuous mode [ 126.883622][ T6169] bond0: left promiscuous mode [ 126.883645][ T6169] bond_slave_0: left promiscuous mode [ 126.884005][ T6169] bond_slave_1: left promiscuous mode [ 130.405396][ T6202] netlink: 'syz.4.84': attribute type 1 has an invalid length. [ 130.405419][ T6202] netlink: 184 bytes leftover after parsing attributes in process `syz.4.84'. [ 130.405447][ T6202] netlink: 'syz.4.84': attribute type 1 has an invalid length. [ 132.102461][ T6216] netlink: 28 bytes leftover after parsing attributes in process `syz.0.90'. [ 132.102498][ T6216] netlink: 'syz.0.90': attribute type 7 has an invalid length. [ 132.102513][ T6216] netlink: 'syz.0.90': attribute type 8 has an invalid length. [ 132.102525][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.90'. [ 133.582019][ T6216] bond0: entered promiscuous mode [ 133.582051][ T6216] bond_slave_0: entered promiscuous mode [ 133.582351][ T6216] bond_slave_1: entered promiscuous mode [ 133.796379][ T6216] bond0: left promiscuous mode [ 133.796403][ T6216] bond_slave_0: left promiscuous mode [ 133.796670][ T6216] bond_slave_1: left promiscuous mode [ 134.338035][ T6234] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 134.340389][ T6233] netlink: 'syz.3.98': attribute type 1 has an invalid length. [ 134.340408][ T6233] netlink: 184 bytes leftover after parsing attributes in process `syz.3.98'. [ 134.340424][ T6233] netlink: 'syz.3.98': attribute type 1 has an invalid length. [ 134.420150][ T6236] netlink: 4 bytes leftover after parsing attributes in process `syz.2.96'. [ 134.955544][ T6236] bridge_slave_1: left allmulticast mode [ 134.955582][ T6236] bridge_slave_1: left promiscuous mode [ 134.958275][ T6236] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.159134][ T6236] bridge_slave_0: left allmulticast mode [ 135.159167][ T6236] bridge_slave_0: left promiscuous mode [ 135.166992][ T6236] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.876612][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.876677][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.115794][ T6274] netlink: 'syz.3.109': attribute type 1 has an invalid length. [ 139.115819][ T6274] netlink: 184 bytes leftover after parsing attributes in process `syz.3.109'. [ 139.115836][ T6274] netlink: 'syz.3.109': attribute type 1 has an invalid length. [ 139.210737][ T6273] netlink: 28 bytes leftover after parsing attributes in process `syz.2.108'. [ 139.210776][ T6273] netlink: 'syz.2.108': attribute type 7 has an invalid length. [ 139.210790][ T6273] netlink: 'syz.2.108': attribute type 8 has an invalid length. [ 139.210803][ T6273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.108'. [ 139.251917][ T6273] bond0: entered promiscuous mode [ 139.251938][ T6273] : entered promiscuous mode [ 139.252187][ T6273] bond_slave_1: entered promiscuous mode [ 139.349026][ T6273] bond0: left promiscuous mode [ 139.349049][ T6273] : left promiscuous mode [ 139.351493][ T6273] bond_slave_1: left promiscuous mode [ 139.574479][ T6282] netlink: 24 bytes leftover after parsing attributes in process `syz.0.112'. [ 140.339745][ T6294] netlink: 4 bytes leftover after parsing attributes in process `syz.3.116'. [ 140.819427][ T6294] bridge_slave_1: left allmulticast mode [ 140.819457][ T6294] bridge_slave_1: left promiscuous mode [ 140.819736][ T6294] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.030869][ T6294] bridge_slave_0: left allmulticast mode [ 141.030892][ T6294] bridge_slave_0: left promiscuous mode [ 141.031092][ T6294] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.363461][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.123'. [ 150.030180][ T1129] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.522817][ T1129] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.964005][ T1129] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.143268][ T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 151.149178][ T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 151.266662][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 151.278243][ T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 151.279170][ T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.682438][ T1129] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.852370][ T1129] bridge_slave_1: left allmulticast mode [ 152.852690][ T1129] bridge_slave_1: left promiscuous mode [ 152.856106][ T1129] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.952597][ T1129] bridge_slave_0: left allmulticast mode [ 152.952623][ T1129] bridge_slave_0: left promiscuous mode [ 152.952830][ T1129] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.549607][ T59] Bluetooth: hci4: command tx timeout [ 155.453713][ T1129] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.540346][ T1129] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.565616][ T1129] bond0 (unregistering): Released all slaves [ 155.629986][ T59] Bluetooth: hci4: command tx timeout [ 155.939881][ T6515] capability: warning: `syz.3.196' uses 32-bit capabilities (legacy support in use) [ 157.614054][ T6564] netlink: 56 bytes leftover after parsing attributes in process `syz.1.212'. [ 157.709932][ T59] Bluetooth: hci4: command tx timeout [ 157.793744][ T6432] chnl_net:caif_netlink_parms(): no params data found [ 158.614613][ T1129] hsr_slave_0: left promiscuous mode [ 158.663399][ T1129] hsr_slave_1: left promiscuous mode [ 158.668769][ T1129] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.668848][ T1129] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.122169][ T59] Bluetooth: hci4: command tx timeout [ 160.150163][ T1129] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.150197][ T1129] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.421495][ T1129] veth1_macvtap: left promiscuous mode [ 160.421717][ T1129] veth0_macvtap: left promiscuous mode [ 160.422021][ T1129] veth1_vlan: left promiscuous mode [ 160.422832][ T1129] veth0_vlan: left promiscuous mode [ 161.300202][ T6610] netlink: 16 bytes leftover after parsing attributes in process `syz.2.226'. [ 162.872268][ T1129] team0 (unregistering): Port device team_slave_1 removed [ 163.060381][ T1129] team0 (unregistering): Port device team_slave_0 removed [ 166.167218][ T6432] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.176897][ T6432] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.177141][ T6432] bridge_slave_0: entered allmulticast mode [ 166.210403][ T6432] bridge_slave_0: entered promiscuous mode [ 166.216687][ T6432] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.216822][ T6432] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.217039][ T6432] bridge_slave_1: entered allmulticast mode [ 166.245910][ T6432] bridge_slave_1: entered promiscuous mode [ 166.563204][ T6432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.958673][ T6432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.001285][ T6656] netlink: 24 bytes leftover after parsing attributes in process `syz.2.240'. [ 168.033256][ T6432] team0: Port device team_slave_0 added [ 168.103618][ T6432] team0: Port device team_slave_1 added [ 168.507514][ T6432] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 168.507532][ T6432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.507560][ T6432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 168.581541][ T6432] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.581558][ T6432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.581586][ T6432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.807307][ T6692] netlink: 28 bytes leftover after parsing attributes in process `syz.4.252'. [ 168.807344][ T6692] netlink: 'syz.4.252': attribute type 7 has an invalid length. [ 168.807359][ T6692] netlink: 'syz.4.252': attribute type 8 has an invalid length. [ 168.807372][ T6692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.252'. [ 168.966882][ T6692] bond0: entered promiscuous mode [ 168.966906][ T6692] bond_slave_0: entered promiscuous mode [ 168.967181][ T6692] bond_slave_1: entered promiscuous mode [ 168.983444][ T6701] netlink: 'syz.3.255': attribute type 5 has an invalid length. [ 168.983468][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.255'. [ 169.041769][ T6692] bond0: left promiscuous mode [ 169.041791][ T6692] bond_slave_0: left promiscuous mode [ 169.042059][ T6692] bond_slave_1: left promiscuous mode [ 169.441944][ T6432] hsr_slave_0: entered promiscuous mode [ 169.460521][ T6432] hsr_slave_1: entered promiscuous mode [ 169.465739][ T6432] debugfs: 'hsr0' already exists in 'hsr' [ 169.465767][ T6432] Cannot create hsr debugfs directory [ 169.773972][ T6714] vlan2: entered promiscuous mode [ 169.773995][ T6714] syz_tun: entered promiscuous mode [ 170.952760][ T6734] netlink: 36 bytes leftover after parsing attributes in process `syz.3.267'. [ 172.071463][ T6432] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 173.035338][ T6432] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 173.419716][ T6432] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 173.575312][ T6432] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 174.208049][ T6432] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.345799][ T6432] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.394264][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.394812][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.372074][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.372312][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.436288][ T6841] netlink: 'syz.3.298': attribute type 5 has an invalid length. [ 176.436309][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.3.298'. [ 177.230629][ T6853] syz.3.301 (6853) used greatest stack depth: 18040 bytes left [ 177.608709][ T6432] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.927269][ T6432] veth0_vlan: entered promiscuous mode [ 179.951529][ T6432] veth1_vlan: entered promiscuous mode [ 180.091443][ T6432] veth0_macvtap: entered promiscuous mode [ 180.210026][ T6432] veth1_macvtap: entered promiscuous mode [ 180.304000][ T6921] netlink: 'syz.4.318': attribute type 5 has an invalid length. [ 180.304021][ T6921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.318'. [ 180.409801][ T6432] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.455465][ T6432] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.494161][ T1123] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.494633][ T1123] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.495120][ T1123] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.495346][ T1123] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.064556][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.064576][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.328215][ T206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.328235][ T206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.416154][ T6965] netlink: 'syz.1.333': attribute type 5 has an invalid length. [ 182.416177][ T6965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'. [ 183.108359][ T6982] netlink: 24 bytes leftover after parsing attributes in process `syz.2.336'. [ 184.680981][ T6998] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 184.681125][ T6998] block device autoloading is deprecated and will be removed. [ 186.097654][ T7046] 9pnet_fd: Insufficient options for proto=fd [ 186.591568][ T7064] netlink: 24 bytes leftover after parsing attributes in process `syz.4.367'. [ 187.159787][ T7072] netlink: 'syz.2.370': attribute type 4 has an invalid length. [ 187.403180][ T7074] netlink: 'syz.2.370': attribute type 4 has an invalid length. [ 188.140458][ T7085] 9pnet_fd: Insufficient options for proto=fd [ 190.610078][ T7133] afs: Unknown parameter 'dy' [ 191.620754][ T7141] netlink: 28 bytes leftover after parsing attributes in process `syz.5.393'. [ 191.620788][ T7141] netlink: 'syz.5.393': attribute type 7 has an invalid length. [ 191.620801][ T7141] netlink: 'syz.5.393': attribute type 8 has an invalid length. [ 191.620813][ T7141] netlink: 4 bytes leftover after parsing attributes in process `syz.5.393'. [ 191.668907][ T7141] bond0: entered promiscuous mode [ 191.668930][ T7141] bond_slave_0: entered promiscuous mode [ 191.669222][ T7141] bond_slave_1: entered promiscuous mode [ 191.824558][ T7141] bond0: left promiscuous mode [ 191.824581][ T7141] bond_slave_0: left promiscuous mode [ 191.824848][ T7141] bond_slave_1: left promiscuous mode [ 192.492025][ T7160] pim6reg1: entered promiscuous mode [ 192.492056][ T7160] pim6reg1: entered allmulticast mode [ 193.623762][ T7189] Zero length message leads to an empty skb [ 193.786638][ T7191] netlink: 28 bytes leftover after parsing attributes in process `syz.5.410'. [ 193.786673][ T7191] netlink: 'syz.5.410': attribute type 7 has an invalid length. [ 193.786686][ T7191] netlink: 'syz.5.410': attribute type 8 has an invalid length. [ 193.786698][ T7191] netlink: 4 bytes leftover after parsing attributes in process `syz.5.410'. [ 193.796519][ T7191] bond0: entered promiscuous mode [ 193.796545][ T7191] bond_slave_0: entered promiscuous mode [ 193.796820][ T7191] bond_slave_1: entered promiscuous mode [ 193.855967][ T7191] bond0: left promiscuous mode [ 193.855993][ T7191] bond_slave_0: left promiscuous mode [ 193.856315][ T7191] bond_slave_1: left promiscuous mode [ 196.847273][ T7288] netlink: 'syz.2.442': attribute type 5 has an invalid length. [ 196.847296][ T7288] netlink: 8 bytes leftover after parsing attributes in process `syz.2.442'. [ 197.261239][ T7298] netlink: 28 bytes leftover after parsing attributes in process `syz.2.445'. [ 197.261277][ T7298] netlink: 'syz.2.445': attribute type 7 has an invalid length. [ 197.261291][ T7298] netlink: 'syz.2.445': attribute type 8 has an invalid length. [ 197.261304][ T7298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'. [ 197.554168][ T7298] bond0: entered promiscuous mode [ 197.554190][ T7298] : entered promiscuous mode [ 197.556841][ T7298] bond_slave_1: entered promiscuous mode [ 197.633833][ T7298] bond0: left promiscuous mode [ 197.633855][ T7298] : left promiscuous mode [ 197.634144][ T7298] bond_slave_1: left promiscuous mode [ 198.226382][ T7325] netlink: 'syz.4.455': attribute type 5 has an invalid length. [ 198.226405][ T7325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.455'. [ 199.280643][ T7358] netlink: 28 bytes leftover after parsing attributes in process `syz.1.464'. [ 199.280679][ T7358] netlink: 'syz.1.464': attribute type 7 has an invalid length. [ 199.280692][ T7358] netlink: 'syz.1.464': attribute type 8 has an invalid length. [ 199.280704][ T7358] netlink: 4 bytes leftover after parsing attributes in process `syz.1.464'. [ 199.359093][ T7358] bond0: entered promiscuous mode [ 199.359117][ T7358] : entered promiscuous mode [ 199.369981][ T7358] bond_slave_1: entered promiscuous mode [ 199.415329][ T7358] bond0: left promiscuous mode [ 199.415352][ T7358] : left promiscuous mode [ 199.415621][ T7358] bond_slave_1: left promiscuous mode [ 199.476792][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.476868][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.728256][ T7437] netlink: 'syz.1.491': attribute type 1 has an invalid length. [ 204.728278][ T7437] netlink: 228 bytes leftover after parsing attributes in process `syz.1.491'. [ 206.064139][ T7443] netlink: 'syz.3.495': attribute type 5 has an invalid length. [ 206.064161][ T7443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.495'. [ 208.652970][ T7495] netlink: 28 bytes leftover after parsing attributes in process `syz.2.515'. [ 208.653005][ T7495] netlink: 'syz.2.515': attribute type 7 has an invalid length. [ 208.653018][ T7495] netlink: 'syz.2.515': attribute type 8 has an invalid length. [ 208.653031][ T7495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.515'. [ 208.858521][ T7495] bond0: entered promiscuous mode [ 208.858546][ T7495] : entered promiscuous mode [ 208.858809][ T7495] bond_slave_1: entered promiscuous mode [ 208.944639][ T7495] bond0: left promiscuous mode [ 208.944663][ T7495] : left promiscuous mode [ 208.944935][ T7495] bond_slave_1: left promiscuous mode [ 212.181827][ T7543] netlink: 24 bytes leftover after parsing attributes in process `syz.5.533'. [ 213.617262][ T7566] : renamed from bond_slave_0 (while UP) [ 215.517150][ T7583] netlink: 'syz.1.548': attribute type 1 has an invalid length. [ 215.517165][ T7583] netlink: 228 bytes leftover after parsing attributes in process `syz.1.548'. [ 217.076809][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 217.076848][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 217.077533][ T5850] Bluetooth: hci3: command 0x0406 tx timeout [ 219.045718][ T7621] netlink: 28 bytes leftover after parsing attributes in process `syz.1.562'. [ 219.045753][ T7621] netlink: 'syz.1.562': attribute type 7 has an invalid length. [ 219.045766][ T7621] netlink: 'syz.1.562': attribute type 8 has an invalid length. [ 219.045788][ T7621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.562'. [ 219.064116][ T7621] bond0: entered promiscuous mode [ 219.064140][ T7621] : entered promiscuous mode [ 219.064419][ T7621] bond_slave_1: entered promiscuous mode [ 219.127385][ T7621] bond0: left promiscuous mode [ 219.127411][ T7621] : left promiscuous mode [ 219.127694][ T7621] bond_slave_1: left promiscuous mode [ 220.135311][ T7642] netlink: 'syz.2.571': attribute type 5 has an invalid length. [ 220.135327][ T7642] netlink: 8 bytes leftover after parsing attributes in process `syz.2.571'. [ 220.521480][ T7648] netlink: 'syz.4.573': attribute type 1 has an invalid length. [ 220.521501][ T7648] netlink: 228 bytes leftover after parsing attributes in process `syz.4.573'. [ 222.031946][ T5155] Bluetooth: hci1: command 0x0406 tx timeout [ 224.693900][ T7688] overlayfs: missing 'lowerdir' [ 228.943927][ T7726] overlayfs: missing 'lowerdir' [ 233.794003][ T7772] overlayfs: missing 'lowerdir' [ 234.990132][ T7779] netlink: 'syz.4.617': attribute type 5 has an invalid length. [ 234.990152][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.617'. [ 235.272600][ T7788] netlink: 20 bytes leftover after parsing attributes in process `syz.4.620'. [ 236.001319][ T7797] pim6reg1: entered promiscuous mode [ 236.001342][ T7797] pim6reg1: entered allmulticast mode [ 238.892435][ T7844] pim6reg1: entered promiscuous mode [ 238.892466][ T7844] pim6reg1: entered allmulticast mode [ 245.476772][ T7939] overlay: Unknown parameter 'euid<00000000000000000000' [ 246.186588][ T38] audit: type=1326 audit(1758050000.008:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 246.341897][ T38] audit: type=1326 audit(1758050000.178:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 246.341946][ T38] audit: type=1326 audit(1758050000.188:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 246.341987][ T38] audit: type=1326 audit(1758050000.188:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 246.342026][ T38] audit: type=1326 audit(1758050000.188:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 246.342064][ T38] audit: type=1326 audit(1758050000.188:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 246.342103][ T38] audit: type=1326 audit(1758050000.188:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 246.342141][ T38] audit: type=1326 audit(1758050000.188:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 246.342180][ T38] audit: type=1326 audit(1758050000.188:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 246.342219][ T38] audit: type=1326 audit(1758050000.188:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7943 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e821de7ab code=0x7ffc0000 [ 250.793042][ T7978] overlay: Unknown parameter 'euid<00000000000000000000' [ 253.548521][ T8029] overlay: Unknown parameter 'obj_role' [ 256.104435][ T8059] overlay: Unknown parameter 'obj_role' [ 257.615053][ T8066] : renamed from bond_slave_0 (while UP) [ 259.361860][ T8099] netlink: 'syz.2.731': attribute type 5 has an invalid length. [ 259.361879][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.731'. [ 260.471961][ T8122] netlink: 4 bytes leftover after parsing attributes in process `syz.5.740'. [ 260.918084][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.928434][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.649121][ T8154] overlay: Unknown parameter 'euid<00000000000000000000' [ 265.306707][ T8221] netlink: 'syz.1.762': attribute type 5 has an invalid length. [ 265.306729][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.1.762'. [ 266.158025][ T8237] overlay: Unknown parameter 'euid<00000000000000000000' [ 267.469706][ T31] af_packet: tpacket_rcv: packet too big, clamped from 94 to 4294967286. macoff=82 [ 269.043486][ T8279] overlay: Unknown parameter 'euid<00000000000000000000' [ 270.855635][ T38] kauditd_printk_skb: 22 callbacks suppressed [ 270.855654][ T38] audit: type=1326 audit(1758050024.688:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.4.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 270.855711][ T38] audit: type=1326 audit(1758050024.698:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.4.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 270.930650][ T38] audit: type=1326 audit(1758050024.778:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.4.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efe7c34d65f code=0x7ffc0000 [ 270.938556][ T38] audit: type=1326 audit(1758050024.778:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.4.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 270.938609][ T38] audit: type=1326 audit(1758050024.778:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8299 comm="syz.4.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 272.281660][ T8332] kernel profiling enabled (shift: 6) [ 274.587544][ T8369] netlink: 28 bytes leftover after parsing attributes in process `syz.5.820'. [ 274.587582][ T8369] netlink: 'syz.5.820': attribute type 7 has an invalid length. [ 274.587603][ T8369] netlink: 'syz.5.820': attribute type 8 has an invalid length. [ 274.587617][ T8369] netlink: 4 bytes leftover after parsing attributes in process `syz.5.820'. [ 274.683995][ T8369] bond0: entered promiscuous mode [ 274.684018][ T8369] : entered promiscuous mode [ 274.684256][ T8369] bond_slave_1: entered promiscuous mode [ 274.736301][ T8369] bond0: left promiscuous mode [ 274.736347][ T8369] : left promiscuous mode [ 274.736720][ T8369] bond_slave_1: left promiscuous mode [ 275.013182][ T38] audit: type=1326 audit(1758050284.857:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8380 comm="syz.3.824" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf44edeba9 code=0x0 [ 276.762473][ T8414] netlink: 28 bytes leftover after parsing attributes in process `syz.4.837'. [ 276.762509][ T8414] netlink: 'syz.4.837': attribute type 7 has an invalid length. [ 276.762522][ T8414] netlink: 'syz.4.837': attribute type 8 has an invalid length. [ 276.762534][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.4.837'. [ 276.864788][ T8414] bond0: entered promiscuous mode [ 276.864805][ T8414] : entered promiscuous mode [ 276.864972][ T8414] bond_slave_1: entered promiscuous mode [ 276.898144][ T8414] bond0: left promiscuous mode [ 276.898167][ T8414] : left promiscuous mode [ 276.898424][ T8414] bond_slave_1: left promiscuous mode [ 278.349333][ T5155] Bluetooth: hci4: command 0x0406 tx timeout [ 278.598420][ T8430] process 'syz.3.843' launched './file1' with NULL argv: empty string added [ 279.560942][ T8450] fuse: Bad value for 'fd' [ 279.571488][ T8452] netlink: 28 bytes leftover after parsing attributes in process `syz.5.850'. [ 279.571527][ T8452] netlink: 'syz.5.850': attribute type 7 has an invalid length. [ 279.571543][ T8452] netlink: 'syz.5.850': attribute type 8 has an invalid length. [ 279.571556][ T8452] netlink: 4 bytes leftover after parsing attributes in process `syz.5.850'. [ 279.583225][ T8452] bond0: entered promiscuous mode [ 279.583247][ T8452] : entered promiscuous mode [ 279.583521][ T8452] bond_slave_1: entered promiscuous mode [ 279.656770][ T8452] bond0: left promiscuous mode [ 279.656788][ T8452] : left promiscuous mode [ 279.656992][ T8452] bond_slave_1: left promiscuous mode [ 287.752786][ T8567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.895'. [ 289.137978][ T8576] netlink: 248 bytes leftover after parsing attributes in process `syz.5.898'. [ 290.483281][ T8601] netlink: 'syz.2.908': attribute type 5 has an invalid length. [ 290.483302][ T8601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.908'. [ 290.870674][ T8612] netlink: 248 bytes leftover after parsing attributes in process `syz.5.911'. [ 291.161091][ T8619] syz.5.914 (8619) used greatest stack depth: 18024 bytes left [ 294.792213][ T8684] syz.2.940 (8684) used greatest stack depth: 17576 bytes left [ 295.457277][ T8696] netlink: 144 bytes leftover after parsing attributes in process `syz.2.944'. [ 296.319939][ T8717] netlink: 28 bytes leftover after parsing attributes in process `syz.2.952'. [ 296.319975][ T8717] netlink: 'syz.2.952': attribute type 7 has an invalid length. [ 296.319989][ T8717] netlink: 'syz.2.952': attribute type 8 has an invalid length. [ 296.320002][ T8717] netlink: 4 bytes leftover after parsing attributes in process `syz.2.952'. [ 296.371629][ T8717] bond0: entered promiscuous mode [ 296.371652][ T8717] : entered promiscuous mode [ 296.371906][ T8717] bond_slave_1: entered promiscuous mode [ 296.419525][ T8717] bond0: left promiscuous mode [ 296.419550][ T8717] : left promiscuous mode [ 296.419904][ T8717] bond_slave_1: left promiscuous mode [ 296.453368][ T8724] netlink: 'syz.3.957': attribute type 5 has an invalid length. [ 296.453390][ T8724] netlink: 8 bytes leftover after parsing attributes in process `syz.3.957'. [ 298.361624][ T8759] sctp: [Deprecated]: syz.4.970 (pid 8759) Use of int in maxseg socket option. [ 298.361624][ T8759] Use struct sctp_assoc_value instead [ 298.926003][ T8779] netlink: 144 bytes leftover after parsing attributes in process `syz.2.978'. [ 299.839565][ T8793] capability: warning: `syz.2.987' uses deprecated v2 capabilities in a way that may be insecure [ 300.156107][ T8807] 9pnet_fd: Insufficient options for proto=fd [ 300.601048][ T38] audit: type=1326 audit(1758050310.447:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.601099][ T38] audit: type=1326 audit(1758050310.447:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.607580][ T38] audit: type=1326 audit(1758050310.447:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.608331][ T38] audit: type=1326 audit(1758050310.447:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.608968][ T38] audit: type=1326 audit(1758050310.447:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.645305][ T38] audit: type=1326 audit(1758050310.487:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.654456][ T38] audit: type=1326 audit(1758050310.497:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.689257][ T38] audit: type=1326 audit(1758050310.527:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 300.689313][ T38] audit: type=1326 audit(1758050310.527:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8816 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 301.470390][ T8840] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1002'. [ 301.893575][ T8857] overlayfs: overlapping lowerdir path [ 302.891022][ T8892] overlayfs: overlapping lowerdir path [ 305.341336][ T8956] netlink: 'syz.3.1050': attribute type 5 has an invalid length. [ 305.341357][ T8956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1050'. [ 306.161242][ T8980] : renamed from bond_slave_0 (while UP) [ 307.101356][ T8997] netlink: 'syz.4.1063': attribute type 5 has an invalid length. [ 307.101379][ T8997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1063'. [ 307.289065][ T9000] netlink: 'syz.1.1065': attribute type 1 has an invalid length. [ 307.289089][ T9000] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1065'. [ 307.289106][ T9000] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1065'. [ 307.901499][ T9026] program syz.5.1074 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 309.382828][ T9053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1084'. [ 309.383246][ T9053] 8021q: VLANs not supported on gre0 [ 310.019482][ T9063] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1089'. [ 310.019519][ T9063] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1089'. [ 310.116066][ T9063] team0: entered promiscuous mode [ 310.116088][ T9063] team_slave_0: entered promiscuous mode [ 310.116342][ T9063] team_slave_1: entered promiscuous mode [ 310.118446][ T9063] bond0: entered promiscuous mode [ 310.118460][ T9063] : entered promiscuous mode [ 310.118616][ T9063] bond_slave_1: entered promiscuous mode [ 310.138577][ T9063] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 310.896619][ T9086] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1097'. [ 311.881235][ T9096] netlink: 'syz.4.1101': attribute type 1 has an invalid length. [ 311.881251][ T9096] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1101'. [ 311.881261][ T9096] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1101'. [ 313.093436][ T9112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1106'. [ 313.093463][ T9112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1106'. [ 313.708200][ T9127] 9pnet_fd: Insufficient options for proto=fd [ 314.445295][ T9143] ./file0: Can't lookup blockdev [ 314.764635][ T9152] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1124'. [ 314.764673][ T9152] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1124'. [ 314.775339][ T9152] team0: entered promiscuous mode [ 314.775374][ T9152] team_slave_0: entered promiscuous mode [ 314.775646][ T9152] team_slave_1: entered promiscuous mode [ 314.778395][ T9152] bond0: entered promiscuous mode [ 314.778413][ T9152] : entered promiscuous mode [ 314.778681][ T9152] bond_slave_1: entered promiscuous mode [ 314.781340][ T9152] debugfs: 'hsr1' already exists in 'hsr' [ 314.781369][ T9152] Cannot create hsr debugfs directory [ 314.782306][ T9152] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 315.221558][ T9167] netlink: 'syz.2.1128': attribute type 5 has an invalid length. [ 315.221577][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1128'. [ 316.047217][ T9183] program syz.4.1135 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 316.265557][ T9189] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1139'. [ 318.323790][ T9239] netlink: 'syz.2.1162': attribute type 1 has an invalid length. [ 318.323814][ T9239] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1162'. [ 318.323830][ T9239] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1162'. [ 318.532364][ T9246] netlink: 'syz.5.1163': attribute type 5 has an invalid length. [ 318.532387][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1163'. [ 318.835354][ T38] audit: type=1326 audit(1758050328.677:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.864046][ T38] audit: type=1326 audit(1758050328.677:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.880079][ T38] audit: type=1326 audit(1758050328.727:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.880463][ T38] audit: type=1326 audit(1758050328.727:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.881330][ T38] audit: type=1326 audit(1758050328.727:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.881386][ T38] audit: type=1326 audit(1758050328.727:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.881436][ T38] audit: type=1326 audit(1758050328.727:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 318.881486][ T38] audit: type=1326 audit(1758050328.727:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9252 comm="syz.5.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 320.331289][ T9278] netlink: 'syz.5.1177': attribute type 1 has an invalid length. [ 320.331312][ T9278] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1177'. [ 320.331327][ T9278] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1177'. [ 320.426833][ T9282] netlink: 'syz.4.1179': attribute type 5 has an invalid length. [ 320.426854][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1179'. [ 320.642204][ T9287] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 321.508843][ T9302] 9pnet_fd: Insufficient options for proto=fd [ 322.008025][ T9314] netlink: 'syz.1.1191': attribute type 1 has an invalid length. [ 322.008050][ T9314] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1191'. [ 322.008067][ T9314] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1191'. [ 322.359858][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.359936][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.243111][ T9333] 9pnet_fd: Insufficient options for proto=fd [ 323.965360][ T9348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1206'. [ 323.965415][ T9348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1206'. [ 324.033981][ T9348] team0: entered promiscuous mode [ 324.034009][ T9348] team_slave_0: entered promiscuous mode [ 324.034251][ T9348] team_slave_1: entered promiscuous mode [ 324.047840][ T9348] bond0: entered promiscuous mode [ 324.047866][ T9348] : entered promiscuous mode [ 324.048192][ T9348] bond_slave_1: entered promiscuous mode [ 324.101608][ T9348] debugfs: 'hsr1' already exists in 'hsr' [ 324.101637][ T9348] Cannot create hsr debugfs directory [ 324.102572][ T9348] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 325.930470][ T9393] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1222'. [ 325.930506][ T9393] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1222'. [ 325.993865][ T9393] team0: entered promiscuous mode [ 325.993886][ T9393] team_slave_0: entered promiscuous mode [ 325.994106][ T9393] team_slave_1: entered promiscuous mode [ 326.030146][ T9393] bond0: entered promiscuous mode [ 326.030167][ T9393] : entered promiscuous mode [ 326.030388][ T9393] bond_slave_1: entered promiscuous mode [ 326.035744][ T9393] debugfs: 'hsr1' already exists in 'hsr' [ 326.035769][ T9393] Cannot create hsr debugfs directory [ 326.036595][ T9393] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 326.246660][ T9402] overlayfs: overlapping lowerdir path [ 326.868332][ T9416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1230'. [ 326.868428][ T9416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1230'. [ 326.879905][ T9416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1230'. [ 326.879928][ T9416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1230'. [ 327.908690][ T9437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1238'. [ 327.908724][ T9437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1238'. [ 328.171677][ T9442] overlayfs: overlapping lowerdir path [ 330.903584][ T9476] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 335.663030][ T9531] netlink: 'syz.2.1269': attribute type 5 has an invalid length. [ 335.663051][ T9531] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1269'. [ 335.823346][ T5155] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 335.846113][ T5155] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 335.849033][ T5155] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 335.865378][ T5155] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 335.868665][ T5155] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 336.602760][ T9543] netlink: 'syz.5.1272': attribute type 1 has an invalid length. [ 336.602782][ T9543] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1272'. [ 336.602797][ T9543] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1272'. [ 337.187592][ T9553] : renamed from bond_slave_1 (while UP) [ 337.610870][ T9532] chnl_net:caif_netlink_parms(): no params data found [ 337.951379][ T5155] Bluetooth: hci5: command tx timeout [ 338.752381][ T9532] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.752584][ T9532] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.752791][ T9532] bridge_slave_0: entered allmulticast mode [ 338.794696][ T9532] bridge_slave_0: entered promiscuous mode [ 338.806534][ T9532] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.816660][ T9532] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.816908][ T9532] bridge_slave_1: entered allmulticast mode [ 338.840917][ T9532] bridge_slave_1: entered promiscuous mode [ 339.393745][ T9532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 339.432355][ T9532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 339.726565][ T9586] program syz.4.1289 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 340.021447][ T9590] netlink: 'syz.4.1291': attribute type 5 has an invalid length. [ 340.021463][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1291'. [ 340.029818][ T5155] Bluetooth: hci5: command tx timeout [ 340.071382][ T9532] team0: Port device team_slave_0 added [ 340.073939][ T9532] team0: Port device team_slave_1 added [ 340.801973][ T9532] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 340.801991][ T9532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 340.802018][ T9532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 340.804643][ T9532] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 340.804657][ T9532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 340.804685][ T9532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.119372][ T5155] Bluetooth: hci5: command tx timeout [ 342.472287][ T9532] hsr_slave_0: entered promiscuous mode [ 342.475516][ T9532] hsr_slave_1: entered promiscuous mode [ 342.476554][ T9532] debugfs: 'hsr0' already exists in 'hsr' [ 342.476577][ T9532] Cannot create hsr debugfs directory [ 344.190409][ T5155] Bluetooth: hci5: command tx timeout [ 344.865854][ T9532] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 345.024111][ T9532] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 345.123139][ T9532] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 345.290538][ T9532] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 345.946015][ T9532] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.073283][ T9532] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.154468][ T8189] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.154625][ T8189] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.158275][ T8189] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.158413][ T8189] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.314260][ T9670] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1318'. [ 346.314302][ T9670] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1318'. [ 346.726373][ T9680] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1323'. [ 347.758784][ T9532] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 348.834273][ T9732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1338'. [ 348.834726][ T9732] 8021q: VLANs not supported on gre0 [ 349.097655][ T9739] program syz.1.1341 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 349.375487][ T9532] veth0_vlan: entered promiscuous mode [ 349.389952][ T9532] veth1_vlan: entered promiscuous mode [ 349.520747][ T9532] veth0_macvtap: entered promiscuous mode [ 349.571177][ T9532] veth1_macvtap: entered promiscuous mode [ 349.644593][ T9532] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.813537][ T9532] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.018410][ T9753] erspan0: entered promiscuous mode [ 350.027190][ T9753] macvlan2: entered promiscuous mode [ 350.068711][ T9753] team0: Port device macvlan2 added [ 350.127382][ T8185] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.141791][ T8185] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.142412][ T8185] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.143011][ T8185] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.468497][ T8204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.468518][ T8204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.793469][ T8189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.793486][ T8189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.304239][ T9774] program syz.1.1353 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 354.010796][ T9809] program syz.5.1367 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 354.048947][ T9807] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1366'. [ 354.630893][ T9814] netlink: 'syz.2.1369': attribute type 5 has an invalid length. [ 354.630915][ T9814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1369'. [ 357.818142][ T9894] program syz.6.1404 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 358.357926][ T9913] netlink: 'syz.1.1412': attribute type 5 has an invalid length. [ 358.357947][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1412'. [ 359.419263][ T9947] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1427'. [ 359.419296][ T9947] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1427'. [ 360.622022][ T9977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1440'. [ 360.622058][ T9977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1440'. [ 361.440752][ T9996] netfs: Couldn't get user pages (rc=-14) [ 361.726311][T10006] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1452'. [ 361.726337][T10006] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1452'. [ 364.607889][T10059] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1474'. [ 364.607920][T10059] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1474'. [ 365.073602][T10072] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1478'. [ 365.073637][T10072] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1478'. [ 365.087557][T10072] team0: entered promiscuous mode [ 365.087604][T10072] team_slave_0: entered promiscuous mode [ 365.087901][T10072] team_slave_1: entered promiscuous mode [ 365.113152][T10072] bond0: entered promiscuous mode [ 365.113180][T10072] bond_slave_0: entered promiscuous mode [ 365.113434][T10072] bond_slave_1: entered promiscuous mode [ 365.121042][T10072] debugfs: 'hsr1' already exists in 'hsr' [ 365.121074][T10072] Cannot create hsr debugfs directory [ 365.132721][T10072] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 365.264485][T10078] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1481'. [ 365.500146][ T38] audit: type=1326 audit(1758050375.337:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10082 comm="syz.6.1484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7b1f2eba9 code=0x0 [ 367.626923][T10137] Invalid ELF header magic: != ELF [ 367.809742][ T38] audit: type=1326 audit(1758050377.657:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10142 comm="syz.1.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d236eba9 code=0x7ffc0000 [ 367.812532][ T38] audit: type=1326 audit(1758050377.657:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10142 comm="syz.1.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d236eba9 code=0x7ffc0000 [ 367.817864][ T38] audit: type=1326 audit(1758050377.657:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10142 comm="syz.1.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f37d236eba9 code=0x7ffc0000 [ 367.818582][ T38] audit: type=1326 audit(1758050377.657:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10142 comm="syz.1.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d236eba9 code=0x7ffc0000 [ 367.818826][ T38] audit: type=1326 audit(1758050377.657:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10142 comm="syz.1.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d236eba9 code=0x7ffc0000 [ 369.352505][T10184] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1524'. [ 369.352540][T10184] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1524'. [ 370.185613][T10199] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1528'. [ 372.759794][T10255] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1553'. [ 372.759867][T10255] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1553'. [ 374.240338][T10295] mmap: syz.5.1567 (10295) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 374.837402][T10307] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1569'. [ 375.935472][T10302] bond0 (unregistering): left promiscuous mode [ 375.935499][T10302] : left promiscuous mode [ 375.935970][T10302] : left promiscuous mode [ 375.993540][T10302] bond0 (unregistering): (slave 30): Releasing backup interface [ 376.112928][T10302] bond0 (unregistering): (slave ): Releasing backup interface [ 376.156582][T10302] bond0 (unregistering): Released all slaves [ 378.012684][T10364] vlan3: entered promiscuous mode [ 378.012708][T10364] dummy0: entered promiscuous mode [ 378.016281][T10364] team0: Port device vlan3 added [ 381.121157][T10406] vlan0: entered promiscuous mode [ 383.794938][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.795036][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.026087][T10483] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1635'. [ 387.680650][T10579] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1673'. [ 387.743741][T10582] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1673'. [ 387.834236][T10586] loop7: detected capacity change from 0 to 7 [ 387.879688][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.879818][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.881596][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.881626][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.884596][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.884625][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.897358][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.897395][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.897962][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.897996][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.905464][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.905500][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.905844][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.905876][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.906008][T10586] ldm_validate_partition_table(): Disk read failed. [ 387.906484][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.906516][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.906910][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.906942][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.907232][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.907263][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 387.907669][T10586] Dev loop7: unable to read RDB block 0 [ 387.910057][T10586] loop7: unable to read partition table [ 387.910316][T10586] loop7: partition table beyond EOD, truncated [ 387.910376][T10586] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 387.997126][ T7272] ldm_validate_partition_table(): Disk read failed. [ 388.000455][ T7272] Dev loop7: unable to read RDB block 0 [ 388.008489][ T7272] loop7: unable to read partition table [ 388.008784][ T7272] loop7: partition table beyond EOD, truncated [ 388.417458][T10595] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 388.653700][T10600] netlink: 'syz.2.1680': attribute type 5 has an invalid length. [ 388.653721][T10600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1680'. [ 399.182428][T10666] fuse: Bad value for 'fd' [ 400.118943][T10672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1702'. [ 400.122066][T10672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1702'. [ 400.312157][T10674] netlink: 'syz.1.1704': attribute type 5 has an invalid length. [ 400.312198][T10674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1704'. [ 406.534128][T10835] fuse: Bad value for 'fd' [ 406.708613][T10841] blktrace: Concurrent blktraces are not allowed on loop8 [ 407.144608][T10855] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 407.512233][T10863] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 409.370945][T10902] 9pnet_fd: Insufficient options for proto=fd [ 412.449412][T10957] netlink: 'syz.1.1818': attribute type 5 has an invalid length. [ 412.449433][T10957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1818'. [ 413.938495][ T38] audit: type=1326 audit(1758050423.777:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 413.939128][ T38] audit: type=1326 audit(1758050423.777:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 413.991308][ T38] audit: type=1326 audit(1758050423.837:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 413.992787][ T38] audit: type=1326 audit(1758050423.837:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 413.994720][ T38] audit: type=1326 audit(1758050423.837:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 413.998079][ T38] audit: type=1326 audit(1758050423.837:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 414.052711][ T38] audit: type=1326 audit(1758050423.837:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 414.117319][ T38] audit: type=1326 audit(1758050423.957:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 414.125155][ T38] audit: type=1326 audit(1758050423.967:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz.4.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 414.515925][ T38] audit: type=1800 audit(1758050424.357:72): pid=10992 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1831" name="file1" dev="overlay" ino=1945 res=0 errno=0 [ 416.238402][T11037] netlink: 'syz.2.1847': attribute type 5 has an invalid length. [ 416.238422][T11037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1847'. [ 417.657570][T11069] netlink: 'syz.5.1861': attribute type 5 has an invalid length. [ 417.657592][T11069] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1861'. [ 422.344963][ T31] kernel write not supported for file bpf-prog (pid: 31 comm: kworker/1:0) [ 422.690874][T11234] netlink: 'syz.4.1924': attribute type 6 has an invalid length. [ 422.690895][T11234] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1924'. [ 423.499373][T11253] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1930'. [ 424.045529][T11262] fuse: Bad value for 'user_id' [ 424.045549][T11262] fuse: Bad value for 'user_id' [ 424.089664][T11267] fuse: Bad value for 'fd' [ 424.166881][T11270] netlink: 'syz.6.1940': attribute type 4 has an invalid length. [ 424.190390][T11270] netlink: 'syz.6.1940': attribute type 4 has an invalid length. [ 425.547090][T11305] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1952'. [ 425.585837][T11305] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1952'. [ 426.189500][T11319] fuse: Bad value for 'fd' [ 427.220327][T11341] fuse: Bad value for 'fd' [ 428.244820][T11372] netlink: 'syz.6.1983': attribute type 5 has an invalid length. [ 428.244841][T11372] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1983'. [ 429.693050][ T38] audit: type=1326 audit(1758050439.527:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.693556][ T38] audit: type=1326 audit(1758050439.537:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.696950][ T38] audit: type=1326 audit(1758050439.537:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.697243][ T38] audit: type=1326 audit(1758050439.537:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.697968][ T38] audit: type=1326 audit(1758050439.537:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.811779][ T38] audit: type=1326 audit(1758050439.537:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 429.812063][ T38] audit: type=1326 audit(1758050439.657:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11409 comm="syz.4.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7c34eba9 code=0x7ffc0000 [ 430.697546][ T31] kernel write not supported for file bpf-prog (pid: 31 comm: kworker/1:0) [ 431.072520][T11445] fuse: Bad value for 'fd' [ 432.373049][T11481] blktrace: Concurrent blktraces are not allowed on loop10 [ 433.114642][T11501] fuse: Bad value for 'fd' [ 433.533376][T11514] blktrace: Concurrent blktraces are not allowed on loop8 [ 434.914803][T11547] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2051'. [ 435.625050][T11553] 9pnet_fd: Insufficient options for proto=fd [ 435.905987][ T38] audit: type=1326 audit(1758050445.747:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11557 comm="syz.4.2056" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efe7c34eba9 code=0x0 [ 436.008971][T11563] 9pnet_fd: Insufficient options for proto=fd [ 436.818108][T11590] fuse: Bad value for 'fd' [ 437.197787][T11599] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2071'. [ 438.598741][T11636] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2085'. [ 439.276350][T11655] blktrace: Concurrent blktraces are not allowed on loop10 [ 442.517786][T11746] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2122'. [ 443.155771][T11772] fuse: Bad value for 'fd' [ 443.518470][T11780] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2137'. [ 444.293820][T11799] netlink: 'syz.5.2145': attribute type 5 has an invalid length. [ 444.293842][T11799] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2145'. [ 445.053257][T11824] fuse: Bad value for 'fd' [ 445.236130][ T1323] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.236245][ T1323] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.529058][T11839] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2164'. [ 445.938019][T11854] netlink: 'syz.4.2169': attribute type 16 has an invalid length. [ 446.206392][T11860] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2174'. [ 447.171138][ T5926] kernel write not supported for file bpf-prog (pid: 5926 comm: kworker/0:6) [ 447.595549][T11904] fuse: Bad value for 'group_id' [ 447.595567][T11904] fuse: Bad value for 'group_id' [ 447.613416][T11906] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2191'. [ 447.657366][T11904] netlink: 47 bytes leftover after parsing attributes in process `syz.1.2193'. [ 447.657390][T11904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2193'. [ 449.290249][T11917] netlink: 'syz.2.2198': attribute type 5 has an invalid length. [ 449.290268][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2198'. [ 451.002102][T11939] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2206'. [ 452.727118][T11972] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2218'. [ 455.267667][ T5898] kernel write not supported for file bpf-prog (pid: 5898 comm: kworker/0:3) [ 455.721288][T12040] fuse: Unknown parameter 'grou00000000000000000000' [ 456.586094][T12066] fuse: Unknown parameter 'grou00000000000000000000' [ 456.816043][T12070] fuse: Bad value for 'fd' [ 456.965971][T12080] fuse: Unknown parameter 'grou00000000000000000000' [ 457.599996][T12097] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2264'. [ 457.987875][T12107] fuse: Unknown parameter 'grou00000000000000000000' [ 458.015300][T12106] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2267'. [ 458.015331][T12106] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2267'. [ 458.650247][T12131] fuse: Bad value for 'fd' [ 458.844049][T12142] fuse: Unknown parameter 'group_i00000000000000000000' [ 459.713890][T12172] fuse: Unknown parameter 'group_i00000000000000000000' [ 460.217785][T12190] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2305'. [ 461.893082][T12234] fuse: Unknown parameter 'user_id00000000000000000000' [ 462.058058][ T38] audit: type=1326 audit(1758050471.897:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12238 comm="syz.1.2322" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f37d236eba9 code=0x0 [ 462.669567][ T5155] Bluetooth: hci5: command 0x0406 tx timeout [ 463.499534][T12290] netlink: 'syz.2.2343': attribute type 13 has an invalid length. [ 463.499555][T12290] netlink: 'syz.2.2343': attribute type 27 has an invalid length. [ 463.555632][T12291] 9pnet_fd: Insufficient options for proto=fd [ 463.680319][T12294] fuse: Unknown parameter 'user_id00000000000000000000' [ 463.688794][T12294] 9pnet_fd: Insufficient options for proto=fd [ 463.763404][T12299] all: renamed from bridge_slave_0 (while UP) [ 464.180090][T12314] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2351'. [ 464.405669][ T38] audit: type=1326 audit(1758050730.241:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.434292][ T38] audit: type=1326 audit(1758050730.271:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.453563][T12321] 9pnet_fd: Insufficient options for proto=fd [ 464.476932][ T38] audit: type=1326 audit(1758050730.311:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.476985][ T38] audit: type=1326 audit(1758050730.311:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.484042][ T38] audit: type=1326 audit(1758050730.311:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.487471][ T38] audit: type=1326 audit(1758050730.321:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.495120][ T38] audit: type=1326 audit(1758050730.331:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.495862][ T38] audit: type=1326 audit(1758050730.331:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12320 comm="syz.5.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e821deba9 code=0x7ffc0000 [ 464.779874][T12329] fuse: Bad value for 'fd' [ 464.810120][T12331] blktrace: Concurrent blktraces are not allowed on loop8 [ 464.827447][T12332] ======================================================= [ 464.827447][T12332] WARNING: The mand mount option has been deprecated and [ 464.827447][T12332] and is ignored by this kernel. Remove the mand [ 464.827447][T12332] option from the mount to silence this warning. [ 464.827447][T12332] ======================================================= [ 465.464714][T12351] overlayfs: statfs failed on './file0' [ 466.373187][T12385] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2383'. [ 466.374095][T12385] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2383'. [ 466.609344][T12394] overlayfs: statfs failed on './file0' [ 467.110141][T12416] fuse: Bad value for 'fd' [ 467.878447][T12446] Invalid ELF header magic: != ELF [ 468.352639][T12467] blktrace: Concurrent blktraces are not allowed on loop8 [ 468.983035][T12474] fuse: Unknown parameter 'group_i00000000000000000000' [ 470.048441][T12506] blktrace: Concurrent blktraces are not allowed on loop8 [ 470.856678][T12536] overlayfs: failed to clone upperpath [ 471.847394][T12572] fuse: Bad value for 'fd' [ 473.654016][T12613] overlayfs: failed to clone lowerpath [ 473.785524][T12614] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2471'. [ 477.385947][T12719] overlayfs: failed to clone upperpath [ 477.519626][T12722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2507'. [ 478.509516][ T39] INFO: task syz.3.1161:9240 blocked for more than 143 seconds. [ 478.509542][ T39] Not tainted syzkaller #0 [ 478.509553][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 478.509566][ T39] task:syz.3.1161 state:D stack:29224 pid:9240 tgid:9236 ppid:5838 task_flags:0x400040 flags:0x00004004 [ 478.509738][ T39] Call Trace: [ 478.509745][ T39] [ 478.509757][ T39] __schedule+0x16f3/0x4c20 [ 478.509816][ T39] ? __pfx___schedule+0x10/0x10 [ 478.509852][ T39] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 478.509888][ T39] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 478.509924][ T39] rt_mutex_schedule+0x77/0xf0 [ 478.509944][ T39] rwbase_write_lock+0x3dd/0x750 [ 478.509963][ T39] ? rwbase_write_lock+0x20e/0x750 [ 478.509992][ T39] vfs_utimes+0x396/0x580 [ 478.510018][ T39] ? __pfx_vfs_utimes+0x10/0x10 [ 478.510047][ T39] ? kmem_cache_free+0x195/0x510 [ 478.510083][ T39] do_utimes+0x1bd/0x2a0 [ 478.510104][ T39] ? __pfx_do_utimes+0x10/0x10 [ 478.510132][ T39] __x64_sys_utime+0x13e/0x200 [ 478.510152][ T39] ? exc_page_fault+0x76/0xf0 [ 478.510178][ T39] ? __pfx___x64_sys_utime+0x10/0x10 [ 478.510199][ T39] ? do_user_addr_fault+0xc8a/0x1390 [ 478.510227][ T39] ? do_syscall_64+0xbe/0x3b0 [ 478.510249][ T39] do_syscall_64+0xfa/0x3b0 [ 478.510265][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 478.510293][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.510311][ T39] ? clear_bhb_loop+0x60/0xb0 [ 478.510334][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.510356][ T39] RIP: 0033:0x7faf44edeba9 [ 478.510372][ T39] RSP: 002b:00007faf43125038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 478.510391][ T39] RAX: ffffffffffffffda RBX: 00007faf45126090 RCX: 00007faf44edeba9 [ 478.510405][ T39] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 478.510417][ T39] RBP: 00007faf44f61e19 R08: 0000000000000000 R09: 0000000000000000 [ 478.510417][ T39] RBP: 00007faf44f61e19 R08: 0000000000000000 R09: 0000000000000000 [ 478.510428][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 478.510439][ T39] R13: 00007faf45126128 R14: 00007faf45126090 R15: 00007ffc5446a748 [ 478.510469][ T39] [ 478.510491][ T39] [ 478.510491][ T39] Showing all locks held in the system: [ 478.510500][ T39] 1 lock held by khungtaskd/39: [ 478.510510][ T39] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 478.510577][ T39] 2 locks held by getty/5591: [ 478.510587][ T39] #0: ffff88823bf6a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 478.510638][ T39] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 478.510690][ T39] 4 locks held by kworker/0:5/5925: [ 478.511913][ T39] 2 locks held by kworker/u8:21/8174: [ 478.511928][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 478.511981][ T39] #1: ffffc900048d7bc0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 478.512030][ T39] 5 locks held by kworker/u8:29/8185: [ 478.512042][ T39] 2 locks held by kworker/u8:50/8207: [ 478.512052][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 478.512100][ T39] #1: ffffc90003b07bc0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 478.512148][ T39] 2 locks held by syz.3.1161/9237: [ 478.512158][ T39] #0: ffff8880359d4488 (sb_writers#16){.+.+}-{0:0}, at: vfs_writev+0x28e/0x970 [ 478.512215][ T39] #1: ffff88805c651600 (&sb->s_type->i_mutex_key#24){++++}-{4:4}, at: netfs_start_io_direct+0x1ef/0x230 [ 478.512271][ T39] 2 locks held by syz.3.1161/9240: [ 478.512282][ T39] #0: ffff8880359d4488 (sb_writers#16){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 478.512329][ T39] #1: ffff88805c651600 (&sb->s_type->i_mutex_key#24){++++}-{4:4}, at: vfs_utimes+0x396/0x580 [ 478.512376][ T39] 1 lock held by syz.2.2507/12717: [ 478.512387][ T39] 2 locks held by modprobe/12752: [ 478.512398][ T39] 6 locks held by modprobe/12754: [ 478.512409][ T39] [ 478.512414][ T39] ============================================= [ 478.512414][ T39] [ 478.512429][ T39] NMI backtrace for cpu 1 [ 478.512452][ T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 478.512472][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 478.512486][ T39] Call Trace: [ 478.512492][ T39] [ 478.512500][ T39] dump_stack_lvl+0x189/0x250 [ 478.512530][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 478.512558][ T39] ? __pfx__printk+0x10/0x10 [ 478.512589][ T39] nmi_cpu_backtrace+0x39e/0x3d0 [ 478.512617][ T39] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 478.512643][ T39] ? __pfx__printk+0x10/0x10 [ 478.512667][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 478.512693][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 478.512720][ T39] watchdog+0xf93/0xfe0 [ 478.512749][ T39] ? watchdog+0x1de/0xfe0 [ 478.512779][ T39] kthread+0x70e/0x8a0 [ 478.512810][ T39] ? __pfx_watchdog+0x10/0x10 [ 478.512833][ T39] ? __pfx_kthread+0x10/0x10 [ 478.512871][ T39] ? __pfx_kthread+0x10/0x10 [ 478.512900][ T39] ret_from_fork+0x439/0x7d0 [ 478.512927][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 478.512957][ T39] ? __switch_to_asm+0x39/0x70 [ 478.512973][ T39] ? __switch_to_asm+0x33/0x70 [ 478.512989][ T39] ? __pfx_kthread+0x10/0x10 [ 478.513018][ T39] ret_from_fork_asm+0x1a/0x30 [ 478.513051][ T39] [ 478.513071][ T39] Sending NMI from CPU 1 to CPUs 0: [ 478.513098][ C0] NMI backtrace for cpu 0 [ 478.513110][ C0] CPU: 0 UID: 0 PID: 12717 Comm: syz.2.2507 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 478.513127][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 478.513136][ C0] RIP: 0010:page_counter_cancel+0x9f/0x110 [ 478.513156][ C0] Code: 3c 20 00 74 08 48 89 df e8 6e 6c fd ff 48 c7 03 00 00 00 00 45 31 f6 4c 8d bb 80 00 00 00 4c 89 f8 48 c1 e8 03 42 0f b6 04 20 <84> c0 75 55 41 80 3f 00 74 14 e8 92 30 9e ff 48 89 df 4c 89 f6 5b [ 478.513168][ C0] RSP: 0018:ffffc90023126fc0 EFLAGS: 00000a02 [ 478.513181][ C0] RAX: 0000000000000000 RBX: ffff88805cc20980 RCX: 0000000000080000 [ 478.513192][ C0] RDX: ffffc9000d1a1000 RSI: 000000000007ffff RDI: 0000000000080000 [ 478.513202][ C0] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 478.513211][ C0] R10: dffffc0000000000 R11: ffffed100b984131 R12: dffffc0000000000 [ 478.513223][ C0] R13: ffffea0001c5c7b8 R14: 0000000000003fd9 R15: ffff88805cc20a00 [ 478.513234][ C0] FS: 00007f99daf4e6c0(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000 [ 478.513247][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 478.513257][ C0] CR2: 00005555575ee808 CR3: 000000006e0e8000 CR4: 00000000003526f0 [ 478.513271][ C0] DR0: 0000000000000006 DR1: 0000000000000055 DR2: 0000000000000005 [ 478.513280][ C0] DR3: 0000000000000001 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 478.513289][ C0] Call Trace: [ 478.513294][ C0] [ 478.513301][ C0] page_counter_uncharge+0x2e/0x80 [ 478.513320][ C0] __memcg_kmem_uncharge_page+0xa6/0x170 [ 478.513340][ C0] __free_frozen_pages+0x1bc/0xce0 [ 478.513368][ C0] ? __pfx___free_frozen_pages+0x10/0x10 [ 478.513392][ C0] ? mod_memcg_page_state+0x28/0x5c0 [ 478.513416][ C0] ? ___free_pages+0xb2/0x200 [ 478.513432][ C0] vfree+0x2ad/0x470 [ 478.513455][ C0] nf_tables_newset+0x1f20/0x2530 [ 478.513477][ C0] ? __pfx_nf_tables_newset+0x10/0x10 [ 478.513502][ C0] ? __nla_parse+0x40/0x60 [ 478.513519][ C0] nfnetlink_rcv+0x1136/0x2530 [ 478.513553][ C0] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 478.513579][ C0] ? ref_tracker_free+0x61e/0x7c0 [ 478.513622][ C0] ? __netlink_deliver_tap+0x807/0x850 [ 478.513643][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 478.513673][ C0] netlink_unicast+0x843/0xa10 [ 478.513696][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 478.513720][ C0] ? netlink_sendmsg+0x642/0xb30 [ 478.513740][ C0] ? skb_put+0x11b/0x210 [ 478.513765][ C0] netlink_sendmsg+0x805/0xb30 [ 478.513791][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 478.513817][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 478.513833][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 478.513855][ C0] __sock_sendmsg+0x219/0x270 [ 478.513876][ C0] ____sys_sendmsg+0x508/0x820 [ 478.513893][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 478.513912][ C0] ? import_iovec+0x74/0xa0 [ 478.513933][ C0] ___sys_sendmsg+0x21f/0x2a0 [ 478.513949][ C0] ? __pfx____sys_sendmsg+0x10/0x10 [ 478.513981][ C0] ? __fget_files+0x2a/0x420 [ 478.514003][ C0] ? __fget_files+0x3a6/0x420 [ 478.514030][ C0] __x64_sys_sendmsg+0x1a1/0x260 [ 478.514046][ C0] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 478.514066][ C0] ? rcu_is_watching+0x15/0xb0 [ 478.514093][ C0] ? do_syscall_64+0xbe/0x3b0 [ 478.514109][ C0] do_syscall_64+0xfa/0x3b0 [ 478.514122][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 478.514144][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.514160][ C0] ? clear_bhb_loop+0x60/0xb0 [ 478.514178][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.514192][ C0] RIP: 0033:0x7f99dcceeba9 [ 478.514205][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.514217][ C0] RSP: 002b:00007f99daf4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 478.514231][ C0] RAX: ffffffffffffffda RBX: 00007f99dcf35fa0 RCX: 00007f99dcceeba9 [ 478.514243][ C0] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 478.514252][ C0] RBP: 00007f99dcd71e19 R08: 0000000000000000 R09: 0000000000000000 [ 478.514261][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 478.514270][ C0] R13: 00007f99dcf36038 R14: 00007f99dcf35fa0 R15: 00007ffdf396a658 [ 478.514289][ C0] [ 478.715517][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 478.715538][ T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 478.715560][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 478.715571][ T39] Call Trace: [ 478.715579][ T39] [ 478.715595][ T39] dump_stack_lvl+0x99/0x250 [ 478.715646][ T39] ? __asan_memcpy+0x40/0x70 [ 478.715678][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 478.715708][ T39] ? __pfx__printk+0x10/0x10 [ 478.715743][ T39] vpanic+0x281/0x750 [ 478.715775][ T39] ? __pfx_vpanic+0x10/0x10 [ 478.715802][ T39] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 478.715830][ T39] ? preempt_schedule+0xae/0xc0 [ 478.715862][ T39] ? preempt_schedule_common+0x83/0xd0 [ 478.715897][ T39] panic+0xb9/0xc0 [ 478.715925][ T39] ? __pfx_panic+0x10/0x10 [ 478.715956][ T39] ? preempt_schedule_thunk+0x16/0x30 [ 478.715986][ T39] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 478.716015][ T39] watchdog+0xfd2/0xfe0 [ 478.716047][ T39] ? watchdog+0x1de/0xfe0 [ 478.716079][ T39] kthread+0x70e/0x8a0 [ 478.716119][ T39] ? __pfx_watchdog+0x10/0x10 [ 478.716143][ T39] ? __pfx_kthread+0x10/0x10 [ 478.716179][ T39] ? __pfx_kthread+0x10/0x10 [ 478.716210][ T39] ret_from_fork+0x439/0x7d0 [ 478.716239][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 478.716271][ T39] ? __switch_to_asm+0x39/0x70 [ 478.716289][ T39] ? __switch_to_asm+0x33/0x70 [ 478.716307][ T39] ? __pfx_kthread+0x10/0x10 [ 478.716338][ T39] ret_from_fork_asm+0x1a/0x30 [ 478.716374][ T39] [ 478.716718][ T39] Kernel Offset: disabled