last executing test programs: 3.821761358s ago: executing program 3 (id=6465): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x17, 0x0, 0x6, 0x59c, 0x2001, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x50) 3.314973216s ago: executing program 2 (id=6476): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) sendto$inet6(r0, 0x0, 0x48, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0xf5, @remote}, 0x1c) 3.229043427s ago: executing program 2 (id=6478): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x9, @loopback}, 0x1c) listen(r2, 0x4) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8) sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000001c0)={0x0, 0x7, 0x200}, 0x8) 2.819412997s ago: executing program 3 (id=6481): r0 = socket$netlink(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) 2.560615618s ago: executing program 4 (id=6485): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x10, 0xffffffffffffffff, 0x75b8000) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000001080)={0x7, 0xfff, 0x3, 0x50d, 0xfffffffb}) setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f00000000c0)={@remote, @private=0xa010102, @remote}, 0xc) sendmsg$nl_route(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6"], 0x58}}, 0x0) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) 2.479946873s ago: executing program 3 (id=6486): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x18) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0) write(r0, &(0x7f0000000240)="94", 0x1) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0) write(r1, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01) r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_elf32(r5, &(0x7f00000008c0)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x7, 0x2, 0x3, 0x3, 0x309, 0x38, 0xfffffffc, 0xe, 0x0, 0x20, 0x1, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x4, 0x200004, 0xc, 0x400}]}, 0x58) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r6}, 0x18) close(r5) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x4000084) setreuid(0x0, 0xee00) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r4]) 2.372389767s ago: executing program 0 (id=6487): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x80) 2.27534644s ago: executing program 0 (id=6488): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x8) sendto$inet6(r0, 0x0, 0x48, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0xf5, @remote}, 0x1c) 2.206776603s ago: executing program 2 (id=6489): memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, 0x0, 0x0) r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x80, 0x14, 0x150}, &(0x7f0000000140)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x110, 0x2d, 0x0, 0x0) 2.00220734s ago: executing program 4 (id=6491): creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0x40000022) acct(&(0x7f0000000480)='./file0\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]}) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4) r1 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000400000000000000010000"], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x40, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xe, 0x1}, {0x0, 0x3}}}, 0x24}}, 0x800) 1.959149799s ago: executing program 0 (id=6492): syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000) sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000002c40)=ANY=[], 0x40c}, 0x1, 0x0, 0x0, 0x90}, 0x8000) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000240)=@ccm_128={{0x303}, "3c62b8c283856312", "5ed8002558e2bb7174371336dad9ecbd", "868e5b1b", "4c5293d719408a98"}, 0x28) syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r1) 1.867746291s ago: executing program 2 (id=6493): ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f0000000340)='./file0\x00', 0xa1) r1 = dup2(r0, r0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa9a, 0x76c4, 0x7, 0x7}) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) 1.606412896s ago: executing program 1 (id=6494): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x82, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x61, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x2f, 0x9, @dev={0xac, 0x14, 0x14, 0x10}, @remote, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@rand_addr=0x86dd}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}}, {@rand_addr, 0x4f}, {@multicast2}, {@loopback}, {@local, 0x4}, {@multicast1}]}]}}}}}}}, 0x0) 1.590491392s ago: executing program 4 (id=6495): socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0) 1.419919147s ago: executing program 2 (id=6496): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000efffffff850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) truncate(0x0, 0x8fff5) 1.419618488s ago: executing program 1 (id=6497): bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x9}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc}, 0x40004) sendmsg$NFT_BATCH(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100", @ANYRES8], 0x54}, 0x1, 0x0, 0x0, 0x24068045}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}, 0x1, 0x0, 0x0, 0x20000050}, 0x0) 1.367939507s ago: executing program 4 (id=6498): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x80) 1.325516117s ago: executing program 3 (id=6499): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x1400000, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0) 1.186625009s ago: executing program 2 (id=6500): r0 = socket(0x10, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38) write$binfmt_script(r1, &(0x7f0000000380)={'#! ', './file0/file0'}, 0x11) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028000000", @ANYRES32, @ANYBLOB="000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001540), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="9c020000", @ANYRES16=r6, @ANYBLOB="010025bd7000fbdbdf250f"], 0x29c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4080) close_range(r0, r1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000100)={0x40, 0x8, '\x00', 0x1, &(0x7f00000000c0)=[0x0]}) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r7, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1.186192473s ago: executing program 0 (id=6501): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_io_uring_setup(0x517, &(0x7f0000000100)={0x0, 0x15d2, 0x0, 0x2000000, 0x100003a6}, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x18}, 0x0, 0x48004, 0x1}) io_uring_enter(r4, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) close_range(r2, r3, 0x0) 1.162052123s ago: executing program 1 (id=6502): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x8) sendto$inet6(r0, 0x0, 0x48, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0xf5, @remote}, 0x1c) 1.150128433s ago: executing program 4 (id=6503): memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, 0x0, 0x0) r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x80, 0x14, 0x150}, &(0x7f0000000140)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x110, 0x2d, 0x0, 0x0) 975.073815ms ago: executing program 1 (id=6504): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@newtfilter={0x40, 0x2c, 0xd2b, 0x800, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x9}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x8}}]}}]}, 0x40}}, 0x20000000) 871.932336ms ago: executing program 0 (id=6505): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {0x0, r2}}, 0x18) 529.283552ms ago: executing program 4 (id=6506): syz_clone(0x104000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) exit(0xffff) memfd_secret(0x80000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket(0x10, 0x803, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001b40)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4}]}}]}}]}, 0x54}}, 0x24040084) 408.896931ms ago: executing program 0 (id=6507): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x24, &(0x7f0000000200)=ANY=[], 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) ioctl$EVIOCRMFF(r0, 0xc0085508, &(0x7f00000000c0)=0x18) 348.110255ms ago: executing program 3 (id=6508): socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="90000000100003050000", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0) 246.342222ms ago: executing program 1 (id=6509): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00"/13], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000640)=ANY=[@ANYBLOB="20010000", @ANYRES16=r2, @ANYBLOB="010000fc00000000000001000000d4000880d0000080a80009801c000080060001000200000008000200ac1414aa05000300020000001c0000800600010002000000080002007f0000f804000300030000001c0000800600010002000000080002000a010102050003000300000028000080060001000a00000014000200fc010000000000000000000000000000050003000300000028000080060001000a0000001400020000000000000000000000000000000001ceff0300000000002400010000000000000008000000000000000000000000000000000000000000000000000800050001000000140002007767310000000000000000000000000008000700ff00000014000200776732"], 0x120}, 0x1, 0x0, 0x0, 0x4084}, 0x240080c0) 125.04791ms ago: executing program 3 (id=6510): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d40)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {}, {0x10, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084) 0s ago: executing program 1 (id=6511): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8) kernel console output (not intermixed with test programs): gistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2320.644665][T28404] syzkaller0: entered promiscuous mode [ 2320.662198][T28404] syzkaller0: entered allmulticast mode [ 2320.772757][T16692] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2320.801234][T28412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4723'. [ 2320.934165][T28417] KVM: debugfs: duplicate directory 28417-10 [ 2320.980797][T27745] tipc: Resetting bearer [ 2321.197911][T16692] bond0: (slave ): Releasing backup interface [ 2321.217416][T16692] netdevsim netdevsim1  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2321.614772][T28393] chnl_net:caif_netlink_parms(): no params data found [ 2321.689033][T27331] Bluetooth: hci3: command tx timeout [ 2322.659087][T28467] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4734'. [ 2322.758634][T16692] bond1 (unregistering): (slave gretap1): Releasing active interface [ 2322.916913][T16692] dvmrp8 (unregistering): left allmulticast mode [ 2323.045314][T28472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4743'. [ 2323.056342][T28472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4743'. [ 2323.534221][T28484] netlink: 'syz.0.4749': attribute type 15 has an invalid length. [ 2323.645106][T16692] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2323.667171][T16692] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2323.683987][T16692] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 2323.745477][T16692] bond0 (unregistering): (slave bond2): Releasing backup interface [ 2323.759172][T27331] Bluetooth: hci3: command tx timeout [ 2323.797404][T16692] bond0 (unregistering): (slave bond3): Releasing backup interface [ 2323.850679][T16692] bond0 (unregistering): (slave bond4): Releasing backup interface [ 2323.879601][T16692] bond0 (unregistering): Released all slaves [ 2323.932053][T16692] bond1 (unregistering): Released all slaves [ 2324.131718][T24067] usb 1-1: new full-speed USB device number 66 using dummy_hcd [ 2324.153534][T16692] bond2 (unregistering): Released all slaves [ 2324.251261][T16692] bond3 (unregistering): Released all slaves [ 2324.299838][T24067] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 2324.314891][T24067] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 2324.324081][T24067] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2324.332143][T24067] usb 1-1: Product: syz [ 2324.336337][T24067] usb 1-1: Manufacturer: syz [ 2324.341160][T24067] usb 1-1: SerialNumber: syz [ 2324.350046][T24067] usb 1-1: config 0 descriptor?? [ 2324.362326][T24067] hub 1-1:0.0: bad descriptor, ignoring hub [ 2324.368307][T24067] hub 1-1:0.0: probe with driver hub failed with error -5 [ 2324.382840][T24067] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input387 [ 2324.394222][T16692] bond4 (unregistering): Released all slaves [ 2324.633766][T16692] : left promiscuous mode [ 2324.693588][T28393] bridge0: port 1(bridge_slave_0) entered blocking state [ 2324.701306][T28393] bridge0: port 1(bridge_slave_0) entered disabled state [ 2324.708548][T28393] bridge_slave_0: entered allmulticast mode [ 2324.716253][T28393] bridge_slave_0: entered promiscuous mode [ 2324.732697][T16692] tipc: Disabling bearer [ 2324.738258][T16692] tipc: Disabling bearer [ 2324.778642][T28393] bridge0: port 2(bridge_slave_1) entered blocking state [ 2324.785971][T16692] tipc: Left network mode [ 2324.799527][T28393] bridge0: port 2(bridge_slave_1) entered disabled state [ 2324.806901][T28393] bridge_slave_1: entered allmulticast mode [ 2324.841008][T28393] bridge_slave_1: entered promiscuous mode [ 2324.980419][T28393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2325.042079][T28393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2325.736627][T28393] team0: Port device team_slave_0 added [ 2325.787783][T28393] team0: Port device team_slave_1 added [ 2325.839417][T27331] Bluetooth: hci3: command tx timeout [ 2325.870842][T28552] netlink: 'syz.2.4767': attribute type 1 has an invalid length. [ 2325.878647][T28552] netlink: 'syz.2.4767': attribute type 2 has an invalid length. [ 2326.227112][T28393] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2326.265456][T28393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2326.291499][ C1] vkms_vblank_simulate: vblank timer overrun [ 2326.335383][T28393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2326.401720][T28393] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2326.408767][T28393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2326.455123][ C1] vkms_vblank_simulate: vblank timer overrun [ 2326.511672][T28393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2326.608315][T16692] hsr_slave_0: left promiscuous mode [ 2326.614741][T16692] hsr_slave_1: left promiscuous mode [ 2326.633834][T16692] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2326.679777][T16692] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2326.687275][T16692] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2326.747489][T16692] veth1_macvtap: left promiscuous mode [ 2326.771893][T16692] veth0_macvtap: left promiscuous mode [ 2326.798221][T16692] veth1_vlan: left promiscuous mode [ 2326.806203][T16692] veth0_vlan: left promiscuous mode [ 2327.932830][T27331] Bluetooth: hci3: command tx timeout [ 2327.939699][T24838] usb 1-1: USB disconnect, device number 66 [ 2328.201977][T16692] team0 (unregistering): Port device team_slave_1 removed [ 2328.330386][T16692] team0 (unregistering): Port device team_slave_0 removed [ 2329.005824][T28588] tipc: Enabling of bearer rejected, failed to enable media [ 2329.254581][T28393] hsr_slave_0: entered promiscuous mode [ 2329.278201][T28393] hsr_slave_1: entered promiscuous mode [ 2329.285847][T28393] debugfs: 'hsr0' already exists in 'hsr' [ 2329.292544][T28393] Cannot create hsr debugfs directory [ 2330.081958][T28649] syzkaller0: entered promiscuous mode [ 2330.097590][T28649] syzkaller0: entered allmulticast mode [ 2330.956822][T28393] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2331.006292][T28393] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2331.030135][T28684] netlink: 540 bytes leftover after parsing attributes in process `syz.4.4816'. [ 2331.053888][T28393] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2331.088151][T28393] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2331.414139][T28393] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2331.500426][T28393] 8021q: adding VLAN 0 to HW filter on device team0 [ 2331.540565][ T6472] bridge0: port 1(bridge_slave_0) entered blocking state [ 2331.547747][ T6472] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2331.594349][ T6472] bridge0: port 2(bridge_slave_1) entered blocking state [ 2331.601597][ T6472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2331.805425][T28393] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2332.020210][T28393] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2332.182432][T28393] veth0_vlan: entered promiscuous mode [ 2332.226402][T28393] veth1_vlan: entered promiscuous mode [ 2332.335475][T28393] veth0_macvtap: entered promiscuous mode [ 2332.370918][T28393] veth1_macvtap: entered promiscuous mode [ 2332.435700][T28393] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2332.483480][T28393] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2332.534804][ T1327] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2332.606918][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 2332.606936][ T30] audit: type=1326 audit(1764590223.352:6997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28698 comm="syz.4.4817" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc4539 code=0x0 [ 2332.809393][ T1327] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2332.818198][ T1327] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2332.873125][ T1327] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2333.266381][T20461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2333.287661][T20461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2333.401370][ T6472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2333.416015][ T6472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2334.500717][T28751] binder: BINDER_SET_CONTEXT_MGR already set [ 2334.506776][T28751] binder: 28750:28751 ioctl 4018620d 80000040 returned -16 [ 2334.767638][T28761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4830'. [ 2334.801424][T28761] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4830'. [ 2335.049663][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2335.060303][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2335.069962][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2335.079914][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2335.089578][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2335.195904][T28770] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2336.189291][T27394] bond0: (slave netdevsim0): Releasing backup interface [ 2336.246287][T28792] loop8: detected capacity change from 0 to 7 [ 2336.272440][T27548] Dev loop8: unable to read RDB block 7 [ 2336.299926][T27548] loop8: unable to read partition table [ 2336.309139][T27548] loop8: partition table beyond EOD, truncated [ 2336.319771][T28792] Dev loop8: unable to read RDB block 7 [ 2336.373605][T28792] loop8: unable to read partition table [ 2336.387985][T28792] loop8: partition table beyond EOD, truncated [ 2336.399277][T28792] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 2336.421860][T27548] Dev loop8: unable to read RDB block 7 [ 2336.427537][T27548] loop8: unable to read partition table [ 2336.457266][T27548] loop8: partition table beyond EOD, truncated [ 2336.503059][T28793] Dev loop8: unable to read RDB block 7 [ 2336.508705][T28793] loop8: unable to read partition table [ 2336.526453][T28771] chnl_net:caif_netlink_parms(): no params data found [ 2336.547346][T28793] loop8: partition table beyond EOD, truncated [ 2336.561539][T28793] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 2337.133973][ T5843] Bluetooth: hci2: command tx timeout [ 2337.148071][T27744] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0 [ 2337.174311][T27744] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0 [ 2337.198743][T27744] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0 [ 2337.252956][T27744] hid-generic 0000:0004:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 2337.394069][T27394] dvmrp8 (unregistering): left allmulticast mode [ 2337.424425][T28819] fido_id[28819]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 2338.279648][T27394] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2338.291557][T27394] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2338.303293][T27394] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 2338.316569][T27394] bond0 (unregistering): (slave bond1): Releasing backup interface [ 2338.328677][T27394] bond0 (unregistering): (slave bond2): Releasing backup interface [ 2338.342636][T27394] bond0 (unregistering): (slave bond3): Releasing backup interface [ 2338.352303][T27394] bond0 (unregistering): Released all slaves [ 2338.461439][T27394] bond1 (unregistering): Released all slaves [ 2338.562854][T27394] bond2 (unregistering): Released all slaves [ 2338.663285][T27394] bond3 (unregistering): Released all slaves [ 2338.677383][T28771] bridge0: port 1(bridge_slave_0) entered blocking state [ 2338.685080][T28771] bridge0: port 1(bridge_slave_0) entered disabled state [ 2338.692439][T28771] bridge_slave_0: entered allmulticast mode [ 2338.700347][T28771] bridge_slave_0: entered promiscuous mode [ 2338.792890][T28771] bridge0: port 2(bridge_slave_1) entered blocking state [ 2338.826077][T28771] bridge0: port 2(bridge_slave_1) entered disabled state [ 2338.869300][T28771] bridge_slave_1: entered allmulticast mode [ 2338.901111][T28771] bridge_slave_1: entered promiscuous mode [ 2339.012729][T27394] : left promiscuous mode [ 2339.189859][T28771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2339.199109][ T5843] Bluetooth: hci2: command tx timeout [ 2339.215110][T27394] tipc: Disabling bearer [ 2339.249197][T27394] tipc: Disabling bearer [ 2339.272585][T27394] tipc: Left network mode [ 2339.275803][T28771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2339.440565][T27394] IPVS: stopping backup sync thread 9223 ... [ 2339.501337][T28771] team0: Port device team_slave_0 added [ 2339.592945][T28771] team0: Port device team_slave_1 added [ 2339.917172][T28771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2339.960201][T28771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2339.999148][T28771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2340.022353][T28771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2340.040815][T28771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2340.127833][T28771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2340.478579][T27394] hsr_slave_0: left promiscuous mode [ 2340.518187][T27394] hsr_slave_1: left promiscuous mode [ 2340.524512][T27394] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2340.549675][T27394] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2340.970993][ T30] audit: type=1326 audit(1764590231.722:6998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28925 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.032066][ T30] audit: type=1326 audit(1764590231.752:6999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28925 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.060313][ T30] audit: type=1326 audit(1764590231.752:7000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28925 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.083823][ T30] audit: type=1326 audit(1764590231.752:7001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28925 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.129632][ T30] audit: type=1326 audit(1764590231.752:7002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28925 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.281617][ T5843] Bluetooth: hci2: command tx timeout [ 2341.527210][ T30] audit: type=1326 audit(1764590232.272:7003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28946 comm="syz.3.4899" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.598955][ T30] audit: type=1326 audit(1764590232.272:7004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28946 comm="syz.3.4899" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.674133][ T30] audit: type=1326 audit(1764590232.272:7005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28946 comm="syz.3.4899" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.733044][ T30] audit: type=1326 audit(1764590232.272:7006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28946 comm="wg1" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.777286][ T30] audit: type=1326 audit(1764590232.272:7007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28946 comm="wg1" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2341.821030][T27394] team0 (unregistering): Port device team_slave_1 removed [ 2341.907756][T27394] team0 (unregistering): Port device team_slave_0 removed [ 2342.082242][T28966] loop4: detected capacity change from 0 to 8 [ 2342.215818][T28966] Dev loop4: unable to read RDB block 8 [ 2342.233891][T28966] loop4: unable to read partition table [ 2342.252153][ C1] invalid error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 2342.262097][ C1] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 2342.265107][T28966] loop4: partition table beyond EOD, truncated [ 2342.276963][T28966] loop_reread_partitions: partition scan of loop4 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 2342.575221][T28771] hsr_slave_0: entered promiscuous mode [ 2342.590123][T28771] hsr_slave_1: entered promiscuous mode [ 2342.600096][T28771] debugfs: 'hsr0' already exists in 'hsr' [ 2342.609621][T28771] Cannot create hsr debugfs directory [ 2342.735261][T28975] netlink: 'syz.3.4910': attribute type 10 has an invalid length. [ 2342.828091][T28979] netlink: 'syz.3.4910': attribute type 10 has an invalid length. [ 2342.873822][T28975] team0: Port device dummy0 added [ 2342.970814][T28979] team0: Port device dummy0 removed [ 2343.366571][ T5843] Bluetooth: hci2: command tx timeout [ 2343.829673][T29015] bridge0: entered promiscuous mode [ 2343.837343][T29015] bridge0: port 3(macsec1) entered blocking state [ 2343.844612][T29015] bridge0: port 3(macsec1) entered disabled state [ 2343.852816][T29015] macsec1: entered allmulticast mode [ 2343.858244][T29015] bridge0: entered allmulticast mode [ 2343.869161][T29015] macsec1: left allmulticast mode [ 2343.874454][T29015] bridge0: left allmulticast mode [ 2343.901006][T29015] bridge0: left promiscuous mode [ 2344.290303][T28771] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2344.311889][T28771] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2344.326307][T28771] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2344.366733][T28771] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2344.563869][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2344.581493][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2344.761640][T28771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2344.783186][T28771] 8021q: adding VLAN 0 to HW filter on device team0 [ 2344.814697][T20461] bridge0: port 1(bridge_slave_0) entered blocking state [ 2344.821923][T20461] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2344.863683][T20461] bridge0: port 2(bridge_slave_1) entered blocking state [ 2344.870899][T20461] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2344.872898][T29046] netlink: 'syz.3.4929': attribute type 21 has an invalid length. [ 2345.103518][T28771] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2345.371933][T28771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2345.564819][T28771] veth0_vlan: entered promiscuous mode [ 2345.626462][T28771] veth1_vlan: entered promiscuous mode [ 2345.733442][T28771] veth0_macvtap: entered promiscuous mode [ 2345.751350][T28771] veth1_macvtap: entered promiscuous mode [ 2345.797897][T28771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2345.856890][T28771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2345.895221][ T1327] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2345.915655][ T1327] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2345.948514][ T1327] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2345.981742][ T1327] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2346.196123][ T1327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2346.245136][ T1327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2346.259046][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 2346.259066][ T30] audit: type=1326 audit(1764590237.002:7017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29100 comm="syz.1.4948" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2346.348876][ T30] audit: type=1326 audit(1764590237.002:7018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29100 comm="syz.1.4948" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2346.406460][ T30] audit: type=1326 audit(1764590237.002:7019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29100 comm="syz.1.4948" exe="/root/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2346.445637][ T6476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2346.471489][ T6476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2346.485625][ T30] audit: type=1326 audit(1764590237.002:7020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29100 comm="syz.1.4948" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2347.423193][ T30] audit: type=1326 audit(1764590238.162:7021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2347.508975][ T30] audit: type=1326 audit(1764590238.162:7022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2347.608936][ T30] audit: type=1326 audit(1764590238.172:7023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2347.688660][ T30] audit: type=1326 audit(1764590238.172:7024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2347.778915][ T30] audit: type=1326 audit(1764590238.172:7025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2347.863332][ T30] audit: type=1326 audit(1764590238.172:7026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29127 comm="syz.4.4956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2348.703055][T29146] netlink: 'syz.1.4964': attribute type 1 has an invalid length. [ 2349.520530][T29162] syzkaller0: entered promiscuous mode [ 2349.526172][T29162] syzkaller0: entered allmulticast mode [ 2349.924587][T29092] warn_alloc: 1 callbacks suppressed [ 2349.924608][T29092] syz.0.4945: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 2349.984509][T29092] CPU: 0 UID: 0 PID: 29092 Comm: syz.0.4945 Not tainted syzkaller #0 PREEMPT(full) [ 2349.984540][T29092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2349.984554][T29092] Call Trace: [ 2349.984564][T29092] [ 2349.984574][T29092] dump_stack_lvl+0x189/0x250 [ 2349.984616][T29092] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2349.984646][T29092] ? __pfx__printk+0x10/0x10 [ 2349.984669][T29092] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 2349.984700][T29092] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 2349.984733][T29092] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 2349.984769][T29092] warn_alloc+0x214/0x310 [ 2349.984810][T29092] ? __pfx_warn_alloc+0x10/0x10 [ 2349.984854][T29092] ? __get_vm_area_node+0x28f/0x300 [ 2349.984886][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985025][T29092] __vmalloc_node_range_noprof+0x690/0x12d0 [ 2349.985060][T29092] ? alloc_vmap_area+0xda0/0x14c0 [ 2349.985117][T29092] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2349.985149][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985183][T29092] ? __get_vm_area_node+0x28f/0x300 [ 2349.985215][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985248][T29092] __vmalloc_node_range_noprof+0x578/0x12d0 [ 2349.985281][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985313][T29092] ? __alloc_frozen_pages_noprof+0x9f/0x370 [ 2349.985364][T29092] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2349.985398][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985432][T29092] ? rcu_is_watching+0x15/0xb0 [ 2349.985465][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985497][T29092] __kvmalloc_node_noprof+0x674/0x910 [ 2349.985555][T29092] ? hash_netiface_create+0x358/0xfe0 [ 2349.985587][T29092] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 2349.985621][T29092] ? hash_netiface_create+0x2fe/0xfe0 [ 2349.985660][T29092] hash_netiface_create+0x358/0xfe0 [ 2349.985702][T29092] ? __nla_parse+0x40/0x60 [ 2349.985760][T29092] ? __pfx_hash_netiface_create+0x10/0x10 [ 2349.985796][T29092] ip_set_create+0xa97/0x1940 [ 2349.985876][T29092] ? ip_set_create+0x4a2/0x1940 [ 2349.985923][T29092] ? __pfx_ip_set_create+0x10/0x10 [ 2349.985998][T29092] nfnetlink_rcv_msg+0xb4d/0x1130 [ 2349.986059][T29092] ? nfnetlink_rcv_msg+0x20d/0x1130 [ 2349.986115][T29092] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 2349.986147][T29092] ? kasan_save_track+0x4f/0x80 [ 2349.986235][T29092] netlink_rcv_skb+0x208/0x470 [ 2349.986280][T29092] ? lockdep_hardirqs_on+0x9c/0x150 [ 2349.986362][T29092] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 2349.986399][T29092] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2349.986436][T29092] ? bpf_lsm_capable+0x9/0x20 [ 2349.986470][T29092] ? security_capable+0x7e/0x2e0 [ 2349.986558][T29092] nfnetlink_rcv+0x282/0x2590 [ 2349.986596][T29092] ? __dev_queue_xmit+0x27b/0x3b50 [ 2349.986651][T29092] ? __dev_queue_xmit+0x1d79/0x3b50 [ 2349.986677][T29092] ? kasan_save_track+0x3e/0x80 [ 2349.986708][T29092] ? __kasan_slab_alloc+0x6c/0x80 [ 2349.986764][T29092] ? __dev_queue_xmit+0x27b/0x3b50 [ 2349.986805][T29092] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 2349.986839][T29092] ? __pfx___dev_queue_xmit+0x10/0x10 [ 2349.986882][T29092] ? ref_tracker_free+0x63a/0x7d0 [ 2349.986930][T29092] ? __asan_memcpy+0x40/0x70 [ 2349.986959][T29092] ? __pfx_ref_tracker_free+0x10/0x10 [ 2349.986979][T29092] ? __skb_clone+0x63/0x7a0 [ 2349.987039][T29092] ? __skb_clone+0x483/0x7a0 [ 2349.987073][T29092] ? skb_clone+0x246/0x3a0 [ 2349.987103][T29092] ? __netlink_deliver_tap+0x807/0x850 [ 2349.987125][T29092] ? netlink_deliver_tap+0x2e/0x1b0 [ 2349.987156][T29092] ? netlink_deliver_tap+0x2e/0x1b0 [ 2349.987188][T29092] netlink_unicast+0x82f/0x9e0 [ 2349.987259][T29092] ? __pfx_netlink_unicast+0x10/0x10 [ 2349.987295][T29092] ? netlink_sendmsg+0x642/0xb30 [ 2349.987316][T29092] ? skb_put+0x11b/0x210 [ 2349.987343][T29092] netlink_sendmsg+0x805/0xb30 [ 2349.987377][T29092] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2349.987404][T29092] ? __import_iovec+0x5d4/0x7f0 [ 2349.987536][T29092] ? aa_sock_msg_perm+0xf1/0x1d0 [ 2349.987655][T29092] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 2349.987677][T29092] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2349.987701][T29092] __sock_sendmsg+0x21c/0x270 [ 2349.987762][T29092] ____sys_sendmsg+0x505/0x830 [ 2349.987815][T29092] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2349.987848][T29092] ? preempt_schedule_thunk+0x16/0x30 [ 2349.987880][T29092] ___sys_sendmsg+0x21f/0x2a0 [ 2349.987908][T29092] ? __pfx____sys_sendmsg+0x10/0x10 [ 2349.987935][T29092] ? futex_private_hash_put+0x13b/0x170 [ 2349.988000][T29092] ? __fget_files+0x2a/0x420 [ 2349.988021][T29092] ? __fget_files+0x3a0/0x420 [ 2349.988054][T29092] __sys_sendmsg+0x164/0x220 [ 2349.988081][T29092] ? __pfx___sys_sendmsg+0x10/0x10 [ 2349.988117][T29092] ? rcu_is_watching+0x15/0xb0 [ 2349.988146][T29092] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 2349.988191][T29092] ? lockdep_hardirqs_on+0x9c/0x150 [ 2349.988227][T29092] __do_fast_syscall_32+0xb6/0x2b0 [ 2349.988256][T29092] do_fast_syscall_32+0x34/0x80 [ 2349.988276][T29092] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2349.988303][T29092] RIP: 0023:0xf7fe3539 [ 2349.988324][T29092] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2349.988342][T29092] RSP: 002b:00000000f54b555c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 2349.988366][T29092] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040 [ 2349.988382][T29092] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 2349.988395][T29092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2349.988408][T29092] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2349.988428][T29092] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2349.988461][T29092] [ 2350.549545][T29092] Mem-Info: [ 2350.552716][T29092] active_anon:8392 inactive_anon:0 isolated_anon:0 [ 2350.552716][T29092] active_file:14854 inactive_file:40771 isolated_file:0 [ 2350.552716][T29092] unevictable:768 dirty:115 writeback:0 [ 2350.552716][T29092] slab_reclaimable:8546 slab_unreclaimable:98492 [ 2350.552716][T29092] mapped:32336 shmem:4249 pagetables:1218 [ 2350.552716][T29092] sec_pagetables:0 bounce:0 [ 2350.552716][T29092] kernel_misc_reclaimable:0 [ 2350.552716][T29092] free:1273539 free_pcp:18785 free_cma:0 [ 2350.601533][T29092] Node 0 active_anon:33568kB inactive_anon:0kB active_file:59104kB inactive_file:162880kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129108kB dirty:448kB writeback:0kB shmem:15460kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11692kB pagetables:4736kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2350.635504][T29092] Node 1 active_anon:0kB inactive_anon:0kB active_file:312kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:236kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2350.667750][T29092] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2350.697713][T29092] lowmem_reserve[]: 0 2505 2505 2505 2505 [ 2350.703614][T29092] Node 0 DMA32 free:1159640kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33568kB inactive_anon:0kB active_file:59104kB inactive_file:162880kB unevictable:1536kB writepending:448kB zspages:0kB present:3129332kB managed:2565140kB mlocked:0kB bounce:0kB free_pcp:74680kB local_pcp:39860kB free_cma:0kB [ 2350.739663][T29092] lowmem_reserve[]: 0 0 0 0 0 [ 2350.744456][T29092] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2350.773770][T29092] lowmem_reserve[]: 0 0 0 0 0 [ 2350.778533][T29092] Node 1 Normal free:3919156kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:312kB inactive_file:204kB unevictable:1536kB writepending:12kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2350.811373][T29092] lowmem_reserve[]: 0 0 0 0 0 [ 2350.816157][T29092] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 2350.831229][T29092] Node 0 DMA32: 7*4kB (E) 95*8kB (E) 1*16kB (E) 1*32kB (M) 37*64kB (E) 80*128kB (UME) 481*256kB (UME) 354*512kB (UME) 260*1024kB (UME) 23*2048kB (UME) 129*4096kB (UM) = 1159556kB [ 2350.849258][T29092] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 2350.860877][T29092] Node 1 Normal: 225*4kB (UME) 54*8kB (UME) 44*16kB (UME) 226*32kB (UME) 100*64kB (UME) 44*128kB (UME) 10*256kB (U) 8*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 947*4096kB (M) = 3919156kB [ 2350.879658][T29092] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2350.889286][T29092] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 2350.898604][T29092] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2350.908250][T29092] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 2350.917615][T29092] 59870 total pagecache pages [ 2350.922362][T29092] 0 pages in swap cache [ 2350.926536][T29092] Free swap = 124996kB [ 2350.933055][T29092] Total swap = 124996kB [ 2350.937252][T29092] 2097051 pages RAM [ 2350.941165][T29092] 0 pages HighMem/MovableOnly [ 2350.945864][T29092] 424124 pages reserved [ 2350.956964][T29092] 0 pages cma reserved [ 2351.253359][T29187] bridge0: entered promiscuous mode [ 2351.284552][T29187] bridge0: port 3(macsec1) entered blocking state [ 2351.291471][T29187] bridge0: port 3(macsec1) entered disabled state [ 2351.298209][T29187] macsec1: entered allmulticast mode [ 2351.304355][T29187] bridge0: entered allmulticast mode [ 2351.337724][T29187] macsec1: left allmulticast mode [ 2351.344234][T29187] bridge0: left allmulticast mode [ 2351.369707][T29187] bridge0: left promiscuous mode [ 2351.370480][T29189] netlink: 'syz.3.4982': attribute type 1 has an invalid length. [ 2351.523923][T29189] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2351.761694][T27331] Bluetooth: hci5: command 0x0406 tx timeout [ 2351.800744][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 2351.800763][ T30] audit: type=1326 audit(1764590242.552:7028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2351.909015][ T30] audit: type=1326 audit(1764590242.552:7029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2351.975472][ T30] audit: type=1326 audit(1764590242.552:7030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.055817][ T30] audit: type=1326 audit(1764590242.582:7031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.116587][ T30] audit: type=1326 audit(1764590242.582:7032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.167403][ T30] audit: type=1326 audit(1764590242.582:7033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.192813][T29194] bond1 (unregistering): Released all slaves [ 2352.213534][ T30] audit: type=1326 audit(1764590242.582:7034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.260013][ T30] audit: type=1326 audit(1764590242.592:7035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=187 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.284233][ T30] audit: type=1326 audit(1764590242.592:7036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.307443][ T30] audit: type=1326 audit(1764590242.602:7037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29202 comm="syz.2.4986" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2352.332074][T29201] syzkaller0: entered promiscuous mode [ 2352.337589][T29201] syzkaller0: entered allmulticast mode [ 2353.123855][T29223] tipc: Enabling of bearer rejected, failed to enable media [ 2353.338457][T29229] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4995'. [ 2353.358216][T29231] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4997'. [ 2353.380905][T29229] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4995'. [ 2353.416201][T29229] bridge0: entered promiscuous mode [ 2353.423635][T29229] ip6gretap0: entered promiscuous mode [ 2353.985635][T29251] random: crng reseeded on system resumption [ 2354.022586][T29249] pimreg: entered allmulticast mode [ 2354.175259][T29249] pimreg: left allmulticast mode [ 2355.122570][T29289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5022'. [ 2355.193566][T29289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5022'. [ 2355.504199][T29301] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5026'. [ 2355.516199][T29301] netlink: 190 bytes leftover after parsing attributes in process `syz.4.5026'. [ 2357.884491][T29371] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5057'. [ 2358.060590][T29375] pimreg: entered allmulticast mode [ 2358.066913][T29378] netlink: 3 bytes leftover after parsing attributes in process `syz.2.5059'. [ 2358.117306][T29378] 0X: renamed from caif0 [ 2358.149296][T29378] 0X: entered allmulticast mode [ 2358.155340][T29378] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 2358.743600][T29404] pimreg: entered allmulticast mode [ 2358.744640][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 2358.744658][ T30] audit: type=1326 audit(1764590249.492:7059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2358.837929][ T30] audit: type=1326 audit(1764590249.522:7060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2358.929667][ T30] audit: type=1326 audit(1764590249.532:7061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.002343][ T30] audit: type=1326 audit(1764590249.532:7062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.006304][T29414] netlink: 3 bytes leftover after parsing attributes in process `syz.2.5076'. [ 2359.063485][ T30] audit: type=1326 audit(1764590249.532:7063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.090579][T29414] 1X: renamed from 60X [ 2359.110227][ T30] audit: type=1326 audit(1764590249.532:7064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.137966][T29414] A link change request failed with some changes committed already. Interface 61X may have been left with an inconsistent configuration, please check. [ 2359.168565][ T30] audit: type=1326 audit(1764590249.532:7065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.241856][ T30] audit: type=1326 audit(1764590249.532:7066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.257439][T29418] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5079'. [ 2359.306144][ T30] audit: type=1326 audit(1764590249.542:7067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2359.389194][ T30] audit: type=1326 audit(1764590249.542:7068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.2.5074" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2360.103126][T29443] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5090'. [ 2360.626653][T29453] netlink: 540 bytes leftover after parsing attributes in process `syz.1.5095'. [ 2360.816938][T29458] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5098'. [ 2360.826226][T29458] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5098'. [ 2361.009436][T29464] syzkaller0: entered promiscuous mode [ 2361.026955][T29464] syzkaller0: entered allmulticast mode [ 2361.457693][T29481] netlink: 540 bytes leftover after parsing attributes in process `syz.2.5108'. [ 2361.666450][T29486] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5111'. [ 2361.921191][T29495] syzkaller0: entered promiscuous mode [ 2361.926806][T29495] syzkaller0: entered allmulticast mode [ 2362.015716][T29497] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5116'. [ 2362.235592][T29499] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2362.613841][T29510] netlink: 540 bytes leftover after parsing attributes in process `syz.1.5121'. [ 2363.320354][T29526] syzkaller0: entered promiscuous mode [ 2363.328115][T29526] syzkaller0: entered allmulticast mode [ 2363.747224][T29535] syz_tun: entered allmulticast mode [ 2363.778647][T29534] syz_tun: left allmulticast mode [ 2364.011879][ T30] kauditd_printk_skb: 23 callbacks suppressed [ 2364.011899][ T30] audit: type=1326 audit(1764590254.762:7092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29538 comm="syz.1.5136" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x0 [ 2364.503848][T29576] syzkaller0: entered promiscuous mode [ 2364.512196][T29576] syzkaller0: entered allmulticast mode [ 2364.632873][ T30] audit: type=1326 audit(1764590255.382:7093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29582 comm="syz.3.5149" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2364.693778][ T30] audit: type=1326 audit(1764590255.412:7094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29582 comm="syz.3.5149" exe="/root/syz-executor" sig=0 arch=40000003 syscall=40 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2364.766932][ T30] audit: type=1326 audit(1764590255.412:7095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29582 comm="syz.3.5149" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2364.815949][T29588] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5151'. [ 2365.282243][ T30] audit: type=1326 audit(1764590256.032:7096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="syz.1.5163" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.324987][ T30] audit: type=1326 audit(1764590256.032:7097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="syz.1.5163" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.468866][ T30] audit: type=1326 audit(1764590256.062:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="syz.1.5163" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.600957][ T30] audit: type=1326 audit(1764590256.062:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="Ptp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.649534][ T30] audit: type=1326 audit(1764590256.062:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="Ptp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.718968][ T30] audit: type=1326 audit(1764590256.072:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29611 comm="Ptp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2365.820743][T29623] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5166'. [ 2366.963985][T29660] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5183'. [ 2367.593226][T29676] netlink: 'syz.3.5191': attribute type 1 has an invalid length. [ 2368.392303][T29706] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5206'. [ 2368.520378][T29708] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 2369.055431][T29731] usb usb7: usbfs: process 29731 (syz.0.5218) did not claim interface 0 before use [ 2369.281663][T29745] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 2369.620384][T29762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5233'. [ 2369.745853][T29765] bridge_slave_0: left allmulticast mode [ 2369.781036][T29765] bridge_slave_0: left promiscuous mode [ 2369.809546][T29765] bridge0: port 1(bridge_slave_0) entered disabled state [ 2369.843583][T29766] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2369.854534][T29765] bridge_slave_1: left allmulticast mode [ 2369.860539][T29765] bridge_slave_1: left promiscuous mode [ 2369.872706][T29765] bridge0: port 2(bridge_slave_1) entered disabled state [ 2369.933883][T29765] bond0: (slave bond_slave_0): Releasing backup interface [ 2369.976007][T29765] bond0: (slave bond_slave_1): Releasing backup interface [ 2370.035295][T29765] team0: Port device team_slave_0 removed [ 2370.067151][T29765] team0: Port device team_slave_1 removed [ 2370.109108][T29765] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2370.131358][T29765] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2370.152815][T29765] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2370.181727][T29765] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2370.210468][T29765] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 2370.291450][T29792] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5245'. [ 2370.412254][T29794] netlink: 648 bytes leftover after parsing attributes in process `syz.0.5246'. [ 2370.526683][T29798] hsr0: entered promiscuous mode [ 2370.539161][T29798] macsec1: entered promiscuous mode [ 2370.554815][T29798] macsec1: entered allmulticast mode [ 2370.570542][T29798] hsr0: entered allmulticast mode [ 2370.580653][T29798] hsr_slave_0: entered allmulticast mode [ 2370.594695][T29798] hsr_slave_1: entered allmulticast mode [ 2370.644814][T29798] hsr0: left allmulticast mode [ 2370.661838][T29798] hsr_slave_0: left allmulticast mode [ 2370.679852][T29798] hsr_slave_1: left allmulticast mode [ 2371.161812][T29812] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 2371.257427][T29813] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2371.518963][T29824] capability: warning: `syz.3.5258' uses 32-bit capabilities (legacy support in use) [ 2372.346188][T29838] tipc: Enabling of bearer rejected, failed to enable media [ 2372.847827][T29847] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 2373.116214][T29854] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2373.337225][T29862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5273'. [ 2373.640620][T24303] IPVS: starting estimator thread 0... [ 2373.729150][T29872] IPVS: using max 26 ests per chain, 62400 per kthread [ 2374.078603][T29889] syzkaller0: entered promiscuous mode [ 2374.104724][T29889] syzkaller0: entered allmulticast mode [ 2374.179499][T29889] tipc: Started in network mode [ 2374.195746][T29889] tipc: Node identity 42eb193d112f, cluster identity 4711 [ 2374.209340][T29889] tipc: Enabled bearer , priority 0 [ 2374.231608][T29888] tipc: Resetting bearer [ 2374.253629][T29888] tipc: Disabling bearer [ 2374.254648][ T30] kauditd_printk_skb: 79 callbacks suppressed [ 2374.254666][ T30] audit: type=1326 audit(1764590265.002:7181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.323109][ T30] audit: type=1326 audit(1764590265.012:7182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.346075][ T30] audit: type=1326 audit(1764590265.012:7183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.369433][ T30] audit: type=1326 audit(1764590265.012:7184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.393313][ T30] audit: type=1326 audit(1764590265.012:7185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.468055][ T30] audit: type=1326 audit(1764590265.012:7186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.539809][ T30] audit: type=1326 audit(1764590265.012:7187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.598883][ T30] audit: type=1326 audit(1764590265.012:7188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.648966][ T30] audit: type=1326 audit(1764590265.012:7189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=449 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2374.700874][T29908] bridge0: entered promiscuous mode [ 2374.767164][ T30] audit: type=1326 audit(1764590265.012:7190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29897 comm="syz.1.5290" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2375.015899][T29924] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5302'. [ 2375.207713][T29931] netlink: 568 bytes leftover after parsing attributes in process `syz.3.5306'. [ 2375.673596][T29951] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5316'. [ 2375.694601][T29951] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5316'. [ 2375.980232][T29959] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5320'. [ 2375.989804][T29959] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5320'. [ 2376.042493][T29963] netlink: 568 bytes leftover after parsing attributes in process `syz.3.5322'. [ 2376.267499][T29971] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5325'. [ 2376.413960][T29979] IPv6: Can't replace route, no match found [ 2376.479483][T29980] netlink: 'syz.0.5329': attribute type 4 has an invalid length. [ 2376.508919][T29980] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5329'. [ 2376.575844][T29980] .`: renamed from bond0 (while UP) [ 2376.808732][T29995] netlink: 568 bytes leftover after parsing attributes in process `syz.4.5336'. [ 2377.879975][T30025] netlink: 568 bytes leftover after parsing attributes in process `syz.2.5349'. [ 2377.959585][T30031] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5353'. [ 2379.220984][T30069] bridge1: entered promiscuous mode [ 2379.226257][T30069] bridge1: entered allmulticast mode [ 2379.257683][T30069] team0: Port device bridge1 added [ 2379.672886][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 2379.672970][ T30] audit: type=1326 audit(1764590270.422:7219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2379.774852][ T30] audit: type=1326 audit(1764590270.462:7220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2379.841473][ T30] audit: type=1326 audit(1764590270.462:7221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2379.919555][ T30] audit: type=1326 audit(1764590270.462:7222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2379.968948][ T30] audit: type=1326 audit(1764590270.462:7223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.018965][ T30] audit: type=1326 audit(1764590270.462:7224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.081269][ T30] audit: type=1326 audit(1764590270.462:7225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.148903][ T30] audit: type=1326 audit(1764590270.462:7226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.201545][ T30] audit: type=1326 audit(1764590270.462:7227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.291368][ T30] audit: type=1326 audit(1764590270.462:7228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30083 comm="syz.2.5374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2380.911379][T30128] __nla_validate_parse: 8 callbacks suppressed [ 2380.911400][T30128] netlink: 548 bytes leftover after parsing attributes in process `syz.2.5392'. [ 2381.873175][T30160] netlink: 548 bytes leftover after parsing attributes in process `syz.1.5406'. [ 2382.037005][T30165] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5408'. [ 2382.491291][T30176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5414'. [ 2382.869252][T30184] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5418'. [ 2382.906544][T30186] netlink: 548 bytes leftover after parsing attributes in process `syz.4.5419'. [ 2383.118400][T30192] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5423'. [ 2383.141018][T30190] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5421'. [ 2383.557318][T30204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5427'. [ 2383.879155][T30211] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5432'. [ 2383.930762][T27414] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 2384.088981][T27414] usb 3-1: device descriptor read/64, error -71 [ 2384.328915][T27414] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 2384.489258][T27414] usb 3-1: device descriptor read/64, error -71 [ 2384.599186][T27414] usb usb3-port1: attempt power cycle [ 2384.889547][ T30] kauditd_printk_skb: 55 callbacks suppressed [ 2384.889567][ T30] audit: type=1326 audit(1764590275.642:7284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30199 comm="syz.2.5426" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2384.968972][T27414] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 2385.018418][T27414] usb 3-1: device descriptor read/8, error -71 [ 2385.028836][ T30] audit: type=1326 audit(1764590275.762:7285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30199 comm="syz.2.5426" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2385.097967][ T30] audit: type=1326 audit(1764590275.762:7286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30199 comm="syz.2.5426" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2385.172255][ T30] audit: type=1326 audit(1764590275.912:7287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30234 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2385.257721][ T30] audit: type=1326 audit(1764590275.912:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30234 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2385.303895][T27414] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 2385.346856][ T30] audit: type=1326 audit(1764590275.912:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30234 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=308 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2385.391440][T27414] usb 3-1: device descriptor read/8, error -71 [ 2385.419438][ T30] audit: type=1326 audit(1764590275.912:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30234 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2385.457477][T30241] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2385.511292][T27414] usb usb3-port1: unable to enumerate USB device [ 2385.517848][ T30] audit: type=1326 audit(1764590275.912:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30234 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2385.561330][ T30] audit: type=1326 audit(1764590275.922:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30199 comm="syz.2.5426" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2385.598291][ T30] audit: type=1326 audit(1764590275.922:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30199 comm="syz.2.5426" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2386.059212][T30257] __nla_validate_parse: 5 callbacks suppressed [ 2386.059232][T30257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5452'. [ 2386.168205][T30261] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5454'. [ 2386.232834][T30263] netlink: 540 bytes leftover after parsing attributes in process `syz.3.5455'. [ 2386.649956][T30271] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5458'. [ 2386.757331][T30279] sg_write: data in/out 49276/1 bytes for SCSI command 0x6-- guessing data in; [ 2386.757331][T30279] program syz.0.5461 not setting count and/or reply_len properly [ 2386.865904][T30276] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2386.885541][T30282] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5462'. [ 2386.898752][T30275] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 2387.072351][T30285] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5463'. [ 2387.287797][T30289] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5465'. [ 2387.538469][T30299] netlink: 'syz.3.5470': attribute type 1 has an invalid length. [ 2387.608482][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 2387.697562][T30300] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 2387.711807][T30300] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 2387.840800][T30303] bond1: (slave gretap1): making interface the new active one [ 2387.871049][T30303] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 2387.902376][T30299] macvlan2: entered promiscuous mode [ 2387.907808][T30299] macvlan2: entered allmulticast mode [ 2387.915464][T30299] bond1: entered promiscuous mode [ 2387.921973][T30299] gretap1: entered promiscuous mode [ 2387.928422][T30299] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 2387.959960][T30299] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 2387.987109][T30299] bond1: left promiscuous mode [ 2387.992947][T30299] gretap1: left promiscuous mode [ 2388.116432][T30317] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5477'. [ 2388.136268][T30317] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5477'. [ 2388.146972][T30319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5478'. [ 2388.165530][T30317] ip6gretap0: entered promiscuous mode [ 2388.172682][T30317] syz_tun: entered promiscuous mode [ 2388.191685][T30317] debugfs: 'hsr1' already exists in 'hsr' [ 2388.197497][T30317] Cannot create hsr debugfs directory [ 2388.695155][T30339] sctp: [Deprecated]: syz.0.5488 (pid 30339) Use of struct sctp_assoc_value in delayed_ack socket option. [ 2388.695155][T30339] Use struct sctp_sack_info instead [ 2388.801402][T30345] ip6_tunnel: non-ECT from fc00:0000:0000:0000:7c4f:9376:9ea2:aa02 with DS=0x5 [ 2390.338889][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 2390.338909][ T30] audit: type=1326 audit(1764590281.082:7298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="syz.2.5531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.398207][ T30] audit: type=1326 audit(1764590281.092:7299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="syz.2.5531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.460599][ T30] audit: type=1326 audit(1764590281.102:7300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="syz.2.5531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.530525][ T30] audit: type=1326 audit(1764590281.102:7301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.598746][ T30] audit: type=1326 audit(1764590281.102:7302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.659816][ T30] audit: type=1326 audit(1764590281.102:7303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.707383][ T30] audit: type=1326 audit(1764590281.102:7304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.760517][T30437] tipc: Enabling of bearer rejected, failed to enable media [ 2390.777793][ T30] audit: type=1326 audit(1764590281.102:7305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.820282][ T30] audit: type=1326 audit(1764590281.102:7306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2390.915090][ T30] audit: type=1326 audit(1764590281.102:7307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30425 comm="+}[@" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2391.261406][T30462] __nla_validate_parse: 10 callbacks suppressed [ 2391.261430][T30462] netlink: 568 bytes leftover after parsing attributes in process `syz.4.5548'. [ 2391.538564][T30475] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5553'. [ 2391.915677][T30487] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5556'. [ 2391.981326][T30490] netlink: 648 bytes leftover after parsing attributes in process `syz.3.5559'. [ 2392.376813][T30501] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5564'. [ 2392.440605][T30501] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5564'. [ 2392.481015][T30503] veth2: entered promiscuous mode [ 2392.490728][T30503] veth2: entered allmulticast mode [ 2392.544446][T30501] syz_tun: entered promiscuous mode [ 2392.579638][T30501] syz_tun: left promiscuous mode [ 2392.604013][T30506] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5567'. [ 2392.894259][T30515] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5570'. [ 2392.894474][T30517] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5571'. [ 2392.940241][T30515] Option ' ' to dns_resolver key: bad/missing value [ 2393.451147][T30537] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5580'. [ 2393.570680][T30541] syz_tun: entered promiscuous mode [ 2393.613173][T30541] syz_tun: left promiscuous mode [ 2394.642615][T30577] hsr0: entered promiscuous mode [ 2394.647772][T30577] macsec2: entered promiscuous mode [ 2394.674234][T30577] macsec2: entered allmulticast mode [ 2394.688915][T30577] hsr0: entered allmulticast mode [ 2394.709292][T30577] hsr_slave_0: entered allmulticast mode [ 2394.753099][T30577] hsr_slave_1: entered allmulticast mode [ 2395.120045][T30599] netlink: 'syz.3.5608': attribute type 27 has an invalid length. [ 2395.230668][T30599] bridge0: port 2(bridge_slave_1) entered disabled state [ 2395.238490][T30599] bridge0: port 1(bridge_slave_0) entered disabled state [ 2395.328487][T30599] batadv_slave_0: left promiscuous mode [ 2395.334599][T30599] batadv_slave_0: left allmulticast mode [ 2395.344162][T30599] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2395.451886][ T30] kauditd_printk_skb: 111 callbacks suppressed [ 2395.451903][ T30] audit: type=1326 audit(1764590286.202:7419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30598 comm="syz.3.5608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2395.483717][ T30] audit: type=1326 audit(1764590286.232:7420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30598 comm="syz.3.5608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2395.552924][T20461] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2395.573188][T20461] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2395.594392][T20461] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2395.608673][T20461] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2395.941478][ T30] audit: type=1326 audit(1764590286.682:7421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.026523][ T30] audit: type=1326 audit(1764590286.692:7422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.080294][ T30] audit: type=1326 audit(1764590286.692:7423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.138977][ T30] audit: type=1326 audit(1764590286.692:7424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.161785][ T30] audit: type=1326 audit(1764590286.692:7425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.186023][ T30] audit: type=1326 audit(1764590286.692:7426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.212297][ T30] audit: type=1326 audit(1764590286.692:7427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.235282][ T30] audit: type=1326 audit(1764590286.702:7428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30623 comm="syz.4.5619" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2396.380390][T30636] __nla_validate_parse: 7 callbacks suppressed [ 2396.380410][T30636] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5625'. [ 2396.416695][T30641] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5628'. [ 2396.433291][T30643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5626'. [ 2396.587023][T30648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5630'. [ 2396.620169][T30648] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5630'. [ 2396.635732][T30649] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5631'. [ 2396.682550][T30654] binfmt_misc: register: failed to install interpreter file ./file0 [ 2396.991626][T30667] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5640'. [ 2397.126517][T30673] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5642'. [ 2397.270723][T30677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5643'. [ 2397.296930][T30678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5644'. [ 2398.757376][T30738] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 2399.113186][T30759] ip6gretap0: entered promiscuous mode [ 2399.120109][T30759] syz_tun: entered promiscuous mode [ 2399.126883][T30759] debugfs: 'hsr1' already exists in 'hsr' [ 2399.133534][T30759] Cannot create hsr debugfs directory [ 2399.139530][T30759] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network [ 2399.150327][T30759] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network [ 2399.956418][T30785] netlink: 'syz.0.5691': attribute type 27 has an invalid length. [ 2400.167849][T30785] bridge0: port 2(bridge_slave_1) entered disabled state [ 2400.175714][T30785] bridge0: port 1(bridge_slave_0) entered disabled state [ 2400.333245][T30785] batadv_slave_0: left promiscuous mode [ 2400.340223][T30785] batadv_slave_0: left allmulticast mode [ 2400.351416][T30785] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2400.515245][T30785] hsr0: left allmulticast mode [ 2400.521799][T30785] hsr_slave_0: left allmulticast mode [ 2400.527375][T30785] hsr_slave_1: left allmulticast mode [ 2400.535968][T30785] macsec2: left promiscuous mode [ 2400.543877][T30785] macsec2: left allmulticast mode [ 2400.573604][ T6476] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2400.591168][ T6476] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2400.629066][ T6476] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2400.644530][T20461] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2400.987295][ T30] kauditd_printk_skb: 47 callbacks suppressed [ 2400.987313][ T30] audit: type=1326 audit(1764590291.732:7476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.062075][ T30] audit: type=1326 audit(1764590291.732:7477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.090278][ T30] audit: type=1326 audit(1764590291.772:7478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.147886][ T30] audit: type=1326 audit(1764590291.772:7479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.170424][ T30] audit: type=1326 audit(1764590291.772:7480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.197984][ T30] audit: type=1326 audit(1764590291.772:7481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.244560][ T30] audit: type=1326 audit(1764590291.772:7482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.267022][ T30] audit: type=1326 audit(1764590291.772:7483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.307400][ T30] audit: type=1326 audit(1764590291.772:7484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.348154][ T30] audit: type=1326 audit(1764590291.772:7485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30820 comm="syz.0.5705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2401.514833][T30841] __nla_validate_parse: 17 callbacks suppressed [ 2401.514856][T30841] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5717'. [ 2401.535412][T30843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5715'. [ 2401.544456][T30841] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5717'. [ 2401.556300][T30843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5715'. [ 2401.805584][T30853] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2401.991660][T30865] netlink: 544 bytes leftover after parsing attributes in process `syz.2.5725'. [ 2402.642413][T30888] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2402.744190][T30899] netlink: 544 bytes leftover after parsing attributes in process `syz.0.5740'. [ 2402.785837][T30902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5742'. [ 2402.810623][T30902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5742'. [ 2403.003127][T30910] syzkaller0: entered promiscuous mode [ 2403.008657][T30910] syzkaller0: entered allmulticast mode [ 2403.143967][T30916] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5749'. [ 2403.402061][T30929] netlink: 544 bytes leftover after parsing attributes in process `syz.0.5754'. [ 2403.631636][T30932] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2403.839374][T30952] syzkaller0: entered promiscuous mode [ 2403.851169][T30952] syzkaller0: entered allmulticast mode [ 2404.607435][T30980] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2404.802504][T30988] syzkaller0: entered promiscuous mode [ 2404.828962][T30988] syzkaller0: entered allmulticast mode [ 2405.378682][T31021] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 2405.392492][T31021] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 2405.401633][T31021] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 2405.543887][T31031] syzkaller0: entered promiscuous mode [ 2405.550389][T31031] syzkaller0: entered allmulticast mode [ 2405.912225][T31041] vlan2: entered promiscuous mode [ 2405.917561][T31041] gretap0: entered promiscuous mode [ 2405.992598][ T30] kauditd_printk_skb: 396 callbacks suppressed [ 2405.992619][ T30] audit: type=1326 audit(1764590296.742:7882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.003385][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2406.003515][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2406.046097][ T30] audit: type=1326 audit(1764590296.752:7883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.071423][ T30] audit: type=1326 audit(1764590296.752:7884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.093974][ T30] audit: type=1326 audit(1764590296.752:7885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.117475][ T30] audit: type=1326 audit(1764590296.752:7886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.142098][ T30] audit: type=1326 audit(1764590296.752:7887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.238878][ T30] audit: type=1326 audit(1764590296.752:7888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.314046][ T30] audit: type=1326 audit(1764590296.752:7889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.354385][ T30] audit: type=1326 audit(1764590296.752:7890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.404613][ T30] audit: type=1326 audit(1764590296.782:7891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31022 comm="syz.0.5794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2406.409408][T31053] syzkaller0: entered promiscuous mode [ 2406.454143][T31053] syzkaller0: entered allmulticast mode [ 2406.592521][T31061] ALSA: seq fatal error: cannot create timer (-19) [ 2406.746093][T31064] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2406.761742][T31068] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 2407.941175][T31098] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2408.076476][T31107] __nla_validate_parse: 11 callbacks suppressed [ 2408.076498][T31107] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5831'. [ 2408.754303][T31139] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5846'. [ 2409.632544][T31167] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5859'. [ 2409.839488][T31176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5863'. [ 2409.859007][T31176] netlink: 194 bytes leftover after parsing attributes in process `syz.1.5863'. [ 2410.161739][T31192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5870'. [ 2410.645936][T31206] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5875'. [ 2410.841267][T31212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5880'. [ 2410.909748][T31214] netlink: 194 bytes leftover after parsing attributes in process `syz.1.5880'. [ 2411.910766][T31240] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5889'. [ 2412.156072][T31247] netlink: 'syz.4.5892': attribute type 72 has an invalid length. [ 2412.958117][T31270] bridge0: port 2(bridge_slave_1) entered disabled state [ 2412.967458][T31270] bridge0: port 1(bridge_slave_0) entered disabled state [ 2413.243009][T31281] __nla_validate_parse: 5 callbacks suppressed [ 2413.243030][T31281] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5907'. [ 2413.281522][T31281] netlink: 194 bytes leftover after parsing attributes in process `syz.4.5907'. [ 2413.295764][ T30] kauditd_printk_skb: 121 callbacks suppressed [ 2413.295784][ T30] audit: type=1326 audit(1764590304.042:8013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31282 comm="syz.3.5909" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2413.389004][ T30] audit: type=1326 audit(1764590304.082:8014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31282 comm="syz.3.5909" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2413.455924][ T30] audit: type=1326 audit(1764590304.082:8015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31282 comm="syz.3.5909" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2413.505675][ T30] audit: type=1326 audit(1764590304.082:8016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31282 comm="syz.3.5909" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2413.563790][ T30] audit: type=1326 audit(1764590304.082:8017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31282 comm="syz.3.5909" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2413.655450][T31295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5914'. [ 2413.691569][T31290] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5912'. [ 2413.716050][T31290] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5912'. [ 2414.049148][T31309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5921'. [ 2414.070377][ T30] audit: type=1326 audit(1764590304.822:8018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31308 comm="syz.4.5922" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2414.081447][T31309] netlink: 194 bytes leftover after parsing attributes in process `syz.3.5921'. [ 2414.139667][ T30] audit: type=1326 audit(1764590304.822:8019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31308 comm="syz.4.5922" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2414.173633][ T30] audit: type=1326 audit(1764590304.852:8020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31308 comm="syz.4.5922" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2414.197392][ T30] audit: type=1326 audit(1764590304.852:8021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31308 comm="syz.4.5922" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2414.314618][ T30] audit: type=1326 audit(1764590304.852:8022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31308 comm="syz.4.5922" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2414.453148][T31327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5930'. [ 2414.537333][T31330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5932'. [ 2414.735621][T31333] syzkaller0: entered promiscuous mode [ 2414.757065][T31333] syzkaller0: entered allmulticast mode [ 2414.835529][T31340] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5936'. [ 2415.169707][T31352] tipc: Enabling of bearer rejected, failed to enable media [ 2415.808573][T31377] syzkaller0: entered promiscuous mode [ 2415.827358][T31377] syzkaller0: entered allmulticast mode [ 2417.427265][T31451] netlink: 'syz.0.5987': attribute type 1 has an invalid length. [ 2417.457422][T31447] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2418.478084][T31496] __nla_validate_parse: 10 callbacks suppressed [ 2418.478105][T31496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6006'. [ 2418.904767][T31509] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6012'. [ 2418.961096][T31510] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6013'. [ 2419.111622][T31521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6018'. [ 2419.233461][T31524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6020'. [ 2419.479670][T31538] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6027'. [ 2419.866861][T31556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6035'. [ 2420.200344][T31574] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6042'. [ 2420.569309][T31585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6047'. [ 2420.728356][T31579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6045'. [ 2421.392155][T31616] syzkaller0: entered promiscuous mode [ 2421.409645][T31616] syzkaller0: entered allmulticast mode [ 2421.481205][T31618] syz_tun: entered allmulticast mode [ 2421.518314][T31618] dvmrp8: entered allmulticast mode [ 2421.605527][T31617] syz_tun: left allmulticast mode [ 2421.713292][T31542] warn_alloc: 3 callbacks suppressed [ 2421.713314][T31542] syz.4.6029: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 2421.778819][T31542] CPU: 1 UID: 0 PID: 31542 Comm: syz.4.6029 Not tainted syzkaller #0 PREEMPT(full) [ 2421.778849][T31542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2421.778862][T31542] Call Trace: [ 2421.778871][T31542] [ 2421.778880][T31542] dump_stack_lvl+0x189/0x250 [ 2421.778918][T31542] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2421.778948][T31542] ? __pfx__printk+0x10/0x10 [ 2421.778970][T31542] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 2421.778999][T31542] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 2421.779029][T31542] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 2421.779061][T31542] warn_alloc+0x214/0x310 [ 2421.779098][T31542] ? __pfx_warn_alloc+0x10/0x10 [ 2421.779140][T31542] ? __get_vm_area_node+0x28f/0x300 [ 2421.779170][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779205][T31542] __vmalloc_node_range_noprof+0x690/0x12d0 [ 2421.779237][T31542] ? alloc_vmap_area+0xda0/0x14c0 [ 2421.779307][T31542] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2421.779339][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779373][T31542] ? __get_vm_area_node+0x28f/0x300 [ 2421.779404][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779436][T31542] __vmalloc_node_range_noprof+0x578/0x12d0 [ 2421.779469][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779500][T31542] ? __alloc_frozen_pages_noprof+0x9f/0x370 [ 2421.779550][T31542] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2421.779583][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779618][T31542] ? rcu_is_watching+0x15/0xb0 [ 2421.779644][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779682][T31542] __kvmalloc_node_noprof+0x674/0x910 [ 2421.779716][T31542] ? hash_netiface_create+0x358/0xfe0 [ 2421.779746][T31542] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 2421.779778][T31542] ? hash_netiface_create+0x2fe/0xfe0 [ 2421.779816][T31542] hash_netiface_create+0x358/0xfe0 [ 2421.779855][T31542] ? __nla_parse+0x40/0x60 [ 2421.779879][T31542] ? __pfx_hash_netiface_create+0x10/0x10 [ 2421.779913][T31542] ip_set_create+0xa97/0x1940 [ 2421.779947][T31542] ? ip_set_create+0x4a2/0x1940 [ 2421.779992][T31542] ? __pfx_ip_set_create+0x10/0x10 [ 2421.780063][T31542] nfnetlink_rcv_msg+0xb4d/0x1130 [ 2421.780098][T31542] ? nfnetlink_rcv_msg+0x20d/0x1130 [ 2421.780150][T31542] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 2421.780180][T31542] ? kasan_save_track+0x4f/0x80 [ 2421.780266][T31542] netlink_rcv_skb+0x208/0x470 [ 2421.780288][T31542] ? lockdep_hardirqs_on+0x9c/0x150 [ 2421.780323][T31542] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 2421.780358][T31542] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2421.780392][T31542] ? bpf_lsm_capable+0x9/0x20 [ 2421.780418][T31542] ? security_capable+0x7e/0x2e0 [ 2421.780452][T31542] nfnetlink_rcv+0x282/0x2590 [ 2421.780489][T31542] ? __dev_queue_xmit+0x27b/0x3b50 [ 2421.780518][T31542] ? __dev_queue_xmit+0x1d79/0x3b50 [ 2421.780543][T31542] ? kasan_save_track+0x3e/0x80 [ 2421.780572][T31542] ? __kasan_slab_alloc+0x6c/0x80 [ 2421.780614][T31542] ? __dev_queue_xmit+0x27b/0x3b50 [ 2421.780654][T31542] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 2421.780693][T31542] ? __pfx___dev_queue_xmit+0x10/0x10 [ 2421.780734][T31542] ? ref_tracker_free+0x63a/0x7d0 [ 2421.780756][T31542] ? __asan_memcpy+0x40/0x70 [ 2421.780784][T31542] ? __pfx_ref_tracker_free+0x10/0x10 [ 2421.780805][T31542] ? __skb_clone+0x63/0x7a0 [ 2421.780835][T31542] ? __skb_clone+0x483/0x7a0 [ 2421.780867][T31542] ? skb_clone+0x246/0x3a0 [ 2421.780896][T31542] ? __netlink_deliver_tap+0x807/0x850 [ 2421.780918][T31542] ? netlink_deliver_tap+0x2e/0x1b0 [ 2421.780948][T31542] ? netlink_deliver_tap+0x2e/0x1b0 [ 2421.780980][T31542] netlink_unicast+0x82f/0x9e0 [ 2421.781023][T31542] ? __pfx_netlink_unicast+0x10/0x10 [ 2421.781058][T31542] ? netlink_sendmsg+0x642/0xb30 [ 2421.781079][T31542] ? skb_put+0x11b/0x210 [ 2421.781104][T31542] netlink_sendmsg+0x805/0xb30 [ 2421.781138][T31542] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2421.781164][T31542] ? __import_iovec+0x5d4/0x7f0 [ 2421.781190][T31542] ? aa_sock_msg_perm+0xf1/0x1d0 [ 2421.781226][T31542] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 2421.781247][T31542] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2421.781271][T31542] __sock_sendmsg+0x21c/0x270 [ 2421.781306][T31542] ____sys_sendmsg+0x505/0x830 [ 2421.781338][T31542] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2421.781371][T31542] ? __pfx_futex_wake_mark+0x10/0x10 [ 2421.781401][T31542] ___sys_sendmsg+0x21f/0x2a0 [ 2421.781429][T31542] ? __pfx____sys_sendmsg+0x10/0x10 [ 2421.781493][T31542] ? __fget_files+0x2a/0x420 [ 2421.781514][T31542] ? __fget_files+0x3a0/0x420 [ 2421.781546][T31542] __sys_sendmsg+0x164/0x220 [ 2421.781573][T31542] ? __pfx___sys_sendmsg+0x10/0x10 [ 2421.781608][T31542] ? rcu_is_watching+0x15/0xb0 [ 2421.781637][T31542] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 2421.781680][T31542] ? lockdep_hardirqs_on+0x9c/0x150 [ 2421.781715][T31542] __do_fast_syscall_32+0xb6/0x2b0 [ 2421.781737][T31542] ? lockdep_hardirqs_on+0x9c/0x150 [ 2421.781774][T31542] do_fast_syscall_32+0x34/0x80 [ 2421.781795][T31542] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2421.781822][T31542] RIP: 0023:0xf7f51539 [ 2421.781842][T31542] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2421.781862][T31542] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 2421.781885][T31542] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 2421.781900][T31542] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 2421.781913][T31542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2421.781926][T31542] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2421.781939][T31542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2421.781972][T31542] [ 2421.781982][T31542] Mem-Info: [ 2422.351035][T31542] active_anon:6721 inactive_anon:0 isolated_anon:0 [ 2422.351035][T31542] active_file:14854 inactive_file:40801 isolated_file:0 [ 2422.351035][T31542] unevictable:768 dirty:136 writeback:0 [ 2422.351035][T31542] slab_reclaimable:8504 slab_unreclaimable:98003 [ 2422.351035][T31542] mapped:29995 shmem:1353 pagetables:1427 [ 2422.351035][T31542] sec_pagetables:0 bounce:0 [ 2422.351035][T31542] kernel_misc_reclaimable:0 [ 2422.351035][T31542] free:1280933 free_pcp:11798 free_cma:0 [ 2422.396246][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.501761][T31542] Node 0 active_anon:26884kB inactive_anon:0kB active_file:59124kB inactive_file:163000kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119812kB dirty:516kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11736kB pagetables:5372kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2422.533652][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.598106][T31542] Node 1 active_anon:0kB inactive_anon:0kB active_file:292kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:168kB dirty:28kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2422.628459][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.659736][T31542] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2422.689679][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.695857][T31542] lowmem_reserve[]: 0 2505 2505 2505 2505 [ 2422.701883][T31542] Node 0 DMA32 free:1188972kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26884kB inactive_anon:0kB active_file:59124kB inactive_file:163000kB unevictable:1536kB writepending:516kB zspages:0kB present:3129332kB managed:2565140kB mlocked:0kB bounce:0kB free_pcp:48640kB local_pcp:15316kB free_cma:0kB [ 2422.735217][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.753840][T31542] lowmem_reserve[]: 0 0 0 0 0 [ 2422.771947][T31542] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2422.802949][T31542] lowmem_reserve[]: 0 0 0 0 0 [ 2422.853683][T31542] Node 1 Normal free:3919176kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:292kB inactive_file:204kB unevictable:1536kB writepending:28kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2422.886224][ C1] vkms_vblank_simulate: vblank timer overrun [ 2422.932808][T31542] lowmem_reserve[]: 0 0 0 0 0 [ 2422.944156][T31542] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 2422.946590][T31646] syzkaller0: entered promiscuous mode [ 2422.976577][T31646] syzkaller0: entered allmulticast mode [ 2422.982471][T31542] Node 0 DMA32: 1*4kB (E) 141*8kB (ME) 533*16kB (ME) 305*32kB (M) 178*64kB (UME) 110*128kB (ME) 463*256kB (UME) 355*512kB (UME) 260*1024kB (UME) 26*2048kB (UME) 128*4096kB (UM) = 1188956kB [ 2423.022125][T31542] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 2423.051778][T31542] Node 1 Normal: 224*4kB (UME) 55*8kB (UME) 43*16kB (UME) 227*32kB (UME) 100*64kB (UME) 44*128kB (UME) 10*256kB (U) 8*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 947*4096kB (M) = 3919176kB [ 2423.090913][T31542] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2423.110745][T31542] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 2423.126880][T31542] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2423.148892][T31542] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 2423.168465][T31542] 57004 total pagecache pages [ 2423.189133][T31542] 0 pages in swap cache [ 2423.193340][T31542] Free swap = 124996kB [ 2423.197990][T31542] Total swap = 124996kB [ 2423.204123][T31542] 2097051 pages RAM [ 2423.207990][T31542] 0 pages HighMem/MovableOnly [ 2423.215354][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 2423.215372][ T30] audit: type=1326 audit(1764590313.962:8051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.248219][T31542] 424124 pages reserved [ 2423.253223][T31542] 0 pages cma reserved [ 2423.266122][T31655] netlink: 'syz.0.6075': attribute type 27 has an invalid length. [ 2423.278234][ T30] audit: type=1326 audit(1764590313.962:8052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.314796][ T30] audit: type=1326 audit(1764590313.992:8053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.369069][ T30] audit: type=1326 audit(1764590313.992:8054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.419354][ T30] audit: type=1326 audit(1764590313.992:8055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.441567][T27331] Bluetooth: hci1: command 0x0406 tx timeout [ 2423.488895][ T30] audit: type=1326 audit(1764590314.002:8056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.516359][ T30] audit: type=1326 audit(1764590314.002:8057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.540684][ T30] audit: type=1326 audit(1764590314.002:8058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.564034][ T30] audit: type=1326 audit(1764590314.002:8059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.591144][ T30] audit: type=1326 audit(1764590314.002:8060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31654 comm="syz.0.6075" exe="/root/syz-executor" sig=0 arch=40000003 syscall=165 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2423.793206][T31670] __nla_validate_parse: 6 callbacks suppressed [ 2423.793227][T31670] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6082'. [ 2423.970797][T31675] netlink: 'syz.0.6084': attribute type 10 has an invalid length. [ 2423.988324][T31675] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6084'. [ 2424.008170][T31678] syzkaller0: entered promiscuous mode [ 2424.023236][T31678] syzkaller0: entered allmulticast mode [ 2424.040990][T31675] batman_adv: batadv0: Adding interface: virt_wifi0 [ 2424.078953][T31675] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2424.136136][T31675] batman_adv: batadv0: Interface activated: virt_wifi0 [ 2424.380882][T31685] netlink: 'syz.1.6088': attribute type 27 has an invalid length. [ 2425.033875][T31685] veth2: left promiscuous mode [ 2425.038714][T31685] veth2: left allmulticast mode [ 2425.070491][ T6476] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2425.101931][ T6476] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2425.131758][ T6476] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2425.149194][ T6476] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2425.321863][T31704] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6097'. [ 2425.351312][T31705] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6096'. [ 2425.509357][T31709] syzkaller0: entered promiscuous mode [ 2425.514880][T31709] syzkaller0: entered allmulticast mode [ 2426.233856][T31728] netlink: 'syz.3.6107': attribute type 27 has an invalid length. [ 2426.273311][T31731] netlink: 56 bytes leftover after parsing attributes in process `syz.1.6110'. [ 2426.571893][T31740] syzkaller0: entered promiscuous mode [ 2426.577558][T31740] syzkaller0: entered allmulticast mode [ 2426.957946][T31753] netlink: 332 bytes leftover after parsing attributes in process `syz.1.6122'. [ 2427.216173][T31759] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6124'. [ 2427.522186][T31764] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6126'. [ 2427.921328][T31778] syzkaller0: entered promiscuous mode [ 2427.937164][T31778] syzkaller0: entered allmulticast mode [ 2428.671956][T31782] syzkaller0: entered promiscuous mode [ 2428.677482][T31782] syzkaller0: entered allmulticast mode [ 2429.671129][T31801] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6141'. [ 2430.006658][ T30] kauditd_printk_skb: 142 callbacks suppressed [ 2430.006676][ T30] audit: type=1326 audit(1764590320.752:8203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31810 comm="syz.1.6147" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x0 [ 2430.064138][ T30] audit: type=1326 audit(1764590320.802:8204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.122126][ T30] audit: type=1326 audit(1764590320.802:8205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.140642][T31817] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6148'. [ 2430.145897][ T30] audit: type=1326 audit(1764590320.802:8206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.187908][ T30] audit: type=1326 audit(1764590320.802:8207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.211132][ T30] audit: type=1326 audit(1764590320.802:8208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.233919][ T30] audit: type=1326 audit(1764590320.802:8209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.312270][ T30] audit: type=1326 audit(1764590320.802:8210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.347911][ T30] audit: type=1326 audit(1764590320.802:8211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.372102][ T30] audit: type=1326 audit(1764590320.802:8212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31812 comm="syz.2.6145" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 2430.408611][T31822] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6150'. [ 2430.582355][T24303] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4 [ 2430.596245][T24303] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2 [ 2430.614770][T24303] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x3 [ 2430.649924][T31830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6153'. [ 2430.663902][T24303] hid-generic 0000:3000000:0000.000C: hidraw0: HID v0.00 Device [sy] on syz0 [ 2430.823463][T31832] fido_id[31832]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 2430.949602][T31841] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6159'. [ 2430.951555][T31840] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6158'. [ 2431.435302][T31866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6169'. [ 2431.547636][T31871] netlink: 96 bytes leftover after parsing attributes in process `syz.3.6174'. [ 2431.579765][T31873] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.6172'. [ 2431.817996][T31883] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.6177'. [ 2432.041698][T31896] vxcan1: entered promiscuous mode [ 2432.049213][T31895] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2660 [ 2432.247910][T31907] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 2432.604811][T31926] syzkaller0: entered promiscuous mode [ 2432.610917][T31926] syzkaller0: entered allmulticast mode [ 2433.055514][T31948] syzkaller0: entered promiscuous mode [ 2433.062724][T31948] syzkaller0: entered allmulticast mode [ 2433.094697][T31948] tipc: Started in network mode [ 2433.099920][T31948] tipc: Node identity 76c679931d1e, cluster identity 4711 [ 2433.107369][T31948] tipc: Enabled bearer , priority 0 [ 2433.118996][T31947] tipc: Resetting bearer [ 2433.166703][T31947] tipc: Disabling bearer [ 2433.242175][T31955] syzkaller0: entered promiscuous mode [ 2433.258937][T31955] syzkaller0: entered allmulticast mode [ 2433.753882][T31974] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 2434.715420][T32002] __nla_validate_parse: 17 callbacks suppressed [ 2434.715441][T32002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6229'. [ 2434.794738][T32002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6229'. [ 2434.968949][T32002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6229'. [ 2435.189018][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 2435.189038][ T30] audit: type=1326 audit(1764590325.932:8235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.270459][ T30] audit: type=1326 audit(1764590325.932:8236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.318872][ T30] audit: type=1326 audit(1764590325.972:8237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.418865][ T30] audit: type=1326 audit(1764590325.972:8238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.486405][ T30] audit: type=1326 audit(1764590325.972:8239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.548891][ T30] audit: type=1326 audit(1764590325.972:8240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.605983][ T30] audit: type=1326 audit(1764590325.972:8241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.659457][ T30] audit: type=1326 audit(1764590325.972:8242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.703356][ T30] audit: type=1326 audit(1764590325.972:8243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.754555][ T30] audit: type=1326 audit(1764590325.972:8244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32015 comm="syz.1.6234" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2435.805374][T32030] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6240'. [ 2436.178668][T32039] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6246'. [ 2436.497607][T32056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6253'. [ 2436.657306][T32063] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6256'. [ 2436.666473][T32063] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6256'. [ 2436.683033][T32063] sit1: entered allmulticast mode [ 2437.482034][T32090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6266'. [ 2438.752424][T32118] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6278'. [ 2439.952074][T32148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6290'. [ 2440.192725][T32153] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6293'. [ 2440.272931][T32155] syzkaller0: entered promiscuous mode [ 2440.278485][T32155] syzkaller0: entered allmulticast mode [ 2441.075421][ T30] kauditd_printk_skb: 53 callbacks suppressed [ 2441.075441][ T30] audit: type=1326 audit(1764590331.822:8298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.103977][ C0] vkms_vblank_simulate: vblank timer overrun [ 2441.111583][T32185] netlink: 'syz.4.6307': attribute type 1 has an invalid length. [ 2441.158652][ T30] audit: type=1326 audit(1764590331.882:8299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.184041][T32186] netlink: 'syz.0.6308': attribute type 27 has an invalid length. [ 2441.212782][ T30] audit: type=1326 audit(1764590331.882:8300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.213935][T32186] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 2441.295845][ T30] audit: type=1326 audit(1764590331.882:8301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.371401][ T30] audit: type=1326 audit(1764590331.882:8302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.425886][ T30] audit: type=1326 audit(1764590331.882:8303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.504857][ T30] audit: type=1326 audit(1764590331.882:8304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.608314][ T30] audit: type=1326 audit(1764590331.892:8305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.708891][ T30] audit: type=1326 audit(1764590331.892:8306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.729937][T32196] netlink: 648 bytes leftover after parsing attributes in process `syz.4.6311'. [ 2441.772396][ T30] audit: type=1326 audit(1764590331.892:8307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32184 comm="syz.0.6308" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3539 code=0x7ffc0000 [ 2441.810595][T32198] syzkaller0: entered promiscuous mode [ 2441.816121][T32198] syzkaller0: entered allmulticast mode [ 2441.878068][T32200] usb usb7: usbfs: process 32200 (syz.0.6313) did not claim interface 0 before use [ 2443.929028][T27331] Bluetooth: hci3: command 0x0406 tx timeout [ 2443.946556][T32237] syzkaller0: entered promiscuous mode [ 2443.997352][T32237] syzkaller0: entered allmulticast mode [ 2444.474868][T32255] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6332'. [ 2444.631844][T32261] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6334'. [ 2444.645452][T32263] netlink: 'syz.4.6335': attribute type 10 has an invalid length. [ 2444.660363][T32261] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6334'. [ 2444.893127][T32271] dummy0: entered allmulticast mode [ 2444.910070][T32271] dummy0: left allmulticast mode [ 2445.075714][T32277] syzkaller0: entered promiscuous mode [ 2445.088986][T32277] syzkaller0: entered allmulticast mode [ 2445.407470][T32297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6346'. [ 2445.456104][T32301] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6349'. [ 2445.499032][T32301] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6349'. [ 2445.633514][T32304] pimreg: entered allmulticast mode [ 2445.661071][T32308] netlink: 'syz.4.6353': attribute type 1 has an invalid length. [ 2445.681014][T32309] pimreg: left allmulticast mode [ 2445.771107][T32316] netlink: 'syz.4.6353': attribute type 13 has an invalid length. [ 2445.801365][T32308] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2446.067057][T32316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2446.083544][T32316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2446.111468][T32316] hsr0: left promiscuous mode [ 2446.347013][T32313] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 2446.377115][T32313] bond1: (slave batadv1): making interface the new active one [ 2446.404021][T32313] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 2446.436886][T16692] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2446.450069][T16692] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2446.552739][T16692] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2446.572974][T16692] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2446.618100][T32342] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6365'. [ 2446.629358][T32342] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6365'. [ 2447.247500][T32368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6375'. [ 2447.411309][T32375] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6378'. [ 2447.423257][T32375] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6378'. [ 2447.809841][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 2447.809860][ T30] audit: type=1326 audit(1764590338.562:8346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32355 comm="syz.3.6371" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7fc00000 [ 2448.476008][T32412] vlan2: entered allmulticast mode [ 2448.819776][T32434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6400'. [ 2450.105996][T32486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6417'. [ 2450.525448][T32497] __nla_validate_parse: 1 callbacks suppressed [ 2450.525469][T32497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6423'. [ 2450.962790][ T30] audit: type=1326 audit(1764590341.712:8347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.015548][ T30] audit: type=1326 audit(1764590341.712:8348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.038442][ T30] audit: type=1326 audit(1764590341.742:8349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.088904][ T30] audit: type=1326 audit(1764590341.742:8350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.183447][ T30] audit: type=1326 audit(1764590341.742:8351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.252616][ T30] audit: type=1326 audit(1764590341.742:8352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.309341][ T30] audit: type=1326 audit(1764590341.742:8353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.389198][ T30] audit: type=1326 audit(1764590341.742:8354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.478966][ T30] audit: type=1326 audit(1764590341.742:8355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.1.6431" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2451.582665][T32534] netlink: 87 bytes leftover after parsing attributes in process `syz.4.6437'. [ 2452.853156][T32570] vlan2: entered allmulticast mode [ 2453.800901][T32608] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6470'. [ 2453.991663][T32618] netlink: 648 bytes leftover after parsing attributes in process `syz.1.6475'. [ 2454.065263][T32622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6477'. [ 2454.078005][T32622] netlink: 72 bytes leftover after parsing attributes in process `syz.4.6477'. [ 2454.440207][T32629] netlink: 104 bytes leftover after parsing attributes in process `syz.4.6480'. [ 2454.449805][T32629] netlink: 104 bytes leftover after parsing attributes in process `syz.4.6480'. [ 2454.630708][T32632] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6481'. [ 2454.844794][T32639] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6485'. [ 2454.874091][T32639] sit1: entered allmulticast mode [ 2455.069461][T32645] program syz.3.6486 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2455.456706][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 2455.456726][ T30] audit: type=1326 audit(1764590346.202:8364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.493912][ T30] audit: type=1326 audit(1764590346.202:8365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.521572][ T30] audit: type=1326 audit(1764590346.242:8366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.544274][ T30] audit: type=1326 audit(1764590346.242:8367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.659244][ T30] audit: type=1326 audit(1764590346.242:8368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.717504][ T30] audit: type=1326 audit(1764590346.242:8369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.828943][ T30] audit: type=1326 audit(1764590346.242:8370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.912728][ T30] audit: type=1326 audit(1764590346.242:8371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2455.979150][ T30] audit: type=1326 audit(1764590346.242:8372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2456.069036][ T30] audit: type=1326 audit(1764590346.242:8373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32655 comm="syz.4.6491" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000 [ 2456.080076][T32672] netlink: 'syz.3.6499': attribute type 1 has an invalid length. [ 2456.178137][T32675] __nla_validate_parse: 2 callbacks suppressed [ 2456.178158][T32675] netlink: 648 bytes leftover after parsing attributes in process `syz.2.6500'. [ 2456.220611][T32679] netlink: 'syz.3.6499': attribute type 13 has an invalid length. [ 2456.283444][T32672] 8021q: adding VLAN 0 to HW filter on device bond2 [ 2457.043013][T32699] netlink: 112 bytes leftover after parsing attributes in process `syz.3.6508'. [ 2457.180681][T32702] netlink: 'syz.1.6509': attribute type 3 has an invalid length. [ 2457.262468][T32697] ------------[ cut here ]------------ [ 2457.268009][T32697] WARNING: CPU: 0 PID: 32697 at mm/page_alloc.c:5154 __alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.278865][T32697] Modules linked in: [ 2457.282833][T32697] CPU: 0 UID: 0 PID: 32697 Comm: syz.0.6507 Not tainted syzkaller #0 PREEMPT(full) [ 2457.292992][T32697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2457.303608][T32697] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.310320][T32697] Code: 74 10 4c 89 e7 89 54 24 0c e8 c4 c3 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 d5 ff 4e 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 2457.330303][T32697] RSP: 0018:ffffc900048877a0 EFLAGS: 00010246 [ 2457.336428][T32697] RAX: ffffc90004887700 RBX: 0000000000000013 RCX: 0000000000000000 [ 2457.344928][T32697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90004887808 [ 2457.353088][T32697] RBP: ffffc90004887898 R08: ffffc90004887807 R09: 0000000000000000 [ 2457.361264][T32697] R10: ffffc900048877e0 R11: fffff52000910f01 R12: 0000000000000000 [ 2457.369368][T32697] R13: 1ffff92000910ef8 R14: 0000000000040cc0 R15: dffffc0000000000 [ 2457.377382][T32697] FS: 0000000000000000(0000) GS:ffff888126138000(0063) knlGS:00000000f54d6b40 [ 2457.386462][T32697] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 2457.393156][T32697] CR2: 000000000c3481c9 CR3: 0000000051c66000 CR4: 00000000003526f0 [ 2457.401228][T32697] Call Trace: [ 2457.404542][T32697] [ 2457.407510][T32697] ? __kasan_slab_free+0x5c/0x80 [ 2457.412633][T32697] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 2457.418446][T32697] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2457.424907][T32697] ? policy_nodemask+0x27c/0x720 [ 2457.430213][T32697] ? __lock_acquire+0xab9/0xd20 [ 2457.435130][T32697] alloc_pages_mpol+0x232/0x4a0 [ 2457.440406][T32697] ___kmalloc_large_node+0x5f/0x1b0 [ 2457.445685][T32697] __kmalloc_large_node_noprof+0x18/0x90 [ 2457.451478][T32697] __kmalloc_noprof+0x4bd/0x7f0 [ 2457.456385][T32697] ? raw_ioctl+0x18fb/0x3be0 [ 2457.461178][T32697] raw_ioctl+0x18fb/0x3be0 [ 2457.465643][T32697] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2457.471443][T32697] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2457.477139][T32697] ? do_vfs_ioctl+0xbe8/0x1430 [ 2457.482036][T32697] ? __pfx_raw_ioctl+0x10/0x10 [ 2457.486861][T32697] ? __lock_acquire+0xab9/0xd20 [ 2457.491879][T32697] ? __fget_files+0x2a/0x420 [ 2457.496522][T32697] ? __fget_files+0x3a0/0x420 [ 2457.501351][T32697] ? __fget_files+0x2a/0x420 [ 2457.505999][T32697] ? bpf_lsm_file_ioctl_compat+0x9/0x20 [ 2457.511687][T32697] __ia32_compat_sys_ioctl+0x543/0x840 [ 2457.517212][T32697] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 2457.523326][T32697] ? __se_sys_futex_time32+0x360/0x3e0 [ 2457.528905][T32697] ? rcu_is_watching+0x15/0xb0 [ 2457.533974][T32697] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 2457.541088][T32697] ? lockdep_hardirqs_on+0x9c/0x150 [ 2457.546359][T32697] __do_fast_syscall_32+0xb6/0x2b0 [ 2457.551697][T32697] ? lockdep_hardirqs_on+0x9c/0x150 [ 2457.556978][T32697] do_fast_syscall_32+0x34/0x80 [ 2457.561955][T32697] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2457.568335][T32697] RIP: 0023:0xf7fe3539 [ 2457.572536][T32697] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2457.592514][T32697] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 2457.601113][T32697] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0085508 [ 2457.609185][T32697] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 2457.617305][T32697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2457.625511][T32697] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2457.633935][T32697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2457.642260][T32697] [ 2457.645327][T32697] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2457.652642][T32697] CPU: 0 UID: 0 PID: 32697 Comm: syz.0.6507 Not tainted syzkaller #0 PREEMPT(full) [ 2457.662060][T32697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2457.672154][T32697] Call Trace: [ 2457.675475][T32697] [ 2457.678449][T32697] dump_stack_lvl+0x99/0x250 [ 2457.683086][T32697] ? __asan_memcpy+0x40/0x70 [ 2457.687701][T32697] ? __pfx_dump_stack_lvl+0x10/0x10 [ 2457.692942][T32697] ? __pfx__printk+0x10/0x10 [ 2457.697623][T32697] vpanic+0x237/0x6d0 [ 2457.701655][T32697] ? __pfx_vpanic+0x10/0x10 [ 2457.706197][T32697] panic+0xb9/0xc0 [ 2457.709941][T32697] ? __pfx_panic+0x10/0x10 [ 2457.714396][T32697] __warn+0x31b/0x4b0 [ 2457.718405][T32697] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.724400][T32697] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.730396][T32697] report_bug+0x2be/0x4f0 [ 2457.734845][T32697] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.740845][T32697] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.746851][T32697] ? __alloc_frozen_pages_noprof+0x2ca/0x370 [ 2457.752844][T32697] handle_bug+0x84/0x160 [ 2457.757104][T32697] exc_invalid_op+0x1a/0x50 [ 2457.761620][T32697] asm_exc_invalid_op+0x1a/0x20 [ 2457.766484][T32697] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 2457.773085][T32697] Code: 74 10 4c 89 e7 89 54 24 0c e8 c4 c3 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 d5 ff 4e 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 2457.792729][T32697] RSP: 0018:ffffc900048877a0 EFLAGS: 00010246 [ 2457.798820][T32697] RAX: ffffc90004887700 RBX: 0000000000000013 RCX: 0000000000000000 [ 2457.806817][T32697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90004887808 [ 2457.814801][T32697] RBP: ffffc90004887898 R08: ffffc90004887807 R09: 0000000000000000 [ 2457.822874][T32697] R10: ffffc900048877e0 R11: fffff52000910f01 R12: 0000000000000000 [ 2457.830881][T32697] R13: 1ffff92000910ef8 R14: 0000000000040cc0 R15: dffffc0000000000 [ 2457.838881][T32697] ? __kasan_slab_free+0x5c/0x80 [ 2457.843852][T32697] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 2457.849509][T32697] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2457.855858][T32697] ? policy_nodemask+0x27c/0x720 [ 2457.860803][T32697] ? __lock_acquire+0xab9/0xd20 [ 2457.865669][T32697] alloc_pages_mpol+0x232/0x4a0 [ 2457.870552][T32697] ___kmalloc_large_node+0x5f/0x1b0 [ 2457.875795][T32697] __kmalloc_large_node_noprof+0x18/0x90 [ 2457.881552][T32697] __kmalloc_noprof+0x4bd/0x7f0 [ 2457.886440][T32697] ? raw_ioctl+0x18fb/0x3be0 [ 2457.891050][T32697] raw_ioctl+0x18fb/0x3be0 [ 2457.895483][T32697] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2457.901142][T32697] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2457.906816][T32697] ? do_vfs_ioctl+0xbe8/0x1430 [ 2457.911601][T32697] ? __pfx_raw_ioctl+0x10/0x10 [ 2457.916391][T32697] ? __lock_acquire+0xab9/0xd20 [ 2457.921358][T32697] ? __fget_files+0x2a/0x420 [ 2457.925964][T32697] ? __fget_files+0x3a0/0x420 [ 2457.930653][T32697] ? __fget_files+0x2a/0x420 [ 2457.935255][T32697] ? bpf_lsm_file_ioctl_compat+0x9/0x20 [ 2457.940819][T32697] __ia32_compat_sys_ioctl+0x543/0x840 [ 2457.946300][T32697] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 2457.952313][T32697] ? __se_sys_futex_time32+0x360/0x3e0 [ 2457.957794][T32697] ? rcu_is_watching+0x15/0xb0 [ 2457.962576][T32697] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 2457.969317][T32697] ? lockdep_hardirqs_on+0x9c/0x150 [ 2457.974550][T32697] __do_fast_syscall_32+0xb6/0x2b0 [ 2457.979674][T32697] ? lockdep_hardirqs_on+0x9c/0x150 [ 2457.984981][T32697] do_fast_syscall_32+0x34/0x80 [ 2457.989838][T32697] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2457.996178][T32697] RIP: 0023:0xf7fe3539 [ 2458.000256][T32697] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2458.019874][T32697] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 2458.028305][T32697] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0085508 [ 2458.036287][T32697] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 2458.044263][T32697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2458.052244][T32697] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2458.060224][T32697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2458.068303][T32697] [ 2458.071773][T32697] Kernel Offset: disabled [ 2458.076102][T32697] Rebooting in 86400 seconds..